The UK Serious Fraud Office (“SFO”) issued new guidance for companies seeking to avoid criminal charges or to obtain a Deferred Prosecution Agreement. The Guidance:
- lists 32 “indicators of good practice” and “examples of steps that the SFO may ask an organisation to take,” which the SFO will take into account when assessing the level of co-operation that a company has provided
- emphasises that this is “not a complete list” and that the nature and extent of a company’s co-operation is just “one of many factors” that the SFO will take into consideration when determining an appropriate resolution
- signals a more collaborative approach towards companies that genuinely wish to address previous offending; however, the SFO states that even “full, robust co-operation” does not “guarantee any particular outcome,” nor does the Guidance give rise to any “legally enforceable rights, expectations or liabilities”
- brings closer alignment with the approach of the US Department of Justice (“DOJ”), but key differences remain and the Guidance lacks clarity in several respects
The SFO’s new approach is both pragmatic and welcome, but companies will need to consider their position carefully, especially when facing cross-border investigations
The UK Serious Fraud Office issued new “Corporate Co-operation Guidance” (the “Guidance”) on 6 August 2019, setting out a range of different considerations the agency will use to assess a company’s co-operation when making charging decisions or supporting a company’s application for a Deferred Prosecution Agreement (“DPA”). The Guidance represents a shift in approach and an attempt to provide more clarity and specificity as to the factors that the SFO will take into account when assessing whether a company’s management has adopted a “genuinely proactive approach” after learning about the offending. This more pragmatic position under new SFO Director Lisa Osofsky moves closer to the policies and practices set out in the U.S. Department of Justice’s Justice Manual. Indeed, many of the items listed in the Guidance have long been considered norms for co-operation with the DOJ. However, differences remain and companies ought to carefully consider their position before seeking to make a voluntary disclosure to the SFO or embarking on an internal investigation if an SFO investigation is already underway.
Although the Guidance is an important resource for companies seeking specifics on what efforts may increase the likelihood of SFO co-operation credit, it lacks concrete assurances of how those efforts will be evaluated or the type of credit companies will receive. The Guidance also brings into focus the continuing challenges companies face in multi-jurisdictional investigations and the different expectations of enforcement officials in the US and UK.
While there is an expectation that a company should maintain effective internal controls that are able to detect, assess and remediate compliance issues, the Guidance places certain restraints on a company’s ability to conduct an internal review. The approach to legal privilege also continues to set apart the SFO’s evaluation of co-operation, which essentially deems waiver of legal privilege over witness interview notes a key ingredient, if not a prerequisite, to obtaining a DPA.
Going “Above and Beyond”
The Guidance is explicit that, to secure favorable consideration under the pre-existing Guidance on Corporation Prosecutions and section 2.8.2(i) of its Deferred Prosecution Agreements Code of Practice (the “DPA Code”), a corporation must adopt a “genuinely proactive approach” to co-operation with the agency, described as going “above and beyond what the law requires.” The document states that this means:
- “identifying suspected wrong-doing” and the persons responsible “regardless of their seniority or position”;
- “reporting this to the SFO within a reasonable time of the suspicions coming to light”; and
- “preserving available evidence and providing it promptly in an evidentially sound format”;
and that it does not include:
- “protecting specific individuals or unjustifiably blaming others”;
- “putting subjects on notice and creating a danger of tampering with evidence or testimony”;
- “silence about selected issues”; or
- “tactical delay or information overloads.”
It is likely no coincidence that these requirements – while less detailed and more general – resemble and are compatible with the requirements laid down by the DOJ in the former FCPA Corporate Enforcement Policy and the so-called Yates Memorandum, now included in the DOJ’s Justice Manual. These policies emphasise companies’ obligations to provide “all relevant facts” regarding potentially culpable individuals and incentivise corporate voluntary disclosure, co-operation and remediation in the context of a DOJ investigation.
