A changing landscape for fraud: fact of fiction?

August 2024  |  SPOTLIGHT | FRAUD & CORRUPTION

Financier Worldwide Magazine

August 2024 Issue

On 28 April 2024, the Serious Fraud Office (SFO) announced its strategy for 2024-29. It sets out the SFO’s goal to be seen as a leading force in tackling serious fraud, bribery and corruption by focusing on the following areas: (i) strengthening workforce skills; (ii) embracing technology; (iii) law enforcement; and (iv) being a proactive and authoritative body in the justice system.

The SFO’s strategy document follows the UK government’s broader Fraud Strategy, published in May 2023. Fraud accounted for an estimated 41 percent of all crime experienced in England and Wales in the year ending September 2022. In February 2024, Nick Ephgrave, director of the SFO, referred to victim statements of those affected by the “misdeeds of large corporations” and his “visceral reaction” to what he read. He was passionate with his commitment to take further action. Last October also saw the Home Office announce its Independent Review of Disclosure and Fraud Offences which should have an impact on how cases are progressed.

The SFO’s prioritisation of fraud comes following several high-profile prosecutorial failures. These include the collapse of the Serco case in June 2021, the Court of Appeal’s quashing of the Unaoil convictions, and the clearance of three former Barclays executives from all fraud charges following an SFO investigation that lasted more than seven years. However, in 2024, legislative changes brought about by the Economic Crime and Corporate Transparency Act (ECCTA) are likely to assist in strengthening the SFO’s fraud enforcement, particularly against corporate entities. The ECCTA received royal assent in October 2023 and this article discusses two of its impacts. First, the creation of a new ‘failure to prevent fraud offence’ expected to come into force later this year or early 2025. Secondly, reform of the UK’s corporate criminal liability test.

Failure to prevent fraud offence

In 2010, the government enacted the Bribery Act 2010. This introduced a strict liability offence for companies that fail to prevent bribery unless they can prove that they put adequate procedures in place to prevent it. A similar offence will be introduced in relation to fraud.

Section 199 of the ECCTA will make an organisation liable if it fails to prevent an ‘associated person’ from committing a ‘specified offence’ which is committed with the intention of ‘benefitting’ the organisation or those to whom it provides services. The offence captures the aiding, abetting, counselling or procuring the commission, as well as the mere execution, of fraud. The specified offences list includes the following types of fraud; however it may be expanded in due course: (i) fraud by false representation; (ii) fraud by failing to disclose information; (iii) fraud by abuse of position; (iv) obtaining services dishonestly; (v) participation in a fraudulent business; (vi) false statements by company directors; (vii) false accounting; (viii) fraudulent trading; and (ix) cheating the public revenue.

The UK government has provided examples of the fraudulent practices. These include dishonest sales practices, hiding important information from consumers and dishonest practices in financial markets. Greenwashing statements are also expected to be a focus. However, a company will be able to put forward a defence that it had ‘reasonable procedures’ in place to prevent the fraud.

The definition of ‘associated person’ is broad. It includes: (i) an employee, agent or subsidiary of the relevant organisation; (ii) an employee of a subsidiary; and (iii) a person who otherwise performs services for or on behalf of the organisation. This means that company agents as well as third-party vendors will potentially be in scope.

At present, only large companies and partnerships will be caught under the new offence. Large companies are those that meet two or more of the following criteria: (i) more than 250 employees; (ii) more than £36m annual turnover; and (iii) assets of more than £18m. Smaller companies which provide services on behalf of a larger organisation will also likely be under pressure (from the latter) to comply, given the broad definition of ‘associated person’ and potentially wide interpretation of ‘benefit’. It must be noted that when the ‘associated person’ is an employee of a subsidiary, the offence is only committed by the parent company if it was intended that the parent company benefit.

We were anticipating sight of the government guidance relating to the offence in early June. However, the general election has intervened. It should provide information as to what may constitute a ‘reasonable procedures’ defence. Sneak previews have been seen as part of a ‘consultation’ process. However, confusion still exists as to what it will say and how detailed it will be. For example, any guidance on what is meant by ‘benefit’ will help. How benefit will be assessed if, for example, an employee is motivated by personal gain to commit a fraud but then the company incidentally benefits is unclear. Such potential paradoxes around the ascribing of ‘benefit’ and whether the corporate is actually a ‘victim’, which provides a defence if proven, were explored in the Barclays/Qatar case where it was argued that Barclays could simultaneously be viewed as both a beneficiary of the conspiracy of its senior executives and also a victim of their behaviour.

The guidance is likely to repeat the concept of the six key principles in the ‘adequate’ procedures doctrine of the UK Bribery Act. A key principle will be to carry out a risk assessment which should be focused on assessing the risks relating to potential specified offences which could be committed by ‘associated persons’.

