The development and future for ‘failure to prevent’ offences
July 2018 | SPECIAL REPORT: WHITE-COLLAR CRIME
Financier Worldwide Magazine
July 2018 Issue
In an interview published on 18 March, the solicitor general told The Independent that there “is a strong case for the creation of a new corporate criminal offence of failing to prevent economic crime. This Government has already brought offences of failing to prevent bribery and tax evasion into force, and I believe that we should now go further”.
The question as to why it may become the responsibility of companies to play a role that some may think better discharged by regulators and law enforcement has roots in various political and legal developments over almost three decades.
In 1991 the EEC issued a first directive intended to tackle the use of the financial system by money launderers. The second directive (2001) broadened the definition of money laundering and sought to plug various gaps. In 2006, the third directive was extended to cover the activities of lawyers and, in theory at least, real estate agents. Opinions differ markedly on whether the UK (London) property market has ever really come to terms with these laws.
Meanwhile, in the UK successive governments had resisted pressure and international criticism from the OECD, among others, to update its laws concerning bribery and corruption. The Bribery Act 2010 ended this debate and created a new kind of criminal offence for corporate entities: ‘failing to prevent bribery’. This was arguably perhaps the last significant legislative act of the Brown Government, receiving Royal assent in April 2010.
The ‘failure to prevent’ approach creates direct liability on the part of the corporate body (subject to any available defences). It avoids the substantial challenges created by the more traditional route, where the corporate body is criminally liable for the acts and omissions of individuals, if it can be shown that the acts and state of mind of individuals can be attributed to the corporate via the ‘identification principle’ – i.e., he or she can be identified as the ‘controlling mind’ of the corporate. These practical challenges become ever more complex as companies grow in size. Experience shows that it has proved notoriously difficult to find evidence that a ‘controlling mind’ of the largest companies has committed a criminal act. By criminalising the so-called ‘failure to prevent’, the hope is that the companies self-police through compliance and that standards substantially improve.
The Bribery Act 2010 has resulted in many investigations and prosecutions of individuals. Crucially, it has been used in conjunction with ‘deferred prosecution agreements’ to foster good behaviour by companies. Since February 2014, organisations which might otherwise be prosecuted can reach an agreement that the prosecution be suspended, provided the organisation meets certain specified conditions. In theory, a DPA enables the corporate body to make full reparation for criminal behaviour without the collateral damage of a conviction, which could include reputational damage that could put the company out of business and destroy the jobs and investments of innocent people. There are obvious benefits for the state and for the companies involved. Whether the public interest is best served if such arrangements mean a reduction in the prosecutions of individuals who were responsible for the underlying conduct is another question entirely.
Philosophy aside, there is a practical benefit too. In an era of massive cost cutting and shrinking public budgets, figures show that the unprotected justice system has suffered more than most. There seems to be a growing political consensus (save perhaps in the Treasury) that the criminal justice system is chronically underfunded. Opinions of course differ as to the social consequences, but lawmakers will always find it easier to legislate to place the burden on corporates than to find the resources to staff regulators adequately. Perhaps this shift is a necessary consequence of how complex the world of finance has become – if only the properly informed insider has a chance of understanding how and why a company operates, what hope does a poorly resourced public servant or regulator have?
The next major step in the evolution of the ‘failing to prevent’ offences lies in the field of tax. In 2013, the then prime minister, David Cameron, made a speech at the G8 meeting in Northern Ireland in which he promised to pursue “international agreements to fight the scourge of tax evasion and aggressive tax avoidance”. The UK and its overseas territories and dependencies agreed to share information between tax authorities in an effort to crack down on those who “use complicated and fake structures to hide their profits and avoid taxes and because bribes are often held in opaquely owned companies with bank accounts in secrecy havens”. This commitment was followed by the release of the draft legislation in April 2016 that would become the Criminal Finances Act 2017 and the extension of corporate direct liability to the offences of failing to prevent the facilitation of tax evasion in the UK and around the world. As with money laundering requirements before, this has spawned a compliance boom. This can be characterised as a tiresome exercise in red tape, but in truth is an essential exercise in restoring public trust that the system does not just operate for the benefit of the elite.
Cameron’s actions had only ever focused on access to this information for state authorities. The release of the ‘Panama’ and then ‘Paradise’ papers fuelled concerns about the extent to which dirty money (including unlawfully evaded taxes) circulates in the UK and overseas financial system and encouraged anti-corruption campaigners to keep up the pressure. Until 1 May this year, the efforts to make public the true beneficial ownership of companies in the UK’s overseas territories had limited success. It required a backbench rebellion to force the government to amend the Sanctions and Anti-Money Laundering Bill (which does not apply to the crown dependencies of Jersey, Guernsey and the Isle of Man) to mandate public access to shares registers in the overseas territories by the end of 2020.
So will this government find time and space to legislate to make it an offence for a corporate to ‘fail to prevent economic crime’ as the solicitor general hopes? There is no doubt that the state has retreated from its obligations to investigate and prosecute fraud over the last decade. At the same time as there have been substantial cuts to the Crown Prosecution Service (CPS) and to the police, the criminal justice system is struggling to cope with the huge increase in alleged sexual assaults (historic and current). But even those cases are failing because in the recent words of the lord chief justice: “When you’ve got fewer people both in the police and the CPS, fewer people doing the same amount of work, inevitably there will be problems.”
It would not be easy to define in a useful way what might be meant by ‘economic crime’, but this does not mean action is not required. Sometimes it feels necessary to remind politicians that providing citizens with ‘access to justice’ is at least as important a function of government as the provision of education and healthcare. People need to feel that there is a fair system if their economic or property rights are violated. The public is entitled to a justice system that devotes sufficient resources to such cases so that they can obtain redress when they have been the victims of fraud.
Practitioners believe that the investigation and prosecution of economic crime has suffered far more than other areas, as police forces faced by huge spending cuts have placed ‘fraud’ low in their list of priorities. All over the country ‘fraud squads’ have shrunk in size. No senior police officer wants to admit this publicly. It is now very hard to report a fraud at all. The police require you to use a website to report fraud. Civilian staff filter these reports and, if you are very lucky, your report may be investigated by a police officer. In the field of cyber crime, it may be even worse and the computer or algorithm is likely to say ‘no’ long before any human sees your complaint. A recently published report in The Times suggested that more than half of cases reported to the UK’s national reporting centre for online crime are deemed not worthy of further investigation by an ‘automated scoring matrix’. Are such systems effective, or are they simply disincentives to reporting crime and a way to shovel the problem off into the ether?
It may be more likely that the ‘failure to prevent’ approach could and should be better used if it is targeted at specific criminal conduct, as it has been in the past with bribery and tax evasion. The burgeoning field of cyber crime might be a perfect fit. If a company were to fail to maintain appropriate security on its computer systems (or data) such that they (or the data they held) were used for fraud, then why should that company not be criminally liable for the consequences? There would of course be a defence if the company could show that it had reasonable or proportionate safeguards in place. Whether these safeguards were enough might depend on the size of the company and the nature of the data it was meant to be protecting. If such a law forced the banks to account for and improve their own behaviour, it would both better protect the consumer and might even go a little way to restoring public confidence in a financial system that most people still blame for the decade of austerity following the crash of 2008.
Mark Fenhalls QC practises from 23 Essex Street. He can be contacted by email: email@example.com.
© Financier Worldwide
23 Essex Street