We aim to make this site as accessible as possible and therefore have provided the settings below to use if you are finding it difficult to view this website. See the SFO Accessibility Statement for more information.

Where it is appropriate to provide a Welsh translation, you can switch to Cymraeg. See the Welsh Language Commissioner website for more information.

Use the settings button in the bottom right corner of the page to access these settings again.

We would like to use Analytics Cookies on our website. 

Turn these on below if you are happy with us collecting information on how our site is used, in order for us to improve the overall experience of our website. 

All other cookies are necessary and therefore by continuing to browse this website, you are agreeing to the usage of these cookies.

 See the SFO Privacy Policy for more information. 

Analytics Cookies

Camilla de Silva at ABC Minds Financial Services

16 Mawrth, 2018 | Areithiau

Camilla de Silva, Joint Head of Bribery and Corruption, speaking at ABC Minds Financial Services conference on 15 March 2018.

Thank you for the opportunity to speak to you this morning. I’ve been asked to speak on the following topic: the Prosecutor’s Priorities: investigative techniques, priorities and future DPA use within the SFO.

But before I tell you about my priorities, I want to focus for a moment on what I understand yours to be, namely governance and prevention.  Another priority falls out of that: not to cross paths with me and my team at the SFO (and I mean that, of course, in the nicest possible way).

The way to do that is to never have a problem in the first place.  As I see it, you, as ABC & compliance specialists are trying to get it right and impart your expert knowledge to your clients and the business that you know and which employs you.  The aim of your job being to be confident that you are doing clean business in the environment your organisation is operating in.  Ours is a different role.  We are here to hold business and individuals to account when compliance programmes fail.  Ultimately it will be for the courts to decide whether an economic crime has been committed and whether a company’s compliance programme is adequate enough to form a defence under the Bribery Act.  Since the passing of this act, we, the SFO, have yet to encounter a corporate with sufficient confidence in its compliance programme to persuade us of its adequacy or run a section 7 defence argument in court.  

Just as an aside, we saw last week the argument run for the first time and a jury rejecting a section 7 defence in a CPS prosecution.   I can not comment on the prosecution as I was not a party to the detail of the proceedings.  But, plainly if you are relying on the section 7 defence, corruption has been proved to have taken place which your procedures failed to prevent.  The case is perhaps a salient reminder to corporates to ensure their compliance procedures are sufficiency robust and the high bar that will need to be reached for a section 7 defence to succeed.  The starting point is about having bespoke compliance procedures in place, but it is more about the substance of the procedures and about them actually working in the first place.

It is well known that our current DSFO, David Green, has stated we do not give advice on what a good compliance programme looks like, or provide official guidance on adequate procedures.   We are a prosecution agency, not a regulator, and that’s not our job.  And of course, what is applicable to your business is dependent on the type of business we are talking about and so it would be pretty artificial for me to stand here and lecture you on what are adequate, or reasonable compliance procedures for your particular organisation. 

However, in my view, the absence of official guidance from the SFO on a major case dealing with adequate procedures does not mean there is a vacuum of information available to you.  You will be aware of the Secretary of State’s guidance published pursuant to section 9 of the Bribery Act and other sources of information such as the OECD’s helpful case studies.  Furthermore, the compliance-related comments contained in the Rolls Royce and Standard Bank DPA documents, whilst obviously being fact specific, could be a useful source of information from a compliance perspective, as to where issues arose, suggestions for enhancements and what is needed for remediation.  

They warrant careful study and I’m sure you would do a forensic job of extracting some useful pointers.  I’ll leave you to do that, but there are some points which stand out for me, for example the interaction between and impact of the compliance team on the business unit, a top level commitment from the Board for proper governance and organisation of compliance and this effort being properly resourced, and, crucially a bedding in of a compliance culture.  For example, the Statement of Facts for Standard Bank sets out the failings which led to the firm not considering or identifying the corruption risks, resulting in these risks not being adequately considered.  In the Rolls Royce documents we see the steps taken to enhance its ethics and compliance personnel in key positions of seniority, as well as additional compliance officers being appointed who were sufficiently empowered and whose reporting lines were independent of the business divisions, as well as the appointment of local ethics advisers in areas and jurisdictions of high risk to the business.

