Money laundering was firmly in the sights of the UK authorities in 2021 and will remain so in 2022. The Financial Conduct Authority (FCA) brought is first prosecution against a bank under the UK Money Laundering Regulations, and the UK’s entire CTF/AML regime is currently under review. The AML supervision of crypto assets will likely evolve in 2022 as it is considered a high-risk area.
New criminal offences relating to defined benefit pension schemes were introduced but the consultation on corporate criminal liability more generally is still ongoing, with a report expected from the Law Commission early in 2022. Big Tech companies are under pressure to reduce online harms, with new criminal offences possibly being introduced in 2022 via the Online Safety Bill.
The Serious Fraud Office (SFO) is likely to be focusing on frauds on the public purse committed during the pandemic. It will also be trying to regain its enforcement momentum after some difficult (for the SFO) court decisions that curtailed its ability to obtain documents held abroad and raised criticisms of the SFO’s lack of disclosure in some high-profile cases. 2021 saw the number of new SFO corporate criminal investigations fall to the lowest number (four) in over a decade.
Internal investigations into ESG-related issues are becoming much more common, as investors and employees seek to exert pressure on companies to improve treatment of their workers in supply chains and reduce environmental impact.
- Investigations trends/developments
- Significant law reforms impacting corporate criminal liability
- Internal investigations – key considerations
- Sectors targeted by law reforms or enforcement action
- Cross border coordinated investigation or enforcement activity
- Predictions for 2022
Access to documents held overseas
The Supreme Court ruled that the SFO does not have the power to order the disclosure of documents held abroad by a non-UK company: KBR Inc v The Director of the Serious Fraud Office  UKSC 2. The decision dealt a blow to the SFO with the unanimous rejection by the court of the SFO’s attempted expansion of its statutory powers to compel documents from non-UK parent companies. The decision will have ramifications for other UK authorities seeking to compel production of material from non-UK parent companies without any domestic presence. The SFO will instead need to rely on Mutual Legal Assistance regimes which can be cumbersome. The SFO has not yet been able to take advantage of the Crime (Overseas Production Orders) Act 2021 to access data directly from overseas communication service providers despite a bilateral agreement having already been signed between the UK and U.S.
UK-based companies should note that documents in their possession or control, but held overseas, may fall in scope of the SFO’s document disclosure powers and, subject to contrary statutory intent, production powers of other authorities too. This construction of the SFO’s powers was not challenged by the parties in the KBR case and therefore not decided by the Supreme Court, although the commentary did appear to favour this view.
M&A: Innocent acquirers and deferred prosecution agreements
The SFO entered into a deferred prosecution agreement (DPA) with Amec Foster Wheeler Energy Limited (formerly Foster Wheeler Energy Limited) (company) and John Wood Group plc (Wood) to settle historic bribery claims. Wood purchased the company in 2017, just after the SFO commenced its investigation.
This DPA involved an innocent parent company (Wood) which purchased a subsidiary (the company) after the misconduct (bribery by the subsidiary) had already occurred. As part of considering whether to approve the DPA, the judge wanted to know whether the acquisition price of the company had been reduced to reflect the risk of penalty (it had not been). The judge was reassured that the offer price was based on publicly available information, and that the SFO investigation was not factored into the valuation because it was announced after the offer was made. If the purchase price had been reduced, it is likely that the court might have viewed the appropriateness of the proposed penalty (which had been reduced to reflect the fact that this was historic conduct) in the DPA differently.
This DPA joins two other examples involving companies that had been taken over by innocent acquirers where all, or the vast majority, of the misconduct occurred prior to the change in ownership and certainly without the knowledge of the acquirer. In both, on discovery of the misconduct (post-acquisition) there was self-reporting and cooperation with the SFO. In the Amec Foster Wheeler case, the buyer was aware of the SFO investigation, albeit after a price had been agreed. These three DPAs show three buyers of companies with historic bribery issues who chose to cooperate with the SFO, and earnt a discounted penalty as a result.
Treatment of individuals
The SFO has continued to fail to secure convictions of individuals following DPAs, most recently due to disclosure failings by the SFO. Concerns about the impact of DPAs on inculpated individuals were moderately ameliorated in 2021 by greater protection afforded by the court during the approval of a DPA with Amec Foster Wheeler. For the first time, the court ordered that DPA-linked documents must have a warning that there is no finding of fact concerning the culpability of any individual. The DPA was also not published.
