Is it now inevitable corporates will face new “failure to prevent economic crime” offences?
“The scale of economic crime in the UK is very uncertain. It seems that it can reasonably be said to run into the tens of billions of pounds, and probably the hundreds of billions.” Treasury Committee report – 8.3.19
Back in September 2014, the then Attorney General, Jeremy Wright QC MP announced that the Government was considering proposals to create a new corporate offence of failing to prevent economic crime. A change of corporate culture was sighted as being necessary to fully address the scale of fraud reported by the Global Economic Crime Survey.
Winding the clock forward to 2017, the Government finally consulted on the potential reform of the law for economic crime such as fraud, false accounting and money laundering when committed on behalf of or in the name of companies. It called for evidence on the efficiency of the identification doctrine as a tool for effective enforcement against large companies. The results are yet to be published but are expected this year.
Last year Sir Brian Leveson and Lisa Osofsky , amongst others , have called for an extension to corporate criminal liability law and the creation of an all-encompassing failure to prevent fraud offence. This it has been argued would be in the public interest and ensure that corporations would be held accountable for the fraudulent criminal conduct.
The House of Lords Bribery Act Committee last month called for a decision on whether to introduce a failure to prevent fraud offence without delay. This followed the Treasury Committee’s published report on 8 March 2019 requesting that the Government should consider proposals for new legislation, including a proposal that a company would be guilty of the substantive criminal offence if a person associated with it commits a certain offence, and the introduction of a new offence of failing to prevent economic crime.
Corporate Criminal Liability: the current law
“Corporate criminal liability” is a term that describes the legal mechanisms by which companies – as separate legal entities distinct from their owners, officers or employees – can be held to account under the criminal law for wrongdoing.
Apart from strict liability and vicarious liability criminal offences, cororate criminal liability for fraud and economic crimes, is currently determined using the well established and highly litigated identification principle. This is derived from common law rules. In the leading case of Tesco Supermarkets Ltd v Nattrass  A.C. 153, the House of Lords ruled that the attribution of corporate criminal liability for offences requiring proof of criminal intent, is governed by a doctrine of general application applied without reference to the legislative context of the offence. The case establishes that corporations acted through living persons and that such a person properly identified would not be acting or speaking for the company, but as the company itself - thereby attributing criminal liability to the company. However this would only apply if the person concerned was a directing mind and will of the company.
In his leading opinion, Lord Diplock took the view that in order to determine the scope of such persons, the acts and state of mind of whom can be attributed to the company, one need only look to the company’s memorandum and articles of association to identify those who control the company. These would usually be in the form of the board of directors, the managing director and possibly other superior officers of the company. In addition a criminal conviction of the company requires such a person, having been identified as a directing mind and will of the company, to possess the state of mind and intent required for the criminal offence to be proved.
Therefore the common law principle sets out that a company can be fixed with criminal liability by proving the guilty acts and state of mind of a person who represented the “directing mind and will” of the company at the relevant time.
Why is a new offence being proposed for corporate criminal liability?
As the recent call for evidence pointed out: some prosecutors, academics and practising lawyers regard the Tesco v Nattrass test as being inadequate as a means of holding companies liable for criminal wrongdoing.
The problems and controversy arise as it can often be difficult to ascertain or prove who represents the “directing mind and will” of a company. This is particularly so for large multi-national companies where the decision making may take place in a variety of forms, within the hierarchy and governance of the organisation.
Critics argue that the principles encourage companies to decentralise responsibilities to avoid liability, making it difficult to identify a senior individual who is in charge of a particular criminal conduct with the required level of knowledge or intention.
The Tesco v Nattrass test can prevent commercial organisations from being held criminally liable in circumstances where there has been a collective failure at board level, but it is not possible to attribute particular failings to specific individuals at that position in the corporate hierarchy.
And so the application of the identification doctrine continues to attract considerable criticism, as it is left to judges to determine on a case by case basis whether criminal liability arises often after long and resource intensive investigations have been carried out. Many consider the current law is not fit for purpose. This has been recognised because the consultation refers to the fact that “the Government is concerned to explore fully whether the operation of the doctrine is hindering the effective administration of justice.”
It is therefore perhaps no surprise that Lisa Osofsky, Director of the SFO, recently gave oral evidence to the Bribery Act 2010 Committee, on 13 November 2018 stating that: “It might make sense to treat all economic crime in the same way...It can feel inconsistent - though I do not want to say it, because they are just different rules – to treat bribery in one category and failure to prevent tax evasion, under the Criminal Finances Act in place since last year, in another. What about the other economic crimes? ... if I could not get vicarious liability across the board, I would certainly be happy having a failure to prevent offence that I could use throughout the economic crime arena.”
Alun Milford, former General Counsel to the SFO, has also argued that affixing criminal liability using the identification principle is unfair in application, unhelpful in impact and unprincipled in scope.
Unfair in application
It is easier to attach corporate liability to a single mided enterprise than to a multi-national corporate, because of the requirement to identify the directing will and mind of the company. Under the identification principle, corporate attribution may end up being determined by factors such as a company’s size or structure. It is argued that this means that multi-national corporates are unfairly escaping liability. Lawyers giving evidence to the House of Lords Bribery Act 2010 Committee have voiced this perceived unfairness, with smaller companies feeling more vulnerable. Specifically, the example of the prosecution of Skansen Interiors Ltd was cited. This was a small company which was prosecuted for failure to prevent bribery. There is a growing perception that larger companies in the same position may not have been prosecuted or may have been offered a Deferred Prosecution Agreement.
