In recent years, the English courts have seen a number of claims by sovereign states against former public figures alleging bribery, corruption and other crimes. Although the facts of these disputes usually have little to do with England or English law, proceedings in England are popular both to take advantage of our respected legal system and available remedies to recover assets here.

The defendant often claims to be innocent and a victim of state persecution. However, it takes time and money to prove this. In the meantime, he can be put under huge pressure with an English worldwide freezing order. He has to disclose information about his assets or be sanctioned. It enables the state claimant to “police” his spending.

Under this pressure, the defendant sometimes buckles – even if there is merit in his defences. He capitulates or runs away so his case never gets to trial. Either way, he loses.

The Boreh case is a striking example of what a state can do when it wants to “get” somebody, the role political motivation plays in cases of this nature and the perils of lawyers furthering an improper agenda. For genuine victims of state vendettas, it highlights the importance of staying the course and good preparation.

The Boreh proceedings

Djibouti sued Mr Boreh in England in 2012 for bribery, corruption and abuse of public office seeking damages in excess of US$125m. A wealthy businessman by background, Mr Boreh was appointed Chairman of the Djibouti Ports and Free Zones Authority in 2003. Djibouti argued that although unpaid, Djibouti law required Mr Boreh to give up his business interests and devote himself exclusively to state affairs. Instead, it alleged, he continued his business activities and obtained vast sums through bribery and corruption involving Dubai state-owned companies which managed and developed Djibouti’s port facilities.

This was one of several actions taken by Djibouti against Mr Boreh after he fell out with the President in late 2008 and went into exile. Mr Boreh’s assets in Djibouti were seized. He was convicted in absentia for fraud, embezzlement, tax evasion and, most seriously, terrorism.

Djibouti used its position as a sovereign state to seek assistance from international governmental agencies to obtain information as to Mr Boreh’s assets, block his use of them and try to extradite him to Djibouti. This included the Swiss and UAE authorities, the French courts, Interpol, the US Department of Justice, Homeland Security and the FBI.

Djibouti retained a large legal team led by Gibson Dunn partner Peter Gray and Khawar Qureshi QC. Kroll investigators were also retained as was Al-Tamimi law firm of Dubai. A media campaign was mounted to publicise Mr Boreh’s alleged misdeeds.

Unsurprisingly, these initiatives had a massive effect on public and initial judicial perception of Mr Boreh. As Dominic Kendrick QC (for Mr Boreh) later told the Court:

“Before this case, I had never challenged the proposition which you often hear – that fraud is the most serious charge you can lay against a commercial man. Well, it’s not, I now learn. Terrorism is. It makes it impossible for that person to do business”.

In mid-2013, Djibouti’s team stepped up their campaign with coordinated attacks in Dubai and England. In Dubai, they applied to extradite Mr Boreh so he was detained there. In England, they applied for a worldwide freezing order, serving over 2,000 pages of documents a few days before the hearing. Detention in Dubai meant that Mr Boreh was handicapped in instructing his lawyers.

Flaux J granted the freezing order based on affidavits sworn by Mr Gray. The evidence produced by Mr Gray included a transcript of “tapped” telephone calls between Mr Boreh and two brothers in Djibouti which, it was claimed, related to a grenade attack on a Djibouti supermarket. Mr Gray also exhibited an alleged confession from one of the men.

Based on this evidence, Flaux J concluded that although he was not judging the case on its merits, Mr Boreh was “arguably engaged in terrorism”. This supported granting the freezing order.

The pressure mounts

Mr Boreh’s future looked bleak. Djibouti publicised Flaux J’s judgment internationally to advance its anti-Boreh agenda. Furthermore, Mr Boreh was detained in Dubai facing extradition and imprisonment in Djibouti – or worse.

At this juncture, a senior Kroll investigator met with Mr Boreh, warning that he had a small window of time to “settle”. He pointed out that Mr Boreh faced extradition and imprisonment in Djibouti; that steps had been taken to shut him out of international financial networks so he could not carry on any business. Kroll said they could make the terrorism conviction go away; that Mr Boreh could stop looking over his shoulder and give his children a fair chance in life – but only if he agreed to pay more than the sums claimed in the English proceedings.

The tide turns

In the meantime, Mr Boreh’s team obtained evidence that the transcript was misdated and the telephone calls could not have been about the grenade attack. The “confession” and terrorism conviction were unsafe.

Mr Boreh’s lawyers repeatedly questioned Gibson Dunn as to how the misdating arose and who knew when they applied for the freezing order. In the face of evasive replies, Mr Boreh’s lawyers applied for affidavit evidence as to whether (and who within) the Djibouti/Gibson Dunn team knew about the misdating. This was granted despite strenuous resistance by Mr Qureshi.

Eventually, Gibson Dunn produced affidavits from Mr Gray and senior Djibouti officials admitting that they had known of the misdating at the relevant time. Mr Gray sought to exculpate himself by saying that he had shared this information with, amongst others, Mr Qureshi and there had been no intention to mislead.

Mr Boreh’s lawyers applied to set aside the freezing order and Mr Gray was cross-examined for three days at a hearing lasting two weeks in which every party including Mr Gray had a separatelarge legal team. Flaux J held that Mr Gray had “deliberately misled the court” – conduct in which Djibouti was complicit.[1] The Judge set aside the freezing order and described Djibouti’s conduct as “reprehensible” and falling “a long way short of the standards of behaviour which the court is entitled to expect of a sovereign state”. The Judge also concluded that there was “unambiguous impropriety” in the nature of the threats made by Kroll.

