U.K. Serious Fraud Office Publishes Comprehensive New Guidance on Deferred Prosecution Agreements

The U.K. Serious Fraud Office (“SFO”) has published a chapter of its Operational Handbook providing further guidance in relation to Deferred Prosecution Agreements (“DPAs”): see the link here.

A DPA is an agreement between a company, partnership or unincorporated association (referred to hereafter simply as a “company”) and a DPA is an alternative to prosecution where the SFO and the court (which must approve the DPA) are satisfied that a DPA is “in the public interest”. The process avoids the need for a company to formally admit guilt to charges set out in an indictment (amongst other things thereby avoiding the possible consequences of a conviction such as debarment from government contracts and various triggers under contracts, bank covenants, insurance policies, etc.). However, the company will be required to admit misconduct and agree to pay a financial penalty, following which the prosecution will be deferred pending the company’s compliance with certain conditions designed to ensure future co-operation and avoid further offending. At the end of the specified period, providing the terms have been complied with, the prosecution will be dismissed.

DPAs are only available in respect of certain types of criminal offences including, but not limited to, bribery, conspiracy to defraud, money laundering, and certain types of tax offences (including fraudulent evasion of certain taxes, duties, and ‘failure to prevent’ offences). They are only available to organisations and not individuals.

The following is a brief summary of the topics covered in the relevant Chapter of the guidance and some of the key points arising.

  1. Application of the Evidential and Public Interest Tests
  2. Before a DPA can be made available in any given case, the case must pass (1) the evidential test; and (2) the public interest test.

    The evidential test requires either (i) that there is sufficient evidence to provide a realistic prospect of conviction against the company[1]; or (ii) a reasonable suspicion (based upon some admissible evidence) that the company has committed an offence, in circumstances where there are reasonable grounds for believing that a continued investigation would provide further admissible evidence within a reasonable period of time, so that all the evidence together would be capable of establishing a realistic prospect of conviction. In applying the evidential test, the prosecutor should first consider whether the test in (i) above is met. If it is not met, consideration may be given to the test in (ii).

    The public interest test requires that allowing the company to agree a DPA must be in the public interest in all of the circumstances. The Chapter includes a wide range of factors that are relevant to this test. Of particular note, a “failure to notify the wrongdoing within reasonable time of the offending conduct coming to light” or “reporting the wrongdoing but failing to verify it, or reporting it knowing or believing it to be inaccurate, misleading or incomplete” are both factors which mitigate in favour of prosecution, which should be considered in conjunction with the guidance on the requirements around self-reporting, expanded upon below. Conversely if a conviction for an offence would be likely to have disproportionate consequences for the company (for instance, where the company might be barred from bidding on public contracts or there may be a threat to a relevant operating licence) the guidance notes that a DPA might be considered to be in the public interest.

    1. Does a Company Need to Self-Report to be Eligible for a DPA?
    2. In relation to the difficult question of self-reporting, the Chapter usefully clarifies that “voluntary self-reporting [of] suspected wrongdoing within a reasonable time of those suspicions coming to light is an important aspect of co-operation”. In considering any self-report, the guidance notes that the SFO will consider the “extent to which the Company is providing it voluntarily, that is without the threat of imminent disclosure by a third party or compulsion”. This suggests that the SFO will not consider a company to have self-reported a matter if it did so in circumstances where the relevant matters would have been drawn to the SFO’s attention in short order, irrespective of the report being submitted.

      It is nonetheless clear from the Chapter that it is not necessary that a self-report is made “immediately” or within a specific timeframe to benefit from a DPA; a company can take time to investigate an issue internally in order to determine a basic factual matrix in relation to which a self-report can then be made. Notably, more than one of the recent cases in which a DPA was approved by the court were not based upon a voluntary disclosure by the company but the court noted the exceptional co-operation that was provided after the matter came to the attention of the SFO which contributed to the decision that a DPA was nevertheless in the public interest.

