About Us |
Contact Us |
LexisNexis Business Solutions
Caroline Black is a partner in the white-collar crime team at the London-based law firm Dechert LLP. She has worked on several large multi-jurisdictional anti-corruption and bribery cases and advised major companies on putting in place adequate compliance and due diligence procedures. Speaking to LexisNexis from Dechert’s slick, modern offices near Fleet Street, she tells us that legislation against bribery and corruption around the world is getting stronger, and regulators are more willing to take enforcement action against non-compliant companies.
Is anti-bribery and corruption regulation and legislation getting tougher?It is the case that around the world, there is a rise in enforcement actions and also legislation which is being passed to assist prosecutors to take action against breaches of anti-corruption standards. In terms of enforcement and regulation, we have seen a globalization of the fight against corruption, money laundering and terrorist financing. We have seen increasing numbers of coordinated corruption investigations in recent years such as the joint Rolls Royce Deferred Prosecution Agreement (DPA) between the British, the Americans and the Brazilians, and Odebrecht between the Brazilians, the Americans, and the Swiss.
The trend for that global coordination will continue with the US and the UK playing lead roles but also increasingly with other jurisdictions being more fully involved in anti-corruption and anti-money laundering efforts.
Interestingly there is also a drive at the moment to give prosecutors more tools through the use of DPAs. DPAs were brought into force in the UK in 2014 but have recently been increasingly used by the SFO. Similar powers have been given to the authorities in France in the form of a CJIP, and there is similar legislation being passed in Canada, Australia, and Singapore.
What do DPAs mean for companies?
There is an increased awareness and desire by the authorities to prosecute companies for anti-corruption breaches. But the use of DPAs also show that prosecutors are thinking about how to incentivize companies to cooperate, to self-report and to be good corporate citizens. The DPA format provides the authorities with greater tools in their armoury to not only incentivize companies using a large stick but also with a carrot in the form of a DPA.
How do companies benefit from being ‘good corporate citizens’, as you put it?
The main benefit is the ability to really market yourself as a company which is ethical, that does business in the right way, and will hopefully attract more work from like-minded firms. Increasingly companies around the world are looking for ethical third parties to do business with. More companies are looking to ensure that the people they do business with are ethical, that they do business in the right way, and are not ultimately going to attribute liability back to them under the very wide anti-corruption laws which are in place.
What are some of the principles of a good due diligence process?
What is really key is having a risk-based approach as a starting point, because completing the same level of due diligence for every third party which a company might engage is unworkable and unmanageable, especially in a large business. But it is also essential that companies are properly identifying those third parties who are the highest risk to their business and ensuring these entities are thoroughly checked and managed.
Another important point is to ensure that reliance is not placed on only one source of information. Information should be sourced from the third party itself, from within the business (the managers and the sales force who proposed the particular third party). Information should be considered from sources available in the public domain or through public records searches and sanctions lists checks. Then depending on the assessment of the risks of the particular third-party consideration could be given to using a reputable due diligence firm or agent. Finally, a company could also make local in-country checks with the chamber of commerce and follow that up with references.
It is also vitally important to ensure that whomever is receiving that information within the company can understand it and ask appropriate follow-up questions, because one failing I’ve seen in the past in some of the companies that we have worked with is that compliance or legal may receive information about red flags that really warrant following up, but the people receiving it do not understand the significance.
How should firms use technology in this process?
Technology is an increasing part of business around the world and it should be part of any due diligence or compliance program. RegTech is really focusing on the use of automated systems and analytical techniques where suspicious transactions may be identified across a business through a big data sampling tool, so a lot more information can be processed than by any one individual. That being said, you still need an individual to review the findings and ensure that they understand the information coming out. But I think technology is useful to highlight red flags or issues which may occur within a company.
How else is technology being used in the field?
In the field of investigations, technology is also becoming much more accepted and more widely used by the authorities. For example, the UK’s Serious Fraud Office used technology-assisted reviews in the investigation leading to the DPA that was reached with Rolls Royce, so it is a much more acceptable standard to allow the review of a lot of data in the most efficient way possible.
How important is the leadership of a company to a successful anti-bribery and corruption program?
Tone from the top is absolutely essential. No anti-bribery, anti-money laundering or anti-financial crime system can work without the buy-in from senior management. I believe it is something the authorities will continue to want to see, from those companies who ultimately end up in trouble, but also more generally to demonstrate that you do business in the right way.
Increasingly, information is being made transparent by companies, including publishing policies, procedures and leadership steps taken by CEOs and other senior members of the board or executive management team. That transparency is not limited to bribery and corruption - with the new Gender Pay Gap reporting, Modern Slavery Act reporting and other initiatives, it’s something that will continue as companies push to transform the way that business is done. It’s important that leadership is seen to endorse that transparency across the board.
What advice would you give companies that come across evidence of financial crime?
If a company decides that there is substance to an allegation, it is very important for it to be seen to be reacting in the right way. One of the key first steps that we would advise our clients is to preserve and secure evidence including paper documents and e-data and the various sources of other information that may exist. Companies should then consider whether there is an issue which could lead to a large enforcement action and which authorities may have jurisdiction as different standards may apply.
To have any chance of persuading the authorities in the UK that a company is qualified to receive an invitation to participate in a DPA, there has to be early reporting, consultation, and cooperation. This practice has become apparent from the recent DPA case law in the UK. The most striking example is Rolls Royce where a large fine of nearly £500m was levied against the company. Notably the agreement made it clear that this was a 50% discount on the penalty which it could have expected had the company not gone into the cooperative process. So, it really is financially important for companies to consider cooperation early on in the process.
It is also beneficial for a company’s corporate compliance image to be able to say, “yes we are reviewing this issue, we’ve reported it to the authorities, we are cleaning up our internal processes, we have taken disciplinary action and we have removed those wrongdoers”. This enables the entity to try to manage the process as best it can while also providing positive messaging to the market and any shareholders that the problem is historical and under control.
How can this transparency approach help during an investigation?
What the authorities are really looking for is transparency and cooperation and to approach and deal with the authorities in a way that is respectful and open. Any attempts to cherry-pick or hide specific behaviour or protect individuals is not something the authorities will want to see from a cooperating company. So, I think transparency, disclosure and cooperation are really the cornerstones of the process.
Even outside of an investigation process, transparency is what the authorities want to see. They are looking for commitment to ethical behaviour, to ensuring that reports are made through relevant money-laundering systems if required, proper disclosures to the markets, proper reaction to an adverse event that might happen within a business, and other step such as publishing gifts and entertainment registers and policies on the company’s website. Companies must demonstrate that ethical business is not just a statement that is made, it really is lived within the organization.
Actions You Can Take Now