UK identification doctrine reform

In the past, the SFO encountered obstacles in holding organisations liable for fraud. The previous UK identification doctrine meant that where a specific mental state, such as intent, recklessness or dishonesty, was a prerequisite for an offence, a company would only be found liable if specific individuals representing the ‘directing mind and will’ of the company possessed that specific mental state. This previous identification doctrine did not therefore often reflect the reality of decision making in complex organisations, where management decisions are dispersed across multiple directing minds.

Section 196 of the ECCTA provides that organisations will be found guilty if a ‘senior manager’ of an organisation, acting within their actual or apparent scope of their authority, commits a ‘relevant offence’. This includes attempts to or conspiring to commit that offence, and it applies to all companies regardless of size. The list of ‘relevant offences’ which is longer than that relevant to the failure to prevent fraud offence and may well be extended to all crimes in the next parliament includes offences relating to sanctions, money laundering, terrorist financing and certain financial services offences under the Financial Services and Markets Act 2000.

The ‘senior manager’ definition is drafted widely. It encompasses anyone who ‘plays a significant role’ in the making of decisions about how the whole or part of the activities of a company are to be managed, and the managing or organising of the whole or a substantial part of those activities. Whether a senior manager is caught by the definition therefore depends far less on their formalised job title, and far more on what they actually do.

Extraterritorial impact

On paper, both changes could potentially have broad impacts outside of the UK, but this needs to be considered in the wider context of likely enforcement.

According to section 196(3) of the ECCTA, corporates may be held criminally liable for an offence even if the offending takes place outside of the UK, as long as the offending would constitute a criminal offence in the jurisdiction where it took place.

The scope of the failure to prevent fraud offence is determined by whether the UK has jurisdiction over the underlying ‘specified offence’. In most cases, the UK generally will have jurisdiction if a ‘relevant event’ in relation to a ‘specified offence’ occurs in the UK. For offences under section 2-4 of the Fraud Act 2006, a ‘relevant event’ includes where harm is suffered in the UK.

The UK government has spoken at length about the potential extraterritorial reach of the new the failure to prevent fraud offence. However, while similar levels of extraterritorial enforcement powers were enshrined pursuant to the Bribery Act 2010, the last 10 years has witnessed a lack of domestic prosecutions, let alone international intervention – only seven companies were convicted for a failure to prevent fraud between 2011-22.

What do businesses need to be thinking about?

The obvious impact of the UK identification doctrine reform is that the definition of ‘senior manager’ differs substantially from definitions to which firms may be accustomed. Organisations and individuals should therefore strongly consider who may be carrying out roles which meet the ‘senior manager’ criteria under the ECCTA and put in measures and training to minimise risk.

The immediate impacts of the failure to prevent fraud offence are less clear. In bringing in the offence, the UK government has said that its priority is to foster change in the culture of organisations toward fraud, and that it does not expect a large uptick in the number of fraud offences being brought toward the courts. The failure to prevent bribery offence may have already prompted many large corporates to review their internal corruption policies and conduct the requisite due diligence. However, businesses still need to be thinking about whether the anti-fraud practices and ‘reasonable procedures’ they have in place are sufficient. Given the broad definition of ‘associated person’ an organisation’s supervision of its relationships with subsidiaries, agents and third-party vendors is more important than ever.

As the prosecutor is likely to face an uphill struggle, at least where there is a more complicated fact-pattern, in proving a failure to prevent fraud offence – mindful of the various hurdles that will need to be overcome, including the size of the organisation, the existence of a’ specified offence’, the involvement of an ‘associated person’, whether the corporate has actually received a benefit or whether it is actually a victim, and any potential reasonable procedures defence – we believe the offence will have more effect through increasing the awareness of fraud, compliance teams gearing up to deal with it and deterrence.

Looking forward – further change?

In September 2022, Emily Thornberry, the shadow attorney general, accused the government of “waving the white flag to white-collar crime” and pointed the finger at the SFO for convicting only seven companies of corporate fraud since an earlier Labour report of 2013. Since then, we have had a new director at the SFO and the introduction of the government’s new Fraud Strategy. The enactment of the ECCTA, which is likely to be extended with possible further offences to be added to the failure to prevent fraud list of ‘specified offences’ via secondary legislation, will also assist in addressing the cancer to society of fraud. However, all of the above and their potential for success will be dependent on the UK government providing financial backing.

Ian Hargreaves is a partner and Nicola Dwornik is a trainee at Covington & Burling LLP. Mr Hargreaves can be contacted on +44 (0)20 7067 2128 or by email: ihargreaves@cov.com.

© Financier Worldwide

BY

Ian Hargreaves and Nicola Dwornik

Covington & Burling LLP