Deferred Prosecution Agreements (DPAs) have been used in the US for over 20 years. The UK has recently brought into force the laws allowing certain prosecuting authorities to use them. In this article, Stephen Hill and Emma Radmore from Dentons look at the history and features of DPAs, given the US experience to date and the new UK framework.
What is a DPA?
US: Under the US federal pre-trial diversion scheme there are two concepts: a DPA or a Non-Prosecution Agreement (NPA). These agreements are administered in the federal system by the Department of Justice (DOJ) on criminal prosecutions and the Securities and Exchange Commission (SEC) in securities enforcement actions. A DPA is an agreement between the Government and the defendant that if certain conditions are met a filed criminal case will not be prosecuted. An NPA often has many of the same conditions, yet a criminal action is never filed.
UK: Under UK law, a DPA will allow a designated prosecutor to enter into an agreement with a corporate "offender" where the prosecutor is considering bringing a prosecution for various designated offences. The prosecutor will apply a number of principles under a binding code to assess whether a DPA might be appropriate rather than a prosecution in the courts. If the parties agree on a DPA, it must be sanctioned by the court before it can apply. Binding codes also address the contents of a DPA, and the consequences for breach of it. DPAs can be used to impose fines, remedial actions or a combination of penalties. If an offender complies with an agreed DPA, no prosecution for the offences it covers will be possible.
When were DPAs introduced?
US: DPAs in the federal system date back more than 20 years to a 1992 settlement between Salomon Brothers and the DOJ that included an agreement to forego prosecution of the organisation due to its "unprecedented cooperation". During the subsequent period, the DOJ formalised the requirements for the use of these agreements in its United States Attorneys' Manual (ss9-22.000) (USAM). The SEC's approach to DPAs is set out in its Enforcement Manual (s6.23). Agreements to not prosecute an individual go as far back as the earliest days of US criminal jurisdiction establishing the discretion prosecutors have at every level to decide whether to charge a prospective defendant.
UK: The UK has come late to DPAs. They have finally been introduced into English law by the Crime and Courts Act 2013, and the provisions relating to DPAs took effect from 24 February 2014. It is likely to be some time before we see the first DPA becoming public. However, there is a precedent in Scotland, where the Crown Office, which is responsible for prosecutions under the Bribery Act and predecessor legislation, has made an arrangement with an offending company. In 2012 an oil and gas business self-reported corrupt payments made in 2007 by an overseas subsidiary (that is, the payments were made before the Bribery Act 2010 took effect, but under predecessor anti-corruption legislation). The offending company was not prosecuted but agreed to pay £5.6 million to the Crown. It is arguable whether the Crown could in fact have found sufficient grounds to prosecute this conduct under the old law, as the offence of "failure to prevent bribery" came in only with the Bribery Act and is not retrospective in effect, and the conduct in question happened some years before.
Which offences can DPAs apply to?
US: Although initially used with individuals, DPAs and NPAs are now increasingly used in matters involving business organisations across a wide spectrum of alleged federal crimes. Rather than articulate the list of criminal offences for which the DPA may be used, the DOJ instead narrowly defines conduct which is not eligible for a DPA. DOJ policy prohibits the use of DPAs in matters involving national security, foreign affairs, against an individual with two or more felony convictions, in a case that would be by DOJ policy deferred to a state prosecution or a matter where the allegation is that a public official has violated the public trust (USAM ss9-22.100).
UK: DPAs are available only where the offender is a body corporate, partnership or unincorporated association. They cannot be used for offences committed by individuals. This will mean that where an offence is committed by both a corporate and an individual, in theory the corporate could be subject to a DPA while the individual would be prosecuted in the courts.
DPAs may be used for a range of offences, and their potential use is wider than some commentators had expected. DPAs are available for a range of common law offences, including conspiracy to defraud, and many statutory offences, of which the main ones include:
- the predicate money laundering offences under the Proceeds of Crime Act 2002 and an offence under the Money Laundering Regulations 2007;
- any of the four offences under the Bribery Act 2010;
- fraud, theft, forgery and other offences under the Fraud Act 2006, the Theft Act 1968 or the Forgery and Counterfeiting Act 1981;
- various offences under company law;
- breach of the prohibitions in the Financial Services and Markets Act 2000 (FSMA) on carrying on regulated activities without authorisation, the financial promotion restrictions, the ban on public offers of securities without an approved prospectus; and
- breach of the misleading statements and practices provisions in what is described in the legislation as FSMA, but these laws have been in the Financial Services Act 2012 for the past year. Presumably the Crime and Courts Act will be amended to take account of this.