This body of information may become an increasingly useful source for compliance teams and their advisers as more SFO DPAs are entered into.  There are other new sources emerging too, relevant specifically to businesses with global operations, as more jurisdictions enhance their enforcement of bribery and corruption and financial crime.  I see, for example, in the programme later this afternoon there is a discussion about France’s landmark new anti-corruption law known as Sapin II which came into effect last June and the measures to be implemented to comply with the new compliance duty.

I think that although law enforcement agencies do not approach compliance programmes in exactly the same way, there will be similarities in what we are looking for.  Just as the laws across the jurisdictions are designed to help prevent similar behaviours globally, you will be able to construct a compliance programme with common characteristics across your businesses’ footprint, which does this too.

The point of having such a compliance programme is so that globally you never have a problem in the first place.  Those are the reasons for doing it, the prevention piece, now I want to talk about what happens if things go wrong: where we, the SFO, get involved.

So, priorities – we have a single clear goal to investigate and if appropriate prosecute top end financial crime firmly and fairly.  I think it’s worth remembering here that, unlike a regulator, we as a prosecution authority do not have a mandate to clean up an industry or a jurisdiction or focus our efforts on issues such as market stability or standards.  We follow the evidence and will prosecute without fear or favour, wherever that evidence leads us. We do not focus our sights on a particular sector.  However, looking at our casework, you could identify clusters of work focused around certain industries, for example, and by no means limited to, the Financial Services Industry and recently early pension release (“pension liberation”) schemes, extractives industry, Aerospace and Defence cases.  This will, I expect, continue.  We have seen a lot of enforcement activity in your space, for example the Libor manipulation trials, which will soon be followed by the Euribor trial next month.  We have also brought charges against Barclays Bank plc, Barclays plc and former senior executives employed by the Bank in relation to conspiracy to commit fraud and the provision of unlawful financial assistance connected to a US $3billion loan. Those examples arise out of the financial crisis.  Some say that conduct can be dealt with in a regulatory type environment.  We disagree.  The criminal law applies to the City as much as anywhere else and we work closely with the FCA in enforcing it.  As a specialist merged investigation and prosecution agency who can handle this type of casework, we have developed a real knowledge and level of understanding of how your industry works, so if we identify evidence of further misconduct we will follow it, as we must.  It is not a question of a few examples in one industry and then moving our attention on to another.

This leads me onto investigative techniques.  We are always looking to adapt and improve our techniques to achieve better value for money and conduct more efficient, effective independent investigations. 

As I said, what we are doing is developing out understanding of how an industry works.  Through our case knowledge and intelligence development and sharing we are able to join up the dots, to create the full picture of what is going on.  For example, if in a particular industry, we see the use of the same corrupt agent, or corrupt foreign official in a jurisdiction, the key decision-maker on significant deals or contracts and we see those same individuals being used by a number of corporates in the same industry, we will be interested.  As a result, in terms of our work we sometimes see one investigation spawn into another, a bit like those bad gremlins in the 1980s Gremlins film.  We are capitalising on that knowledge by sharing that sector learning across the office and have set up Industry Focus Groups so we can share and develop our know-how.  You won’t be surprised to learn there is a Financial Services industry focus group amongst others.

In terms of use of technology, a particular example of where we have seen effective private/ public partnership at the SFO is in the development of a bespoke artificial intelligence tool (or robot) with an IT specialist, to assist with privilege review.  So in the Rolls Royce case, as part of its co-operation with us, the company consented to us applying this artificial intelligence, without filtering the material themselves for privilege.  The robot determined documents from a vast unfiltered pool to screen the most relevant privilege documents from the case team and make them available to independent counsel for review.  To give you an example of the idea of scale, the robot was able to review 5.04 million documents in one month and out of that identified 2.35 million documents which were not privileged which could be immediately released to the case team to review.  Ordinarily reviewing this amount of material would take just under 2 years to complete. As a result the review exercise was far quicker and significantly cheaper as well as more accurate, than it would otherwise have been.   Whilst the use of this kind of technology has of course been judicially approved in commercial cases in this jurisdiction, including in a case in which one of the parties objected to its use, this was the first time it had ever been used in any kind of criminal process in the UK.  We fully expect to consider the use of this technology in our investigations in the future for the determination of privilege and also see this extended to its use in determining relevance. 

