Skip to main content

The changing face of SFO investigations – and the implications for GCs and compliance systems

The Serious Fraud Office is focusing more on compliance policies and on GCs when investigating alleged criminal behaviour.

With the introduction of Deferred Prosecution Agreements (“DPAs”) and of corporate “failure to prevent” offences, we are seeing the judgments and actions of GCs and those they manage under heavier scrutiny than ever before.

This is down to the enforcement authorities’ increased focus on compliance systems, their increasing tendency to challenge privilege claims and their desire to control the scope and scale of internal investigations.

… in a number of recent cases the SFO has taken the aggressive step of interviewing in-house legal personnel under caution i.e. as suspects, rather than witnesses, in their investigation.

Key points

The Bribery Act 2010 was the first piece of legislation to introduce the “failure to prevent” model (where a company can be liable for failing to prevent bribery committed on its behalf by its “associated persons”). The Criminal Finances Act (see panel) followed suit last year with its “failure to prevent” the facilitation of domestic and foreign tax evasion” offence, again with a similar “reasonable procedures” defence. It is a model which the departing director of the Serious Fraud Office has repeatedly called to be extended to other forms of economic crime.

The inevitable result of this is an increasing tendency for a company’s compliance procedures to be central to any corporate defence, and therefore a key focus of the investigating and prosecuting authorities. Attesting to and evidencing those procedures will very often fall to senior members of a company’s legal and compliance functions.

The SFO is showing an increasing willingness to use its so-called “section 2 powers” (which include the power to compel any person to attend an interview and answer questions relevant to its investigation), with the result that it is no longer uncommon for members of a company’s legal and compliance functions to find themselves answering questions under compulsion as potential witnesses in an investigation into their employer. Given the considerable challenges that this can present, not least in terms of protecting the company’s privilege, it is essential that specialist legal advice be sought before any interviews take place.

In the regulatory sphere, where the focus has shifted in recent years towards holding senior individuals accountable for corporate failures, the Financial Conduct Authority (“FCA”) controversially announced in 2016 that it was considering whether GCs and Heads of Legal should be designated as Senior Managers for the purposes of the new Senior Managers and Certification Regime. It appears to have parked the issues for now, but has said it will re-visit it in its 2019- 2020 business plan. The merits of the proposal are beyond the scope of this briefing, but the FCA’s desire to explore it is perhaps a further indication of the increasing focus of regulators on companies’ legal functions.

When a potential problem is discovered, a common response by a company’s senior management will be to launch an internal investigation to establish as quickly as possible what has happened. In many cases, responsibility for initiating and overseeing that investigation will fall to the company’s GC.

GCs should note, however, that the conduct of internal investigations is coming increasingly under scrutiny by interested regulators and other authorities. Both the SFO and the FCA have repeatedly made clear that they expect companies to engage in early communication regarding proposed investigations and not to take any steps that may prejudice or obstruct their own investigations. They are also increasingly seeking to impose limits on the internal investigation process by effectively prohibiting companies from interviewing relevant personnel. Given the incentives that may exist for a company to cooperate fully with the authorities, particularly where a DPA may be on offer, it is critical that those tasked with scoping and conducting internal investigations remain sensitive to these issues.

The second implication of the current enforcement environment for GCs and legal teams is the SFO’s aggressive stance towards legal privilege (broadly speaking, the right to resist disclosure of confidential communications relating to legal advice or documents produced for the purpose of litigation). We are seeing both more challenges on whether material truly is privileged, and more pressure on companies to waive privilege nonetheless. Indeed, waiving privilege over certain categories of material has effectively become a requirement for companies seeking to cooperate with the SFO in order to have criminal allegations resolved by way of a DPA.

Privilege in the context of historical transactions under investigation is also being challenged more frequently by the SFO on the basis that the crime-fraud exception applies (i.e. that the legal advice was sought or given in furtherance of a criminal purpose). Whilst we are not aware of any challenges of this nature being brought before the courts, in a number of recent cases the SFO has taken the aggressive step of interviewing in-house legal personnel under caution (i.e. as suspects rather than witnesses in their investigation).

It is too early to predict whether or not these developments are the start of a continuing trend. Nevertheless, we would advise GCs to check their company’s directors and officers (“D&O”) insurance policy and take steps to ensure that they are covered by it. Many D&O policies are based on a narrow definition of “directors and officers”, and/or contain exclusions in respect of professional legal services. One way to extend coverage would be to ensure that the company has an appropriate employed lawyers’ liability (“ELL”) policy, in addition to standard D&O insurance.

In summary, here are the issues for GCs to note:

One

A company’s legal and compliance procedures are increasingly likely to be at the heart of the company’s defence to allegations that it failed to prevent the commission of certain offences by its employees and other associated persons. As a result, it is no longer uncommon for legal and compliance personnel to be the subject of compelled interviews.

Two

The criminal and regulatory authorities appear increasingly willing to challenge a company’s claims to legal privilege, in some cases by invoking the crime-fraud exception.

Three

Steps should be taken to ensure that any D&O policy extends to the company’s in-house lawyers.

Four

It is increasingly likely that the conduct of a company’s internal investigation will come under scrutiny by the authorities. Care should therefore be taken to scope and conduct internal investigations in a way that is likely to be consistent with their expectations.