The problem was highlighted by the the difficulties in mounting a prosecution of UBS over LIBOR fixing, leaving the SFO to prosecut the UBS employee Tom Hayes and others. More recently on 26 October 2018 the High Court ruled against the SFO and confirmed that charges brought by it against two corporates – Barclays PLC and Barclays Bank PLC – in connection with a capital-raising and loan with Qatar in 2008 could not be reinstated, having already been dismissed in the Crown Court on 21 May 2018.
Lacking a coherent principle
There is no principled reason for the distinction in treatment between different economic crimes. Why should failure to prevent bribery or the facilitation of tax evasion be singled out whilst other economic crimes are not?
The principles underpinning failure to prevent economic crimes are the same, the application should therefore be universal.
Transparency International in particular focuses on money laundering offences and the need to include these as part of any new “failure to prevent” legislation.
De-incentivises good corporate governance
In front of the committee, Sir Brian Leveson strongly promoted the importance of “failure to prevent” style offences in shifting the onus onto the corporate to prove they had adequate procedures in place. If a company is to be potentially held criminally liable for not preventing tax evasion and bribery, how can it be justified to not require fraud to be prevented in the same way?
Our current system of limited corporate liability incentivises a company’s board to distance itself from the company’s operations. In this way, it operates in precisely the opposite way to the Bribery Act 2010, one of whose underlying policy rationales was to secure a change in corporate culture by ensuring boards set an appropriate tone from the top.
Affixing criminal liability through the identification principle means that a company can avoid liability if the “directing mind and will” of the company is not possible to ascertain.
A “don’t raise that with me attitude” is cited by the SFO as being incentivised by the current state of the law, as well as poor record keeping, devolved decision making, and important documents being spread over a number of jurisdictions or entities.
A failure to prevent fraud offence would place the onus back onto companies to show their compliance, rather than rewarding poor governance and de-incentivising clear structures allowing companies to escape criminal liability.
So how would a failure to prevent fraud offence work?
Currently there is no all-encompassing offence of failure to prevent fraud. The “failure to prevent” model has however been used in two specific instances:
The Bribery Act 2010
Section 7 of the Bribery Act 2010 provides that a company may be guilty of an offence if a person associated with that company bribes another. The definition of an “associated person” is wide. It includes anyone who performs a service for the company and therefore can capture employees, agents or subsidiaries. The legislation therefore prevents a company from employing an agent who pays bribes on behalf of the company, without the company’s specific knowledge. The onus is on the company to prevent any associated persons acting in this way.
Statutory defences are provided for if it can show that the company had in place “reasonable procedures” to prevent bribery.
The Bribery Act Guidance sets out six key principles which a company can implement to establish “reasonable procedures”: proportionate procedures; top level commitment; risk assessment; due diligence; communications (including training); and monitoring.
The Criminal Finances Act 2017
The Criminal Finances Act 2017 has more recently created two offences of “failure to prevent” tax evasion: failure to prevent facilitation of UK tax evasion (section 45) and failure to prevent facilitation of foreign tax evasion (section 46). Again, the offences here were aimed at overcoming the difficulty in attributing liability to corporates for tax evasion where actions are carried out by the company’s employees or agents.
Mirroring the legislation in the Bribery Act 2010, the Criminal Finances Act 2017 makes the facilitation of tax evasion by an “associated person” to a company an offence. Again, this extends liability of companies to make them responsible for those who perform services for or on behalf of a company. This is determined by reference to all the circumstances – not merely by reference to the nature of the relationship between the person and company. Therefore if the company fails to prevent its representative from this criminal facilitation, it commits the offence. Similarly, it is a defence for the company to have in place “reasonable prevention procedures”.
And so the calls for a failure to prevent fraud offence come in light of the perceived imperfections with the current state of the law and the perceived injustice that is generated by prosecution agencies having to rely upon the historical identification principle.
It is strongly anticipated that if a failure to prevent fraud offence is to be brought onto the statute books, then it will be modelled on these existing statutory regimes.
But will it be too large a burden?
A key argument against a new failure to prevent fraud offence is that its imposition would impose too large a burden on business, which in turn negatively impacts on the economy. The size of the company will clearly impact on what is required from a compliance perspective. There are the already existing compliance requirements to also factor into how companies are to be expected to respond.
Further arguments against the imposition include the disparity between standards that companies in the UK will be operating at and companies based in other jurisdictions. These same risks were identified before the imposition of the Bribery Act 2010, however, it is now widely recognised that the UK leads the field in anti-bribery prevention.
A further argument against the approach is the fear that companies will only comply superficially with the law and guidance. If companies only comply superficially, making cosmetic changes without developing robust internal mechanisms to prevent fraud, then the impact of any change of the law may be minimal.
Other alternatives to a failure to prevent offence could be amending the current indentification doctrine or introducting a vicarious liability offence of fraud. In the US, corporates can be held vicariously liable for the actions of their employees. The SFO has cited the US as an example of a much stronger enforcement regime, where vicarious liability can be effectively used to hold companies criminally liable for the actions of their employees. Indeed, US government prosecutors can assign corporate liability much more easily.
Consumers are increasingly demanding to know where corporations stand on issues that matter to them. Companies who argue against failure to prevent models may face reputational consequences. For many, extending criminal liability in a way which requires reasonable precautions to prevent economic crime within the company is not controversial.
Despite Brexit, the Government must progress domestic policies. The Treasury Committee this month have stated that “It is wrong and potentially dangerous to not reform this area. The Government should consider proposals for new legislation, including a proposal that a company would be guilty of the substantive criminal offence if a person associated with it commits a certain offence, and the introduction of a new offence of failing to prevent economic crime.”
As the National Economic Crime Centre is launched, and the Government commits to building a world class fraud and cybercrime court in the City of London containing 18 courtrooms to “reinforce the UK’s position as a global legal hub”, are we about to see the creation of new offences to bring companies to court for fraud?