Then there is the well-established trend of co-operation between authorities here and abroad will continue. In the UK, we have our reliable and effective liaison channels with our law enforcement and regulatory colleagues. Overseas, we continue to work closely with partners in Europe, in the Americas, Australasia and beyond. The trans-border nature of financial crime means that our links will only strengthen, not just in the area of operational co-operation, but also in the exchange of ideas, such as DPA regimes and how they are suitably adapted into other jurisdictions.  As I said there is more activity from other jurisdictions so the enforcement landscape is evolving and we expect to see that trend continue.  We are supporting that work and are deeply familiar with it, sharing our practical experience and the lessons we have learned since the drafting of the DPA Code with those who’ve asked us to. Those jurisdictions with whom we have exchanged ideas, who have, or are looking to create DPA-esque regimes and pass legislation to enable this, interestingly, appear to be looking to emulate the UK model, for example with the UK approach to judicial oversight of a resolution and compensation to be paid to victims where possible.

Looking then to the future use of DPAs within the SFO.  We are open for business, but clearly a DPA will not be appropriate in every case and the alternative will not be nothing; it will be, where there is evidence of criminal conduct, a prosecution.  This is an important contrast that I think a lot of people misjudge when they consider their risk.  DPAs provide us with a relatively new option for disposing of cases involving co-operative corporates where we judge that the evidential sufficiency test was, or could within a reasonable period of time be, met.  Our over-riding objective, as serial users of the tool, is to use the scheme in an objectively justifiable way in the eyes of the court.  It is not about achieving a particular penalty figure or result and so with that in mind we will consider The Code of Practice and assess whether the Defendant company has self-reported, remediated and how it cooperates with us and whether that is sufficient for us to go before a judge to argue that the circumstances warrant a DPA and displace the default position of a prosecution.  Every DPA judgment explains why the Court agreed a DPA was in the interests of justice in that particular case.  None of our applications for a DPA have been turned down by the Courts and we would aim to keep it that way.

Cooperation has been a much-covered topic, but it might be worth summarising briefly where we are on that.  Cooperation covers:

    1. Timing of the first contact.  We will not be offering DPAs in cases of a late conversion to the joys of co-operating; DPAs are a reward for openness – the sooner you come in, self report and the more you are open with us, the more you have to be rewarded for.  
    2. Internal investigation. 
      • What work has already been done to investigate and what access to that are you willing to provide to us? For example, interviews recordings or interview notes of employees or other people you have spoken to. We want those, so what is the company’s strategy on how they capture them and solutions to possible challenges to sharing them.  Irrespective of the way the information about witness accounts is passed to us, the key point is that we need to be able to feel confident that we are getting all the information we need in order to be able to meet our statutory duties as investigators and prosecutors.
      • How has it handled the evidence? The data needs to be identified, collected, preserved and analysed in a way that does not tip off potential suspects into deleting data and protects its integrity and continuity. These are familiar concepts in the world of criminal enforcement and apply just as much to corporate conduct as other crime.  We need to understand the methodology, what’s been captured and from where, the use of search terms and be provided with the metadata.  Appreciate it’s likely to be dynamic and not a complete set when you speak to us, so update us as you go along because what we can’t accept is the internal investigation output alone from some hot documents.  We won’t resolve with you on that basis, we need do our own independent work and test the companies’ work.
      • How thorough was the investigation? For our part, we need to be clear that the internal investigation has been complete and that it goes as high up the corporate food chain as possible. Co-operation helps us do that.
      • What’s the approach going forward? We expect to discuss the scope of the investigation, to be notified of conduct which you uncover and what you ought to bring to our attention even if we don’t ask, the sequencing of interviews and media contact.

Co-operation is not in itself enough to get a DPA. The company must reform itself too, including removing senior staff who were responsible for, or turned a blind eye to the criminality.  DPAs are not intended for corporates we judge are likely to re-offend.

