A newly released update to the SFO’s Operational Handbook on deferred prosecution agreements provides a high level road-map for DPA negotiations. That has immediate relevance for those under investigation and is instructive for advisers and companies seeking to understand what would be involved if they sought a DPA as a resolution of misconduct they are dealing with. In that respect, it does what the Operational Handbook should, providing procedural clarity to what is still a relatively new process.
The guidance also provides an opportune moment to reflect on some of the more strategic factors that might feed into the decision of whether to seek a DPA, as opposed to how to navigate that process.
DPAs require negotiation and, ultimately, agreement: key factors influencing the company’s decision
DPAs must be court-sanctioned and fulfil certain requirements laid down by statute. But, acknowledging that framework, they are, ultimately, an agreement between parties following a negotiation.
A range of factors will influence the decision as to whether entering into a DPA is in the interests of the company. Some may look at the SFO’s record on prosecuting individuals and companies and question if it represents a credible enforcement threat. Others may find it difficult to contemplate any other outcome than a DPA because the threat to the company of a successful prosecution is almost existential.
For many, the position will be somewhere in-between—a DPA will be attractive, but not on any terms. Overall, the new guidance does little to change the calculus for companies when assessing whether UK DPAs offer a credible alternative to a guilty plea or contested trial.
We look here at three significant DPA terms highlighted in the guidance and discuss how the SFO’s approach needs to evolve if the regime is to be fit for purpose (and perceived as such by the different stakeholders with an interest in it: the prosecutor, the defendant company and its advisers, and the public at large).
1. Discount on financial penalty: confirmation of non-statutory 50% discounts, and room for more?
This is an area where the guidance is perhaps most telling in what it has left out—it sticks closely to the facts noting that while the Crime and Courts Act provides for a penalty to be broadly comparable to that imposed in a guilty plea (which would entail a one third discount): ‘In the majority of DPAs to date, the court has approved terms permitting discounts of 50% in recognition of the levels of co-operation demonstrated.’
There is no indication from the guidance that companies can expect a discount higher than this, but also no indication that 50% is an absolute ceiling. The guidance leaves some wiggle room, but without providing any clear indication of what a company would have to do to better 50%.
Whether 50% continues to be an appropriate discount will depend on the wider composition of the DPA as a whole—including how onerous other terms are, such as those relating to improvements to compliance and future cooperation obligations, which are clear policy preferences of the current SFO leadership.
Flexibility on the discount applied to a financial penalty, with the potential to increase it to moderate the impact of the overall sanction, is the right direction for UK DPAs, taking the next step along the path already trodden in the far more mature US market.
When combined with what appears to be an expectation that certain other, more onerous, terms become ‘routine’ in future DPAs (like those described below), the option of an increased discount to the financial penalty becomes even more important. This would help address the tension between DPAs needing to ‘have teeth’, but also being balanced, such that boards can be satisfied they are in the best interests of companies.
2. Improvements to compliance: affirmation of the importance of corporate renewal
It is uncontroversial that any company seeking to resolve allegations of misconduct will have to make (or have made) improvements to their systems and controls to help prevent any recurrence. Whilst the SFO has so far stopped short of imposing formal monitors, some form of corporate renewal has been a feature of all DPAs to date. The direction of travel has been for these requirements to be more structured and, in some cases, more intrusive.
The new guidance is quite high level on this, noting simply that any terms relating to the compliance program ‘could include any specific requirements deemed necessary and proportionate such as the use of data analytics to test compliance controls and behaviour.’
It is clear that the current SFO leadership sees one of the key benefits of the DPA process as being the ability to ensure better corporate citizenship post-resolution. That is not a feature of a guilty plea, and so forms part of the overall equation that defendant companies and their advisers will need to balance when considering whether a DPA is the right outcome for a particular situation (as well as influencing how the public might perceive any resolution).
The exact nature of the changes needed to a company’s programme is a very fact-specific question, and depends largely on the nature of the offences, as well as how much work the company has done before, and during, the enforcement process. Companies that anticipate needing to accept some form of resolution can take steps to get ahead of the game. But given this term in a DPA can be one of the most onerous, often requiring significant investment and ongoing engagement with the SFO, it is important that the SFO does not overreach itself and attempt to impose a one size fits all approach to future compliance terms. Again, a balancing act is required, looking at the company’s specific circumstances and the overall impact the DPA will have.
3. Future cooperation—an obligation to self-report any kind of potentially serious criminal misconduct
In contrast to the previous topics, this is an area where the SFO has spelt out very clearly what it will expect, and this represents a significant change in the way DPAs work in the UK.
It has routinely been a feature of DPAs to contain terms that a company will have to cooperate with related investigations (e.g. into individuals/by other agencies) and provide the SFO with any information it becomes aware of during the term of the DPA that is relevant to the offences in question. These expectations were set out in the February 2014 Joint DPA Code of Practice and feature in all DPAs so far approved.
But the SFO now expects more. The guidance informs SFO prosecutors that they should ordinarily expect the company to agree to self-disclose any new conduct which ‘may reasonably fall within the SFO Statement of Principle'– i.e. misconduct relating to any complex or serious fraud (incl. bribery and corruption).
This is consistent with the US DOJ’s expectations regarding future cooperation, and is a term now commonly seen in the more recent DPAs in the UK. Whether it will become a default term here, however, is much less certain as for some companies that obligation—in isolation at least—could look like too high a price to pay.
The Guidance is useful—even if it only addresses part of the picture
DPAs are, in part, designed as a tool to drive corporate behaviour, encouraging self-reporting, cooperation with investigations, and remediation in exchange for a negotiated resolution rather than a prosecution.
Negotiated is, perhaps, the key word. How far prosecutors and defendant companies are willing to negotiate these factors will depend on how they interplay, as well as wider considerations.
Both parties must discharge their duties. The SFO will be mindful of public perception, but it cannot make DPAs so harsh that companies are disincentivised from agreeing and would decide the interests of the businesses they represent are better served through opting to contest a trial, with its prospect of acquittal, or by entering a guilty plea, with its lack of continuing obligations.
No one claims that a DPA is necessarily the right answer for any given situation. But as we approach double figures (the 9th UK DPA has recently been announced), the Director of the SFO has made it clear she sees DPAs as an important part of the overall range of enforcement tools available.
DPAs are here to stay and the transparency over the process is a welcome step in the right direction. As the parties move through the broad procedural stages described in the guidance, there are a number of strategic decisions and points of nuance that require careful thought along the way—including how the DPA may impact other risks the company faces.
Given the complexity of the matters they address, DPAs cannot become static or commoditised: there has to continue to be evolution.
Visit our corporate crime pages for more information on our global practice.