Category Archives: Fraud & White Collar Crime

Flag it Up – How can solicitors work to identify and tackle the risk of money laundering in the UK?

Organised crime costs the UK more than £24 billion each year – that’s £1 a day per citizen. The fact that criminals are using the services of legal professionals in order to try to hide the origins of their illicit funds is nothing new, but there are important questions that solicitors must ask themselves to avoid becoming drawn in without their knowledge.

Criminals are likely to have built what appears to be an authentic business to avoid unwanted scrutiny and this makes you and your profession vulnerable to becoming unwittingly involved in serious and organised crime. For solicitors, the consequences of being involved in money laundering, are severe. These can range from loss of your practicing certificate, damage to your own and your businesses’ reputation, significant fines and even a prison sentence. The creation of the Participation Offence in the Serious Crime Act 2015 makes it a crime – punishable by up to five years in prison – to participate in activities which an individual “reasonably suspects” contribute to organised crime.

With this in mind, it is imperative that solicitors continue to take responsibility to comply with money laundering regulations, particularly the obligation to complete adequate due diligence on new and existing clients. By doing their due diligence and submitting quality Suspicious Activity Reports (SARs) where appropriate, solicitors can play a significant part in tackling the threat through identifying potential cases of money laundering before they enter the economic system.

Spotting the red flags

The most effective way to ensure that solicitors remain compliant and are able to spot the red flags of money laundering is to implement an effective and well-documented risk-based approach. This will not only protect a legal firm from criminals, but in the unfortunate event that there is an issue it will reassure law enforcement and the regulator that the appropriate precautions have been taken.

In the first instance, they should step back and consider whether there are any immediately apparent warning signs. By considering whether there are inconsistencies in the information clients provide, if the client runs a cash-rich business, if there are unusual amounts or sources of funds, or any discrepancies in previous transactions, solicitors can begin to assess whether there are any suspicious activities that could ultimately lead to them becoming implicated in a crime.

In order to identify these red flags, firms should always continue to undertake comprehensive due diligence checks on new and existing clients in order to sweep for any risks. But due diligence extends beyond obtaining a passport and utility bill, and adopting a merely tick-box approach. It should be risk based, include lateral and critical thinking, and may include scrutiny of all beneficial owners with a controlling interest of over 25%, in addition to the client. Conducting internet searches on a prospective client could help to pick up any obvious warning signs with regards to their professional credibility.

Asking the right questions

Ultimately, while those working in the legal profession certainly have an awareness of money laundering, and how drastic its impact can be, there can sometimes be a lack of recognition of how it affects them personally. In all cases, solicitors should be looking at the whole picture, in order to build as comprehensive a client profile as possible.

For instance, a solicitor approached by a potential client that differs from their normal client profile should always ask “why me?” irrespective of the size of their firm. If a client is atypical of the regular client demographic, whether due to factors such as scale, sector, jurisdiction or any other reason, they should look to establish why their firm has been approached.

If something doesn’t stack up, asking a direct question is usually the most efficient way to get to the bottom of the irregularity. If the client is subsequently evasive, or if the answer is vague and lacks detail, that should immediately trigger suspicion.

Applying any local knowledge is critical when considering whether a business is legitimate or not. It might be helpful to make a visit to their premises during normal working hours. Often a lot can be taken from an organisation’s place of business that helps to reveal how authentic it is, and it allows legal professionals to make judgments on the accuracy of the information they are providing. For instance, if a firm is asked to work on behalf of a retail outlet that is empty at peak time, this could be an indicator that all is not as it seems.

Taking action

If any due diligence checks call the credibility of the client into question, solicitors should ask themselves if this amounts to suspicious activity, and consider going through the proper reporting processes. As a starting point, they should educate themselves about how low the level of suspicion has to be in order to get to this point. It is critical to remember that this assessment is not about being beyond a reasonable doubt, or building a case against a client. In R vs. Da Silva (2006), it is simply defined as “a possibility, which is more than fanciful, that the relevant facts exist”.

If they decide that a particular client does meet this criterion, solicitors have a legal obligation to submit a suspicious activity report (SAR) in line with internal procedures. Submitting a SAR can be seen as a much more drastic move than it is, and can be a concern for legal professionals. Solicitors are trained to maintain the highest levels of client confidentiality, so there is often apprehension that if the information they have is vague or imprecise; it may appear as if they are taking an extreme step without possessing the requisite evidence.

However, it should always be remembered that submitting a SAR is confidential. And it is also worth noting that if a SAR is not submitted when there are grounds to, solicitors risk breaking the law under the Proceeds of Crime Act 2002, and potentially allow criminals to escape with the proceeds of their wrongdoing.

One additional consideration to take into account is the quality of SARs. If a solicitor is submitting a SAR, they should ensure that it is filled in honestly and correctly, without adopting a defensive tone. Bad quality SARs often lack the information needed to build a wider intelligence picture so it is important to get them right first time, every time. The National Crime Agency (NCA) has created guidance on submitting better quality SARs, and solicitors should review this regularly.

Making a difference

Money laundering is undoubtedly a pervasive influence on the UK economy, and as professionals that are often operating in the financial space, solicitors are at risk of being unwittingly caught up in criminal schemes.

However, by taking a risk-based approach to due diligence, being direct with clients about perceived discrepancies, and submitting SARs if they have suspicion, they can avoid becoming involved. Ultimately, solicitors are in a unique position when it comes to disrupting the risks of money laundering, and can play a huge role in ridding the UK of this threat.

The political vendettas of sovereign states: Djibouti v Boreh

In recent years, the English courts have seen a number of claims by sovereign states against former public figures alleging bribery, corruption and other crimes. Although the facts of these disputes usually have little to do with England or English law, proceedings in England are popular both to take advantage of our respected legal system and available remedies to recover assets here.

The defendant often claims to be innocent and a victim of state persecution. However, it takes time and money to prove this. In the meantime, he can be put under huge pressure with an English worldwide freezing order. He has to disclose information about his assets or be sanctioned. It enables the state claimant to “police” his spending.

Under this pressure, the defendant sometimes buckles – even if there is merit in his defences. He capitulates or runs away so his case never gets to trial. Either way, he loses.

The Boreh case is a striking example of what a state can do when it wants to “get” somebody, the role political motivation plays in cases of this nature and the perils of lawyers furthering an improper agenda. For genuine victims of state vendettas, it highlights the importance of staying the course and good preparation.

The Boreh proceedings

Djibouti sued Mr Boreh in England in 2012 for bribery, corruption and abuse of public office seeking damages in excess of US$125m. A wealthy businessman by background, Mr Boreh was appointed Chairman of the Djibouti Ports and Free Zones Authority in 2003. Djibouti argued that although unpaid, Djibouti law required Mr Boreh to give up his business interests and devote himself exclusively to state affairs. Instead, it alleged, he continued his business activities and obtained vast sums through bribery and corruption involving Dubai state-owned companies which managed and developed Djibouti’s port facilities.