So, satisfactory c-ooperation is something we assess in the round. That said, a failure to co-operate will negate this option. To be clear, the co-operation we want is with our investigation into the suspected offence, not the company. This means that, at the end of the process, the company will have helped us move that investigation forward and, in so doing, made it easier for us to investigate and, if appropriate, prosecute other suspects, such as individuals. To adopt the President of the Queen’s Bench Divisions, Sir Brian Leveson’s words, “a DPA is a reward for openness”.

It’s been made plain in many of the speeches of my SFO colleagues that companies have a choice: co-operate or don’t.  Both are valid choices, which we will happily deal with, but don’t be tempted to go down the “impression of co-operation” route, as we will see through that.  We have recently made good that assertion where a company was saying and doing different things.  So if you want a resolution then that approach won’t work.   Let’s just pause and unpack that a little.  The approach to DPA requires a different mindset, a change of “gear”.  Your criminal lawyer advisers might find that difficult because of their schooling in an adversarial system.  Your civil lawyer advisers maybe tempted to treat it like litigation via correspondence.  You – companies and banks –  need to decide what is your objective overall, and which strategy best serves your long-term commercial interests.  It’s a balance of detail, careful legal analysis against the bigger picture of the commercial risks of uncertainty, reputation, consequences of a conviction, where taking an approach involving recognising wrongdoing and demonstrating a commitment to the future and doing business differently, can go a long way to repair and enhance your reputation, and ultimately your business.

So the message I have, is, we are people you can talk to, build up a relationship of trust, if that’s what you really want.  We’re ready to do that.  But we’re also ready to prosecute if that’s the strategy you choose.

And what of the future of the SFO?  Well, we are busy – we have no shortage of work in the pipeline.  That work comes from a variety of sources, including increasingly, from you, the responsible private sector, either in the form of a corporate who has come to us acting on a self report but also from intelligence sharing initiatives, SARS regime as well as JIMLIT of which we are part, where industry can and does voluntarily share information with us and the National Crime Agency who lead on it, as well as work we have generated ourselves, through the use of whistleblowers and other forms of intelligence, foreign and domestic.  I think what we will see in the future is ever-increasing coordination, sharing of intelligence and evidence as the impact of the Government’s economic crime reforms is felt.  And there is no reason to think that the volume of work will change and so quite simply we have a job to do.

To assist us with that job, we also have squarely in our sights the use of the new tools that we have been given.  I am sure you are intimately familiar with the new offence of Failure to Prevent Overseas Tax Evasion as you will have been analysing your tax risk assessments, but I will briefly touch on this.  HMRC will be primarily responsible for policing the domestic tax offence.  Due to the SFO’s expertise in combating international corporate crime, the SFO will be one of the agencies investigating and prosecuting the overseas offence, where it crosses into serious and complex offending.  We anticipate working very closely with HMRC on this work and we see no reason not to take on a stand alone tax matter without the need to piggy back on a fraud or other offence, where the “dual criminality” requirement is met and our take on criteria in terms of seriousness and complexity are also met.  For example, where an adviser based overseas has failed to pay taxes in relation to commission payments, received in order to facilitate bribes being paid for the benefit of a UK- based corporate.  The new offence falls within the DPA jurisdiction and the considerations I have just talked about apply.  In addition, we have the Unexplained Wealth Orders, which are a new investigative tool, which we welcome, as it will make it harder to hide the proceeds of crime.  It puts the onus on the corrupt, on those engaged in serious crime, and on their associates to justify and explain their ownership of assets where it is difficult to see how they could have been legitimately acquired.  We have combed through our casework as we regularly do and are confident we will make use of the power at the right time with the right case.

Finally this, it’s been an interesting last few months for the SFO, but our status has been confirmed as an independent office and we are at the point of renewal, as we look forward to the imminent appointment of a new Director.  The direction of the office will be determined by the Director, but those of us on the senior management team of the SFO are conscious of the need for continuity and certainty, and I for one, since being in post, have felt a sense of real purpose and progression to our work.  The SFO has set down strong roots under David Green.  With the Spring, finally upon us, now is the time for those roots to take hold and grow under the stewardship of his successor.