The fallout

This was a watershed in the case. Mr Gray was dismissed from Gibson Dunn. Mr Qureshi resigned from the case. Lord Falconer QC and Philip Rocher led the Gibson Dunn team for the trial which took place over ten weeks in late 2015. Shortly before, and during the trial, Djibouti abandoned most of its claims against Mr Boreh.

As the President was a key witness for Djibouti, Flaux J emphasised the importance of him attending trial to give evidence. The President declined, but the judge heard from several senior Djibouti officials, as well as Mr Boreh. In March 2016, he delivered a scathing judgment[2] dismissing what remained of Djibouti’s claims, noting:

“Like counsel, I cannot recollect a case in which so many claims (let alone ones involving allegations of dishonesty) have been pursued with such vigour and then abandoned at trial. No proper explanation has been advanced as to why they were pursued and then abandoned. I am left with the distinct impression that the Republic was intent on pursuing a scattergun approach against Mr Boreh of throwing as much mud as it could in the hope that something would stick, even though many of the matters were not ones in respect of which the Republic could have had a legitimate or sustainable claim”.

He rejected much of Djibouti’s witness evidence, noting their “marked reluctance to say anything…which might contradict…the President’s stance”. He accepted Mr Boreh’s evidence, saying: “he was an essentially honest witness who was telling the truth about the issues which really mattered…. The picture which Lord Falconer sought to paint of a thoroughly corrupt businessman simply did not correspond with my assessment of Mr Boreh.”

Djibouti’s application for permission to appeal was refused by the Court of Appeal in June 2016.

A few of the lessons learned

Impact of political motivation

Judges have tended to treat claims of political motivation as irrelevant to the merits. Such was the reaction to Mr Boreh’s plea of political motivation before Field J who described it as “background music”. A claim is to be judged on its merits according to the law.

However, the Boreh case demonstrates that the issue of political motivation is not irrelevant. Mr Justice Flaux examined Djibouti’s conduct and concluded that political motivation was relevant in that it “cast doubt upon the bona fides of the claims…and the conduct of the litigation [and] provides confirmation of the capricious nature of the regime in Djibouti”.

Thus, although the merits of Djibouti’s claims were closely scrutinised by the Judge, the motivation behind them was relevant. Importantly, it also affected a number of consequential matters.

Indemnity costs

Flaux J held that if a claim is motivated by malice, it will be relevant to whether the claimant will be liable to the defendant on the indemnity basis as opposed to the standard basis. Djibouti accepted that Mr Boreh was entitled to his costs on the higher indemnity basis.

Security for costs

An important consideration for any defendant is to get security for his costs so he is not out of pocket if he wins. This is especially so where the claimant is a sovereign state because state immunity issues can prevent enforcement of any costs award.

Initial security for Mr Boreh’s costs was granted on the usual assumption that any award would be made on the standard basis. However, the indemnity costs award meant that Mr Boreh would be left with a significant shortfall if he could not recover the difference from Djibouti. Mr Boreh’s lawyers therefore sought ‘top up’ security for his pre-judgment costs.

There has been controversy about whether the Court has jurisdiction to grant post-judgment security as the judgment normally signals the end of the case. In a consequential hearing, Flaux J held the court did have jurisdiction where there was a relevant change of circumstance. Mr Boreh was able to show this change partly due to the award of indemnity costs which was in turn based on the “reprehensible” conduct of Djibouti and its baseless claims driven by political motivation. Flaux J accepted the submission of Richard Waller QC (for Mr Boreh) that unless the security was topped up, Djibouti was “likely to exploit the practical impossibility of enforcing judgment in Djibouti to avoid paying any further costs.”

Djibouti had no choice but to top up the security as it was seeking permission to appeal.

The lawyers’ role

In the Boreh case, the Court clearly considered that Mr Gray had crossed the line in terms of conduct. Clients want their lawyers to fight their corner hard but what happened in this case is a salutary reminder of certain fundamentals. Mr Gray’s appeal against the finding of dishonesty remains extant and he is now in litigation with his former employers.

For lawyers advising a genuine victim of political persecution, it is can be challenging to  maintain morale under the weight of freezing orders, negative publicity and a state with all the resources available to it. However, it pays to remember that a lot can change in the course of a case, especially at the end when the judge scrutinises the witnesses and the evidence much more closely.

[1] Abdourahman Mohamed Mahmoud Boreh v Republic of Djibouti, Autorite des Ports et des Zones Franches de Djibouti, Port Autonome International de Djibouti and Gibson, Dunn & Crutcher LLP (as an additional respondent) [2015] EWHC 769 (Comm)

[2] Republic of Djibouti, Authorite des Ports et des Zones Franches de Djibouti and Port de Djibouti S.A. v Mr Abdourahman Mohamed Mahmoud Boreh, Boreh International FZE, Essense Management Limited and Net Support Holdings Limited [2016] EWHC 405 (Comm).

In May 2012, the Ministry of Justice consultation paper on deferred prosecution agreements (DPAs) identified the difficulties that prosecutors in the UK face with the law of corporate criminal liability and stressed that more needed to be done. Historically, corporate criminal liability in the UK has been difficult to successfully prosecute. The “identification principle” in UK law requires that a corporate can only be held liable for the criminal acts of those who are the “directing mind and will” of the company. Identifying who those individuals are and then satisfying the evidential burden of proof for a criminal prosecution against the company based on the intent and acts of those individuals has often proved quite difficult.

