Bribery And Corruption: What Now For 2016?

4 February, 2016

2015 proved to be an eventful year in the fight against bribery and corruption. High- profile global investigations and prosecutions dominated the headlines and, closer to home, the Serious Fraud Office (SFO) scored a double first: its first Deferred Prosecution Agreement (DPA) and first conviction for the corporate offence of failure to prevent bribery.

However, it would seem that businesses are still not doing enough to prevent bribery, particularly in relation to the risks posed by third-party agents and intermediaries. The continued increase in investment opportunities in high-risk jurisdictions means that companies need to ensure their policies work at the coalface. Complacency is not an option. Here we look back at the developments of 2015, the key themes emerging, and the implications for companies in 2016.

The SFO flexes its enforcement muscles

In 2014, the SFO added to its enforcement armoury (see BRIEF RECAP). In 2015, it took its new toys out of the box.

First DPA

On 30 November, Sir Brian Leveson approved the first DPA between the SFO and ICBC Standard Bank Plc (Standard Bank) in relation to a section 7 offence.

Standard Bank had acted together with its Tanzanian sister company, Stanbic Bank Tanzania Ltd (Stanbic), on a joint mandate in relation to a sovereign note placement for the Government of Tanzania. The charge underlying the DPA was based on payments that were made to a local partner and turned out to be the conduit for bribery of government officials. The payments were made by two key individuals at Stanbic and, given their seniority, Stanbic itself. However, given that both companies stood to benefit from the transaction and were acting jointly (with different but complementary roles), the employees and Stanbic were deemed to be "associated persons" of Standard Bank performing services on its behalf and for its benefit. Standard Bank was therefore liable for the section 7 offence.

As to adequate procedures, Standard Bank had relied on Stanbic to carry out the necessary compliance checks. That reliance, and the consequent failure to spot the red flags inherent in the transaction and ask its own questions, meant that its procedures were held to be inadequate.

THE UK BRIBERY REGIME: BRIEF RECAP

The UK Bribery Act has been in force since July 2011. This introduced the section 7 corporate offence of failure on the part of a commercial organisation to prevent bribery being committed by an associated person with the intention of benefiting that organisation (section 7 offence). However, an organisation will have a complete defence if it can show that "adequate" procedures designed to prevent bribery were in place.

The SFO added to its enforcement armoury in February 2014 when it became able to enter into DPAs with corporates guilty of economic crimes. Under a DPA, proceedings are instituted but then deferred on terms (such as the payment of a financial penalty, compensation and implementation of a compliance programme). If, within the specified time, the terms of the agreement are met, proceedings are discontinued; a breach of the terms of the agreement can lead to the suspension being lifted and the prosecution pursued.

Finally, in October 2014, sentencing guidelines on financial penalties for companies convicted of economic crimes came into force. They will be used to inform the level of any financial penalty that forms part of a DPA or in sentencing anyone found guilty of a Bribery Act offence.

The Bank was ordered to pay compensation to the Tanzanian Government (i.e. pay back the bribe of US$6m plus interest), disgorge the profit made (US$8.4m), co-operate in further investigations, undergo a compliance review, and pay the SFO's legal costs (£330,000). It also had to pay a financial penalty of US$16.8m.

First section 7 conviction

On 18 December 2015, Sweett Group PLC (Sweett) pleaded guilty to securing and retaining contracts in Dubai through bribery committed by its UAE subsidiary. Sweett is expected to be sentenced in February 2016 at Southwark Crown Court. This will provide further guidance on how the sentencing guidelines are applied in practice.

In addition to securing its first DPA and section 7 conviction, the SFO opened 16 new investigations in 2015 and has confirmed that 2016 will see more DPAs and Bribery Act 2010 convictions. Separately, in Scotland, we saw the first concluded settlement for a contravention of the section 7 offence (involving Brand-Rex Limited) – the third concluded corporate self-report and civil settlement in Scotland.