    3. Is a Company Required to Waive Privilege in Order to be Eligible for a DPA?
    4. Indeed, the Chapter notes the importance of co-operation as a “key factor” for a prosecutor to consider when deciding whether to enter into a DPA. One point of concern for many companies has been the question of whether the company is required to waive privilege over legally privileged material, in circumstances where the DPA Code of Conduct[2] is unfortunately silent on this matter. The Chapter makes clear that waiving privilege would indicate co-operation with the prosecutor, but that a company cannot be compelled to waive privilege, nor can it be penalised for refusing to do so. Whilst this brings welcome clarity, companies will still need to carefully weigh the benefits of full co-operation as against the risks of waiving privilege, particularly bearing in mind the risk of any known or potential parallel proceedings, before making a decision on this critical issue as part of any DPA negotiations.

  3. Parallel Investigations
  4. The Chapter notes a range of matters that the SFO will consider when working on cases in which there are concurrent investigations in multiple jurisdictions. In such cases, the SFO should, amongst other things, take early steps to communicate with and de-conflict its position with other regulators, including in relation to investigative activity, the use of investigative powers, and the terms upon which information can be shared between relevant agencies, all of which may affect the admissibility of evidence in different jurisdictions. The SFO will also consider the consistency of the approach taken by the company to other relevant agencies on matters such as legal professional privilege and the admission of facts and liabilities across relevant jurisdictions.

    Crucially, the SFO notes that it must be mindful of “different market announcement requirements for public companies in different jurisdictions”, including the circumstances in which “the obligation to make a market announcement is triggered”. This is a critical and often overlooked factor in cross border cases.

  5. Negotiation of a DPA

    The Chapter gives guidance on: (i) the circumstances where a prosecutor may consider inviting the company to enter into DPA negotiations (including in relation to co-operation and self-reporting – see further below); (ii) how those negotiations are to be conducted (the terms of reference); (iii) confidentiality of the negotiations; (iv) disclosure; and (v) retention and use of materials.

  6. Statement of Facts and Agreement

    The Chapter offers useful guidance on drafting the necessary documents required for an application to court, including the Statement of Facts relating to the underlying conduct (the “Statement”) and the Agreement itself. The court does not have the power to adjudicate on factual differences between the parties and the company will therefore need to resolve these with the prosecutor in order to reach agreement. It is vital that the Statement is accurate as it will be a public document.

    One contentious matter in relation to which the Chapter offers useful guidance is naming of relevant parties in the Statement, particularly where they are current or former employees of the company. This is relevant in circumstances where individuals may be being investigated or even prosecuted in relation to the conduct which forms the basis of the proposed DPA. Third parties are not permitted to participate in the negotiation process, but can nonetheless be prejudiced if matters relating to their alleged conduct are admitted to or conceded as part of a Statement in circumstances where they have not yet been determined as part of a criminal trial in the ordinary way. In this regard, the Chapter notes that: “Generally the consultation of third parties on the drafting of the statement of facts is not permitted. Consideration must be given to the necessity for and impact of the identities of third parties being published and whether this would be compliant with the Data Protection Act 2018 and the European Convention on Human Rights. In some cases, anonymisation of the identity of third parties in the statement of facts may be appropriate prior to publication.”

    As noted above, there is no need for the company to admit guilt to the charges set out in the indictment (avoiding the possible consequences of a conviction). However, the company will be required to admit misconduct and agree to pay a financial penalty.

  7. DPA Terms

    This section considers standard DPA terms, noting that all DPA terms must be “fair, reasonable and proportionate”. Sample terms discussed include: (i) acceptance of responsibility; (ii) term of the agreement; (iii) terms of the deferred prosecution; (iv) co-operation; (v) financial terms; (vi) ongoing corporate compliance programmes; (vii) ongoing monitoring; (viii) public statements; and (ix) warranties to be given by the company.

