24 min read
SFO Reports: Impetus For Change
Two independent reports, commissioned to review two separate failed prosecutions undertaken by the Serious Fraud Office (SFO), were released in late July (at a combined cost of nearly £450,000). The first of these reviews related to the Unaoil investigation and prosecution in R v Akle & Anor [2021] EWCA Crim 1879. The second review related to the collapsed prosecution of two former Serco executives. In the light of these reports, and the issues identified, there have been calls from Director Lisa Osofsky for reforms to the rules around disclosure in order to make the regime fit for purpose in the modern digital age.
Unaoil investigation – Sir David Calvert Smith review & report
The SFO’s investigation into oil-services consultancy Unaoil was opened in 2016, in connection with suspected offences of bribery, corruption, and money laundering. In November 2017, the SFO charged four individuals with conspiracy and corruption offences to secure the award of contracts in Iraq to Unaoil’s clients. Basil Al Jarah, Unaoil’s Iraq partner, pleaded guilty in July 2019, and the others—Ziad Akle, Unaoil’s territory manager for Iraq; Stephen Whiteley, former Unaoil manager in Iraq; and Paul Bond, a former executive with SBM Offshore—were later convicted: Akle and Whiteley in June 2020, and Bond in February 2021.
Akle was the first to appeal, arguing that the SFO failed to comply with its disclosure obligations, particularly in relation to Osofsky’s interactions with US-based “fixer” David Tinsley, and Tinsley’s potential role in securing the guilty plea of Al Jarah, on which the SFO relied to prove Akle’s conspiracy charge. Tinsley, a former agent of the US Drug Enforcement Agency who had opened an investigative agency, had been hired by members of the Ahsani family, who owned and managed Unaoil and were also under investigation by the SFO. On her fourth day in office as Director, a Federal Bureau of Investigation (FBI) agent known to Osofsky recommended that she meet with Tinsley, which she did on two occasions. She did not keep a note of these meetings, and also exchanged calls and texts with him on her personal mobile phone. Tinsley, who was also endorsed by other members of the FBI and US Department of Justice (DOJ) and who was introduced by Osofsky to the SFO’s Unaoil case team, ultimately offered the guilty pleas of Al Jarah and Akle (without their legal advisors present), in exchange for the SFO dropping its investigation into the Ahsanis.
Akle’s conviction was overturned by the Court of Appeal (Criminal Division) in December 2021 on the basis that it was unsafe. The Court was critical of Osofsky’s behaviour as well as of the SFO’s disclosure failings. Bond and Whiteley have subsequently successfully appealed their verdicts.
The Attorney General’s Office commissioned an independent review of the SFO’s handling of the Unaoil case, which was carried out by former Director of Public Prosecutions and High Court judge Sir David Calvert-Smith between February and June 2022. The recommendations of Sir David’s report include that: there should never be “interregnum periods” between the departure of one Director and the arrival of the next (the same goes for the General Counsel); any gaps in the new Director’s career experience or knowledge should be filled by superintending ministers and the Attorney General’s Office; and the SFO must develop a clear route to raise concerns about cases (although not explicitly stated, this sounds similar to creating a whistleblowing protocol).
Sir David’s comments as to there being no interregnum periods are particularly interesting where the current Director of the SFO was appointed in August 2018 for a period of five years, and has now served just over four of those. Presumably, if the recommendation in Sir David’s review for no interregnum period is followed, recruitment for her successor will need to commence swiftly.
Serco executives – Brian Altman KC and Rebecca Chalkley review & report
In July 2019, the SFO agreed a Deferred Prosecution Agreement with Serco Geografix Ltd. Serco took responsibility for three offences of fraud and two offences for false accounting arising from a scheme to dishonestly mislead the Ministry of Justice regarding the extent of profits it (and its parent company) made from a contract for the provision of electronic monitoring services.
In December 2019, the SFO charged two individuals — Nicholas Woods, former Finance Director of Serco Home Affairs, and Simon Marshall, former Operations Director of Field Services within Serco — with fraud in relation to the offences Serco had taken responsibility for. The trial started on 29 March 2021 but within weeks significant disclosure problems were discovered. The trial judge refused the SFO’s application to adjourn the case to review and remedy the disclosure process on the grounds of: 1) the age of the case (the alleged fraud was committed between 2011 and 2013); 2) the stage that had been reached; and 3) the nature of the prosecution case. As a result the SFO offered no evidence against the defendants and the jury were directed to return verdicts of not guilty. Osofsky commissioned Brian Altman KC and Rebecca Chalkley to examine the circumstances, facts, and matters which caused or contributed to the disclosure failures the case.
