Chris Roberts, who focuses on white collar criminal law, spoke at this year’s Cambridge International Symposium on Economic Crime on the key issues for corporates in a changing legal landscape: the developments in strict liability offences for corporates, with the Criminal Finances Act 2017 (“CFA17”) recently coming into force, and the development of Deferred Prosecution Agreements (“DPAs”).

It is increasingly necessary for those managing and controlling corporates to be proactive, rather than reactive, in responding to these developments.

Why the move to strict liability offences?

Historically, it was difficult for corporates to be found guilty of a corruption offence. The prosecutor had to prove that the “directing mind and will” of the corporate was involved in the offence so as to impute the state of mind of the relevant individuals to the corporate – the identification principle. That is, the individuals at the top of a corporate must themselves be criminally responsible to establish the guilt of the corporate.

The difficulty faced by prosecutors was that for larger, more complicated companies it has proved difficult, if nigh on impossible, to show that the directing mind and will of a company was engaged in the corrupt activity.

The first key strict liability offence

Partly as a result of this difficulty, in 2010 Parliament passed the Bribery Act (“BA10”) which came into force on 1 July 2011. As well as updating the law on bribery, section 7 of the BA10 introduced the strict liability offence for a corporate of failing to prevent a person associated with it of committing bribery. The only defence is if the corporate has in place “adequate procedures” designed to prevent persons associated with the corporate from engaging in bribery. As yet, there has been no judgment which has considered in detail what would constitute “adequate procedures”, though guidance has been issued by the Ministry of Justice1 , as well as organisations such as Transparency International. 

This strict liability approach has continued with the two new offences in the CFA17 of failing to prevent the facilitation of UK or foreign tax evasion.2 That is, a corporate will be guilty of an offence if it fails to prevent the facilitation of tax evasion by an employee, agent, or anyone else acting for or on behalf of the corporate.

As with section 7 of the BA10, the only defence is if the corporate had “prevention procedures” in place. Interestingly, whereas section 7 of the BA10 requires a corporate to have “adequate procedures” in place to prevent bribery, the CFA17 requires a corporate to have “such prevention procedures as it was reasonable in all the circumstances to expect [it] to have in place”. Whilst the defence in the CFA17 seems less stringent than the defence in the BA10, we will have to wait and see how the courts interpret these tests.

The effect of more strict liability offences

At the Symposium the Solicitor General noted in his speech that, in his view, limited liability has the effect of incentivising a company’s board to distance itself from the company’s operations3 . The increase in strict liability offences for corporates therefore potentially signals the start of a wider shift in approach to counter this incentive. These strict liability offences require those managing and controlling institutions to have the necessary policies and procedures in place, and – crucially – to ensure these are maintained and updated. 

As well as the move to strict liability, there have been developments in another means of fighting corruption and tax evasion: the DPA.


Prosecutors can now offer DPAs for certain corporate offences as listed in Schedule 17 of the Crime and Courts Act 2013 (“CCA13”). The offence of failing to prevent bribery was perhaps the most high-profile of such corporate offences when the CCA13 came into force, and the new corporate offences of failing to prevent UK or foreign tax evasion have now been added to this list.

A DPA is an agreement between a prosecutor and a corporate (and only a corporate) which is approved by the Court and effectively suspends prosecution for an agreed period of time. The agreement is subject to certain conditions, potentially including the appointment of a monitor, and if these are fully complied with for the life of the DPA, the prosecution is withdrawn.

Under a DPA the corporate will still be liable for the punishment it would have been subject to had the SFO pursued a successful prosecution against it. This includes disgorgement of profit, payment of the SFO’s costs and remediation of any flaws in control and compliance policies. That being said, a corporate can obtain a discount on the financial penalties under a DPA. From a corporate’s point of view, a DPA can offer more predictability by offering shorter and less costly proceedings, drawing a line under the alleged offence.

A corporate must be invited to negotiate a DPA by the prosecutor. In the DPA Code of Practice, one public interest factor against prosecution and in favour of offering to negotiate a DPA is cooperation.4  

Cooperation specifically incorporates self-reporting of an offence by the corporate once the offence has been brought to its attention. Therefore when an issue is identified there is a further burden on those who manage and control our institutions – specifically, do they take the decision to self-report?

When taking this decision, corporates must examine how the DPA regime has operated in the UK to date.

The DPA regime to date

There have been 4 DPAs since they were introduced in 2014, all relating to bribery and other corruption offences. The most high-profile DPA is the agreement with Rolls-Royce pursuant to which Rolls-Royce had to pay a penalty in the UK totalling £497 million (plus the SFO’s costs of £13 million) after an investigation which lasted for 4 years. Whilst this penalty was the highest of the DPAs to date, even this was after Rolls-Royce had obtained a 50% discount to reflect what the Court described as its “extraordinary” cooperation with the SFO’s investigation.

In his judgment approving the Rolls-Royce DPA Sir Brian Leveson highlighted that a “self report would usually be highly relevant”5 when determining whether to approve a DPA. However, in the case of Rolls-Royce “the SFO had been alerted [to the allegations of corruption] because of [a] public internet posting and had initiated an inquiry.”6 Despite Rolls-Royce not self-reporting, Sir Brian Leveson accepted that, in light of its subsequent “extraordinary” cooperation, he should not distinguish between Rolls-Royce and a corporate which had self-reported.

General Counsel at the SFO Alun Milford, when speaking at the Symposium, highlighted the level of cooperation required if a corporate has not selfreported: the corporate will not “get a DPA offer by doing nothing, waiting for a phone call from the SFO and then going through the motions”.7 The absence of a self-report meant that Rolls-Royce started at a disadvantage, but for a number of years thereafter had provided the SFO with a high degree of cooperation, involving bringing to the SFO’s attention wrongdoing they had hitherto been unaware of. Mr Milford stressed that a DPA offer is unlikely to be forthcoming if the SFO already has a significant amount of information about wrongdoing by the time the corporate makes contact. At that stage, if a company had not self-reported, “no amount of protestations of a desire to cooperate ... [would] make up the deficit”. 

This demonstrates not just the extent of Rolls-Royce’s cooperation but, crucially, the importance of the decision on whether or not to self-report.

It is in this environment that the offences of failing to prevent UK or foreign tax evasion have been added to the list of offences for which a DPA can be agreed. It may well be the case that in the future other new corporate offences will be eligible for DPAs, further entrenching DPAs as a means in fighting corruption.


The changing legal landscape in the UK means that corporates must now not just be proactive in preventing corruption and tax evasion, given the shift toward strict liability offences. If an offence has or may have been committed, corporates must also decide whether or not to self-report the (potential) offence to the prosecutor – a significant decision which must not be taken lightly.