  8. Financial Penalty

    This section discusses potential financial penalties, including compensation to victims, disgorgement of profits, payment of prosecution costs, donations to charities which support victims and provisions around costs, payment by instalments, and calculations of interest. The Chapter contains a long list of factors to be considered when deciding whether compensation should be a term of a DPA which was not included in the DPA Code of Conduct. These include: (i) whether the victim can be identified; (ii) whether the wrongdoing has caused the loss; (iii) what steps the victim has already taken to recover their loss; and (iv) whether the loss is quantifiable so that it can be used as a basis for compensation.

    Interestingly, in relation to discounts to financial penalties available when entering into a DPA, the Chapter notes that “[t]he level of the discount applied to the financial penalty should be determined based in large part on the nature and extent of the Company’s co-operation with the SFO’s investigation. In the majority of DPAs to date, the court has approved terms permitting discounts of 50% in recognition of the levels of co-operation demonstrated.” This is a useful indication of the level of discount that a company might expect if it is deemed to have been substantially co-operative with the SFO’s investigations.

    The Chapter also notes that, per the sentencing guidelines applicable to the types of conduct for which DPAs are potentially available, the overall effect of a DPA upon a company, including the financial terms, should be considered.

    The Chapter notes that this “should be considered in all cases but will be particularly relevant where the Company is able to demonstrate substantial financial hardship. Whether the imposition of financial terms has the effect of putting the Company out of business will be relevant.” This may be particularly relevant to companies seeking a DPA in the current economic environment caused by Covid-19, which has fundamentally threatened the viability of a number of previously significant businesses.

  9. After a DPA is Approved
  10. This section of the Chapter deals with monitoring compliance with the terms of a DPA, the consequences of failure to comply with the DPA, the ways in which breach of the provisions of a DPA can be rectified, and the circumstances in which a DPA can be terminated (in the case of a significant or substantial breach which cannot be remedied) or discontinued (on expiry of the DPA, assuming its terms have been complied with).


DPAs became available in the U.K. in February 2014 and, despite a slow initial uptake, appear to have been established as a key tool in the SFO’s arsenal when resolving criminal investigations.

The additional guidance provided by the Chapter on voluntary disclosure and co-operation will provide much-needed clarity to companies and their advisers. In particular, the pressure to make a quick self report before the facts have been adequately established for senior management to make an informed decision should be somewhat mitigated for many companies. The guidance around co-operation with the prosecutor is also welcomed, although it does not remove the need for companies to consider carefully the benefits of co-operation against the risks of waiving privilege over legally privileged material.

Companies will also no doubt continue to weigh up whether, given the lack of certainty that remains, the risk of self-reporting a matter in the hope of securing a DPA is worth taking. The potential upsides notwithstanding, financial penalties resulting from the DPAs agreed to date remain fairly substantial, to say nothing of the associated professional fees in guiding the company through what is often a long process, the cost of a monitor where one is imposed (often for a period of several years), the significant risk of shareholder or other litigation, and the general costs associated with the inevitable business disruption caused by matters of this nature. For many, the potential benefits of voluntary disclosure and a possible DPA fall far short of what is required to encourage a self-report, particularly in relation to matters which are judged to be unlikely otherwise to come to the attention of the SFO or where corporate liability would be difficult to establish as a matter of English law.

The SFO is the only U.K. law enforcement agency to date to make use of DPAs and the publication of its internal guidance is nevertheless a welcome step towards clarifying what a company can expect if it is considering engaging in the process. However, it should be noted that the Handbook is internal SFO guidance only; it has been published “solely in the interests of transparency” and should not be interpreted as a definitive statement of how the SFO will conduct itself in any given case. Indeed, the SFO itself commented that the Chapter “is not published for the purpose of providing legal advice and should not therefore be relied on as the basis for any legal advice or decision”.

[1]   This being the standard Full Code Test in the Code for Crown Prosecutors.

[2]   The DPA Code of Practice for Prosecutors was published jointly by the SFO and CPS in February 2014, after a public consultation, to coincide with the introduction of DPAs. It is available here. The DPA Code describes how the SFO and CPS will use DPAs and prosecutors should have regard to its provisions when considering entry into or negotiating a DPA and when overseeing an existing DPA.

Click here for a PDF of the full text