The report found that the disclosure failings arose with the initial failure of three separate reviewers to pick up a key document (and, on further examination, other relevant documents), which ultimately undermined the Case Controller’s confidence in the safety of the disclosure exercise. The report focusses entirely on the disclosure process and related shortcomings, which include failings relating to the ability of reviewers to identify key documents, or understand what the key themes of the case were. The report also mentions that the Disclosure Officer may have been too inexperienced for the role. Additional problems identified included: low staff morale; insufficient staffing and resources (including a large turnover of staff); insufficient use of the SFO’s Quality Assurance reviews; and the volume of documents to review and the time pressures placed on them to review the materials.
The review makes eighteen recommendations. Though it is acknowledged these will not be a “silver bullet” to prevent future problems, the recommendations should go some distance to mitigate risks.
Final thoughts
The reports give a rare insight into the black box-like operations of the SFO, including how its investigations are managed and overseen, how its disclosure reviews are conducted and managed, how external counsel and other third party legal advisors are engaged, and how conflict is managed. The reviews also discuss known issues — most importantly, relating to resource and staffing at the organisation. Sir David’s report into the Unaoil investigation also details a case where attempts to leverage a guilty plea in support of further convictions has backfired. In light of comments from the Director in recent years about increasing reliance on co-operating offenders, it remains to be seen whether the SFO’s experiences in respect of Basil Al Jarah (albeit in a slightly different context) might encourage them to act with greater caution in pursuing such lines in the future.
It is also notable, in light of the disclosure failings identified in these reports, that the Director used her recent (5 September 2022) speech at the Cambridge Symposium on Economic Crime to stress that “one of the biggest challenges right now is disclosure” and to raise questions as to the appropriateness of the existing disclosure framework for the modern digital age. Whilst it is unlikely that there will be any imminent change to the existing regime, the prospect of an amended disclosure framework could have significant implications for the process of data collection and processing, as well as the overall length of SFO investigations.
A final point of interest is, where do these reviews leave the SFO’s live investigations? Companies and individuals have very different motivations and appetites for cooperating — or not — with the SFO. It may be that a company’s analysis of whether to cooperate takes no consideration of the SFO’s historic disclosure weaknesses. Particularly if, as one might guess, these reports will be leveraged to increase funding. If that is the case, then perhaps large mistakes like those seen in these cases will be fewer and farther in between.
Recent news
SFO Update: Annual Report published; Conviction secured in £100 million litigation finance fund fraud
The SFO has released its 2021-2022 Annual Report, highlighting a number of successes for the agency. In total, 43 new cases were opened in the 12 months prior to publication, with a current active caseload of 130, while three Deferred Prosecution Agreements were entered into. The period has also seen a significant increase in the number of confiscation orders, as well as a six-fold increase in the amount of money confiscated from criminals compared to the previous year (from £7 million to £45 million). Victim compensation has, however, fallen from £200,000 to £136,000. The Annual Report also details the SFO’s successful prosecution of Petrofac Limited for breach of section 7 of the Bribery Act 2010 (UKBA), which resulted in Petrofac being ordered to pay a total of £76 million in fines and costs, representing the largest corporate conviction to date under the UKBA. Alongside these successes, the Annual Report addresses the Calvert-Smith and Altman reviews, stating that implementing their recommendations will be a “pressing priority” for its 2022-2025 strategy. Such future goals for the SFO will also include reducing the average and median length of cases to three years and delivering a 60% defendant conviction rate.
A defendant in a fraud trial over the collapsed Axiom Legal Financing Fund in the Cayman Islands has been sentenced to 14 years’ imprisonment. Timothy Schools, investment manager of the fund, was convicted on 10 August 2022 for fraudulent trading, fraud and money laundering. Schools set up Axiom in 2009 with the mission to provide loans to law firms pursuing “no-win-no-fee” cases, and built a fund of approximately £100 million from 500 investors. The fund was suspended in 2012 before Schools was struck off in 2014, having been found to have siphoned £19.6 million from the fund for his personal lifestyle. Read more on the SFO’s website.