Following the consultation paper and public statements made by many stakeholders, the most vocal of which being David Green, CB, QC and Director of the Serious Fraud Office, there was a considerable pressure for change. Finally, on 2 September 2014, at the 32^nd Cambridge International Symposium on Economic Crime, the Attorney General, the Rt. Hon. Jeremey Wright QC MP said, “Government officials are considering proposals for the creation of an offence of a corporate failure to prevent economic crime, modelled on the Bribery Act section 7 offence.” This statement was made as part of the Government’s stated priority to ensure that the UK has the correct laws and structures in place to tackle fraud and corruption, and to improve detection of money laundering. In effect, it appeared that the Government had listened to the prosecutor’s pleas for a change in the law to avoid the “identification principle” difficulties by moving to a strict liability offence.

However, In a complete volte – face on 28 September 2015, Justice Minister Andrew Selous stated that the Ministry of Justice had decided to drop work on creating an offence of ‘failure to prevent economic crime’ such as fraud and money laundering. Mr. Selous said: “Ministers have decided not to carry out further work at this stage as there have been no prosecutions under the model Bribery Act offence and there is little evidence of corporate economic wrongdoing going unpunished.” At the time, some commentators depicted this as a “slap in the face” for David Green who had so fought hard for the change in the law and was no doubt frustrated by this change in position.

But as is often the case, political winds change.  On 11 May 2016, in a letter to the Guardian prior to the Anti – Corruption Summit in the UK, David Cameron wrote, “In the UK, in addition to prosecuting companies that fail to prevent bribery and tax evasion, we will consult on extending the criminal offence of “failure to prevent” to other economic crimes such as fraud and money laundering so that firms are properly held to account for criminal activity that takes place within them”. The UK Government then confirmed the proposals in a press release on 12 May 2016 and the Ministry of Justice confirmed that a consultation paper would be published in the summer of 2016. The precise reasons for this return to the September 2014 position will never fully be known but it was clear that many commentators were stating that the UK’s response to economic crime was not good enough and such a proposal one day before such an important summit could only draw fire from such criticisms.

So what will the new offence look like? Many corporates are now more than familiar with the Bribery Act 2010 section 7 offence. The stated intention of the UK Government is that the new offence of failure to prevent economic crime will be modelled on the section 7 offence.  “Economic crime” is likely to be broadly defined to include offences such as fraud, theft, false accounting and money laundering plus other market based offences under the Financial Services Act 2012. It is likely that companies will be held liable for the actions of “associated persons” as is the case under section 7 of the Bribery Act. This will include anyone who provides services for or on behalf of the company. The legislation is likely to have extra territorial effect and will apply to crimes committed by a company or associated person anywhere in the world. If the new offence mirrors the section 7 offence, then the only defence for the company will be to show that at the time of the crime, it had in place “adequate procedures” that had been implemented and monitored to prevent such conduct. The new offence will have to be complemented by extensive guidance as to what might constitute “adequate procedures”.

What should corporates do in the face of such changes? Many corporates will already be well versed in the need to act and to do so expeditiously and comprehensively. They will need to undertake detailed risk assessments, create and implement comprehensive policies and procedures and train staff. There will need to be thorough board level involvement and as is always the case, policies and procedures will have to be monitored for compliance to ensure that such policies are honoured in reality as well as being documented. Many corporates will no doubt respond to the consultation and seek to lower any compliance burden but the experience of the Bribery Act 2010 is that any watering down of that burden may well be limited. The other lesson from corporates’ efforts to create and implement anti – bribery procedures is that these processes can take years to properly embed within an organisation’s ethos to ensure that a person applying hindsight to the “adequate procedures” defence is satisfied that the test is met.

Many commentators will ask whether this new offence will achieve its aim of reducing corporate economic crime? There are usually two schools of thought in response. The first praises any efforts to tackle economic crimes that, in the view of many commentators, are rarely prosecuted against corporates. There may well be a general public feeling that there are two systems in play with individuals committing “lesser” crimes feeling the full brunt of the State’s armoury, whereas corporates committing crimes that arguably have a much greater impact on economic well – being are often overlooked with prosecutors citing evidential or resource issues. It could be argued that any attempt to re – address this balance is laudable.

The second school of thought is more cynical and characterises new legislation such as this as a “sticking plaster” on what are more intractable problems with the prosecution of economic crime in the UK. Many people point to a Serious Fraud Office whose budget is repeatedly cut year after year. The SFO’s budget has fallen steadily since the 2008 financial crisis, although it is able to apply to the government for additional ‘blockbuster’ funding to cover the costs of particularly high profile investigations (such as Libor) on a case by case basis. Others point to the SFO’s track record in terms of successful prosecutions and query whether the SFO is up to the job of prosecuting economic crime. What would be the point of creating a new offence if in fact it will rarely be prosecuted? This was obviously the view of the Government in September 2014. The SFO has countered such criticisms with its successful DPA with Standard Chartered Bank and the guilty plea of the Sweett Group to a section 7 Bribery Act offence but the detractors are far from convinced.