Critically, the law also covers ancillary offences of aiding and abetting, or attempting or conspiring to commit any of these offences.
The Government has the power to change the list to add or remove offences.
Who can use a DPA?
US: Pre-trial agreements that defer or agree to forego a prosecution are available tools for federal, state and county prosecution personnel as well as others that are authorised to enforce federal and state regulations. For example, the SEC and the Environmental Protection Agency regularly use the approach to generate cooperation and resolution of enforcement actions. Likewise, states’ Attorneys General may use a DPA on alleged consumer fraud violations. Given the broad use of these agreements at the local level, counsel will need to examine the particular approach taken on a jurisdiction-by-jurisdiction approach.
UK: Currently, the Director of Public Prosecutions (DPP) and the Director of the Serious Fraud Office (SFO) are the designated prosecutors, although the Government has the power to designate further authorities and will need to do so if, for instance, the Financial Conduct Authority (FCA), which has criminal enforcement powers, wishes to take advantage of the introduction of DPAs. Experience of the prosecuting authorities to date suggests that the FCA might be the keenest to make use of these powers, if it gets them.
When will a DPA be used?
US: From a defendant's standpoint there are almost endless reasons to go for the DPA or NPA if faced with the serious possibility of being convicted of a crime or being on the wrong end of an enforcement judgment. Most notable is that the conviction often disqualifies the organisation or individual from participating in government contracts; a huge deterrent for many. Likewise, it is possible that a conviction or judgment could lead to an order prohibiting general business operations. Typically, the punishment for a conviction, whether monetary or incarceration or both, is much higher in the federal system if it comes at the end of a conviction by trial or plea. Most will also agree that damage to the brand of the organisation or individual is significantly reduced by the DPA or NPA ("we found the problem and fixed it" is a common and relatively successful refrain).
The Government's reason(s) for entering such agreements are both economic and the belief that it is good policy. DOJ policy identifies the objectives of the DPA and NPA as preventing future criminal activity among certain offenders, saving judicial resources for major cases and "to provide a vehicle for restitution to communities and victims of crime." The practical application is used when evidence sufficient to prosecute is present, but the combined self-disclosure, cooperation and concern over punishing individuals that were not involved (i.e. corporate shareholders) merits a DPA or NPA rather than a conviction.
The SEC's expressed reasons for the DPA reflect similar policy goals as those voiced by the DOJ with a strong emphasis on deterring continuing conduct and protecting the interests of corporate shareholders and the integrity of the marketplace. Specific requirements in the DPA include an agreement to:
- cooperate truthfully and fully in the Commission’s investigation and related enforcement actions;
- enter into a long-term tolling agreement;
- comply with express prohibitions and/or undertakings during a period of deferred prosecution; and
- under certain circumstances, agree either to admit or not to contest underlying facts that the Commission could assert to establish a violation of the federal securities laws.
UK: DPAs can be used when the evidential conditions to prosecute an offence are present (or the prosecutor has some evidence and believes it would find more), but it is not in the public interest to pursue a prosecution in the courts. It is the decision of the prosecutor whether to offer to negotiate a DPA, but the SFO in particular has made it clear that in many cases, even where a DPA is available, prosecution will be the preferred process. The DPA Code of Practice for the UK authorities sets out factors the authorities may take into account when deciding whether to enter into a DPA. Generally, factors likely to lead to a DPA rather than a prosecution include:
- if the offender has been generally proactive and cooperative;
- if the offender has no history of similar conduct;
- where the offending comprised isolated incidents by rogue individuals;
- where the offending is not recent and the organisation, its structure or its culture have changed for the better since the offending took place; and
- if a conviction is likely to have disproportionate consequences for the offender or collateral effects on the public, employees and other interested third parties.