FCA Update: Annual Report published; enforcement case lengths grow; Sir Christopher Gent fined for disclosing insider information; £2 million cum-ex trading penalty announced; Citigroup fined over failing to properly implement EU MAR trade surveillance requirements; no enforcement action to be taken against HBOS
On 19 July 2022, the FCA published its 2021-2022 Annual Report. Interim chair Richard Lloyd highlighted the authority’s prosecution of NatWest for money laundering failures, which resulted in fines in excess of £264 million and was the first successful prosecution under the money laundering regulation offences. Overall, the authority imposed penalties of £313 million in the 12 months prior to the Annual Report’s publication, while over 70 investigations into insider dealing remain active. However, although the FCA received and assessed 1,041 whistleblower reports in the period, only three have resulted in any significant action. The Annual Report also addressed the recommendations of two independent reviews – the Gloster Report and the Parker Report – with the FCA’s Executive, Audit and Risk Committees charged with overseeing the implementation of those recommendations. The Annual Report suggests that, in future, the FCA is likely to see increased activity in investigations into market conduct, ESG disclosure, pensions advice and companies’ financial crime systems.
Enforcement statistics published by the FCA show that its investigations now take an average of 34 months to conclude, a 10-month increase over the average duration in the previous financial year and continuing a four-year upward trend. Civil cases lasted an average of 36 months, with an average of 33 and 30 months for regulatory and criminal cases respectively. Practitioners have stated that the issue may have resulted from a staff reduction combined with an increase in the number of investigations, with the FCA opening 194 cases in the 2021 financial year compared with 125 in 2020.
On 5 August 2022, the FCA published the final notice issued to Sir Christopher Gent, former non-executive Chairman of ConvaTec Group Plc (ConvaTec), for unlawfully disclosing inside information to senior individuals at two of ConvaTec’s major shareholders in October 2018. Sir Christopher was fined £80,000 under section 123 of the Financial Services and Markets Act 2000 for breaching Article 14(c) of the EU Market Abuse Regulation (Regulation 596/2014) (EU MAR). While the FCA held that Sir Christopher had failed to properly consider what information could be disclosed, or sought formal advice on the lawfulness of the disclosure, it found no evidence that he had traded on the information or intended to either make personal gain or avoid loss from making the disclosures. Read more in the FCA press release.
On 15 July 2022, the FCA announced that it has fined The TJM Partnership Limited (TJM), now in liquidation, £2,038,700 for failing to ensure it had effective systems and controls to identify and reduce the risk of financial crime and money laundering. The FCA accused TJM of carrying out £79 billion in trades for companies connected to Solo Group, a now-defunct investment vehicle founded by a British trader who has since been charged in Germany and Denmark with cum-ex trading (i.e. where multiple tax credits are claimed on share dividends). The FCA concluded that TJM should never have executed the Solo Group-linked trades as the circular nature of the transactions suggested they were part of a cum-ex trading scheme. This is the third case brought by the FCA in relation to cum-ex trading and represents the largest fine to date. According to the penalty notice, the FCA reduced the penalty by 30% after the brokerage, which went into administration in January 2022, agreed to a settlement.
The FCA has published the final notice issued to Citigroup Global Markets Ltd (CGM), fining it £12,553,800 for failing to properly implement the trade surveillance requirements under Article 16(2) of EU MAR relating to the detection of market abuse. The FCA also found that CGM was in breach of Principle 2 of the FCA's Principles for Businesses for failing to conduct its business with due skill, care and diligence in relation to its implementation of Article 16(2). Specifically, the FCA found that CGM had taken 18 months to identify and assess the specific market abuse risks facing its business. This failure had resulted in CGM having significant gaps in its arrangements, systems and procedures for additional trade surveillance, and meant that it could not effectively monitor its trading activities for certain types of insider dealing and market manipulation. In a related press release, Mark Steward, FCA Executive Director of Enforcement and Market Oversight, commented that “the framework for market integrity depends on the partnership between the FCA and market participants using data to detect suspicious trading”. CGM had impacted market integrity and the overall detection of market abuse by failing to fully implement the new provisions.
The Financial Conduct Authority and the Prudential Regulation Authority closed their investigation into HBOS, stating on 26 August that “no enforcement action should be taken” against its former senior managers for their performance in the years before the bank’s failure in 2008.
The investigation by the FCA and PRA commenced in early 2016 after a review led by Andrew Green QC criticised the previous regulatory response, by the Financial Services Authority, as inadequate and concluded it was in the public interest that action against former bosses be reconsidered. The FSA, the sole financial regulator of HBOS at the time, commenced enforcement investigations in 2009 which resulted in enforcement action in 2012 against the Bank of Scotland Plc and the Chief Executive Officer of HBOS’ Corporate Division, Peter Cummings.
