Summary - your speed read
On Friday 23 October, the SFO published a new chapter in its Operational Handbook dealing with Deferred Prosecution Agreements (DPAs).
The chapter largely serves to pull together the various sources of guidance that were already available, along with key points arising from previous DPAs. It does not change the law applicable to the DPA process. It does however provide some clarification in relation to topics including: (i) the impact that self-reporting and the waiver of privilege can have on the availability of a DPA; (ii) the exclusions to the confidentiality of the DPA process; (iii) the naming of third parties in the Statement of Facts; (iv) the standard terms to be incorporated into DPAs; and (v) the calculation of financial terms.
- The chapter confirms that failure to self-report is not a bar to a DPA, though such failure is a public interest factor favouring prosecution;
- The chapter confirms that waiving privilege goes towards co-operation, but acknowledges that a company can neither be compelled to waive privilege nor penalised for not doing so;
- There is additional guidance about the SFO's expectations when a company is relying on exceptions to the confidentiality of the DPA process, which confirms that the SFO requires to be notified of and must agree to any disclosures of such confidential information;
- The chapter requires the SFO to consider the necessity for and the impact of the publication of third parties' identities in the Statement of Facts, and to consider whether such publication is compliant with the Data Protection Act 2018 and the European Convention on Human Rights. The guidance makes provision for the fact that anonymization and/or delayed publication of the Statement of Facts may be appropriate in certain cases;
- Companies and their advisers need to take note of a new standard term listed in the chapter which reads, "[the DPA] does not provide any protection against prosecution for conduct not charged in the indictment, even where the conduct has been disclosed during the course of DPA negotiations but not charged (emphasis added)";
- The chapter reiterates the importance of compensation for the victims of the wrongdoing and states that if compensation cannot be agreed, the reasons for this must accompany the Court application for approval of the DPA;
- The chapter confirms that the financial penalty is calculated according to the principles of culpability and harm set out in the Sentencing Council Guideline “Corporate offenders: fraud, bribery and money laundering.” However, the new chapter provides no insight into how the discount is calculated, or any guidance as to how companies can maximise the level of discount offered aside from the general known requirement to co-operate with the investigation. Helpfully the new chapter provides that where DPAs or other resolutions are agreed in multiple jurisdictions, consideration will need to be given to their respective financial terms and how they are offset or apportioned in those jurisdictions.
"A DPA is a Court approved agreement between a company and a prosecutor at the SFO or Crown Prosecution Service, providing an alternative to prosecution of the company where it is in the public interest. The agreement allows a prosecution to be suspended for a defined period provided the organisation meets certain specified conditions. DPAs require the company to admit to the misconduct, pay a financial penalty and agree to adhere to conditions set out by the prosecutor to ensure future co-operation and compliance."
The SFO has entered into nine DPAs to date, the most recent being with Airline Services Limited, which received court approval on 30 October 2020.
On 23 October 2020 the SFO published a DPA chapter for its Operational Handbook. The Handbook is for internal SFO guidance and is published solely in the interests of transparency. Nevertheless, the Handbook often provides helpful guidance to companies that are subject to investigation and offers useful information for their advisers. SFO Director Lisa Osofsky described the chapter as offering "comprehensive guidance on how [the SFO] approach Deferred Prosecution Agreements (DPAs), and how [the SFO] engage with companies where a DPA is a prospective outcome."
The DPA chapter predominantly reflects the content of Schedule 17 of the Crime and Courts Act 2013, the DPA Code of Practice (the DPA Code) and other existing guidance, and provides limited clarification in relation to a small number of areas. Whilst it is to be welcomed that the SFO is making its position clear, the chapter tends to clarify points upon which there was existing consensus among practitioners and does not give further guidance on points where such guidance would be most helpful.
The evidential and public interest tests
Before the SFO can invite a company to enter into negotiations for a DPA, the SFO prosecutor must be satisfied that either (a) the evidential stage of the Full Code Test in the Code for Crown Prosecutors is satisfied, or (b) there is at least a reasonable suspicion based upon some admissible evidence that the company has committed the offence, and there are reasonable grounds for believing that a continued investigation would provide further admissible evidence within a reasonable period of time, so that all the evidence together would be capable of establishing a realistic prospect of conviction in accordance with the Full Code Test. The prosecutor must also be satisfied that the public interest would be served by a DPA.
The new chapter confirms that the second limb of the evidential test is analogous to the Threshold Test in the Code for Crown Prosecutors.
The chapter calls out the potential consequences following conviction of mandatory or discretionary exclusion from public contacts, as well as the potential licensing implications for regulated companies. These consequences now require particular consideration by the prosecutor when deciding if a DPA is appropriate and both are considered to weigh in favour of a DPA. Previously, the consequence of being excluded from public contracts was merely a footnote in the DPA Code and licensing implications were not specifically called out as requiring consideration. The acknowledgment by the SFO of the gravity of such consequences will be welcomed by companies.
Co-operation factors- waiving privilege and self reporting
As is widely known, co-operation is "a key factor" in determining if a company will be invited to negotiate a DPA. The chapter confirms that companies' co-operation will be evaluated using the SFO's Corporate Co-Operation Guidance.
In addition to the actions that a company's management may take to demonstrate co-operation already listed at paragraph 2.8.2(i) of the DPA Code, the chapter includes, in line with the SFO's public pronouncements on the issue, that a waiver of privilege over relevant materials goes towards co-operation. The chapter acknowledges that a "Company can neither be compelled to waive privilege, nor penalised for not waiving privilege." However, despite this acknowledgement, this stance by the SFO is unwelcome to companies and their advisers who would prefer the SFO had no expectation of ever obtaining privileged materials.
