The Government is currently considering plans for a new corporate offence of failing to prevent economic crime. The proposed offence would be similar to, but much broader in scope than, the “corporate offence” of failing to prevent bribery under Section 7 of the Bribery Act 2010.
This move is perhaps an inevitable response to the series of scandals that have rocked the financial sector in recent years, in particular the fixing of interbank lending rates (LIBOR), the foreign exchange prosecutions and the miss-selling of payment protection insurance (PPI).
However, the proposition amounts to a very significant extension of the criminal law into the corporate sphere.
The existing law
The legal difficulties in establishing corporate criminal liability, whether in respect of economic crimes or otherwise, are well known. Except for the few cases where specific criminal regimes exist, such as in respect of manslaughter and also bribery (see below), the general principles of criminal law apply. Those principles struggle to attach criminal liability to the corporate body.
Specifically, the criminal courts are required in each case to satisfy the “identification principle”, namely by proving beyond all reasonable doubt that the persons in the corporate who are guilty of the criminal acts were sufficiently senior within the corporate that they constitute its “directing mind and will.” Given the size and multi-tiered complexity in decision-making at many financial institutions, this task has proven, and no doubt will prove, virtually impossible.
By contrast, the “corporate offence” of failing to prevent bribery, as set out in Section 7 of the Bribery Act, creates a strict liability offence where no such attribution of fault is required. The offence simply provides that a commercial organisation will commit an offence if a person associated with it makes a bribe to obtain/retain business or obtains/retains an advantage in the conduct of his business for the organisation. There is however a defence that the organisation had “adequate procedures” in place to prevent this conduct.
While this has led to obvious questions concerning the metrics of adequacy, the Ministry of Justice has published guidance on the meaning of the requirement. Adequate procedures need only be demonstrated on the balance of probabilities i.e. to the civil, not criminal, standard of proof. At the time of writing, no organisation has been prosecuted under section 7 of the Act.
Scope of the proposed new law
The proposal, then, is to create an offence of failing to prevent economic crime which operates similarly to the offence in Section 7 of the Bribery Act.
The precise scope of “economic crime” is not currently clear. However, it is inevitable that the proposed offence would substantially expand the range of criminal activity that organisations, including financial institutions, can be held criminally liable for from merely failing to prevent bribery by its agents to all other forms of economic crime, including fraud, money laundering, market abuse, tax evasion and any other criminal activity engaged in by its employees and agents in their roles.
Again, however, there would be a defence of having in place adequate procedures to prevent economic crime, in respect of which the Ministry of Justice would be expected to provide guidance similar to that which it provided for the Bribery Act.
The timeframe for implementation of these proposals is unclear. However, our recommendation is that, as a matter of best practice in any event, commercial entities should review their risk profile, policies and procedures now in order to determine whether, if the offence was brought into force in the short term, they would be able to demonstrate that they already had in place ‘adequate procedures’ to prevent economic crime.
In terms of what this means in practice, these procedures should simply be an extension of adequate procedures put in place in order to prevent bribery, namely:
- Coordination: Appoint a person (e.g. compliance officer) to be responsible for leading efforts to ensure that you have proportionate and adequate procedures in place. This person should report directly to senior management and may also be given the task of being the primary point of contact for prevention of, and dealing with, criminal activity.
- Engagement from the top: Draft and issue an all-staff memorandum from senior management setting out a zero tolerance approach to all forms of criminal activity by or on your behalf.
- Risk assessment: Carry out a documented risk assessment programme in order to identify key areas of vulnerability and high risk practices (e.g. areas that have previously involved criminality such as attempts to fix LIBOR). Then, draft a report setting out these risks, what risk mitigation measures you currently have in place, and what further action needs to be taken.
- Policies and procedures: Draft (or, if one exists, amend) and disseminate a policy document forbidding any criminal activity by or on your behalf. Such a policy may refer to existing procedures and policies (e.g. policies on dealing with customers). Update existing policies where necessary (e.g. employee code of practice).
- Contract review: Review existing and proposed contractual arrangements and amend where necessary in order to specifically prohibit any criminal activity and include as a ground for termination (e.g. sub-contractor contracts).
- Due diligence: Conduct additional due diligence of associated persons, especially if they may be considered to pose a higher risk of criminal activity (e.g. agents located in higher risk jurisdictions).
- Training and awareness: Develop a training and awareness programme to be delivered to relevant staff, tailored to deal with specific risks of criminal behaviour.
- Whistleblowing and investigation: Develop whistleblowing and investigation mechanisms to ensure that criminal activities can be safely reported to a nominated individual who will be able to instigate an independent and comprehensive investigation.
It is important to note, however, that businesses must be proactive in their approach to reducing exposure to economic crime. It is the continual monitoring and updating of internal policies, rather than simply putting a policy in place, which will enable businesses to reduce the risks presented by any new strict liability regime criminalising a corporate’s failure to prevent economic crime.