Sanctions update: OFSI issues guidance on reporting breaches; CJEU rules RT France cannot escape sanctions; new Russian sanction rules brought in; EU confirms arbitration carve-out in sanctions regime
On 27 July 2022, the Grand Chamber of the European Court of Justice (CJEU) dismissed an appeal by RT France to escape sanctions relating to Russia’s invasion of Ukraine. On 1 March 2022, the Council of the European Union had adopted measures to prohibit the broadcasting of certain media outlets, including RT France, in the EU on account of Russia’s continued propaganda campaign to attempt to justify its aggression. RT France subsequently alleged infringement of its rights of defence, freedom of expression, right to conduct a business and non-discrimination on the basis of nationality and also challenged the competence of the Council to make such a decision. The CJEU held that both national regulators and the Council were competent to adopt restrictions on communication measures and that there were advantages to doing so at EU rather than national level. CJEU found that there was no need to grant RT France a right to be heard on account of the urgent need to implement measures to suspend Russian propaganda, while the limitation on freedom of expression was similarly legitimate and proportionate.
The Russia (Sanctions) (EU Exit) (Amendment) (No. 12) Regulations 2022, which prohibit a number of investment and acquisition activities related to Russia, came into force on 19 July 2022. OFSI has issued a general licence which allows for a seven day wind down period for firms involved in undertakings that would fall foul of these new regulations. The regulations also extend the definition of “relevant firms” that have financial sanctions reporting obligations in the UK to capture crypto-asset exchange and custodian wallet providers. Companies falling within the scope of this expanded definition will now be obliged to notify OFSI as soon as practicable when they know or suspect that a breach of financial sanctions has occurred, a person is a designated person or they hold frozen assets.
In a package of measures adopted by the Council of the European Union on 21 July 2022, the EU has clarified that transactions with Russian state-owned entities are exempt from sanctions where they are necessary to “ensure access to judicial, administrative or arbitral proceedings in a member state, as well as for the recognition or enforcement of a judgment or an arbitration award rendered in a member state”. This provides an additional exemption to Article 5aa, Regulation 833/2014, as amended in March this year, which prohibits transactions with certain “publicly controlled or owned” Russian entities including Gazprom and Rosneft.
ICO Update: ICO and NCSC advise against paying ransomware demands in joint letter
The Information Commissioners Office (ICO) and National Cyber Security Centre (NCSC) have written to the Law Society and Bar Council instructing members of the legal profession to advise clients not to pay ransoms in the event of a cyber-attack. The ICO has clarified that payments to cyber-criminals are not considered to mitigate the risk of harm to individuals involved in a data breach and this will therefore not reduce any penalties incurred through ICO enforcement action. However, risk mitigation will be recognised by the ICO in certain circumstances, including where organisations have raised the incident with the NCSC as appropriate or where they can demonstrate compliance with appropriate NCSC guidance and support.
NCA Update: Annual Report published
On 19 July 2022, the NCA published its 2021-2022 Annual Report. The Annual Report found that it had been a challenging year for the NCA as a result of the continued effects of the COVID-19 pandemic, as well as the conflict in Ukraine. The agency also announced that it has secured £810 million for the 2022-2023 financial year from the Spending Review, an increase of approximately 14%, and which includes new funding to support the establishment of the Combatting Kleptocracy Cell.
Economic Crime Act Update: UK launches property register to curb flow of £100bn ‘dirty money’; conflicting interpretations of verification regulations for registration of overseas entities
On 1 August 2022, the Economic Crime (Transparency and Enforcement) Act 2022 (Commencement No. 3) Regulations 2022 were published, bringing into force most of the provisions of Part 1 of the Economic Crime (Transparency and Enforcement) Act 2022 (ECTEA) relating to the registration of overseas entities. The regime is intended to improve transparency of ownership of property in the UK by requiring overseas entities which hold or deal with UK property to disclose their beneficial owners (who are now required to register at Companies House). Failure to comply with the ECTEA will constitute a criminal offence and may give rise to Proceeds of Crime Act 2002 notification obligations.
The Department for Business, Energy & Industrial Strategy (BEIS) has published guidance for the registration of overseas entities on the UK register, covering various maters including the identification of beneficial owners, verification of information, exemptions and sanctions for non-compliance. Law Society Guidance, published on 29 July 2022, had previously urged solicitors to exercise caution with the new disclosure requirements, stating that while the published BEIS guidance will be “helpful”, “following the BEIS guidance on its own does not guarantee compliance with the law” and that “we have expressed significant concerns to BEIS as to the expectations which may be placed on members to verify the accuracy of information placed onto the [register of entities]”. In response, BEIS has stated that “reasonable judgment and scepticism” would be sufficient for verification. Read more on our website.