What is the process for getting a DPA?
US: The process for obtaining a DPA or NPA is in many ways the traditional give and take that occurs with plea negotiations. Although not a hard and fast rule, early cooperation, particularly self-disclosure through a negotiated “proffer” discussion with prosecutors, is a common practice. The DOJ’s formal guidance process for successfully obtaining a DPA is set out in the Criminal Resource Manual s712 which provides in part:
- Divertees are initially selected by the US Attorney based on the eligibility criteria stated in USAM
- at the pre-charge stage; or
- at any point (prior to trial) at which a Pre-trial Diversion Agreement is effected.
- Participation in the program by the offender is voluntary:
- The divertee must sign a contract agreeing to waive his/her rights to a speedy trial and presentment of his/her case within the statute of limitations.
- The divertee must have advice of counsel and, if he/she cannot afford counsel, one will be appointed for him/her upon his/her application to the Chief Pretrial Services Officer (or Chief Probation Officer).
- All information obtained in the course of making the decision to divert an offender is confidential, except that written statements may be used for impeachment purposes. See USA Form 185, Letter to Offender, this Manual at 713.
- The Pretrial Diversion Agreement. The diversion period begins upon execution of a Pretrial Diversion Agreement.
- The period of supervision is not to exceed 18 months, but may be reduced in the case of federal employees.
The process for securing a DPA with the SEC generally follows this course:
- Prior to seeking authority to enter into a DPA, the staff should receive proffers from the cooperating individual and/or company.
- DPAs must be approved by the Commission.
- Unless the Commission directs otherwise, DPAs will be made available to the public upon request.
UK: The first step towards a DPA is when the prosecutor sends the offender a letter confirming it wishes to offer a DPA, and asking the offender to confirm whether it wishes to enter into negotiations towards one by a specified date. If the offender agrees, the prosecutor must then write to it explaining the process, including giving a warning of the potential consequences of giving inaccurate, misleading or incomplete information in the course of disclosure of relevant information. The letter will also contain undertakings for both sides on confidentiality of materials. Procedurally, the prosecutor must apply for a preliminary hearing in a court designated to approve DPAs, and must submit an application with supporting documents that explain why the DPA is in the interests of justice and is fair, reasonable and proportionate. Once this is approved, there should quickly be an application for final approval. Once the court approves the final DPA, the prosecutor will normally publish details of the DPA and its content as soon as possible.
What does a DPA look like?
US: DPAs are reduced to written form and include terms that require:
- an acknowledgement of responsibility for the conduct;
- an acknowledgement that if the defendant commits similar conduct during the pendency of the agreement that the Government may prosecute for any crime including the subject matter of the agreement;
- an obligation to cooperate with the Government's continuing investigation including making current employees available for testimony;
- information on what will happen if the Government determines that the defendant has breached the agreement;
- waiver of the defendant's right to a speedy trial and defences created by any relevant statute of limitations;
- language that prohibits the defendant from making contradictory factual representations as those found in the agreement; and
- the imposition of penalties, fines, restitution and other remedial relief.
UK: The Crime and Courts Act includes a list of terms which may be included in a DPA. The key aspects are:
- a statement of facts about the alleged offence;
- the requirements on the offender, such as payment of a fine, implementation of compliance changes, payment of prosecutors' fees and cooperating in investigations; and
- an end date for the DPA.
The DPA Code of Practice makes further suggestions, including a warranty by the offender and its legal advisers that all material provided does not knowingly contain inaccurate, misleading or incomplete information, and a further requirement to notify to the prosecutor any potentially relevant information which comes to light while the DPA is in force. The DPA may also contain a provision appointing a "monitor" to assess the offender's compliance controls and advise on necessary improvements. The offender would have to pay for this.
Will a DPA follow a self-report?
US: The DOJ and SEC have historically used DPAs and NPAs following a self-disclosure and remediation of the violative conduct. Any individual or business organisations can and should explore the approach the Government would take on a hypothetical basis before the Government fully commits to a DPA to avoid any admission in the event that both sides are not satisfied with the agreement's terms and conditions, in particular fine and penalty amounts as well as the term of post-agreement Government supervision.