As these developments illustrate, the SFO's appetite for prosecution has not decreased. They also show that DPAs are not an "easy option". The judgment of Sir Brian Leveson highlights how difficult it will be for companies to secure a DPA and the level of co- operation and engagement with the SFO that is required. The Standard Bank case was, in many ways, the perfect test case for a DPA, and so uncertainties remain as to how high the bar is set for securing one. That said, it has provided some long-awaited insight into how the section 7 offence works in practice and the DPA process generally.

The section 7 offence

Implications for group companies and joint venture arrangements

The Standard Bank case confirms that sister companies in a group acting together can be regarded as acting on behalf of each other and with the intention to benefit each other as well as themselves. Given the level of involvement of and reward to Standard Bank in this case (the fee was split 50/50), this finding is hardly surprising.

The decision does, however, raise potential issues for those entering into a joint venture arrangement with a local partner. If the local partner (via its employees or agents) commits bribery intending to secure a contract that benefits the JV business, then a UK-based JV partner could be liable under section 7. The Ministry of Justice guidance on contractual joint ventures states that liability will turn on the degree of control of the organisation over the joint venture arrangement – a question of fact to be decided by the courts on a case- by-case basis. Based on the SFO's analysis in the Standard Bank case, if two entities are equal partners in a transaction, albeit with different roles, this may be enough.

Adequate procedures

The more surprising findings from the Standard Bank DPA relate to the adequate procedures required in order to put up a defence to a section 7 offence in these types of arrangements where there is often delegation or sharing of compliance responsibilities.

As you would expect from a bank, Standard Bank had detailed policies and procedures in place. However, these were found to be inadequate. Many reasons were given in the Statement of Facts, but essentially the failings related to Standard Bank's delegation of its compliance responsibilities to Stanbic. In order to push the deal through more quickly, the Standard Bank team chose to interpret its procedures in a way that allowed it to rely solely on its sister company to carry out the necessary compliance checks in relation to the local partner. These checks turned out to be completely inadequate. This reliance on an unclear policy, and Standard Bank's consequent failure to spot the obvious red flags inherent in the transaction and ask its own questions, meant its procedures were deemed inadequate.

So, where does this leave companies going forward? Ben Morgan, the SFO's joint head of bribery and corruption, gave guidance on adequate procedures in his speech on 1 December 2015. He emphasised the importance of "a culture in which people are able to spot what is in front of them, and react to it" and that "the effectiveness of an organisation's procedures should be judged by how things manifest themselves in a particular transactional context, not in the abstract. The quality of an organisation's compliance culture isn't defined by how much money it has spent on trying to implement it, or how earnestly people at the top talk about it, but rather by how people at the coalface actually live it".1

Securing a DPA

Co-operation is key

The Standard Bank DPA, and in particular the approvals of Sir Brian Leveson, confirmed that early self-reporting and genuine co-operation with the SFO are essential if a DPA is to be secured.

Sir Brian Leveson made particular reference to the fact that the Bank's initial disclosure to the SFO was within days of the suspicions coming to the Bank's attention – before its solicitors had commenced, let alone completed, the Bank's own investigation. Crucially, the weight given to an organisation's self-report will depend on the totality of information that an organisation provides to the prosecutor. Standard Bank conducted a detailed internal investigation that had been sanctioned by the SFO and reported its findings. It also gave the SFO access to electronic and documentary evidence and a summary of first accounts of interviewees. As a result, the SFO was able to review the material and conduct its own interviews of those involved, facilitated by Standard Bank.

The SFO has been quick to praise the "innovative approach" of Standard Bank and its advisers in engaging proactively with the SFO, and it hopes that such an approach will become commonplace going forward. In his recent speech, Ben Morgan gave further insight into what the SFO will regard as "full co-operation". He noted that there appear to be two schools of practice – those who choose to genuinely engage with the SFO and those who try to game the system by offering "pseudo-co-operation". Only the former will suffice. He added that "genuine co- operation" involves "prompt reporting, scoping and conducting your own investigation in conjunction with [the SFO's], taking into account [the SFO] interests in doing so and providing access to the kind of material [the SFO] needs to test the quality of evidence gathered and your own conclusions on it". "Pseudo- co-operation" on the other hand involves internal investigations that are kept from the SFO right until the end, and that culminate in a "whitewash" document intended to put the matter to bed before the SFO even looks at it.