This was one of several actions taken by Djibouti against Mr Boreh after he fell out with the President in late 2008 and went into exile. Mr Boreh’s assets in Djibouti were seized. He was convicted in absentia for fraud, embezzlement, tax evasion and, most seriously, terrorism.

Djibouti used its position as a sovereign state to seek assistance from international governmental agencies to obtain information as to Mr Boreh’s assets, block his use of them and try to extradite him to Djibouti. This included the Swiss and UAE authorities, the French courts, Interpol, the US Department of Justice, Homeland Security and the FBI.

Djibouti retained a large legal team led by Gibson Dunn partner Peter Gray and Khawar Qureshi QC. Kroll investigators were also retained as was Al-Tamimi law firm of Dubai. A media campaign was mounted to publicise Mr Boreh’s alleged misdeeds.

Unsurprisingly, these initiatives had a massive effect on public and initial judicial perception of Mr Boreh. As Dominic Kendrick QC (for Mr Boreh) later told the Court:

Before this case, I had never challenged the proposition which you often hear – that fraud is the most serious charge you can lay against a commercial man. Well, it’s not, I now learn. Terrorism is. It makes it impossible for that person to do business”.

In mid-2013, Djibouti’s team stepped up their campaign with coordinated attacks in Dubai and England. In Dubai, they applied to extradite Mr Boreh so he was detained there. In England, they applied for a worldwide freezing order, serving over 2,000 pages of documents a few days before the hearing. Detention in Dubai meant that Mr Boreh was handicapped in instructing his lawyers.

Flaux J granted the freezing order based on affidavits sworn by Mr Gray. The evidence produced by Mr Gray included a transcript of “tapped” telephone calls between Mr Boreh and two brothers in Djibouti which, it was claimed, related to a grenade attack on a Djibouti supermarket. Mr Gray also exhibited an alleged confession from one of the men.

Based on this evidence, Flaux J concluded that although he was not judging the case on its merits, Mr Boreh was “arguably engaged in terrorism”. This supported granting the freezing order.

The pressure mounts

Mr Boreh’s future looked bleak. Djibouti publicised Flaux J’s judgment internationally to advance its anti-Boreh agenda. Furthermore, Mr Boreh was detained in Dubai facing extradition and imprisonment in Djibouti – or worse.

At this juncture, a senior Kroll investigator met with Mr Boreh, warning that he had a small window of time to “settle”. He pointed out that Mr Boreh faced extradition and imprisonment in Djibouti; that steps had been taken to shut him out of international financial networks so he could not carry on any business. Kroll said they could make the terrorism conviction go away; that Mr Boreh could stop looking over his shoulder and give his children a fair chance in life – but only if he agreed to pay more than the sums claimed in the English proceedings.

The tide turns

In the meantime, Mr Boreh’s team obtained evidence that the transcript was misdated and the telephone calls could not have been about the grenade attack. The “confession” and terrorism conviction were unsafe.

Mr Boreh’s lawyers repeatedly questioned Gibson Dunn as to how the misdating arose and who knew when they applied for the freezing order. In the face of evasive replies, Mr Boreh’s lawyers applied for affidavit evidence as to whether (and who within) the Djibouti/Gibson Dunn team knew about the misdating. This was granted despite strenuous resistance by Mr Qureshi.

Eventually, Gibson Dunn produced affidavits from Mr Gray and senior Djibouti officials admitting that they had known of the misdating at the relevant time. Mr Gray sought to exculpate himself by saying that he had shared this information with, amongst others, Mr Qureshi and there had been no intention to mislead.

Mr Boreh’s lawyers applied to set aside the freezing order and Mr Gray was cross-examined for three days at a hearing lasting two weeks in which every party including Mr Gray had a separatelarge legal team. Flaux J held that Mr Gray had “deliberately misled the court” – conduct in which Djibouti was complicit.[1] The Judge set aside the freezing order and described Djibouti’s conduct as “reprehensible” and falling “a long way short of the standards of behaviour which the court is entitled to expect of a sovereign state”. The Judge also concluded that there was “unambiguous impropriety” in the nature of the threats made by Kroll.

The fallout

This was a watershed in the case. Mr Gray was dismissed from Gibson Dunn. Mr Qureshi resigned from the case. Lord Falconer QC and Philip Rocher led the Gibson Dunn team for the trial which took place over ten weeks in late 2015. Shortly before, and during the trial, Djibouti abandoned most of its claims against Mr Boreh.

As the President was a key witness for Djibouti, Flaux J emphasised the importance of him attending trial to give evidence. The President declined, but the judge heard from several senior Djibouti officials, as well as Mr Boreh. In March 2016, he delivered a scathing judgment[2] dismissing what remained of Djibouti’s claims, noting:

Like counsel, I cannot recollect a case in which so many claims (let alone ones involving allegations of dishonesty) have been pursued with such vigour and then abandoned at trial. No proper explanation has been advanced as to why they were pursued and then abandoned. I am left with the distinct impression that the Republic was intent on pursuing a scattergun approach against Mr Boreh of throwing as much mud as it could in the hope that something would stick, even though many of the matters were not ones in respect of which the Republic could have had a legitimate or sustainable claim”.

He rejected much of Djibouti’s witness evidence, noting their “marked reluctance to say anything…which might contradict…the President’s stance”. He accepted Mr Boreh’s evidence, saying: “he was an essentially honest witness who was telling the truth about the issues which really mattered…. The picture which Lord Falconer sought to paint of a thoroughly corrupt businessman simply did not correspond with my assessment of Mr Boreh.”

Djibouti’s application for permission to appeal was refused by the Court of Appeal in June 2016.

A few of the lessons learned

Impact of political motivation

Judges have tended to treat claims of political motivation as irrelevant to the merits. Such was the reaction to Mr Boreh’s plea of political motivation before Field J who described it as “background music”. A claim is to be judged on its merits according to the law.

However, the Boreh case demonstrates that the issue of political motivation is not irrelevant. Mr Justice Flaux examined Djibouti’s conduct and concluded that political motivation was relevant in that it “cast doubt upon the bona fides of the claims…and the conduct of the litigation [and] provides confirmation of the capricious nature of the regime in Djibouti”.

Thus, although the merits of Djibouti’s claims were closely scrutinised by the Judge, the motivation behind them was relevant. Importantly, it also affected a number of consequential matters.

Indemnity costs

Flaux J held that if a claim is motivated by malice, it will be relevant to whether the claimant will be liable to the defendant on the indemnity basis as opposed to the standard basis. Djibouti accepted that Mr Boreh was entitled to his costs on the higher indemnity basis.

Security for costs

An important consideration for any defendant is to get security for his costs so he is not out of pocket if he wins. This is especially so where the claimant is a sovereign state because state immunity issues can prevent enforcement of any costs award.

Initial security for Mr Boreh’s costs was granted on the usual assumption that any award would be made on the standard basis. However, the indemnity costs award meant that Mr Boreh would be left with a significant shortfall if he could not recover the difference from Djibouti. Mr Boreh’s lawyers therefore sought ‘top up’ security for his pre-judgment costs.