In other areas (discussed below), the Guidance departs from US practice and thus can impose heavy burdens and give rise to thorny questions on how to proceed in multi-jurisdictional matters.
From Trampled Crime Scenes to Admissible Evidence
The Guidance lists a number of specific measures relating to preserving and providing documents, witness accounts, and privilege waiver, among others, that appear to reflect the priorities for dealings with companies that were announced by SFO Director Lisa Osofsky at the American Conference Institute’s November 2018 Conference on the Foreign Corrupt Practices Act: rather than discouraging companies from conducting internal investigations out of fear that witness accounts will be “tainted” or the “crime scene trampled,” the SFO is signalling a willingness to work with companies to elicit more evidence more quickly that can be used in English courts to prosecute individual wrongdoers and corporates.
While many of the 32 specific items set out in the Guidance will be considered good practice by seasoned practitioners in cross-border investigations, the list retains some UK SFO-specific requirements that are at odds with the approach of the US DOJ and/or the Securities and Exchange Commission. Such requirements may impose a significant burden on companies undertaking their own investigations, especially where joint or parallel investigations are ongoing. These include consulting with the SFO “in a timely way . . . before interviewing potential interviewees or suspects, taking personnel/HR actions or taking other overt steps,” providing copies of written interview notes and providing certification from independent counsel that material over which the company claims privilege is in fact privileged.
Interestingly, the Guidance makes it clear, on the one hand, that companies will not “be penalised by the SFO” where they choose not to waive privilege, but, on the other hand, failure to waive privilege over interview materials and to identify witnesses who can discuss the interviews’ contents will result in the company not receiving credit for the corresponding factor in the DPA Code.
This creates a fair amount of uncertainty for any organisation weighing waiver, and raises significant challenges in assessing the risk of foregoing the possibility of obtaining a DPA in the UK versus the collateral consequences of waiver in parallel proceedings elsewhere. However, recognition in the Guidance of the challenges that companies face with privilege waiver when seeking to co-operate is particularly notable.
In addition, practitioners may question the Guidance’s requirement for independent counsel to certify all claims of legal professional privilege. Though independent review by SFO-appointed counsel or judicial scrutineering of disputed claims to privilege is not unusual in the UK, this requirement goes much further and presumably reflects the fact that unmeritorious claims to privilege have been made in the past. Unfortunately, however, it tars all companies with the same brush and puts the entire burden and expense on the company. A better approach might have been to insist on a detailed explanation of the nature and extent of the claim to privilege from the company’s external counsel, followed by a process of independent certification in cases of dispute. Although compliance with this aspect of the Guidance will be inconvenient and in many instances will add significant costs, it will not be a relevant consideration for companies that hope to obtain maximum credit for co-operation by waiving privilege.
Steps in the Right Direction, but Some Way to Go
While the SFO’s Guidance represents a significant step towards framing prosecutorial expectations in a manner that more clearly defines the benefits for companies from self-disclosure and co-operation, some gaps remain which underline the importance of counsel’s sound judgment.
For example, companies are urged to “consult in a timely way with the SFO before interviewing potential witnesses or suspects” or taking HR decisions or other overt steps. However, in practice, this may be possible only where a company is aware that the SFO is itself already investigating a matter. It does not address the situation where a company needs to conduct an investigation (into whistle-blower allegations, for example) in order to assess whether or not a problem exists in the first place. This approach could also create tension when law enforcement agencies in the US or other jurisdictions expect interviews to proceed promptly, or there is a need to do so for sound commercial reasons such as closing a time-sensitive transaction, reporting to the market or another regulator, or signing off annual accounts. This can also result in further considerations in determining whether to self-report matters to the SFO.
In addition, the SFO urges organisations to make available “accountants and/or other relevant personnel (internal and/or external)” who can “speak to financial records and explain what they are and what they show about money flows.” Though the option of providing “other relevant personnel” suggests that outside counsel may assume the role of explaining financial records, a question remains whether the SFO would, in some cases, view this practice as antithetical to “true co-operation.”