The requirement for full co-operation is highlighted when you compare the fates of Standard Bank and Sweett. What is most interesting about the Sweett case is the apparent deterioration of the relationship between the SFO and Sweett following its self-report in July 2014. In a statement published in November 2014, Sweett commented that the SFO no longer viewed the company as co-operative. The sole reason for this seems to be the company's decision, based on legal advice, to continue with its own independent investigation. The SFO took this position, notwithstanding that Sweett publicly stated that it would continue to comply with all reasonable requests made by the SFO, subject to legal professional privilege.

Level of judicial scrutiny

The key differentiating factor between the US and UK approach to DPAs is the level of judicial scrutiny. The Standard Bank DPA illustrates how seriously the courts view their role and how high the court has set the bar in deciding whether a DPA is in the public interest. As both the SFO and the court were keen to emphasise, DPAs are not an easy option.

Level of fine

The other interesting observation in relation to the DPA relates to how the sentencing guidelines will be applied in practice in setting any fine. Despite its early self-reporting and co-operation, the fine imposed on Standard Bank was still placed at the higher end of the scale in recognition of the serious failings on the part of the Bank to deal with the unethical conduct (as it had received previous warnings from the FCA in relation to its policies) and the substantial harm to the public (as it involved diversion of government funds). A multiplier of 300 per cent was therefore applied to the harm (gross profit generated by the bribe). However, a one-third reduction was made in line with a guilty plea.

In addition, the SFO also conferred with the US authorities to check that the fine was comparable to the fine they would have imposed.2 It has since been confirmed that this US sense-checking will be the norm going forward.3

Other UK developments

No relaxing of the Bribery Act 2010…

In July 2015, it was revealed the UK Government had asked industry leaders to comment on whether the Bribery Act had had an impact on their businesses and whether guidance issued to help business people avoid problems under the Act would be useful. Many interpreted this as the UK Government seeking to water down the Bribery Act in light of the current climate of business deregulations in the UK. However, encouragingly, the entire consultation produced only one notable response of discontent. The consultation therefore confirmed that the Bribery Act was not causing problems for businesses.

…but a potential extension of section 7 offence is still on the cards

In 2015, David Green had hoped to finally achieve his goal of removing the key barrier to effective prosecution of corporate crime: the "directing mind" test. Throughout 2014, he had lobbied for an extension to section 7 to create a corporate offence of failing to prevent "economic crime". In December 2014, the UK Government's Anti-Corruption Plan confirmed it would examine the proposal and respond by June 2015. In September 2015, however, the Government announced that the proposed extension of the corporate criminal offence was to be shelved.

The rationale for the reversal was twofold: first, the UK already has corporate criminal liability legislation and commercial organisations could be and were being prosecuted for wrongdoing; and, second, the fact that there had been no prosecutions under section 7 indicated that there was little evidence of corporate economic wrongdoing going unpunished.

The second reason prompted many to query whether the Government was simply waiting for the first prosecution under section 7 before committing itself to any reform. Interesting then that on 16 December 2015, the UK's then shadow attorney general, Catherine McKinnell, announced that she had written to her counterpart calling for a "full and transparent" review on corporate criminal liability.5 David Green has also confirmed that he will continue to lobby for change. We therefore continue to watch this space.

Government focus

The fight against corruption was also a big focus for the UK Government in 2015. In July, it revealed plans for an Anti-Corruption Summit in 2016 and there has also been discussion of Unexplained Wealth Orders. And, in August 2015, the new International Corruption Unit was launched as the central point for investigating international corruption in the UK. We therefore expect 2016 to bring a significant increase in money laundering and bribery cases, and a higher likelihood of prosecutions of individuals involved in corruption.

The future of the SFO

Despite the SFO's recent success, it has been a mixed year for its director, David Green, with many speculating on what would happen at the end of his four-year tenure, and the Home Secretary's plans to roll the SFO into the UK's National Crime Agency (NCA). However, Green has reportedly been approached about extending his contract by another two years. The SFO's future would therefore appear to be secure, at least in the immediate term.

