In March 2019, Corruption Watch published a report highlighting the disparity between corporate prosecutions in the UK and the US for certain financial crimes that precipitated the 2008 financial crisis.[1] The report concluded that, over the past ten years, the UK has failed to bring a single successful corporate prosecution for this type of conduct, and has imposed just under £2.5 billion in non-criminal fines. During the same period, the US has brought close to 20 successful corporate prosecutions against New York and London banks, and has imposed more than £25 billion in both criminal and non-criminal fines.

 

The existence of this UK and US ‘corporate crime gap’ (as the report describes it) begs an obvious question: why is it so hard to prosecute companies in the UK? The answer is that the law in the UK for establishing corporate criminal liability is not fit for purpose.

 

In the US, the principle of ‘vicarious liability’ means a company can be held liable for the criminal acts of any of its employees where those acts were done in the course of their employment and for the benefit of the company. Additionally, US prosecutors do not have to prove that any single employee was aware of all the relevant facts. By applying the ‘collective knowledge’ doctrine, the aggregate knowledge of several employees can be attributed to the company. This makes it relatively easy to prosecute companies in the US where crimes have been committed by their employees.

 

In the UK, the principle of vicarious liability is rarely applied. Instead, the main basis on which corporates can be held criminally liable is the ‘identification principle’. This principle means that a company can be held liable for criminal conduct only in circumstances where a ‘directing mind’ (usually a board director) was guilty of the crime, and his or her guilt can be ‘attributed’ to the company.[2]

 

The difficulty with the identification principle is that, in large multinational companies with complex and diffuse organisational structures, it is rarely possible to prove that an individual of sufficient seniority was complicit in any criminal conduct. Conversely, in smaller companies, where directors are often more involved in the company’s day-to-day operations, it can be easier to establish the involvement of a directing mind. Thus, the identification principle usually means that larger companies are less likely to be prosecuted in the UK (successfully, at least) than smaller ones.[3]

 

One high-profile example is the phone-hacking scandal, where the CPS decided in 2015 not to prosecute News Group International owing (in part) to the difficulty establishing the company’s liability using the identification principle.[4] A more recent example is the SFO’s failed prosecution of Barclays Bank, where in May 2018, after a five-year investigation into the bank’s dealings with Qatar, Southwark Crown Court dismissed the charges.[5]

 

No wonder then that the newly appointed Director of the SFO, Lisa Osofsky, told the Justice Committee in December 2018 that the SFO are being “hamstrung” by the identification principle, which is preventing the corporate “big boys” from being brought to account.[6]

 

Of course, accountability means not only prosecuting companies, but also encouraging them to enter into a Deferred Prosecution Agreement (“DPA”) where appropriate. If, however, companies perceive that there is little risk of being successfully prosecuted they will be less inclined to enter into DPA negotiations. Consequently, a collateral effect of failing to prosecute corporates in the UK is that it undermines the DPA regime. Indeed, although the SFO has had the power to agree DPAs since 2014, there have been only four to date. Moreover, in one case (Tesco) the directors were subsequently prosecuted but acquitted, which arguably means that the company was never guilty in the first place.

 

It is therefore clear that the method of attributing corporate liability in the UK is in need of reform. However, whilst the UK government has recognised this for some time, the approach taken thus far has been to introduce new ‘ad hoc’ corporate offences, rather than tackling the identification principle head-on.

 

The first of these offences, corporate manslaughter, was introduced in 2008.[7] The new offence removed the need to prove the guilt of a directing mind for manslaughter by focusing instead on how the organisation was managed and organised, whether that caused the death, and whether there was a gross breach of a relevant duty of care.

 

Encouraged by the success of this model, the government then introduced the corporate offences of failure to prevent bribery in July 2011 and failure to prevent tax evasion in September 2017.[8] Again, these offences removed the need to prove the guilt of a directing mind. Instead, a corporate is guilty where it fails to prevent bribery[9] / the criminal facilitation of tax evasion by associated persons (such as an agent or employee). The company will, however, have a defence if it can show that there were ‘adequate procedures’ in place to prevent the bribery / tax evasion.