In contrast to recent DOJ guidance, which has focused on a company’s identification of responsible individuals, the SFO’s Guidance offers only the broad principle that responsible persons should be identified irrespective of their position. Whereas the DOJ Justice Manual now focuses on “individuals who play significant roles in setting a company on a course of criminal conduct,” it remains to be seen what level of involvement should prompt a company to identify an employee to the SFO.
Although there is much to be appreciated in the SFO’s Guidance, it does not provide clarity as to the benefits that co-operation will secure. To be sure, the Guidance helpfully offers a detailed description of what actions are expected of co-operating companies, and its general thrust is that prosecution is not the default option. However, its significant caveat – that “even full, robust co-operation” is no guarantee of “any particular outcome” – will inevitably cause many organisations to question how they can properly assess the benefits of following the SFO’s recommendations. This is particularly so when the well-known problems of establishing criminal liability against companies under English law are taken into account (and which are to be contrasted with the position in the US where there is a far stronger concept of vicarious liability for the criminal acts of employees which, in turn, often makes corporate prosecutions much easier).
Any expectation of benefits under the Guidance is further eroded by the fact that a DPA is not in the SFO’s gift and must be approved by a judge who will take the overall interests of justice into account. While there have been a number of high-profile DPAs in recent years, the process in the UK is far from an automatic exercise and serious cases involving systemic and chronic offending will be scrutinised very carefully. However, it is to be hoped that acting in accordance with the Guidance will also resonate strongly with a court when seeking approval for a DPA.
In contrast, the DOJ’s FCPA Corporate Enforcement Policy offers a more concrete assurance of a benefit: absent aggravating circumstances (examples of which the Policy provides), “there will be a presumption that the [voluntarily disclosing, co-operating and remediating] company will receive a declination,” which requires no judicial approval.
The incentive structure that the SFO has constructed to encourage voluntary disclosure and co-operation is probably not yet sufficiently clear to result in instant success in achieving that laudable policy goal. It will inevitably take a period of bedding down, some examples of positive and consistent results and anecdotal evidence between legal practitioners before companies will develop real confidence in the system. Although consistent future application of the Guidance will inevitably go a long way in setting reliable expectations of co-operation benefits – and the new Director has signalled her desire for a more collaborative approach – it could take a while for the SFO to establish this track record. (Indeed, it took some time for practitioners to understand the parameters of the DOJ’s policy on presumed declinations.) On the other hand, companies that are already under investigation by the SFO and perceive a real risk of prosecution will be more easily advised to embrace the Guidance at an early stage.
Experienced practitioners will also be aware of the matters within the Guidance that are most important to the SFO and are likely to make the most difference. As the SFO makes clear, the Guidance is not a checklist and each case will turn on the particular facts and circumstances. Perhaps the most significant aspect of the Guidance is what it doesn’t say but which is clearly signalled by the new Director: that the SFO intends to adopt a more collaborative approach to companies that genuinely want to make a clean breast of things and that prosecution is not the default option, even in serious cases; in other words, that the SFO’s door is open to a different approach in appropriate cases.
To this extent, the Guidance should not be viewed as a list of requirements that are set in stone; rather, it should be viewed as the foundation for a process of positive engagement and, where appropriate, negotiation with the SFO.
 E.g., listing all relevant data custodians, providing structured data sets organised by individual or issue, and identifying and facilitating the production of data from third parties, among others.
 In Director of the Serious Fraud Office v Eurasian Natural Resources Corporation Limited,  EWCA (Civ) 2006, the Court of Appeal overturned a lower court’s finding that the “dominant purpose” of a company’s cross-border internal investigation was compliance and governance, and that the internal investigation report was therefore not subject to litigation privilege. The court also held that participation in a process of self-reporting to the SFO does not preclude the application of privilege.