Regulatory focus on individual rather than corporate liability

Recent years have seen the escalation of corporate fines imposed by the UK and US regulatory and criminal authorities. The LIBOR and Forex scandals alone generated fines in the billions. However, attention appears now to be focused more on the individuals involved in the wrongdoing rather than the corporates. This looks set to continue into 2016.

In August 2015, the joint FCA-PRA final rules on improving individual accountability in the UK banking sector were published. The new accountability regime covers the Senior Managers Regime, the Certification Regime and new Conduct Rules, and it is due to come into force in March 2016. This is supported by the surge in criminal convictions following cases brought by the Financial Conduct Authority. The conviction rate has increased from two in 2014 to 14 in 2015. Martin Wheatley, then FCA Chief Executive, commented that these rules were "the latest changes aimed at embedding personal accountability in the culture of financial services and are a crucial step in rebuilding public trust".6

This was followed, in September 2015, by the US Department of Justice (DoJ) issuing new policies in relation to individual accountability for corporate wrongdoing. The policies, announced by Deputy Attorney General Sally Yates in the Yates Memorandum, are intended to be adopted as steps taken in any investigation of corporate misconduct.

This shift in focus is not confined to the UK and US. In Hong Kong and China, for example, there were a number of investigations and convictions of high- profile individuals in 2015. These included the former chairman of ABC Communications (Holdings) Limited, and the former Television Broadcasts Limited general manager Stephen Chan Chi-Wan and his former assistant Edthancy Tseng Pei-kun.7 More significant is the ongoing investigation into the final months of former Chief Executive Donald Tsang's office in 2012 for misconduct in public office. Tsang is the highest- ranking Hong Kong official to be prosecuted for corruption.

It remains to be seen whether these developments will have an impact on the cases the SFO chooses to pursue, particularly where the guidance is already clear that prosecution of a company is no substitute for prosecution of individuals.

Third-party liability still a concern

Oversight of third parties is still one of the greatest challenges in managing ABC compliance programmes. This is largely because of the growth in the role of these intermediaries in companies' interactions with governments, and the fact that supply chains have become more complex in the context of business globalisation.

Notwithstanding this increased risk, many companies are still not properly assessing and monitoring their intermediaries for anti-bribery and corruption risk. According to a recent survey by KPMG International, of the 73 per cent of companies that confirmed they have a formal risk-based third-party onboarding process, only 45 per cent have rights to audit clauses in their third-party contracts and only slightly more than half (23 per cent of the total) of those exercised these rights. Auditing third parties for ABC compliance ranked as the most challenging ABC issue faced by the respondents.8

A separate report by Kroll and Compliance Week reinforced these findings.9 Roughly half of all compliance officers surveyed expected their bribery and corruption risks to increase in 2016, primarily due to expansion into new markets and engaging more third parties. Only 27 per cent train their third parties at least once a year on anti-bribery and corruption; 24 per cent train third parties less often than that; and 48 per cent never train on anti-bribery and corruption issues. Third-party relationships will therefore continue to be a serious risk and a heavy burden on compliance programmes in 2016.

The number of investigations and prosecutions concerning bribes paid to or by third parties further highlights the increased risk and failure by corporates to deal with the issue. Examples include the Standard Bank case (a local partner in Africa), the Sweett case (payments to a third party in Dubai), and the US fine agreed with PBSJ Corporation (now known as Atkins North America Holdings Corporation, paying bribes and employing foreign officials to win Qatari Government contracts).

Implications for companies

To self-report or not to self-report?

As the SFO has been at pains to stress, DPAs will only be offered where they are appropriate. The Standard Bank DPA shows that securing a DPA will not be easy given the high level of co-operation and engagement required with the SFO. The level of judicial scrutiny means that there is uncertainty as to whether a DPA will ultimately be approved. Even if a company chooses to self-report, there are no guarantees. The Sweett case is a prime example. That said, the DPA did enable Standard Bank to keep the matter confidential and out of the media until the DPA was announced. Reputational damage was therefore minimised. This alone may prove to be sufficient incentive to engage with the SFO.

