Partners Simon Fawell and Paul Brehony, and Counsel Kate Gee explore the heightened risks for company directors in the sphere of corporate criminal liability and the circumstances where corporate liability could lead to personal claims against directors in the third of a three-part series for Accountancy Daily discussing directors’ duties trends for the year ahead.
Risks for company directors are on the rise. In the third of a three-part series, we focus on the steeply heightened risks in the sphere of corporate criminal liability, where the tremors occasioned by the COVID-19 pandemic and the Russia/Ukraine crisis have made the landscape even more challenging for directors and in circumstances where corporate liability could lead to personal claims against directors for losses suffered.
Existing “failure to prevent offences“
The penalties for individuals found guilty of bribery offences are well known and severe: there is a maximum penalty under the UK Bribery Act of 10 years imprisonment and unlimited fines. However, the strict liability corporate offences under the Bribery Act and Criminal Finances Act for “failing to prevent” bribery by individuals associated with the company are also severe and could, potentially, lead to direct claims against directors personally.
Corporates face potentially unlimited fines under the “failure to prevent” regimes. As the Bribery Act enters its second decade, a spike in prosecutions looks inevitable. As the Organisation for Economic Co-operation and Development’s (OECD) Working Group on Bribery warned at its outset, the COVID-19 pandemic was likely to raise the prospect of foreign bribery, particularly for procurement in the health sector, given the significant pressures on both governments and companies’ operations and the intense global demand for pharmaceutical products.
Similarly, as remote working both during and post-pandemic becomes the ‘new normal’, organisations are increasingly faced with challenges in maintaining the fitness for purpose and reach of their compliance systems and environment.
If this wasn’t worrying enough, the sheer quantity of wealth and assets subject to sanctions following Russia’s invasion of the Ukraine may overwhelm enforcement agencies. The restrictions create the likelihood that some owners of Russian assets will respond delinquently by engaging in creative, complex or criminal tactics to maintain access to their assets. Money laundering and bribery risk in this context appear significant and great care will need to be taken in Boardrooms to ensure they do not deal with or sell Russian investments.
“Adequate” or “reasonable” procedures
The Bribery Act 2010 created four criminal offences: (i) offering, promising or giving a bribe (s.1); (ii) requesting, agreeing to receive or accepting a bribe (s.2); (iii) bribing a foreign public official to obtain or retain business (s6); and (iv) a strict liability offence for any company that fails to prevent bribery by associated persons acting on behalf of it (s.7). There can also be personal liability for directors and senior officers where a corporate offence under any of s.1, s.2 or s.6 is committed and it can be shown that the offence was committed with their “consent or connivance”. That can amount to the relevant individuals turning a blind eye to the offences being committed or, even, by failing to investigate further when the surrounding circumstances should have put them on the enquiry of a possible offence.
While there is no offence under s.7 for which directors or senior officers could be guilty, there remains the possibility of personal liability to shareholders for breach of duty in certain circumstances. In particular, s.7 provides a defence to the corporate offence where it can be shown that the company had “adequate procedures” in place to try to prevent the relevant bad actors from undertaking egregious conduct. Where companies are found guilty of the s.7 offence directors may find themselves in breach of duty for having failed to ensure that “adequate procedures” (including the principle that top level management should be committed to preventing bribery by associated individuals) were in place.
Under English law, it remains arguable whether directors could avoid a shareholder action for breach of duty to recover a “failure to prevent” fine on the basis of ex turpi causa (the principle that the company should not be able to rely on its own wrong – in this case, failure to have “adequate procedures” in place – as the basis for a claim). While the principle will often assist, there are potential carve outs where the offence is one of strict liability as it is under s.7.
The same principles will apply to possible offences under part 3 of the Criminal Finances Act 2017 (failure to prevent tax evasion offences). Again, prosecutions remain rare (the CFA was probably always intended to alter corporate culture rather than to vigorously prosecute) but look likely to be on the increase. Similar to the “adequate procedures” defence under the Bribery Act, there is also a “reasonable procedures” defence to the strict liability “failure to prevent” offence for corporates.
To the extent they weren’t already, the possibility of personal liability should focus directors’ minds on ensuring that robust policies are in place, documented and kept under regular review. Where there is the potential for a fine under one of the failure to prevent offences, directors may also want to consider taking separate advice, independent of the company, in case of a later shareholder claim, particularly where there is an unusual fact pattern.
Further failure to prevent offences?
During his time leading the Serious Fraud Office (SFO), David Green (as he then was) spoke out in favour of extending the corporate offence of failure to prevent bribery to other species of financial crime (coupled with a due diligence defence).
In recent weeks, the prospect of further failure to prevent economic crime offences has waxed and waned, but there remains a lot of key support in government and a high likelihood of further offences eventually getting onto the statute books given the current climate. A recent consultation commissioned by the Government was frustratingly inconclusive in this respect and it is possible that Dominic Raab’s replacement of Robert Buckland as Justice Secretary may have checked the economic crime juggernaut for the time being. Nonetheless, a widening of the failure to prevent offences into economic crime may now be inevitable.
A new financial services consumer duty
2022 also looks set to be a busy year for regulated firms dealing with retail customers. Although in some respects, the new consumer duty appears to be a re-articulation of existing principles, it will involve corporates making subjective decisions about how the new duty should be applied and it is plainly going to be front and central to the Regulator in the way it scrutinises regulated firms’ engagement with retail clients. Directors will need to get on top of these new rules as they will involve significant changes in the way that they engage with clients across a number of sectors, equally importantly, the way these engagements are documented.
Heightened money laundering risks
Although possibly beyond the remit of this article, the Ukrainian crisis will almost certainly expose directors and organisations to the risk of inadvertently facilitating money laundering, not just in traditional financial institutions, but in businesses worldwide. Various forms of corporate financings, investments, capital-intensive projects or other transactions could inadvertently shelter the movement or use of assets subject to sanctions or similar restrictions.
Such risks may be most acute for businesses engaged in the emerging Fintech and Blockchain sector, and those receiving funds from abroad that could be tainted, whether due to underlying failures of due diligence or inadequate sanction adherence.
Given the draconian sentences that come with money laundering offences for both individuals and organisations, directors will need to be increasingly mindful of these risks and should again review and update internal procedures as appropriate.
Directors should already be well aware of their corporate responsibilities in respect of the offences outlined above. However, the possibility of personal liability is often overlooked. They would be well advised to keep that possibility in mind and to seek independent advice at an early stage if it looks as though there will be an investigation and possible prosecution at the corporate level. Directors should also ensure that they are familiar with any directors and officers liability insurance that might be in place, both in terms of what it does/does not cover and any notice requirements in the event of circumstances giving rise to a potential claim.
Sylvie Gallage-Alwis and Nikita Yahouedeou discuss the DGCCRF’s recent practical guide to online shopping and consumer rights in Le Monde du Droit
28 November 2023
28 November 2023