 

The problem with the ‘adequate procedures’ defence is that no one really knows what amounts to ‘adequate’. Whilst the Ministry of Justice has issued guidance, it is extremely high level and the issue will need to be considered by the courts. However, companies require certainty and are naturally risk-averse. It is therefore unsurprising that, to date, only one company has – unsuccessfully – relied on the defence at trial (Skansen Interiors Limited).

 

Going forward, the government is considering whether ‘failure to prevent’ should be extended to other forms of economic crime, such as fraud, money laundering and false accounting.[10] Although the proposals have effectively been on hold since 2017 (no doubt due, in part, to Brexit), the Treasury Committee recommended in March that the government undertake further consultation in time for the next Queen’s speech.[11] This was also echoed in the recent House of Lords report scrutinizing the Bribery Act, which concluded (under the heading ‘failure to prevent as a model for future legislation’):

 

“We hope the Government will delay no more in analysing the evidence it received two years ago and in reaching a conclusion on whether to extend the “failure to prevent” offence to other economic crimes.”[12]

 

Whilst these reforms (if they happen) will no doubt be welcomed by some commentators, the problem with this approach is that it creates what former SFO General Counsel, Alun Milford, once described as “a two tier law of corporate liability”.[13] In other words, certain specific offences (corporate manslaughter, bribery, tax evasion etc.) are singled out as deserving of a better model of corporate liability, whilst for all other offences, prosecutors have to rely on the suboptimal identification principal, with all its attendant problems.

 

The fundamental issue that lawmakers need to resolve is whether to overhaul the identification principle in its entirety.[14] With Brexit dominating the legislative agenda, it is unlikely that this area of law will change anytime soon. If and when it does, however, arguably a step change would be better than an incremental shift. The US model of vicarious liability (or something similar) may well be the answer.

 

Footnotes:

[1] Corruption Watch, ‘The Corporate Crime Gap: How the UK Lags Behind the US in Policing Corporate Financial Crime’, published March 2019.

[2] Lennard v Asiatic Petroleum [1915] AC 705; Tesco Supermarkets Ltd v Nattrass [1972] AC 153.

[3] CPS Guidance on Corporate Prosecutions.

[4] CPS Statement: ‘No Further action to be taken in Operation Weeting or Golding’, 11 December 2015.

[5] The SFO’s appeal was rejected by the High Court; however, at the time of writing both courts’ judgments are subject to reporting restrictions.

[6] Transcript of oral evidence of L. Osofsky before the Justice Committee, 18 December 2018, Questions 24 & 25.

[7] Section 1 of the Corporate Manslaughter and Corporate Homicide Act 2007.

[8] Section 7 of the Bribery Act 2010; Part 3 of the Criminal Finances Act 2017.

[9] Where the bribe was intended to obtain or retain business, or an advantage in the conduct of business, for the company.

[10] In January 2017, the government issued ‘Corporate liability for economic crime: call for evidence’. Although this call for evidence closed in March 2017 there has not been any follow-up publication.

[11] House of Commons Treasury Committee, ‘Economic Crime – Anti-money laundering supervision and sanctions implementation’, Twenty-Seventh Report of Session 2017-19, published 5 March 2019, para 202.

[12] House of Lords Select Committee on the Bribery Act 2010, Report of Session 2017-19, ‘The Bribery Act 2010: post-legislative scrutiny’, published 14 March 2019, para 231.

[13] A. Milford, ‘Control Liability – Is it a good idea and does it work in practice?’, Cambridge Symposium on Economic Crime 2016, Jesus College, Cambridge.

[14] This issue is currently being considered as part of the Law Commission’s review of criminal liability in regulatory contexts, led by David Ormerod QC. The consultation paper, published in 2015, provisionally recommended that criminal offences legislation should include specific provisions to indicate the basis on which companies may be found liable.^[14] However, four years later, the project is still at the policy development stage. (See The Law Commission Consultation Paper 195, ‘Criminal Liability in Regulatory Contexts, para 5.110.)

BCL is a market leading law firm, specialising in domestic and international corporate crime, financial crime, regulatory enforcement, and serious and general crime.

We are experts in our field, top-ranked by Chambers & Partners and The Legal 500, and recognised in Who’s Who Legal and in GIR’s list of the world’s leading investigations firms.

We provide discreet, effective and expert advice to corporations, public bodies, public figures, senior executives and high net worth individuals. We care for our clients and always strive to achieve the best possible outcomes for them.