The recent sentencing of a oil services company for a failure to prevent bribery is an example of the SFO using a cooperating offender (a former Global Head of Sales) to help secure a conviction against a company. The individual, as a result of his cooperation, managed to avoid prison (he received a suspended sentence) despite being convicted of multiple counts of bribery. The SFO is keen to “flip” more offenders like this, but the risk/benefit analysis for the individual is not straightforward as they must provide a lot of incriminating information without any guarantee of being treated more leniently and at a time when it is not certain that they would be charged with any offences, absent cooperation.
Fewer big bribery cases – more domestic fraud enforcement?
The SFO appears to be focusing on smaller, domestic cases that can be progressed more quickly. It has only publicly announced one cross-border bribery investigation in the past year: the probe into a Canadian aircraft maker’s conduct in Indonesia.
The pandemic created a perfect environment for fraud including, for example, push-payment fraud on individuals and businesses. It remains to be seen how effective the UK authorities will be at taking action against the huge amount of fraud which took place during the pandemic.
Money laundering as a continuing focus for the authorities
In the UK, money laundering has remained a focus for regulators in the financial services and other sectors, including the art sector which is likely to come under greater scrutiny after HMRC published its first risk assessment on art market participants in June 2021. The art market, alongside trust or company service providers, is considered as representing the highest inherent risk for money laundering.
The UK Gambling Commission has been active in imposing fines for AML breaches. HMRC has also taken enforcement action and in January 2021 imposed a GBP23.8 million fine on a money service business for breaches of the Money Laundering Regulations 2017.
Two of the biggest sanctions imposed by the FCA in the 12 months prior to March 2021 related to failures to address financial crime and AML risks. Both cases highlighted inadequate systems and controls "where one could be forgiven for thinking the true function and meaning of the controls had become lost in elaborate processes leading to failure".
The FCA is keen for firms to focus on the harm that regulations are seeking to prevent as opposed to treating regulations as an end in themselves. The FCA achieved its first successful criminal conviction of a bank for breaches of the Money Laundering Regulations, and we can expect to see the FCA pursuing more dual-track investigations.
Building on the guidance on how to evaluate a compliance program that it released in 2020, the SFO has pledged to deepen its understanding of compliance and engagement with compliance professionals. The director of the SFO, who comes with compliance expertise from a previous role, said: “we’re upskilling ourselves to be better and smarter in this evaluation, including bringing in people with experience and expertise in this area”. Any enforcement action by the SFO is likely to therefore involve more in-depth scrutiny of compliance programmes. We have drawn together some common weaknesses in corporate compliance programmes.
Follow-on group actions
Group action by investors against companies off the back of enforcement action remains a reality, although it is too early to tell whether these types of claims will gain much traction. Companies need to assess the risk of this happening early as it may impact decisions made on self-reporting, privilege and cooperation during the enforcement stage.
There have been several legislative developments in a number of white-collar crime areas.
High-profile collapses of some large companies, and the resulting impact on their pension schemes, has led to two new criminal offences under the Pensions Schemes Act 2021, which came into force on 1 October 2021. They are aimed at improper conduct in relation to defined benefit pension schemes: (1) avoidance of employer debt; and (2) conduct risking accrued scheme benefits. As discussed previously, the new offences caused a stir in the pensions industry and beyond due to the broad scope of potential criminal liability (which could include any person involved with a defined benefit pension scheme, however tangentially) and the limited nature of the possible defences. The penalties are significant, including an unlimited fine and/or up to seven years' imprisonment, or a civil penalty of up to GBP1 million.
The UK Government introduced a new global corruption sanctions regime in April 2021. A Minister can designate individuals and companies who are suspected of involvement in corruption. There have already been sanctions made against individuals involved in corruption cases in Russia, South Africa, South Sudan and Latin America. These new sanctions will inevitably add to the complexity and compliance-related risks for businesses transacting and investing in higher-risk jurisdictions.
The UK Government is consulting on an overhaul of the UK’s AML/CTF regime. Despite no longer being a member of the EU, the UK will want to remain compliant with the FATF regime. The consultation is looking at overall effectiveness, sectors in scope, and whether supervisors have adequate powers to ensure compliance. Specific regulatory aspects being scrutinised are the risk-based approach, whether the MLRs enable the safe and effective use of technology to tackle AML/CTF, and improving the quality of suspicious activity reports. There is a separate consultation on certain amendments to the MLRs in particular, looking inter alia at supervisor access to SARS, proliferation financing, making reporting on beneficial ownership discrepancy reporting an ongoing obligation (not just at outset of relationship) and transfers of crypto assets.