There has been controversy about whether the Court has jurisdiction to grant post-judgment security as the judgment normally signals the end of the case. In a consequential hearing, Flaux J held the court did have jurisdiction where there was a relevant change of circumstance. Mr Boreh was able to show this change partly due to the award of indemnity costs which was in turn based on the “reprehensible” conduct of Djibouti and its baseless claims driven by political motivation. Flaux J accepted the submission of Richard Waller QC (for Mr Boreh) that unless the security was topped up, Djibouti was “likely to exploit the practical impossibility of enforcing judgment in Djibouti to avoid paying any further costs.

Djibouti had no choice but to top up the security as it was seeking permission to appeal.

The lawyers’ role

In the Boreh case, the Court clearly considered that Mr Gray had crossed the line in terms of conduct. Clients want their lawyers to fight their corner hard but what happened in this case is a salutary reminder of certain fundamentals. Mr Gray’s appeal against the finding of dishonesty remains extant and he is now in litigation with his former employers.

For lawyers advising a genuine victim of political persecution, it is can be challenging to  maintain morale under the weight of freezing orders, negative publicity and a state with all the resources available to it. However, it pays to remember that a lot can change in the course of a case, especially at the end when the judge scrutinises the witnesses and the evidence much more closely.

[1] Abdourahman Mohamed Mahmoud Boreh v Republic of Djibouti, Autorite des Ports et des Zones Franches de Djibouti, Port Autonome International de Djibouti and Gibson, Dunn & Crutcher LLP (as an additional respondent) [2015] EWHC 769 (Comm)

[2] Republic of Djibouti, Authorite des Ports et des Zones Franches de Djibouti and Port de Djibouti S.A. v Mr Abdourahman Mohamed Mahmoud Boreh, Boreh International FZE, Essense Management Limited and Net Support Holdings Limited [2016] EWHC 405 (Comm).

The Right to Information Act No. 12 of 2016 of Sri Lanka

The fight for responsible accountability, good governance which is against corruption can only be strengthened if the information held by responsible authorities is more readily available. The result of relaxing the obstructing tight mechanisms that prevent the access of information would create a more transparent system of administration.

It is remarkable and broadly accepted by legal academics that the true essence of democracy can be achieved by the declaration of “Right to Information” to the public. The scrutiny of such is notably to maintain a more democratic system in the country whilst entertaining the true spirit of transparency.

Sri-Lanka, having face a 30 year conflict of war and a rather traumatic era left the purported ‘right to information’ under the Constitution of Sri Lanka (Article 14A of the Constitution of Sri Lanka 1978), restricted to an article engraved in the Constitution until 2016. One may argue that the Constitution prevails over any other legal document. In a practical approach, however, the right will remain to be a grey area as the abovementioned article would entail an exhaustive list of laws relating to same. The absence of a legally binding document guaranteeing the right to information would leave a lacuna in the context of justice. Therefore, the enforceability of the right guaranteed by the Constitution will only be effective in reference to an act pertaining to “Right to Information”. This principle was established in the case of Giustiniani v. Y.P.F. S.A., a case decided in the territory of Argentina, in which the court ruled in favor of the plaintiff and further urged the public company Yacimientos Petroliferos Fiscales to produce a copy of the investment agreement related to the exploitation of hydrocarbon /oil resources.

The country although having other commitments to look into due to the war, yet functioned in ways and means to give effect to the United Nations proposed Resolution 59 (1) in the year 1946. This resolution was further taken up for discussion in the year 1995 by the UN Commission. Therein, it was stated that “Freedom will be bereft of all effectiveness if the people have no access to information. Access to information is basic to the democratic way of life. The tendency to withhold information from the people at large is therefore to be strongly checked.”[1] To give effect to the abovementioned resolution, Sri Lanka attempted to formulate a concrete ground for RTI in mid 1990’s (Legislative Draftsman’s Department, LDO Number 23/2003) which however, failed to conclude positively.

Furthermore, this principle was also encrypted under Article 19 of the International Covenant on Civil and Political Rights and Article 19 of the Universal Declaration of Human Rights which recognizes the right and access to information where Sri Lanka is a party to, with the placement of signature on the treaty.

On realizing the importance of such a right in existence, Sri Lanka, a country that looks over the democratic system, began the process of documenting the fundamental right. After several attempts of passing draft Right to Information Bills over the years, in August 2016, the Bill of Right to Information (“RTI Bill”) was passed with the view to provide a more centralized transparent system of governance. The RTI Bill was brought to the attention of the Parliament in the midst of March 2016. The sole purpose of promoting the Bill, as stated in the preamble of the RTI Bill, was to structure “a society in which the people of Sri Lanka would be able to more fully participate in public life through combating corruption and promoting accountability and good governance”[2]. The recognition of the absence of the right was further highlighted with the inception process for the 19th Amendment to the Constitution as a fundamental right. Supporting the views enacting the RTI, the Center of Law and Democracy assessed the RTI to be the 7th strongest in the world.

The prime need for the establishment of this fundamental piece of legislation was opined by Chief Justice Sarath N Silva whilst deciding the case of Environmental Foundation Limited v Urban Development Authority of Sri Lanka and others (Galle Face Green Case)[3]. He stated that “a bare denial of access to official information as contained in P10, sent by the UDA, in my view amounts to the infringement of the Petitioner’s fundamental rights as guaranteed by Article 14 (1) (a) of the constitution…the implicit right of a person to secure relevant information from a public authority in respect of a matter that should be in the public domain”.

However, the urge for the Right Information dates back to 1984 which was derived from the case of Visuvalingam v. Liyanage where it was held that the need for easy access to information was needed to be reckoned as the right to information from many sources was possible[4]. Therefore, it was prominently noted that the documentation of the right through an Act was essential to make the system of justice more approachable.

The RTI Act provides an absolute right and gives effect to the constitutional right of every citizen to access information under Section 3 of the RTI Act. Nevertheless, the granting of the right was on the other hand, followed with limitations. These limitations are in the form of a comprehensive list as stated under Section 5 of the RTI Act.

The limitations stipulated in the RTI Act include that the denial to access information may arise the personal information in concern has no public activity or interest. Disclosure of information is a threat to national security. Disclosure of such information could harm the economy of the country. Denial of information related to trade secrets or intellectual property. Providing medical records unless consented and permitted to by the person in question. Communication trails between a professional and public authority unless consented to i.e. communication between the attorney general and public authority. Existence of a fiduciary relationship. Information which may obstruct the detection of a crime. Exposure of identity of a confidential source may be revealed. Third party does not consent to the disclosure of the information. Contempt of court. Infringement of parliament privilege. Harm integrity of an examination being conducted by the Department of Examination.