The above responses are obviously based on more general grounds. What are likely to be the more detailed issues that could arise with such an offence? The most obvious issue is the breadth of fraud and money laundering and the difficulty in identifying both and preventing them from tainting any business. Many frauds are actually perpetrated against the company itself by either employees or suppliers. Would it make sense in such a situation to prosecute the company for its failure to prevent such crimes? The rational person would most probably say no. In terms of money laundering risks, corporates in the regulated sector (as defined by the Proceeds of Crime Act 2002 and the Money Laundering Regulations 2007) are already well versed in compliance with customer due diligence requirements. Will the new offence just duplicate and overlay even more compliance burdens on those already struggling under the weight of such regulatory “red tape” and in terms of those outside the sector, create two systems of regulation confusing and creating unfairness in its application and enforcement? No doubt these issues will form part of lobbying by corporates already struggling with these burdens and it will be interesting to see how the UK Government will deal with the tension of being kinder to businesses in times of austerity and being observed and scrutinised by both national and international pressure groups who regularly criticise the Government’s commitment to tackling economic crime.

The consultation paper may answer some of the above issues and the fact that stakeholders are being consulted can only be a good thing given the wealth of experience of those stakeholders in the application of the section 7 Bribery Act offence. Only time will tell if this new law will again be killed at least in part by pressure from the business sector or whether the pressure from prosecutors and public opinion will suffice to get the proposed law onto the statute books. Many may have doubted the prospect of an offence of failure to prevent tax evasion being enacted but the Panama papers leak made this almost an inevitability. Obviously the recent EU referendum result may put all such proposed legislation on hold given the current crises gripping the country. Given those pressures, those supporting the new economic crime offence may be hoping for a similar scandal to the Panama papers revelation to force the Government’s hand and give a gentle nudge to the winds of change!

We have seen a spike in legal activity relating to bribery and corruption offences in recent months, with a bank, printing business and a large international property company all being subjected to fines and other penalties thanks to allegations of this kind.

One long-standing problem with assessing such cases has been in identifying the role played by a company in any act of wrongdoing versus the actions of an individual or agent acting on the company’s behalf.  The introduction of the Bribery Act 2010, which makes it a criminal offence for a company to fail to prevent acts of bribery carried out on its behalf, has enabled prosecutors to tackle this issue much more effectively. Unless a company can demonstrate that it has in place the necessary procedures to prevent criminal activity, or to put a stop to it when detected, it can find itself exposed to intrusive investigation and subsequent court proceedings.

Companies and individuals found guilty of bribery or corruption can find themselves with hefty fines if found guilty of illicit activity.  In some cases the harm can be determined quite easily, such as the value of a contract won or retained through bribery. Fines will be calculated on the basis of these figures.  But in other cases the ‘profit’ can be harder to establish, and courts may end up looking at the company’s turnover in the relevant area of its business, and imposing a fine based on a percentage of this.  This creates an unwelcome degree of uncertainty.

Courts have a significant level of discretion in assessing where on the range of available penalties any fine should fall. The judges in these recent cases recognised the need to serve the public interest in their sentences, but also to refrain from imposing such a high fine that the company would be pushed out of business.  There is also a responsibility on the courts to ensure that sufficient resources remain available to the company for it to implement an effective compliance policy (itself a matter of public interest), and to protect itself from similar situations occurring in the future.

In two of the recent cases the company was penalised for failing to adequately supervise and monitor the activities of its subsidiaries or sister companies.  These cases are a valuable lesson that it is absolutely key to ensure that adequate compliance procedures are in place.  Turning a blind eye to obvious risks, or failing to detect that wrongdoing is occurring, may, as we have seen, simply no longer be excused in court.

I. Introduction

Internal corporations investigations are complex, high-stakes endeavors requiring careful planning and execution. Companies may face steep fines and penalties, risk of suspension or debarment for government contracts, negative publicity, and criminal and civil litigation. Wrongdoing by individual employees and executives may result in termination or, in some cases, criminal prosecution. Too often companies rush into an investigation, either conducting the investigation itself, investigating collateral issues, or hiring counsel without the necessary experience or expertise. While the desire to “get to the bottom” of an allegation may be intense, if mishandled, internal investigations can cause additional damage and pose ethical dilemmas for in-house lawyers managing or conducting investigations or their corporate clients or constituents.

In addition to the law and ethics governing corporate investigations, corporate politics often plays a large role, making investigations as much art as science. This article outlines foundational considerations for companies conducting internal investigations that are or may become subject to U.S. law because the conduct involved a U.S. business or subsidiary, or transactions touching the U.S. financial market.

II. When to conduct an internal investigation 

Internal investigations arise as a result of whistleblower allegations, shareholder demands, external or internal audits, catastrophic or risky events, government subpoenas, informal inquires by government or self-regulatory organizations, or media reports. Companies should consider the nature and gravity of the allegations, their source, and whether allegations may be part of an ongoing concern or historic conduct within the company. In some circumstances, officers and directors may have a duty to investigate allegations, and failing to do so could lead to personal liability. In an era of increasing scrutiny of companies and corporate executives, many companies err on the side of caution and convene an investigation when responding to allegations or concerns.

In certain instances an investigation may be required. For example, if a government contractor is put on notice of potential fraud involving a government contract, there may be an affirmative obligation to investigate the allegations and report any malfeasance to the relevant agency. In other instances, an investigation, while not required, may be prudent. Such is the case when responding to an ongoing government investigation. A company may wish to conduct its own investigation to determine the relevant facts and plan its response to the government investigation (i.e., early settlement or litigation). Whether an internal investigation is prudent or actually mandated, a company is well advised to thoroughly analyze what is known about the allegations or inquiry, and carefully articulate the reasons for either conducting or not conducting its own investigation.