Efforts to reform English law on corporate criminal liability continue to rumble on, with the Law Commission consulting on corporate criminal liability. Supporters of reform point to recent failures of the SFO to prosecute large corporations and senior individuals as evidence of the need for reform. One of the options under consideration is extending the “failure to prevent” model of corporate criminal liability, which is employed for bribery and tax evasion, to cover other types of economic crime.
The UK’s current legal framework on debarment was adopted from EU law, and is currently being amended. Under existing legislation, debarment can be mandatory or discretionary, depending on the misconduct. The results of a UK government consultation were published on 6 December 2021. It sets out new mandatory and discretionary grounds for exclusion. Whilst further details are awaited, it looks like offences requiring mandatory debarment will be broadened to include fraud and fraudulent trading, theft, modern slavery offences, corporate manslaughter or corporate homicide, tax evasion, and the ‘most serious’ competition law breaches. The Government estimates that the new legislation will come into force in 2023.
A forensic report produced by PWC for a corporate client’s internal investigation was ruled not to be privileged in State of Qatar v Banque Havilland SA & Ors  EWHC 2172 (Comm) because the report was not produced for the sole or dominant purpose of contemplated litigation. The case is a reminder of how tricky it can be to invoke litigation privilege to protect third-party communications in the context of early stage investigations.
Enforcement action has been taken across a range of sectors in 2021. However, updates to the UK Government’s economic crime plan 2019-2022 refer in particular to the following areas of focus:
- AML supervision of crypto assets
- AML and professional “enablers” (accountancy, law, company service providers)
- bribery and corruption in the oil and gas, extractive and overseas development sectors
- fraud against the public sector.
The May 2021 Statement of Progress identifies a “strong focus on fraud”, money laundering, seizing more criminal assets, and strengthening corporate transparency.
AML is prominent here, and aligns with the UK’s review of its entire AML/CTF legal framework (see above). This means that those businesses that fall within the scope of the UK Money Laundering Regulations 2017 (and those that may do so as a result of reforms) will be under the spotlight of the authorities. These businesses are very much regarded as part of the public-private partnership response to combatting economic crime.
Fines for failure to prevent financial crime remain among the highest levied by the FCA and Prudential Regulation Authority regulators (with four fines totalling GBP421 million between October 2020 and October 2021). The Financial Conduct Authority is demonstrating a bolder risk appetite and willingness to use its criminal prosecution powers in financial crime cases.
We also expect to see increased scrutiny of businesses which sell themselves as aiding sustainability, not just from activist investors. For example, the SFO is prosecuting two former directors of an ethical forestry investment plan which promoted a project to put money into tree plantations in the Brazilian rainforest.
The Online Safety Bill is currently being considered into Parliament, and is likely to come into force in 2022. A new duty of care will apply to search engines and providers of internet services which allow individuals to upload and share user-generated content. The Bill is aimed at Big Tech and will rely initially on enforcement by regulatory fines (Ofcom will have the power to issue fines of GDP18 million or 10% of the entity’s worldwide revenues, whichever is higher). However, if the regime is not effective at making Big Tech firms reduce online harm, the Bill provides for new criminal offences aimed at senior executives of Big Tech firms to be introduced where they have failed to take reasonable steps to prevent offences being committed. At present this would happen after two years, although the UK Culture Secretary said in November that she wants to accelerate the timing of this new criminal regime to between three and six months.
Companies should assume that UK authorities are speaking to their overseas counterparts. The Director of the SFO has publicly stated on many occasions the importance she attaches to international cooperation. Both the SFO and the FCA have secondees from overseas enforcement authorities.
There is no such thing as a global settlement, but we have seen coordinated settlements, for example:
- In 2021 a crediting agreement was entered into by the SFO, the Department of Justice (DoJ), and the Securities and Exchange Commission (SEC) with respect to bribery by Amec Foster Wheeler in Brazil. The agreement operates by offsetting sums paid by the company to the SFO against the amounts due from Amec Foster Wheeler entities to the DoJ and the SEC. The Brazilian Authorities are also party to an agreement with the U.S. authorities which relates to the sum due from the company as a result of the offending in Brazil.