Furthermore, in the process of debating the RTI Bill in Parliament, concerns and proposed changes in order to protect the confidentiality of sensitive information relating to Section 5 of the Act on ‘Denial of Information’ were raised. Accordingly, when the Parliament certified the RTI Bill, Section 5 of the Act was further expanded giving effect to Section 5 (m) whereby ‘if information is a cabinet memorandum in relation to which a decision has not been taken’ the request may be refused. Further, Section 5 (n) where ‘the information requested to be disclosed is with regard to an election conducted by the Commissioner of Elections’, which is required by the relevant election laws to be kept confidential. This was formally engraved in the Act as a stance for the public authorities to deny disclosure of information.

Moreover, many concerned parties raised their nonconforming views indicating that some of these exceptions stated under Section 5 were conflicting with the articles in the Constitution of Sri Lanka. One example of a recent dissimilarity raised to concern was the exemption stated under Section 5 in relation to denial of disclosure of information as it would harm the economy. The denial of information related to trade agreements as stated under Section 5 (v) was noted to be a clause conflicting with Article 14, 14A and 15 of the Constitution.

Dr. A.G. Damayanthi Perera, a Specialist in Food, Nutrition, an Independent Researcher, along with two other Software Engineers, raised the issue relating to the conflict of Section 5(v) by filing a petition in the Supreme Court of Sri Lanka. The Petition stated that, a developing country like Sri Lanka will find it difficult to tackle the challenging concepts in the corporate arena when dealing with overseas companies.

The exceptions to the fundamental rule of the right to information was also opined by Lord Toulson’s in the case of Kennedy v Charity Commission, in which he stated that “Judicial processes should be open to public scrutiny, unless and to the extent, that there are good reasons for secrecy”.[5] Thus, despite the right of information being a fundamental right, the times at which the denial to access of information is validly construed yet exist in the legal sense.

It is nonetheless important to note that the above limitations could be avoided where the request of information is very much urgent and as per severe circumstances surrounding the necessity of such information. This is engraved under Section 6 of the RTI Act. Additionally, if the disclosure of information is denied by the public authorities, the aggrieved party is within the capacity of making an appeal to the “Right to Information Commission”- a body corporate with perpetual succession which will be established in the conformity of Part IV of the RTI Act.

Above all, these flaws are contained within the proposed validity of the right to information. It is important to note the very exceptional advantages. The recently passed RTI Act will be a monitor for showcasing the reality, whilst making the latent motives of a government accessible to the public to some extent.

Many professionals in the arena of law supported the RTI Bill coming into force, claiming that the ideology of the Bill would restructure the transparency of the government and public authority dealings. Thus, the instances in which the public being blindfolded in times of corruption will be limited, and the Act will further provide the public with an avenue to raise their dissenting views and concerns of the same.

Looking over to our neighboring country, India, who enacted the fundamental right by way of the Right to Information Act 2005, would clear the murky waters of how successful the enactment would be in Sri Lanka. Dr. Rajesh Tandon made positive comments stating that Since the RTI law was introduced, India has seen an improvement in governance, dissemination of information and involvement of civil society in the governance process”[6]. However, the challenge in India is that acts such as the Official Secrecy Act and the Right to Information Act co-exist side by side with the right to information laws. Accordingly, the enactment of the Right to Information Act in India has exposed both how it can thrive a country to success and the possible existence of challenging conflicts to be tackled with.

Similarly, despite the anticipated positivity of the Act, a number of challenges remain when the implementation of the RTI in Sri Lanka is taken into consideration. For instance, archaic acts, such as the Establishments Code of Sri Lanka 1971 and the Sri Lanka Press Council Law No. 5 of 1973, continue to be in force. The existence of such Acts restricts the scope of the new Act in place and limits the public access to the benefits afforded in terms of Section 2 and 3 of the RTI Act. One such important Act that needs to be brought to attention is the Official Secrets Act No. 32 of 1955. The existence of this Act restricts access to documents that are confidential and documents that contain very sensitive information. Although, this act is buried and ignored and the terminology is stated to be outdated, the Act continues to be in force in Sri Lanka and consequently needs to be rectified by ways and means which will diminish the conflict with the new Act in place.

Nevertheless, the Parliament of Sri Lanka, which has the intention of achieving the promising outcomes of the act, certified the RTI Bill with a few proposed amendments on 04th August 2016. Although, the Act will take 6 months to be in force, the effectiveness and the essence of implementing the laws will continue to thrive for the aims of providing an approachable, transparent governance system. All in all, the implementation of a Right to Information Act in Sri Lanka is imperative to foster a nation of transparency, accountability and good governance and to ensure the rights of the public citizens of the country are safeguarded which Sri Lanka believes as a country driven by democratic principles.

[1] 2 UN Doc. E/CN.4/1995/32, para. 35.

[2] Right to Information, Gazette, Preamble December 2015.

[3] (S.C.F.R 47/2014)

[4] 1984

[5] Kennedy v. the Charity Commission [2014] UKSC 20

[6] http://srilankabrief.org/2015/03/beyond-rti-towards-open-government-in-sri-lanka/

New Corporate Offense of Failure to Prevent Economic Crime – The Winds of Change?

In May 2012, the Ministry of Justice consultation paper on deferred prosecution agreements (DPAs) identified the difficulties that prosecutors in the UK face with the law of corporate criminal liability and stressed that more needed to be done. Historically, corporate criminal liability in the UK has been difficult to successfully prosecute. The “identification principle” in UK law requires that a corporate can only be held liable for the criminal acts of those who are the “directing mind and will” of the company. Identifying who those individuals are and then satisfying the evidential burden of proof for a criminal prosecution against the company based on the intent and acts of those individuals has often proved quite difficult.

Following the consultation paper and public statements made by many stakeholders, the most vocal of which being David Green, CB, QC and Director of the Serious Fraud Office, there was a considerable pressure for change. Finally, on 2 September 2014, at the 32nd Cambridge International Symposium on Economic Crime, the Attorney General, the Rt. Hon. Jeremey Wright QC MP said, “Government officials are considering proposals for the creation of an offence of a corporate failure to prevent economic crime, modelled on the Bribery Act section 7 offence.” This statement was made as part of the Government’s stated priority to ensure that the UK has the correct laws and structures in place to tackle fraud and corruption, and to improve detection of money laundering. In effect, it appeared that the Government had listened to the prosecutor’s pleas for a change in the law to avoid the “identification principle” difficulties by moving to a strict liability offence.

However, In a complete volte – face on 28 September 2015, Justice Minister Andrew Selous stated that the Ministry of Justice had decided to drop work on creating an offence of ‘failure to prevent economic crime’ such as fraud and money laundering. Mr. Selous said: “Ministers have decided not to carry out further work at this stage as there have been no prosecutions under the model Bribery Act offence and there is little evidence of corporate economic wrongdoing going unpunished.” At the time, some commentators depicted this as a “slap in the face” for David Green who had so fought hard for the change in the law and was no doubt frustrated by this change in position.