Many have suggested that this was a "safe case" to bring, as it clearly satisfied all the DPA criteria and, as such, there remains uncertainty for companies in scenarios where all the criteria are not met. Although the SFO has confirmed that meeting all the criteria is not necessary, it is unclear how much leeway there is.

What is clear, however, is that early self-reporting and full co-operation with the SFO will be key to the decision.

Whether companies self-report or are willing to take the risk and see if they can "quietly fix the problem" may depend on whether other agencies or prosecutors have to be notified; for example, where an NCA report is required (as for Standard Bank). If the SFO is going to find out via other channels, prompt self-reporting may be the obvious option.

Internal investigations: impact of individual liability

The focus on individual liability going forward raises issues for companies regarding its employees. As noted above, the SFO – and other regulators/prosecutors – seem keen to hold individuals to account. This creates a conflict of interest between
a company and its directors, officers and employees. To increase its chances of securing a DPA, a company has to demonstrate genuine co-operation with the SFO. This is likely to involve the handing over of interviews and the names of the individuals involved. Extra caution will therefore be needed if investigations are run in tandem with the SFO. The risk of individual liability may also mean employees are more reluctant to assist the company with its investigation, which could hamper a company's ability to investigate alleged bribery offences.

Internal investigations: claiming privilege

The level of co-operation required to secure a DPA will require the handing over of a substantial amount of documentation, including documents generated during any internal investigation. The issue of privilege, and over which documents legal privilege applies, will be important. Although the SFO does not require disclosure of documents that are subject to a valid claim of legal privilege, the SFO will challenge any claims to privilege that it considers are not valid. The ongoing case involving Barclays plc is a case in point. In this high-stakes legal battle, the SFO has applied to the Crown Court to decide whether evidence must be turned over as part of the agency's criminal probe into Barclays' £5.8bn emergency cash call at the height of the financial crisis. Private hearings took place in July and December at Southwark Crown Court. The December judgment, if published, should hopefully shed further light on the position.

Making sure employees can spot and address red flags

As highlighted by the Standard Bank case, unless employees are properly alive to the bribery issues that can arise in their business and know-how to deal with them, the best drafted policies will be worthless in terms of mounting an adequate procedures defence. Another common trend that we continue to experience is the disproportionate attention paid to low-risk areas (e.g. general corporate hospitality) and not enough time and resource spent on the key risks (e.g. agents and intermediaries).

As highlighted by Ben Morgan, what is required is a culture in which employees are able to spot a bribery risk and react appropriately. The effectiveness of an organisation's procedures will ultimately be judged by how things manifest themselves in practice. In other words, how people at the coalface actually live it. Regular, focused and properly targeted training is therefore key, together with spot-checking to ensure compliance.

UK developments in context: the global fight against corruption

The Global Enforcement Report, published annually by TRACE, highlights that the enforcement of anti-bribery laws remains a priority across the globe. While the US leads the world in total number of investigations and enforcement actions, more and more countries are beginning to take action against companies and individuals who have bribed foreign officials. Non-US enforcement actions have more than doubled in the past few years.

Australia

Anti-bribery and corruption continued to be a focus for Australia in 2015. The introduction of new legislative and various Senate inquiries demonstrate a clear intention to bolster Australian legislative policy in 2016. In particular, the NSW Parliament amended the law to ameliorate the effects of a High Court decision on the Independent Commission Against Corruption, restoring its jurisdiction to investigate collusive tendering for government contracts and fraudulent obtaining of government mining leases.

There is also a Senate inquiry regarding the impact of the unavailability of "deferred prosecution agreements" in Australia. In the criminal sphere, there are also reports that a number of anti-bribery and corruption investigations are ongoing in relation to activities in foreign countries. This has led to renewed pressure on the Australian Federal Police to investigate and prosecute foreign bribery offences.