III. Conducting the Investigation

A. Defining the Scope

In convening an internal investigation, a company should carefully define the scope of the inquiry. An investigation that is too broad will result in undue expense and business disruption, while an overly narrow investigation may fail to uncover serious misconduct. The company should also determine who will conduct the investigation or supervise outside counsel. The company should evaluate cost, internal corporate politics, desire to maintain attorney-client privilege, and potential conflicts of interest when evaluating whether to engage outside counsel.The composition of the investigation team and scope of investigation should be memorialized in writing between counsel and client, and include: (1) the reason for convening the investigation and the objectives to be achieved; (2) the authority empowered to authorize the investigation (e.g., board of directors, audit committee, general counsel) and to whom the investigators should report; (3) the directive to preserve relevant data and materials; (4) a mandate to maintain confidentiality through the attorney-client privilege and work-product protection; (5) the authority to conduct employee interviews; and (6) whether the final report should be delivered in writing or during a meeting with company representatives.

B. Attorney-Client Privilege and Work-Product Protection

Maintaining the attorney-client privilege and confidentiality over investigation findings is of paramount concern. Under U.S. law, companies can strengthen claims of privilege by retaining outside counsel to conduct the investigation. Under U.S. common law, the attorney-client privilege and work product doctrine provide important protection for work product generated during the investigation, such as interview memoranda, legal analysis, and preliminary findings. Notably, the attorney-client privilege in Europe differs markedly for in-house counsel, who may not benefit from protections provided by the attorney-client privilege. Assuming attorney-client privilege applies, the investigators should agree on specific reporting procedures that clearly designate attorney-client communications and work-product-protected documents.

C. In-House Versus Outside Counsel

Companies should carefully consider several factors when deciding who should conduct an investigation. First, it is important that no personnel implicated or allegedly involved in potential wrongdoing be involved in the investigation, have access to information about the investigation, or manage investigation counsel. A properly defined scope will assist the company in determining employees who may need to be segregated. For example, if allegations implicate one or more in-house attorneys or members of the board, those individuals should be “walled off.”   Investigators may wish to conduct initial “scoping” interviews to determine which key individuals in the company may be involved in the conduct in question. This scoping process will also facilitate document preservation and collection efforts.

Second, a company should consider the perceived independence of the investigators and investigative counsel. If the results of the investigation may be disclosed to government regulators, then retaining outside counsel may provide an element of independence that in-house counsel or employees may lack. The government may seek assurances that the investigation team was independent and not influenced by the board or company executives.

D. Data and Preservation

Immediately after convening an investigation, companies should preserve all information and documents that may be relevant to the issue under investigation. Because sources and type of data depend on a company’s technology infrastructure, investigators should interview information technology personnel to determine how data is created and stored by the company. The results of this interview will then determine the approach to data preservation, which may include document preservation notices, imaging of hard drives and personal devices, and suspension of automated data purging protocols.

After data and documents are preserved, investigators should assemble relevant materials for review in advance of employee interviews. Documents are normally reviewed by the investigation team, and “key document” sets identified for each relevant witness in advance of interviews.

E. Employee Interviews

Witness interviews are a key component to every investigation. Witnesses oftentimes are necessary to provide context and information unavailable or unapparent simply through document review. Unlike documents, however, witness’s testimony may be less reliable and exact. Investigators may decide to interview less involved witnesses first so that background or foundational facts are determined before interviewing more critical or key witnesses. However, if there are concerns about document spoliation or employee departures, the key employees may be interviewed first. .

Investigators should prepare an outline and set of key documents in advance of the interviews to ensure that relevant issues are addressed during the interview. Investigators should never interview a witness alone, and group interviews are discouraged. Investigators should also review the employment agreement and employee handbook in advance of an interview. In the event that an employee refuses to cooperate, there may be provisions in the employment agreement or handbook requiring cooperation as a term of employment.

Employee interviews involve balancing the need for information and cooperation with the needs of the business and the ethical requirements for U.S. lawyers. Approaching an interview like an interrogation will cause business disruption and fear among employees, and often prevent a more candid and reliable interview. Under U.S. law, attorneys are required to provide witnesses with an Upjohn warning, explaining that the attorney represents the company, not the employee, that while the interview is covered by the attorney-client privilege, that privilege belongs not to the employee but to the company, which may choose to share any or all of the information provided with third parties, including the government. It is important that employee interviews, including the Upjohn warning, are witnessed and properly memorialized.

F. Simultaneous Government Investigations

If an internal investigation occurs simultaneously with a government investigation (whether criminal or civil), it may be prudent for the investigators to learn more about the posture of the investigation and discuss avenues for cooperation. If the company wants to pursue settlement in the matter this early, proactive cooperation will be a key component of reducing penalties.   In the event of a subpoena or search warrant the investigators should negotiate the scope of document and interview requests to ensure that they are narrowly tailored and avoid unnecessary business disruption. If documents and/or equipment are seized during a government search, company counsel should request that boxes be properly labeled, indexed, and photographed before anything leaves the company. This indexing process helps the company ensure that privileged materials remain properly marked and segregated.

If the government desires to interview company employees, the company can remind employees that they may have corporate counsel present during those interviews. In some instances, the government is required to request interviews through corporate counsel for management and executive personnel. Corporate counsel may wish to meet with certain employees in advance of these interviews to understand the scope of their knowledge and help them prepare for the government interview.

IV. Conducting investigations abroad

While international investigations are similar to domestic internal investigations, there are important differences. Navigating these differences often starts with gaining an understanding of the local culture and customs. Retaining competent local counsel to assist with the investigation may be helpful or, depending on the nature of the investigation, necessary to comply with local laws.