But as is often the case, political winds change.  On 11 May 2016, in a letter to the Guardian prior to the Anti – Corruption Summit in the UK, David Cameron wrote, “In the UK, in addition to prosecuting companies that fail to prevent bribery and tax evasion, we will consult on extending the criminal offence of “failure to prevent” to other economic crimes such as fraud and money laundering so that firms are properly held to account for criminal activity that takes place within them”. The UK Government then confirmed the proposals in a press release on 12 May 2016 and the Ministry of Justice confirmed that a consultation paper would be published in the summer of 2016. The precise reasons for this return to the September 2014 position will never fully be known but it was clear that many commentators were stating that the UK’s response to economic crime was not good enough and such a proposal one day before such an important summit could only draw fire from such criticisms.

So what will the new offence look like? Many corporates are now more than familiar with the Bribery Act 2010 section 7 offence. The stated intention of the UK Government is that the new offence of failure to prevent economic crime will be modelled on the section 7 offence.  “Economic crime” is likely to be broadly defined to include offences such as fraud, theft, false accounting and money laundering plus other market based offences under the Financial Services Act 2012. It is likely that companies will be held liable for the actions of “associated persons” as is the case under section 7 of the Bribery Act. This will include anyone who provides services for or on behalf of the company. The legislation is likely to have extra territorial effect and will apply to crimes committed by a company or associated person anywhere in the world. If the new offence mirrors the section 7 offence, then the only defence for the company will be to show that at the time of the crime, it had in place “adequate procedures” that had been implemented and monitored to prevent such conduct. The new offence will have to be complemented by extensive guidance as to what might constitute “adequate procedures”.

What should corporates do in the face of such changes? Many corporates will already be well versed in the need to act and to do so expeditiously and comprehensively. They will need to undertake detailed risk assessments, create and implement comprehensive policies and procedures and train staff. There will need to be thorough board level involvement and as is always the case, policies and procedures will have to be monitored for compliance to ensure that such policies are honoured in reality as well as being documented. Many corporates will no doubt respond to the consultation and seek to lower any compliance burden but the experience of the Bribery Act 2010 is that any watering down of that burden may well be limited. The other lesson from corporates’ efforts to create and implement anti – bribery procedures is that these processes can take years to properly embed within an organisation’s ethos to ensure that a person applying hindsight to the “adequate procedures” defence is satisfied that the test is met.

Many commentators will ask whether this new offence will achieve its aim of reducing corporate economic crime? There are usually two schools of thought in response. The first praises any efforts to tackle economic crimes that, in the view of many commentators, are rarely prosecuted against corporates. There may well be a general public feeling that there are two systems in play with individuals committing “lesser” crimes feeling the full brunt of the State’s armoury, whereas corporates committing crimes that arguably have a much greater impact on economic well – being are often overlooked with prosecutors citing evidential or resource issues. It could be argued that any attempt to re – address this balance is laudable.

The second school of thought is more cynical and characterises new legislation such as this as a “sticking plaster” on what are more intractable problems with the prosecution of economic crime in the UK. Many people point to a Serious Fraud Office whose budget is repeatedly cut year after year. The SFO’s budget has fallen steadily since the 2008 financial crisis, although it is able to apply to the government for additional ‘blockbuster’ funding to cover the costs of particularly high profile investigations (such as Libor) on a case by case basis. Others point to the SFO’s track record in terms of successful prosecutions and query whether the SFO is up to the job of prosecuting economic crime. What would be the point of creating a new offence if in fact it will rarely be prosecuted? This was obviously the view of the Government in September 2014. The SFO has countered such criticisms with its successful DPA with Standard Chartered Bank and the guilty plea of the Sweett Group to a section 7 Bribery Act offence but the detractors are far from convinced.

The above responses are obviously based on more general grounds. What are likely to be the more detailed issues that could arise with such an offence? The most obvious issue is the breadth of fraud and money laundering and the difficulty in identifying both and preventing them from tainting any business. Many frauds are actually perpetrated against the company itself by either employees or suppliers. Would it make sense in such a situation to prosecute the company for its failure to prevent such crimes? The rational person would most probably say no. In terms of money laundering risks, corporates in the regulated sector (as defined by the Proceeds of Crime Act 2002 and the Money Laundering Regulations 2007) are already well versed in compliance with customer due diligence requirements. Will the new offence just duplicate and overlay even more compliance burdens on those already struggling under the weight of such regulatory “red tape” and in terms of those outside the sector, create two systems of regulation confusing and creating unfairness in its application and enforcement? No doubt these issues will form part of lobbying by corporates already struggling with these burdens and it will be interesting to see how the UK Government will deal with the tension of being kinder to businesses in times of austerity and being observed and scrutinised by both national and international pressure groups who regularly criticise the Government’s commitment to tackling economic crime.

The consultation paper may answer some of the above issues and the fact that stakeholders are being consulted can only be a good thing given the wealth of experience of those stakeholders in the application of the section 7 Bribery Act offence. Only time will tell if this new law will again be killed at least in part by pressure from the business sector or whether the pressure from prosecutors and public opinion will suffice to get the proposed law onto the statute books. Many may have doubted the prospect of an offence of failure to prevent tax evasion being enacted but the Panama papers leak made this almost an inevitability. Obviously the recent EU referendum result may put all such proposed legislation on hold given the current crises gripping the country. Given those pressures, those supporting the new economic crime offence may be hoping for a similar scandal to the Panama papers revelation to force the Government’s hand and give a gentle nudge to the winds of change!

Why Corruption Looks Set to Rise On the Corporate Agenda

Corporate agendas are driven by reactive and proactive considerations. Reactive policies are particularly susceptible to what is on the press agenda, and corruption is certainly one such item at the moment. The international media abounds with coverage of emerging and escalating graft investigations, from the revelations relating to the hitherto obscure Monaco-based broker Unaoil, to the Petrobras and 1MDB corruption scandals, which threaten the stability of the governments of Brazil and Malaysia respectively.

Topical events certainly influence the corporate agenda, as the recent international anti-corruption summit in London has showed. Christine Lagarde’s statement on the £1 trillion cost of bribery to the economy, and David Cameron’s announcement on The Global Forum for Asset Recovery, a global plan to help recover stolen assets, have both ensured that anti-corruption is positioned as a business priority. But ultimately, it is legislative change and enforcement action that focuses minds the most. Here too there have been significant developments.

The Foreign Corrupt Practices Act (FCPA), the bellwether of anti-corruption legislation, continues to be a source of ever increasing enforcement penalties, while the UK’s Anti Bribery Act has at long last become a piece of legislation to be feared, in large part due to several recent prosecutions and settlements instigated by the Serious Fraud Office (SFO).

In the first of these, in November 2015 the SFO secured its first deferred prosecution agreement with ICBC Standard Bank. The bank, whose sister company Standard Bank Tanzania paid a local company to induce members of the Tanzanian government to grant it a private placement contract, agreed to pay the Tanzanian government $6 million plus interest. More recently, in February 2016 the SFO secured its first conviction under section 7 of the Bribery Act when UK construction firm Sweett Group Plc. was fined £2.3 million for bribery in securing a hotel development contract in the UAE. The Sweett Group fine has been widely seen as a major milestone for the Bribery Act, and section 7 in particular, which goes beyond most international anti-corruption provisions by requiring businesses to prevent bribes being paid on their behalf.

