New SFO Guidance for compliance programs
On January 17, 2020, the UK Serious Fraud Office (“SFO”) has published an updated chapter to its Operational Handbook: “Evaluating a Compliance Programme” (the “Guidance”). The SFO’s Operational Handbook is used by the SFO as an internal guidance for its prosecutors and sets out applicable best practice standards. The Guidance provides valuable insights on how the SFO assesses the effectiveness of the compliance systems of companies under investigation and at what point in time the SFO considers its assessment to be of relevance.
At the outset, the SFO emphasizes the importance for companies of all sizes to have implemented appropriate compliance procedures in order to reduce the risk of wrongdoing. These procedures are expected to differ from company to company, depending on the individual risk profiles. A compliance program is expected to be risk based, proportionate and regularly reviewed. In the context of investigations and, as the case may be, subsequent charging decisions or settlement negotiations, prosecutors are required to assess the past, present and future effectiveness of a company’s compliance program:
- The past: A non-existing or ineffective compliance system at the time the offense was committed increases the probability that prosecution of a company is in the public interest. If, however, the violation occurred despite an effective compliance system being in place, this may constitute a valid defense of the company to s7 UK Bribery Act 2010.
- The present: The company, following the offense, has strengthened its compliance system, following an offense, is an indication for remedial action and may lead to the result that prosecution would no longer be in the public interest.
- The future: Looking into the future, conditions may be imposed on the company in the course of a deferred prosecution agreement that are considered appropriate to achieve the desired outcome, namely the establishment of an effective compliance system.
Companies should be aware of the fact that even if a prosecution is ultimately pursued and successful, the existence of an otherwise effective compliance program may be considered at the sentencing stage and be a mitigating factor. This is even the case where a company’s efforts to put such a compliance system into place did not prove effective in an individual case.
The Guidance highlights the central role that compliance documentation and materials play in any investigation. Such documentation may not only serve in relation to the effectiveness assessment of the compliance program but also provide direct or circumstantial evidence to the case being investigated.
The Guidance emphasizes that the six key principles included in the Ministry of Justice’s 2011 statutory guidance on the UK Bribery Act 2010 continue to represent a good general framework for assessing compliance programs:
- Principle 1: Proportionate Procedures
- Principle 2: Top Level Commitment
- Principle 3: Risk Assessment
- Principle 4: Due Diligence
- Principle 5: Communication (including training)
- Principle 6: Monitoring and Review
It does not come as a surprise that the SFO continues to refuse to spell out for companies a step-by-step to do list on how to establish an effective compliance system. Instead it emphasizes once again that every company is encouraged to regularly perform individual risk assessments and implement effective policies and measures that address the results of these individual assessments.
The Guidance is available here .