A. Language and Cultural Barriers

Conducting an investigation internationally is complicated by the corresponding language and cultural barriers. Even if an investigator is fluent in the language, they may not have the same grasp on colloquial phrases and subtle language nuances. Local counsel or a certified translator will help ensure that cultural cues and body language are properly understood. A certified translator also prevents the investigator from becoming a witness in his or her own case. Local counsel can also provide important counsel on local laws and customs that may arise in the course of the investigation, such as local law related to documents and data collection, employee labor and employment concerns, and foreign laws governing the activity under investigation.

B. Labor Law Considerations

Unlike labor laws in the United States, which some believe generally favor the employer (e.g., many U.S. states presume that employment relationships are “at will”), many other countries offer expansive protections to employees. Additionally, notwithstanding employment contracts and company policies requiring cooperation, some countries permit employees to refuse interviews or refuse to testify against a co-worker. Investigators should familiarize themselves with local labor laws to avoid violating these laws.

C. Data Privacy Considerations

In the United States, investigators may generally collect and use data stored on company computers and servers with few restrictions. In contrast, some countries restrict the collection, use, and disclosure of personal information, even if stored on company computers and servers. In many European countries, for example, before “processing” personal data (e.g., recording, storing, or retrieving), the user must satisfy several requirements. Investigators should be aware of the important differences in data protection laws in the jurisdictions in which they are conducting the investigation. This can be challenging when investigations involve businesses or transactions that touch multiple countries, or when the company is responding to a U.S. government subpoena for documents that may reside in other countries.

D. Do No Harm

The well-known Hippocratic Oath maxim, “Primun non nocere” (“Above all, do no harm”), is readily applicable to conducting international internal investigations. It is easy for investigators to fall into the role of “interrogator” and cause unnecessary business disruption and anxiety within the company. Investigators must understand their role and be mindful of the ongoing business needs of their clients. Investigations can and should be conducted with care and sensitivity to the employees and the needs of the business. This requires counsel that is adept at balancing the needs of the company, employees, government investigators, and a board of directors or audit committee.

V. Concluding the investigation

An investigation is complete when investigative counsel (1) are in a position to make reliable, memorialized findings; (2) can defend their conclusions to internal and external recipients of said findings; and (3) have a sufficient basis to provide informed legal counsel to their client, and assist the client in remediating any weaknesses, deficiencies, or improper conduct discovered. In light of the typically sensitive nature of an internal investigations and the fact record that is developed, the investigation’s factual findings and conclusions, and attendant legal counsel, should be conveyed orally to the client with support of a PowerPoint that remains in counsel’s possession. In some instances, a corporate client or counsel may prefer to tender a written report. In either case, care should also be taken to protect the investigative report, and preserve the investigation file, which includes key documents, and to determine the extent to which any document preservation holds must remain in place.

VI. Conclusion

A successful investigation requires counsel that understands not only the law but how to balance the numerous constituencies involved. Investigations are as much art as science, and companies should approach them with forethought and deliberation. While the consequences of a poorly handled investigation are clear, a proper investigation can help a company assess its risk and develop a sound strategy to minimize that risk.

Millions spent from the public purse, 80 officers taken off the street to dedicate their time solely to the investigation and numerous cases and retrials dropped after 3 years’ worth of investigations. Looking back, was it all worth it?

It sounds like it could be the script to a blockbuster film; well respected journalists asleep at home with their spouses and children awoken to numerous police officers banging at their door. Their houses searched, personal belongings rummaged through and countless items seized. Wives and children terrified and in tears seeing their loved ones removed by the police to be held in a cell awaiting questioning. Journalists faced hours of questioning on numerous occasions and were then were left on police bail for months (years in some instances) to finally be prosecuted under the almost unheard of ancient common law offence of Misconduct in Public Office (MIPO). An offence that can only be committed by a public official and therefore the only possibility of using against journalists was to bolt it onto conspiracy charges.

It does not sound like modern day England but this is the reality that many journalists faced under the Operation Elveden Investigation.

What is Operation Elveden?

Operation Elveden was an investigation into allegations of journalists making inappropriate payments to public officials for information. Public officials were prosecuted under the common law offence of MIPO whilst journalists were prosecuted for aiding and abetting such misconduct or conspiracy to commit misconduct in public office.

This investigation is not to be confused with other well-known operations which were led by Deputy Assistant Commissioner Sue Akers, Head of Organised Crime & Criminal Networks within the Specialist Crime Directorate at a similar time. These include Operation Weeting which was an investigation into allegations of phone hacking at the News of the World and Operation Tuleta which was an investigation into alleged computer hacking at the News of the World.

Operation Elveden is an investigation into a course of conduct which was prevalent throughout the industry and a way of obtaining stories, whilst the latter two are confined to rogue reporters who acted in an unacceptable way.

Headline Figures

It is reported that the prosecution of Public Officials and Journalists under Operation Elveden has cost the tax payer over £30 million. This process took place over 4 years and reportedly had 80 police officers taken off the street to dedicate their time solely to the investigation and prosecution. Police made 87 arrests and interviewed 56 suspects under caution. In total 29 journalists and 26 public officials were charged.

Uncertainty of the Offence

The charge of MIPO dates back to the 17^th century, yet despite the length of time it has been in existence it has been seldom used and therefore limited case law exists to assist in the interpretation of the offence.