Across the Channel, France has now launched the biggest overhaul of its anti-corruption legislation in decades with the introduction of a bill that marks a major shift in the corporate culture of French business. Spurred by a growing domestic sense that US law enforcement agencies were carrying out the duties of the French state and financially benefitting from the pay-outs, France’s finance minister, Michel Sapin, introduced the framework of a new anti-corruption bill in July 2015. French companies have certainly been heavily impacted by enforcement action under the FCPA. Three French majors alone – Technip, Alstom and Total – have collectively been fined over $1.2 billion by the US Department of Justice in the last few years. The bill, colloquially known as Loi Sapin, was presented to the French cabinet of ministers by Michel Sapin on 30 March 2016 and is expected to come into force shortly.

Loi Sapin shows that the major jurisdictions are pulling in the same direction in the legislative arena, a welcome sign that complements the growing trend of cross-border cooperation between law enforcement authorities. Such cooperation is long established between countries like the US and the UK, and was in fact a prominent feature of the investigation that led to the above deferred prosecution agreement with IBCC, but is also starting to take place between countries traditionally suspicious of one another, like China and the US. Last year, China sent a list of over 150 officials suspected of fleeing to the US to avoid corruption charges. The US responded by arresting one of these individuals, the ex-wife of a former Chinese government official, on charges of money laundering and immigration fraud.

All of these developments point to this being a pertinent time for businesses to take stock and revisit their existing anti-corruption policies and practices. Aside from the financial incentives of bringing anti-corruption to the top of the corporate agenda, businesses that fail to do so stand to suffer considerable reputational damage. In the best case scenario, companies could be forced to withdraw from the market where the offence took place, as publisher Macmillan did with the closure of its education division in Africa following an admission that it had paid bribes in South Sudan; exclusion from public tenders or from projects funded by the World Bank and other development institutions can also result; and in the worst case scenario the reputational damage can force companies into winding up the business altogether.

It goes without saying that companies should review their internal policies across communication, training, conduct, compliance and the proper implementation of such policies by their staff. However, what the recent SFO actions under section 7 of the Bribery Act also show is that businesses need to pay much greater attention to who they deal with, as it is no longer enough to plead ignorance of the conduct of a local representative. Businesses in the UK have to demonstrate that they have put in place adequate procedures to ensure that bribery does not take place (the so-called ‘adequate procedure’ defence). One of the most effective and proactive ways to do this is to show that they have done their due diligence and taken steps to gain a better understanding of the background, track record and modus operandi of their local interlocutors.

Punishing Corporate Offenders for Fraud, Bribery and Corruption Offences

We have seen a spike in legal activity relating to bribery and corruption offences in recent months, with a bank, printing business and a large international property company all being subjected to fines and other penalties thanks to allegations of this kind.

One long-standing problem with assessing such cases has been in identifying the role played by a company in any act of wrongdoing versus the actions of an individual or agent acting on the company’s behalf.  The introduction of the Bribery Act 2010, which makes it a criminal offence for a company to fail to prevent acts of bribery carried out on its behalf, has enabled prosecutors to tackle this issue much more effectively. Unless a company can demonstrate that it has in place the necessary procedures to prevent criminal activity, or to put a stop to it when detected, it can find itself exposed to intrusive investigation and subsequent court proceedings.

Companies and individuals found guilty of bribery or corruption can find themselves with hefty fines if found guilty of illicit activity.  In some cases the harm can be determined quite easily, such as the value of a contract won or retained through bribery. Fines will be calculated on the basis of these figures.  But in other cases the ‘profit’ can be harder to establish, and courts may end up looking at the company’s turnover in the relevant area of its business, and imposing a fine based on a percentage of this.  This creates an unwelcome degree of uncertainty.

Courts have a significant level of discretion in assessing where on the range of available penalties any fine should fall. The judges in these recent cases recognised the need to serve the public interest in their sentences, but also to refrain from imposing such a high fine that the company would be pushed out of business.  There is also a responsibility on the courts to ensure that sufficient resources remain available to the company for it to implement an effective compliance policy (itself a matter of public interest), and to protect itself from similar situations occurring in the future.

In two of the recent cases the company was penalised for failing to adequately supervise and monitor the activities of its subsidiaries or sister companies.  These cases are a valuable lesson that it is absolutely key to ensure that adequate compliance procedures are in place.  Turning a blind eye to obvious risks, or failing to detect that wrongdoing is occurring, may, as we have seen, simply no longer be excused in court.

The Art and Science of Corporate Internal Investigations

I. Introduction

Internal corporations investigations are complex, high-stakes endeavors requiring careful planning and execution. Companies may face steep fines and penalties, risk of suspension or debarment for government contracts, negative publicity, and criminal and civil litigation. Wrongdoing by individual employees and executives may result in termination or, in some cases, criminal prosecution. Too often companies rush into an investigation, either conducting the investigation itself, investigating collateral issues, or hiring counsel without the necessary experience or expertise. While the desire to “get to the bottom” of an allegation may be intense, if mishandled, internal investigations can cause additional damage and pose ethical dilemmas for in-house lawyers managing or conducting investigations or their corporate clients or constituents.

In addition to the law and ethics governing corporate investigations, corporate politics often plays a large role, making investigations as much art as science. This article outlines foundational considerations for companies conducting internal investigations that are or may become subject to U.S. law because the conduct involved a U.S. business or subsidiary, or transactions touching the U.S. financial market.

II. When to conduct an internal investigation 

Internal investigations arise as a result of whistleblower allegations, shareholder demands, external or internal audits, catastrophic or risky events, government subpoenas, informal inquires by government or self-regulatory organizations, or media reports. Companies should consider the nature and gravity of the allegations, their source, and whether allegations may be part of an ongoing concern or historic conduct within the company. In some circumstances, officers and directors may have a duty to investigate allegations, and failing to do so could lead to personal liability. In an era of increasing scrutiny of companies and corporate executives, many companies err on the side of caution and convene an investigation when responding to allegations or concerns.

In certain instances an investigation may be required. For example, if a government contractor is put on notice of potential fraud involving a government contract, there may be an affirmative obligation to investigate the allegations and report any malfeasance to the relevant agency. In other instances, an investigation, while not required, may be prudent. Such is the case when responding to an ongoing government investigation. A company may wish to conduct its own investigation to determine the relevant facts and plan its response to the government investigation (i.e., early settlement or litigation). Whether an internal investigation is prudent or actually mandated, a company is well advised to thoroughly analyze what is known about the allegations or inquiry, and carefully articulate the reasons for either conducting or not conducting its own investigation.

