The first UK deferred prosecution agreement – what can we learn?

Posted: 19th January 2016

Financial services organisations in the UK have now seen what could happen instead of prosecution should they commit fraud, bribery or other economic crime.

The country’s first use of a Deferred Prosecution Agreement (DPA) was against ICBC Standard Bank in December 2015, potentially paving the way for future similar agreements. Instead of prosecution, ICBC incurred fines and the requirement to adhere to certain obligations for a period of three years.

This development has been watched closely and carefully by firms who can now see how the DPA took shape for ICBC, and the steps they took to help them avoid prosecution. What are the wider lessons businesses can take from this if faced with similar circumstances?

The Huntswood view – Pre-emptive and proactive

The possibility of prosecution for ICBC transpired when it was brought to light that one part of the business was bribing officials in Tanzania from 2012 to 2013. After concerns were raised by employees in Tanzania, ICBC responded by self-reporting to the Serious Fraud Office (SFO) in London just one month after the transactions occurred in Tanzania.

The pre-emptive part

Employees were able to identify the occurrence of bribery and were in an environment where they could raise such concerns, which is important here. This shows the significance of firms assessing the risk within their business, identifying any gaps in their anti-bribery and corruption programme, and, where necessary, training employees on the risks involved and making sure that they have open channels of communication in these areas.

Such measures make it more straightforward for a firm to identify any bribery and corruption risks, and mean that the firm can demonstrate such pre-emptive measures in the face of a prosecution. In the same vein, senior managers setting the right ‘tone from the top’, and ensuring the right culture, can make it easier to recognise and address corruption problems.

The proactive part

The fact that ICBC’s leadership acted so quickly and decisively in self-reporting worked to its advantage, with SFO Director David Green applauding the bank for its “frankness with the SFO and their prompt and early engagement with us.”

Once such practices are identified, proactivity is key. Firms should not launch detailed and lengthy investigations and wait for detailed outcomes to be known before escalating.

To support this, it is crucial for firms to understand when they should escalate incidents and how to do so when issues are identified. In our experience, using a matrix-based approach focusing on risk, impact, investigation and escalation, such as Huntswood’s own approach, is a very effective mechanism for achieving this.

Once the SFO comes knocking

Ben Morgan, the SFO’s joint Head of Bribery and Corruption praised the “courage” of ICBC in deciding to co-operate with the authorities, and for engaging fully to deliver a result which “arguably has resulted in a better outcome for all involved”.

A company’s full co-operation will ensure a smoother engagement with the SFO. Co-operation might include the firm supplying the SFO with hard-copy and electronic files, performing its own independent investigation and ensuring its employees are available for interview. Appropriate preparation, including the use of a ‘dawn raid’ checklist, can ensure all bases are covered, and help to facilitate this co-operation.

As you may have noticed, ‘co-operate’ is the key word here, and the benefits of such a co-operative approach might ultimately result in earlier, reduced and prosecution free settlement.

Interestingly, this co-operative approach is similar to the methodology deployed by the Department of Justice prosecutions in the US, where early co-operation is factored into resultant action and fines. The SFO described the Bank’s co-operation as “significant” and it was a factor that enabled them to reach a DPA.

Dissecting the DPA

The use of the DPA to suspend ICBC’s potential prosecution has been greeted with great interest, and has proven to be a defining moment in the area of financial crime risk and corporate criminal law. The additional factor of the SEC fine disgorgement following the UK fine is significant in demonstrating global regulators working together to keep the interests of the economy safe, whilst still undertaking pertinent enforcement action upon the guilty party.

Businesses can find some comfort in the fact that this first DPA does in fact adopt a cautious approach, closely reflecting the criteria laid out in the DPA Code of Practice. This greatly endorses the act of self-reporting, with decisive and appropriate responses needed from leadership. It also highlights the need for good consultancy and a genuine collaborative approach. Companies should ensure, through effective risk-assessment and gap analysis, that robust anti-bribery policies are put in place (and regularly reviewed) - with employees trained on such issues as part of an organisation-wide plan to prevent such corrupt practices occurring.

The DPA has meant less impact, not just on the business, but on innocent shareholders and third parties. Less impact than there would have been with prosecution, with firms being given the opportunity to rectify huge mistakes through accepting blame and implementing better controls. This creates a positive message to stakeholders and demonstrates active measures are being implemented to ensure these mistakes will not happen again.