On a more welcome note, the SFO reiterates its position taken in the Rolls Royce DPA that failure to self-report is not a bar to a DPA. It also confirms that self-reporting within a reasonable time is sufficient to demonstrate co-operation. However, the chapter does not address the recommendation of the House of Lords Select Committee on the Bribery Act 2010, made in its 2019 report, that there should be a distinction between the discount offered to those companies which self-report and those which co-operate with the investigation but did not self-report.
Internal considerations for the SFO - parallel investigations and DPA invitations
The chapter lists different elements that the SFO will consider when there are parallel investigations ongoing by overseas agencies or other UK agencies. These elements largely focus on the need for communication, co-ordination and information sharing between the respective agencies. However, no insight is provided as to what decision the SFO may make regarding a DPA as a result of the existence of parallel investigations, nor is there any guidance as to how a company should conduct itself in relation to the SFO when there are parallel investigations.
The guidance also sets out the prosecutor's considerations when determining the entity that will receive the invitation to enter into DPA negotiations. The considerations are consistent with the approach taken by the SFO to date, confirming that the invitation usually goes to the company which is the subject of the investigation, or the parent entity if it has been involved in discussions with the prosecutor to date.
SFO expectations when the company intends to disclose confidential information
According to the DPA Code, prior to substantive DPA negotiations commencing, the company will have to provide an undertaking "that information provided by the prosecutor in the course of DPA negotiations will be treated as confidential and will not be disclosed to any other party, other than for the purposes of the DPA negotiations or as required by law".
The chapter sets out that in addition to this undertaking, the SFO will require the company to notify it prior to making any disclosure of such information. This is to ensure that the SFO can "consider any impact on confidentiality obligations or prejudice to the investigation(s) and any potential prosecution before agreeing to any disclosure (emphasis added)."
Whilst companies would likely have informed the SFO prior to making any disclosure of confidential information, the requirement to do so and to potentially have to wait for SFO agreement may slow down a company's internal and external consultations during the DPA process. The chapter does not tackle how a company is to marry its obligation under the Market Abuse Regulations to "inform the public as soon as possible" if inside information comes to light during the DPA negotiations with these requirements. Companies should address this risk at the outset to ensure that its regulatory obligations to the market can be discharged.
Individuals may continue to be named in the statement of facts
In a nod to the recent criticisms of the practice of naming individuals in the Statement of Facts that accompanies a DPA, the SFO has acknowledged that "[c]onsideration must be given to the necessity for and impact of the identities of third parties being published and whether this would be compliant with the Data Protection Act 2018 and the European Convention on Human Rights."
The chapter acknowledges that anonymization or redaction of third parties' identities or the delayed publication of the Statement of Facts may be appropriate in some cases. This acknowledgement does not go as far as saying that the SFO will refrain from identifying third parties, but is a tacit recognition on the part of the SFO that these individuals' rights are at play when the Statement of Facts is published.
Following the anonymization of the Airline Services' Statement of Facts and the postponement of the publication of the Sarclad judgment (previously XYZ Ltd) and the Sarclad, Serco and G4S Statements of Facts in order to avoid prejudicing legal proceedings against individuals, the acknowledgement in the chapter reflects the practice that had been developing in the DPA regime.
Standard and financial DPA terms
The chapter lists the standard terms that the SFO will endeavour to include in all DPAs, including a term incorporated in the recent G4S DPA which notes "[the DPA] does not provide any protection against prosecution for conduct not charged in the indictment, even where the conduct has been disclosed during the course of DPA negotiations but not charged". This is different from terms included in a number of earlier DPAs which provided that the DPA does "not provide any protection against prosecution for conduct not disclosed by [X] prior to the date on which the Agreement comes into force …".
By agreeing to this standard term, the company will be agreeing that the SFO or another prosecutor can prosecute it at a later date for conduct disclosed during the DPA negotiations but that is not included in the indictment. This can arise, for example, if the evidence in relation to certain conduct does not satisfy the requisite evidential tests at the time of the DPA. This introduces a new element of risk, as a key objective of many companies is to remove further exposure to conduct that has been identified and remediated as part of a DPA process. Interestingly, the latest DPA with Airline Services Limited contains the earlier, more limited version of this standard term.
The chapter also goes into some detail as to the expected financial terms in DPAs. Again, many of the principles and structure of these terms can be seen in the DPAs to date. However, it is worth noting that the SFO re-iterates the importance of compensation payments and has stated that where a compensation payment cannot be agreed, reasons must be provided for the omission. To date, only the Standard Bank DPA included a compensation payment. In the Tesco case, although the DPA did not provide for compensation, Tesco agreed to participate in a scheme to compensate certain shareholders in separate regulatory proceedings with the FCA. In addition, in Serco and G4S there had been previous civil settlements with the Ministry of Justice. The judgment in the Airbus DPA stated that compensation in DPAs is only intended for clear and simple cases.
The chapter also gives a helpful overview of how the SFO uses the Sentencing Council Guideline “Corporate offenders: Fraud, bribery and money laundering” to calculate its proposed financial penalty. Whilst the chapter acknowledges that discounts to the financial penalty of 50% have been applied in the majority of DPAs due to the levels of co-operation demonstrated, the guidance does not provide any insight into how the SFO determines what level of discount a company may be offered.
The DPA chapter is comprehensive in that it covers the full DPA process, referring to existing guidance as applicable to each stage of the process. The sections on co-operation, confidentiality, third parties' identities and standard and financial DPA terms are also important for practitioners and companies to be aware of during the DPA process. However, there is little that is unexpected or new in the chapter, and practitioners will have to continue to look to future DPAs for further insight on how the SFO approaches DPAs and engages "with companies where a DPA is a prospective outcome."