III. Conducting the Investigation

A. Defining the Scope

In convening an internal investigation, a company should carefully define the scope of the inquiry. An investigation that is too broad will result in undue expense and business disruption, while an overly narrow investigation may fail to uncover serious misconduct. The company should also determine who will conduct the investigation or supervise outside counsel. The company should evaluate cost, internal corporate politics, desire to maintain attorney-client privilege, and potential conflicts of interest when evaluating whether to engage outside counsel.The composition of the investigation team and scope of investigation should be memorialized in writing between counsel and client, and include: (1) the reason for convening the investigation and the objectives to be achieved; (2) the authority empowered to authorize the investigation (e.g., board of directors, audit committee, general counsel) and to whom the investigators should report; (3) the directive to preserve relevant data and materials; (4) a mandate to maintain confidentiality through the attorney-client privilege and work-product protection; (5) the authority to conduct employee interviews; and (6) whether the final report should be delivered in writing or during a meeting with company representatives.

B. Attorney-Client Privilege and Work-Product Protection

Maintaining the attorney-client privilege and confidentiality over investigation findings is of paramount concern. Under U.S. law, companies can strengthen claims of privilege by retaining outside counsel to conduct the investigation. Under U.S. common law, the attorney-client privilege and work product doctrine provide important protection for work product generated during the investigation, such as interview memoranda, legal analysis, and preliminary findings. Notably, the attorney-client privilege in Europe differs markedly for in-house counsel, who may not benefit from protections provided by the attorney-client privilege. Assuming attorney-client privilege applies, the investigators should agree on specific reporting procedures that clearly designate attorney-client communications and work-product-protected documents.

C. In-House Versus Outside Counsel

Companies should carefully consider several factors when deciding who should conduct an investigation. First, it is important that no personnel implicated or allegedly involved in potential wrongdoing be involved in the investigation, have access to information about the investigation, or manage investigation counsel. A properly defined scope will assist the company in determining employees who may need to be segregated. For example, if allegations implicate one or more in-house attorneys or members of the board, those individuals should be “walled off.”   Investigators may wish to conduct initial “scoping” interviews to determine which key individuals in the company may be involved in the conduct in question. This scoping process will also facilitate document preservation and collection efforts.

Second, a company should consider the perceived independence of the investigators and investigative counsel. If the results of the investigation may be disclosed to government regulators, then retaining outside counsel may provide an element of independence that in-house counsel or employees may lack. The government may seek assurances that the investigation team was independent and not influenced by the board or company executives.

D. Data and Preservation

Immediately after convening an investigation, companies should preserve all information and documents that may be relevant to the issue under investigation. Because sources and type of data depend on a company’s technology infrastructure, investigators should interview information technology personnel to determine how data is created and stored by the company. The results of this interview will then determine the approach to data preservation, which may include document preservation notices, imaging of hard drives and personal devices, and suspension of automated data purging protocols.

After data and documents are preserved, investigators should assemble relevant materials for review in advance of employee interviews. Documents are normally reviewed by the investigation team, and “key document” sets identified for each relevant witness in advance of interviews.

E. Employee Interviews

Witness interviews are a key component to every investigation. Witnesses oftentimes are necessary to provide context and information unavailable or unapparent simply through document review. Unlike documents, however, witness’s testimony may be less reliable and exact. Investigators may decide to interview less involved witnesses first so that background or foundational facts are determined before interviewing more critical or key witnesses. However, if there are concerns about document spoliation or employee departures, the key employees may be interviewed first. .

Investigators should prepare an outline and set of key documents in advance of the interviews to ensure that relevant issues are addressed during the interview. Investigators should never interview a witness alone, and group interviews are discouraged. Investigators should also review the employment agreement and employee handbook in advance of an interview. In the event that an employee refuses to cooperate, there may be provisions in the employment agreement or handbook requiring cooperation as a term of employment.

Employee interviews involve balancing the need for information and cooperation with the needs of the business and the ethical requirements for U.S. lawyers. Approaching an interview like an interrogation will cause business disruption and fear among employees, and often prevent a more candid and reliable interview. Under U.S. law, attorneys are required to provide witnesses with an Upjohn warning, explaining that the attorney represents the company, not the employee, that while the interview is covered by the attorney-client privilege, that privilege belongs not to the employee but to the company, which may choose to share any or all of the information provided with third parties, including the government. It is important that employee interviews, including the Upjohn warning, are witnessed and properly memorialized.

F. Simultaneous Government Investigations

If an internal investigation occurs simultaneously with a government investigation (whether criminal or civil), it may be prudent for the investigators to learn more about the posture of the investigation and discuss avenues for cooperation. If the company wants to pursue settlement in the matter this early, proactive cooperation will be a key component of reducing penalties.   In the event of a subpoena or search warrant the investigators should negotiate the scope of document and interview requests to ensure that they are narrowly tailored and avoid unnecessary business disruption. If documents and/or equipment are seized during a government search, company counsel should request that boxes be properly labeled, indexed, and photographed before anything leaves the company. This indexing process helps the company ensure that privileged materials remain properly marked and segregated.

If the government desires to interview company employees, the company can remind employees that they may have corporate counsel present during those interviews. In some instances, the government is required to request interviews through corporate counsel for management and executive personnel. Corporate counsel may wish to meet with certain employees in advance of these interviews to understand the scope of their knowledge and help them prepare for the government interview.

IV. Conducting investigations abroad

While international investigations are similar to domestic internal investigations, there are important differences. Navigating these differences often starts with gaining an understanding of the local culture and customs. Retaining competent local counsel to assist with the investigation may be helpful or, depending on the nature of the investigation, necessary to comply with local laws.

A. Language and Cultural Barriers

Conducting an investigation internationally is complicated by the corresponding language and cultural barriers. Even if an investigator is fluent in the language, they may not have the same grasp on colloquial phrases and subtle language nuances. Local counsel or a certified translator will help ensure that cultural cues and body language are properly understood. A certified translator also prevents the investigator from becoming a witness in his or her own case. Local counsel can also provide important counsel on local laws and customs that may arise in the course of the investigation, such as local law related to documents and data collection, employee labor and employment concerns, and foreign laws governing the activity under investigation.

B. Labor Law Considerations

Unlike labor laws in the United States, which some believe generally favor the employer (e.g., many U.S. states presume that employment relationships are “at will”), many other countries offer expansive protections to employees. Additionally, notwithstanding employment contracts and company policies requiring cooperation, some countries permit employees to refuse interviews or refuse to testify against a co-worker. Investigators should familiarize themselves with local labor laws to avoid violating these laws.

C. Data Privacy Considerations

In the United States, investigators may generally collect and use data stored on company computers and servers with few restrictions. In contrast, some countries restrict the collection, use, and disclosure of personal information, even if stored on company computers and servers. In many European countries, for example, before “processing” personal data (e.g., recording, storing, or retrieving), the user must satisfy several requirements. Investigators should be aware of the important differences in data protection laws in the jurisdictions in which they are conducting the investigation. This can be challenging when investigations involve businesses or transactions that touch multiple countries, or when the company is responding to a U.S. government subpoena for documents that may reside in other countries.