Prior to the Elveden trials, the most recent reference to the elements of the offence was set out in Attorney General’s Reference (No 3 of 2003) [2004] 2 Cr App R 23, [2005] QB 73. In this case the Court of Appeal (COA) set out four elements of the offence of MIPO:

1. A public officer acting as such
2. Wilfully neglects to perform his duty and or wilfully misconducted himself
3. To such a degree as to amount to an abuse of the public’s trust in the office holder
4. Without reasonable cause or justification

The offence of MIPO was largely if not completely unknown to the journalists who faced trial until these investigations commenced. It did not feature in the journalists’ handbooks or leading legal textbooks that they studied whilst training. It also did not form any part of the in-house training at their newspapers.

Evidence was given on numerous occasions that paying sources, including public officials, was the norm and was authorised at the highest levels within the papers. Evidence was provided that this was the case throughout much of Fleet Street. Professor of journalism at City University and columnist for The Guardian, Roy Greenslade, frequently supported this factual position throughout the investigation and prosecutions, in his columns in the Evening Standard and The Guardian.

Court of Appeal Ruling on MIPO

The confusion surrounding the elements of the MIPO offence led to two successful appeals against conviction. Lucy Panton and Ryan Sabey, who previously worked for the News of the World, both had their convictions overturned.

On 26 March 2015 the Lord Chief Justice, Mr Justice Cranston and Mr Justice Davis found that HHJ Wide erred in his direction to the jury by not being explicit enough in explaining how “serious” the misconduct had to be to amount to criminality.

In determining guilt HHJ Wide had confirmed that there were four elements to consider, as set out in Attorney General’s Reference (No 3 of 2003) outlined above. HHJ Wide said the third aspect to consider was whether the jury were sure that the prison officer committed misconduct to “such a degree as to amount to an abuse of the public’s trust in the officer holder”. The COA ruled that this direction was not transparent enough. It was ruled that the jury should have been told that they were required to carefully consider the threshold between misconduct in public office and actual criminal behaviour.

Ms Panton’s verdict was deemed to be unsafe and the conviction was quashed. Mr Sabey was given liberty to appeal on the same grounds and was successful at a future COA hearing.

The COA ruling on the element of ‘seriousness’ led to an urgent review and resulted in the DPP announcing that 9 out of 12 journalists awaiting trial would not be prosecuted. The 3 remaining journalists faced trial in May and October 2015. Chris Pharo and Jamie Pyatt were acquitted after 12 hours of deliberation. Anthony France was convicted in a separate trial and is currently in the process of appealing his conviction.

The ruling also led to revised guidance on MIPO being issued by the CPS.

Issues with the Decision to prosecute

Many have asked, was it in the public interest to spend millions prosecuting journalists for something that was deemed to be widespread in the industry and had been occurring for decades. Juries certainly did not think so. Out of the 29 journalists who were charged only three were found guilty after a jury trial. Two of these convictions were overturned by the COA and one is currently appealing his conviction. One further journalist, Dan Evans, pleaded guilty in the early stages of his case.

Thirteen journalists have been declared not guilty after facing the ordeal of being suspended from work, left on bail for months, preparing for and awaiting trial, then enduring the lengthy and highly stressful trial process. The impact on their reputation, career and also on relationships with friends and family has been immeasurable.

A further issue with the investigation and decision to prosecute journalists was the method via which the police obtained evidence and the ongoing disclosure process. After denying that phone hacking occurred at the now defunct News of the World and obstructing the investigation, News Corporation approached the police with the suggestion that a Management Standards Committee (MSC) was set up to monitor the disclosure process. The police agreed to this in what may appear to many to be an unorthodox way of proceeding given the seriousness of the hacking allegations. The MSC assessed material from News Corporation papers and determined what documentation was relevant and which material should be handed across to the prosecution team.

This method of disclosure meant that News Corporation could largely control the disclosure process and make decisions on what was relevant particularly in relation to evidence pertaining to more senior officials within News International. Evidence was given throughout the Elveden trials that the payment of sources, including public officials, went at least very high up the chain of command. In fact, disclosure requests were made in the first trial of Chris Pharo and others for material highlighting this. As a result of this request, material was forthcoming at a late stage which threw into question the way that the disclosure process had been managed by the MSC and the independence and thoroughness of the police investigation.

A final issue with the disclosure process that the defendant journalists were rightly concerned was that the MSC had provided the police with privileged journalistic material without the knowledge or consent of the individual journalists nor the sources. This compromised numerous confidential journalistic sources, the protection of which is one of the first rules of journalism.

Who is to blame if any?

Some would think that this investigation cried out for a corporate prosecution of the papers, given the wild scale occurrence of payments to public officials and the evidence suggesting that the method of obtaining stories was known and authorised by senior members of the papers. Yet despite an investigation, nothing has been done in respect of this.

Roy Greenslade was quoted in the Guardian as saying that fault lies with “the corporate culture, and that the people it [Operation Elveden] arrested were not responsible for that culture”. It appears that the method of investigation led to a case of ‘low hanging fruit’ being sacrificed whilst individuals higher up the chain remained safe.

As far back as 2003 it was reported that very senior members of the paper were aware that payments to public officials for information were being made. Rebekah Brooks (who was known by her maiden name ‘Wade’ at this time) was the editor of the Sun in 2003. When giving evidence to a committee of MPs she admitted paying police officers for information. Fast forward to 2012, during the Leveson Inquiry, Rupert Murdoch, owner of News Corporation was reported saying that there was a “culture of illegal payments”. Despite these comments, the police appeared unable to make a case against the cooperate entities concerned and instead pressed on against the “low hanging fruit” that may have made headlines but risked scapegoating rather than obtaining the actual facts that would have been so important to the democratic process and the issue of the free press generally.