- Since October 2020, the FCA has imposed two significant penalties for failure to prevent financial crime that formed part of a “globally coordinated resolution”. In both cases, the financial penalty imposed by the FCA took into account settlements reached by the company with authorities in overseas jurisdictions.
The UK-EU Trade and Cooperation Agreement, implemented in the UK by the EU (Future Relationship) Act 2020, contains provisions on cooperation in criminal matters, including mutual legal assistance and the freezing and confiscation of criminal property. It is too early to tell how this new regime will operate, but it is unlikely to be as timely or effective for law enforcement authorities as the EU-wide mechanisms in place pre‑Brexit. Informal cooperation is likely to continue, but for now we may see the UK’s investigation of serious crime involving Member States taking longer.
- More companies are likely to have to conduct internal investigations focusing on ESG (environmental, social and governance) issues, for example into treatment of workers in their supply chains. Careful thought will need to be given to how these investigations are structured, bearing in mind the chance of follow-on civil or regulatory action.
- Crime rises when individuals are under financial pressure. Post Covid-19, the combination of remote working, reduced compliance budgets, volatile markets, stressed supply chains and financial pressure may lead to an increased risk of financial crimes such as market abuse, fraud and misleading the market. GCs will need to be agile to respond, and ensure that compliance policies and speak-up programmes are refreshed and firmly embedded culturally in their organisations. Training may need to be updated to reflect increased hybrid working.
- We may see businesses seek to penetrate new markets, clients and industry sectors in 2022. This may bring a higher corruption risk.
- Disputes on privilege issues and access to documents and data held abroad will continue as enforcement authorities seek to explore the limits of their powers. GCs will need to be aware of the current interpretation of the authorities’ powers, and also any obstacles in meeting these requests, e.g. around data privacy and location of documents.
- A careful trade-off is required when considering whether to self-report. GCs will need to be well-informed of any legal obligations to report (eg in regulated sectors). Outside regulated sectors GCs should consider current enforcement priorities and the pros and cons of reporting/cooperating. GCs will need to consider, as part of this analysis, the likelihood of follow-on claims (eg by investors) or connected investigations in other jurisdictions.
- Data protection questions will inevitably remain a hot topic for all during cross-border investigations. In the GIR guide to Data Privacy & Transfer in Investigations 2021/2 experts from Allen & Overy help those involved in investigations adopt a risk-based approach to the rules across 15 jurisdictions, thus ensuring investigations run smoothly
- Data collection, retention, monitoring and reporting will become increasingly important. The FCA, in particular, has promised to become a more data-driven regulator and will be relying on better analysis of automated data collection as well as web scraping and social media monitoring to identify harm and intervene more quickly.
This article is part of the Allen & Overy Cross-border White collar Crime and Investigations Review. Please visit the review homepage for our overviews and insights in other jurisdictions.
 ICBC Standard Bank and Guralp
 Petrofac Ltd
 MT Global
 Society of Corporate Ethic interview (February 2021)
Allianz Global Investors GmbH and others v. G4S PLC; Manning & Napier Fund, Inc & Anor v Tesco plc.; Allianz Global Investors GmbH v RSA Insurance Group Ltd (formerly RSA Insurance Group Plc); Trustees for the Victory Portfolios & oths v Standard Chartered Bank
…stands out for its ability to handle both civil and criminal issues arising in domestic and cross-border investigations into money laundering, corruption and sanctions violations.
Legal 500 UK – Regulatory Investigations and Corporate Crime 2021
Exceptionally high levels of knowledge of the current state of anti-bribery and corruption regulation, legislation and enforcement in the UK and US, combined with a high level of understanding of the UK criminal justice system.
Legal 500 UK – Fraud: White-Collar Crime 2021
Highly reputed across compliance and regulatory investigations, including anti-bribery matters.
Chambers UK – Financial Crime: Corporates 2022
It's an extremely professional team - they're always available, responsive and give pragmatic but robust advice.
Chambers UK – Financial Services: Contentious Regulatory 2022
Download the Cross-Border White Collar Crime and Investigations Review
The 'Cross-Border White Collar Crime and Investigations Review' analyses the latest developments and trends, and highlights the most significant among the current and emerging issues that white collar crime and investigations in-house counsel should prioritise in the year ahead.