The Middle East

Further signs that local governments are making efforts to combat fraud, bribery and corruption can be seen in the Middle East. In Oman, there have been prosecutions relating to corruption in the oil and gas sector, with senior officials from the Al Maha Petroleum Product Marketing Company being jailed in July for embezzlement and smuggling subsidised diesel. In November, a special court was set up in Muscat to deal with cases involving financial and administrative corruption. In Abu Dhabi, a new anti- corruption unit was established in 2015. The new unit, to be part of the Abu Dhabi Accountability Authority, is tasked with investigation of financial irregularities and corruption, and identifying gaps in legislation and internal audit regulations. In Jordan, a new draft integrity and anti-corruption bill, providing for the establishment of a national centre to boost integrity and combat corruption, was approved by Cabinet. The draft bill is currently before the Parliament. In Kuwait, the Constitutional Court annulled, in December, a 2012 law which had established the Kuwait Anti- Corruption Commission. However, a new anti- corruption bill has been prepared and the establishment of a new anti-corruption body is planned. It remains to be seen whether such measures will make a difference to corporate business practices in the region.

China

China has embarked upon a sweeping anti-corruption campaign under President Xi Jinping, which shows no sign of abating. In 2015, the Central Commission for Discipline Inspection (CCDI) inspected more than 71,000 officials and imposed more than 23,000 penalties. The GlaxoSmithKline case demonstrated that Chinese bribery investigations could have broader implications under the FCPA and the UK Bribery Act. The campaign has also targeted senior military officials and state-owned companies, including former vice public security minister Li Dongsheng, who was sentenced to 15 years in prison for accepting bribes, and ex-oil executive Zhou Yongkan, who was sentenced to 20 years in prison. The People's Liberation Army said earlier this year that 14 generals were convicted of corruption or placed under investigation. In his recent speech at the beginning of a three-day meeting of the CCDI, Xi said this campaign will not be eased and that he's determined to make China a place where "nobody dares to be corrupt".10

The US

Enforcement activity in 2015 was not of the level seen in 2014, but this should not be taken as a sign that the US has relaxed its stance against bribery and corruption. The DoJ is finalising new guidance detailing the circumstances under which companies would be forced to plead guilty for violations of foreign corruption laws, as well as how to avoid the outcome. Following the publication of the DoJ's corruption guidelines in the Yates Memorandum (see above), we are likely to see an increase in the number of individuals prosecuted for corporate wrongdoing in 2016.

Cross-border co-operation

2015 has also seen an increased level of cross-border co-operation. Examples of this include the Sweett case, a cross-border investigation conducted by the DoJ and the SFO in the UAE and elsewhere. Another prominent example is the parallel investigations into the FIFA corruption and bribery scandal in May 2015 undertaken by the DoJ and other international authorities, including in Switzerland. It also is clear that global co-operation between state authorities has increased. For example, the Standard Bank DPA was the result of cross-border co-operation between the SFO and the US DoJ in conjunction with the SEC. In addition to the penalties and disgorgement to be paid as part of the DPA, Standard Bank agreed to pay US$4.2m to settle SEC charges for failing to disclose the US$6m in payments by Stanbic in documents and statements provided to investors in connection with the sovereign debt offering.

Notes

1 See: http://www.sfo.gov.uk/about-us/our-views/other- speeches/speeches-2015/first-dpa-and-use-of-s7-bribery-act.aspx

2 The DoJ confirmed that the financial penalty is comparable to the penalty that would have been imposed had the matter been dealt with in the US.

3 The company also faces related scrutiny in the US where the Department

of Justice (DoJ) has been in discussion with the company.

4 GIR – UK shadow attorney general calls for review of corporate liability, 16

December 2015.

5 See: https://www.fca.org.uk/news/fca-publishes-rules-on-how-it-will-

apply-the-new-accountability-regime

6 HKSAR -v- Chen Jiasong (DCCC 319/2015); HKSAR -v- Chan-Chi Wan and

Tseng Pei-Kun (CACC 183/2014); HKSAR -v- Donald Tsang Yam-kuen

(ESCC3247/15)