UK: The most vocal UK enforcement agency is the SFO. Its former chief, Richard Alderman, had often intimated that firms concerned about potential bribery issues should come and talk to it. However, his replacement, David Green, has been at pains to stress the SFO is an enforcement agency, and not an advisor to businesses. He has also said on a number of occasions that self-reporting will not guarantee preferential treatment, and that the SFO will still prosecute where it thinks it is appropriate to do so. This has had the effect of making companies think twice before approaching the SFO. This may be counter-productive as the DPA Code of Practice guides the prosecutor to consider whether a self-report should have been made earlier and whether, for example, any delay in reporting while the company investigated internally might have led to the possibility of key documents being destroyed. However, while there is clearly no guarantee that where there is an offence, self-reporting will mean it will be addressed using a DPA rather than an immediate prosecution, failing to act on a breach of law that is a criminal offence will undoubtedly lead to greater penalties and the greater likelihood of prosecution when the enforcement agencies discover the breach. The DPA Code of Practice notes that where a corporate offender self-reports it will normally be appropriate for the individuals who have caused the corporate to offend will be investigated and where appropriate prosecuted.
What if a DPA goes wrong?
US: The US Attorney will formally decline prosecution upon satisfactory completion of program requirements. Upon breach of conditions of the Agreement by the defendant, the Chief Pretrial Services Officer (or the Chief Probation Officer) will so inform the US Attorney, who, in his/her discretion, may initiate prosecution. When prosecution is resumed, the US Attorney must furnish the offender with notice. The decision to terminate an individual from continuing to participate in pretrial diversion based upon breach of conditions rests exclusively with the US Attorney.
There are several strong ancillary considerations that any party must consider in deciding whether or not to enter into a DPA in the US system. First, the DPA's terms typically include an agreement to be monitored by an independent individual or organisation for compliance with any applicable agreement condition including avoidance of another violation of applicable law. These monitors have proven expensive so consideration should be given as to the monitor's duties and term of oversight. Second, DPAs and NPAs may be used in collateral civil litigation as admissions, evidence to fend off motions to dismiss or summary judgment and the basis for amending their initial complaint. These concerns are often paralleled by concern that statements made in the negotiation process, that are part of the DPA or communications to monitors, may also waive the attorney client privilege. Finally, careful consideration should be given to whether or not the DPA or NPA may create the basis for suspension and/or debarment from participation in federal government contracts. Given these concerns, counsel for the individual or organisation considering a DPA or NPA may ask the relevant government officer to review the agreement for its impact on contracting status prior to its execution or, alternatively, to obtain language in the DPA/NPA that suspension and/or debarment will not be initiated.
UK: If the offender complies with the DPA, then, when the DPA expires, the enforcement agency must notify the court that it will not continue the proceedings and cannot then bring fresh criminal proceedings for that offence. But if the prosecutor thinks the offender has not complied with the DPA or any of its terms, it can apply for a court decision on whether there has been a failure to comply. The court will determine this on the balance of probabilities. The offender will be given a chance to remedy any failure the court finds but, if this is not possible, the DPA will terminate and the enforcement agency will be able to continue its proceedings in court.
Enforcement authority appetite for DPAs
US: DPAs used by federal enforcement personnel have been very popular in recent years and, although such practices come in for some criticism as not being tough enough, their continued use is almost certain.
UK: It remains to be seen how keen the UK enforcement agencies will be on DPAs. As noted above, the SFO's stated appetite, which is reinforced by the DPA Code of Practice, is to prosecute unless there is a good reason not to do so. The law, and the Code, both indicate that DPAs are likely to be considered mainly for generally compliant companies, which have been let down by rogue intentional offenders, and which have discovered, reported and acted on breaches quickly. It seems clear that self-reporting sooner rather than later will help, so the timing of an approach to the authorities is likely to be key.
So, is there a future for DPAs?
The UK still awaits announcement of the first DPA under the Crime and Courts Act. But the most recent speeches from the SFO indicate that, despite some less than encouraging words, the SFO is still interested in self-reporting, and a genuine and proactive self-report, together with a remedial program appropriate to the crime, will hopefully lead to the success of DPAs in the UK to rival their use in the US.