Was a criminal prosecution necessary?

The failure in securing convictions for journalists prosecuted in this matter would suggest that this prosecution was misguided and unnecessary. Perhaps alternative penalties could have been instigated such as cautions or public warnings to both journalists and the papers who encouraged this course of conduct. A more proportionate response to the conduct of the journalists would unquestionably have saved the tax payers millions and would have possibly better maintained the democratic safeguard of the freedom of the press.

The rise in targeted email attacks to businesses worldwide continues to dominate the news headlines. Attacks like these are dangerous by their very nature. Not only are they increasing in frequency, but they are also becoming smarter by the day.

At the moment, we’re seeing a rise in activity related to of the Business Email Compromise (BEC) scam, where an employee is tricked into believing that he or she needs to make a bank transfer to a known external entity, but ends up sending these funds to a criminal instead.

Targeted spoofing is one of the biggest risks that firms currently face. This is not the age-old problem of SPAM emails, but something much more threatening. SPAM emails involve a single email being sent to millions of addresses, often with falsified branding of a well known company, for example a bank.

This ‘hit and hope’ exercise depends on a number of factors in order to be successful: the recipient must actually be a customer with that bank; the SPAM or anti-virus systems must fail to identify the email as a risk; and the recipient doesn’t recognise it as a dangerous email. As a result, the sender may not even get one bite from sending out hundreds of thousands of these emails.

Targeted email attacks are much more sophisticated – and now involve much more than just email; they merge emails, calls and sometimes physical visits to a target firm’s office- this is truly hacking for the masses. A number of hacking tools are now available for anyone to download, along with all the information they need to manipulate employees into performing actions or divulging confidential information – a key hacking term known as ‘social engineering’.

This will no doubt add to the cybersecurity hysteria that is running rampant across many different sectors, including both legal and professional services. However, the truth is that the security systems that are needed to protect the majority of firms from the majority of hacks are probably already in place.

What does this mean for the legal sector?

In the US alone, the FBI has reported that between October 2013 and August 2015, $750 million was lost across 7000 victim companies through targeted email attacks – an average of $100,000 per attack. In one high profile incident, Ubiquitii Networks lost an incredible $46 million. Most recently, a new report analysed Cryptowall 3.0 ransomware attacks in the US and found that it has cost victims $325 million, with that entire sum potentially going to a single source.

These attacks aren’t conducted at random; they are aimed specifically at certain firms, particularly within the legal market. At a legal roundtable event last month, it was surprising to see how many law firms are being actively targeted. Other sectors have obviously struggled with this same issue, but to nowhere near the same degree.

Law firms have always been a prime target for email attackers due to the large amount of monetary transfers they process, and it appears that the criminals have now realised this too. These attacks show a concerted effort to merge online and offline methods of extracting funds from law firms, to the extent that offices are actually being visited by attackers to gain further information about a firm.

How do you spot risks and threats via email?

It can be difficult, but there are several ways to combat this threat, including watching out for domain names that aren’t quite right, and looking out for language use and spelling mistakes. But these change on a daily basis. As a result, if they are developed properly, targeted emails can get past most, if not all, IT systems.

A firm’s greatest weakness – and greatest protection – therefore lies with its employees. Understanding which emails are suspicious will require training throughout the firm – and that means every firm. It’s a serious mistake to think: ‘but we have bright employees, so it’s not an issue for us’. Firms cannot make any assumptions when it comes to security; they will need to check, assign controls and systems, and check again.

How can businesses avoid succumbing to these attacks?

In security terms, the human factor will always be a firm’s weakest link. This comes down to employee training, from support staff, to trainees to managing partners –anyone who picks up an email, answers the door, or takes a call.

Firms that train their employees well and keep them informed of any security threats will be on the right track. By showing employees how easy it can be to succumb to an attack, firms can help to sharpen their defences dramatically. However, it’s important to ‘make the threat real’ – talk and text just won’t cut it.

Training staff on IT security is also key. Don’t take shortcuts with this – take staff into seminar-based training and explain the risks. Giving them real world examples will help reinforce the training. It’s crucial that employees understand that the whole firm is in this together, with a duty to protect both the firm’s and clients’ interests.

Of course, SPAM filtering, anti-virus software and firewalls will already be a part most firms’ arsenals against these sniper-like attacks. However, it is still imperative to devise internal controls and systems that dictate when and how staff can release confidential information, financial information and funds. Think passwords, phone-out verification, electronic signatures, encryption and secure portals. This might seem like overkill, but implementing at least one or two of these steps will help to ensure that only the right people have access to sensitive information, whether it’s the firm’s data or a client’s.

The ISO 27001 standard

When we are talking about IT security, we are basically talking about the threat to assets. An asset can be a PC, a server or even a member of staff. The largest assets that a law firm possesses are its reputation and its brand. The most effective way of protecting these assets will be to train the user base on how to identify suspicious behaviour, how to report it, and how the firm takes responsibility for review and remediation.

The ISO 27001 standard is, without a doubt, the best way for a firm’s leadership to understand at a high level what the security risks are and the likelihood of an attack, in addition to the impact that a breach would have on the firm.

As such, all law firms should look into implementing the ISO 27001 standard, as this actually takes much of the thought out of the process. It’s not difficult, and certification can normally be achieved for the price of a holiday for two. This is a vital first step for a firm that wants to focus on improving revenue and profit, rather than never knowing for certain if it is secure.