Backtrack on UK’s Economic Crime Bill cited in anti-corruption group’s rebuke
A last-minute backtrack on a key element of the recently enacted Economic Crime Bill has been cited by an international anti-corruption group, in its criticism of the UK over its failure to adhere to transparency standards. The Open Government Partnership, a multi-stakeholder initiative focused on improving government transparency, said that the UK, a founding member, risked being demoted to “inactive status”. The UK had removed or watered down many of its commitments under that partnership at the last minute and without consultation, a recent review found, citing as example the removal of a “key activity” around the Economic Crime Bill.
FRC Update: Annual Review shows record cases and penalties issued; KPMG fined £14.4 million over Carillion and Regenersis audits; Grant Thornton fined for “serious failings” in Sports Direct audits; overhaul of UK corporate governance code
The Financial Reporting Council (FRC) has published its fourth Annual Enforcement Review. The Review reveals that a record 14 cases were resolved in the last year, with record financial sanctions of £46.5 million (reduced to £34.6 million after settlement discounts). This represents an increase of £16.7 million compared to the 2020-2021 period. The high sanctions reflect the seriousness of the cases concluded as well as the FRC’s improved ability to handle complex cases following a significant increase in headcount. There has similarly been a growing use of increasingly sophisticated non-financial sanctions, with 62 instances in the period compared to 28 in the previous year. However, the Review notes that these “should not be seen as a replacement for financial sanctions, which continue to play an important role, both to mark the seriousness of the failures in question and in acting as a potentially powerful deterrent”. Read more on the FRC’s website.
Following an investigation undertaken pursuant to the Accountancy Scheme, the FRC has announced sanctions against KPMG LLP (KPMG), a former partner and four former employees. The investigation related to the provision of false and misleading information and documents to the FRC in connection with the FRC’s Audit Quality Reviews of two financial statement audits carried out by KPMG for Regenersis plc and Carillion plc. KPMG has received a fine of £20 million (reduced to £14.4 million to reflect its co-operation with the investigation), and was also ordered to appoint an independent reviewer to consider the effectiveness of its current policies and procedures in supporting high quality engagement with the Audit Quality Review inspectors. KPMG has further agreed to pay £3.95 million towards the costs. Read more on the FRC’s website.
On 18 July 2022, the FRC announced that Grant Thornton has been ordered to pay a £1.3 million penalty over “serious failings” in its auditing of retailer Sports Direct. The findings related to Grant Thornton’s audit of the sports goods chain, now called Frasers Group, for the 2015-16 and 2017-18 financial years, as well as the work of Philip Westerman as the partner responsible for the audits. The FRC found that both Grant Thornton and Westerman had failed to establish that Barlin Delivery, a group involved in many of Sports Direct’s transactions, was a related party.
On 12 July 2022, the FRC announced that it has published a Position Paper setting out recommendations made by the government earlier this year to reform corporate governance. These recommendations include reinforcing auditing and accounting standards, revising the existing corporate governance code and developing associated guidance. The overhaul of the corporate governance code – the first in four years – will establish new rules to increase Board responsibility for fraud and company finances, strengthen accountability for bad behaviour and provide a stronger framework for reporting on internal controls. Certain changes will require the introduction of primary legislation (with the government having indicated that a draft bill may be published in the next parliamentary session), while others will be addressed through secondary legislation and changes to existing regulatory measures by the FRC.
UK-US bilateral data access agreement coming into force
The Home Office has announced that the Access to Electronic Data for the Purpose of Countering Serious Crime Agreement (the Data Access Agreement) will come into force on 3 October 2022. The Data Access Agreement is an agreement between the US and UK enabling law enforcement agencies of both countries to access electronic data held by tech companies via the processes provided in the Crime Overseas Production Orders Act 2019 rather than, as now, through the process of mutual legal assistance.
HM Government launch Public Sector Fraud Authority
On 3 August 2022, the government launched the Public Sector Fraud Authority (PSFA), with a remit to tackle fraud committed against the public purse. The PSFA will be made up of counter-fraud and data experts, supported by a cross-sector Advisory Panel to provide expert advice, with a permanent chair to be announced in September. The PSFA will launch with a target of working with departments and public bodies to detect and prevent £180 million of fraud for the first 12 months. The PSFA has been granted £25 million of funding and will work with departments and public bodies to test fraud defences and put safeguards in place. Such safeguards will include regularly briefing Cabinet Ministers on the fraud landscape, providing expert support regarding fraud risks, building a new National Counter Fraud Data Analytics Service and enhancing the use of fraud intelligence across the public sector to combat specific threats.