D. Do No Harm

The well-known Hippocratic Oath maxim, “Primun non nocere” (“Above all, do no harm”), is readily applicable to conducting international internal investigations. It is easy for investigators to fall into the role of “interrogator” and cause unnecessary business disruption and anxiety within the company. Investigators must understand their role and be mindful of the ongoing business needs of their clients. Investigations can and should be conducted with care and sensitivity to the employees and the needs of the business. This requires counsel that is adept at balancing the needs of the company, employees, government investigators, and a board of directors or audit committee.

V. Concluding the investigation

An investigation is complete when investigative counsel (1) are in a position to make reliable, memorialized findings; (2) can defend their conclusions to internal and external recipients of said findings; and (3) have a sufficient basis to provide informed legal counsel to their client, and assist the client in remediating any weaknesses, deficiencies, or improper conduct discovered. In light of the typically sensitive nature of an internal investigations and the fact record that is developed, the investigation’s factual findings and conclusions, and attendant legal counsel, should be conveyed orally to the client with support of a PowerPoint that remains in counsel’s possession. In some instances, a corporate client or counsel may prefer to tender a written report. In either case, care should also be taken to protect the investigative report, and preserve the investigation file, which includes key documents, and to determine the extent to which any document preservation holds must remain in place.

VI. Conclusion

A successful investigation requires counsel that understands not only the law but how to balance the numerous constituencies involved. Investigations are as much art as science, and companies should approach them with forethought and deliberation. While the consequences of a poorly handled investigation are clear, a proper investigation can help a company assess its risk and develop a sound strategy to minimize that risk.

Operation Elveden – Was the investigation ever justified?

Millions spent from the public purse, 80 officers taken off the street to dedicate their time solely to the investigation and numerous cases and retrials dropped after 3 years’ worth of investigations. Looking back, was it all worth it?

It sounds like it could be the script to a blockbuster film; well respected journalists asleep at home with their spouses and children awoken to numerous police officers banging at their door. Their houses searched, personal belongings rummaged through and countless items seized. Wives and children terrified and in tears seeing their loved ones removed by the police to be held in a cell awaiting questioning. Journalists faced hours of questioning on numerous occasions and were then were left on police bail for months (years in some instances) to finally be prosecuted under the almost unheard of ancient common law offence of Misconduct in Public Office (MIPO). An offence that can only be committed by a public official and therefore the only possibility of using against journalists was to bolt it onto conspiracy charges.

It does not sound like modern day England but this is the reality that many journalists faced under the Operation Elveden Investigation.

What is Operation Elveden?

Operation Elveden was an investigation into allegations of journalists making inappropriate payments to public officials for information. Public officials were prosecuted under the common law offence of MIPO whilst journalists were prosecuted for aiding and abetting such misconduct or conspiracy to commit misconduct in public office.

This investigation is not to be confused with other well-known operations which were led by Deputy Assistant Commissioner Sue Akers, Head of Organised Crime & Criminal Networks within the Specialist Crime Directorate at a similar time. These include Operation Weeting which was an investigation into allegations of phone hacking at the News of the World and Operation Tuleta which was an investigation into alleged computer hacking at the News of the World.

Operation Elveden is an investigation into a course of conduct which was prevalent throughout the industry and a way of obtaining stories, whilst the latter two are confined to rogue reporters who acted in an unacceptable way.

Headline Figures

It is reported that the prosecution of Public Officials and Journalists under Operation Elveden has cost the tax payer over £30 million. This process took place over 4 years and reportedly had 80 police officers taken off the street to dedicate their time solely to the investigation and prosecution. Police made 87 arrests and interviewed 56 suspects under caution. In total 29 journalists and 26 public officials were charged.

Uncertainty of the Offence

The charge of MIPO dates back to the 17th century, yet despite the length of time it has been in existence it has been seldom used and therefore limited case law exists to assist in the interpretation of the offence.

Prior to the Elveden trials, the most recent reference to the elements of the offence was set out in Attorney General’s Reference (No 3 of 2003) [2004] 2 Cr App R 23, [2005] QB 73. In this case the Court of Appeal (COA) set out four elements of the offence of MIPO:

  1. A public officer acting as such
  2. Wilfully neglects to perform his duty and or wilfully misconducted himself
  3. To such a degree as to amount to an abuse of the public’s trust in the office holder
  4. Without reasonable cause or justification

The offence of MIPO was largely if not completely unknown to the journalists who faced trial until these investigations commenced. It did not feature in the journalists’ handbooks or leading legal textbooks that they studied whilst training. It also did not form any part of the in-house training at their newspapers.

Evidence was given on numerous occasions that paying sources, including public officials, was the norm and was authorised at the highest levels within the papers. Evidence was provided that this was the case throughout much of Fleet Street. Professor of journalism at City University and columnist for The Guardian, Roy Greenslade, frequently supported this factual position throughout the investigation and prosecutions, in his columns in the Evening Standard and The Guardian.

Court of Appeal Ruling on MIPO

The confusion surrounding the elements of the MIPO offence led to two successful appeals against conviction. Lucy Panton and Ryan Sabey, who previously worked for the News of the World, both had their convictions overturned.

On 26 March 2015 the Lord Chief Justice, Mr Justice Cranston and Mr Justice Davis found that HHJ Wide erred in his direction to the jury by not being explicit enough in explaining how “serious” the misconduct had to be to amount to criminality.

In determining guilt HHJ Wide had confirmed that there were four elements to consider, as set out in Attorney General’s Reference (No 3 of 2003) outlined above. HHJ Wide said the third aspect to consider was whether the jury were sure that the prison officer committed misconduct to “such a degree as to amount to an abuse of the public’s trust in the officer holder”. The COA ruled that this direction was not transparent enough. It was ruled that the jury should have been told that they were required to carefully consider the threshold between misconduct in public office and actual criminal behaviour.

Ms Panton’s verdict was deemed to be unsafe and the conviction was quashed. Mr Sabey was given liberty to appeal on the same grounds and was successful at a future COA hearing.

The COA ruling on the element of ‘seriousness’ led to an urgent review and resulted in the DPP announcing that 9 out of 12 journalists awaiting trial would not be prosecuted. The 3 remaining journalists faced trial in May and October 2015. Chris Pharo and Jamie Pyatt were acquitted after 12 hours of deliberation. Anthony France was convicted in a separate trial and is currently in the process of appealing his conviction.

The ruling also led to revised guidance on MIPO being issued by the CPS.

Issues with the Decision to prosecute

Many have asked, was it in the public interest to spend millions prosecuting journalists for something that was deemed to be widespread in the industry and had been occurring for decades. Juries certainly did not think so. Out of the 29 journalists who were charged only three were found guilty after a jury trial. Two of these convictions were overturned by the COA and one is currently appealing his conviction. One further journalist, Dan Evans, pleaded guilty in the early stages of his case.

Thirteen journalists have been declared not guilty after facing the ordeal of being suspended from work, left on bail for months, preparing for and awaiting trial, then enduring the lengthy and highly stressful trial process. The impact on their reputation, career and also on relationships with friends and family has been immeasurable.

A further issue with the investigation and decision to prosecute journalists was the method via which the police obtained evidence and the ongoing disclosure process. After denying that phone hacking occurred at the now defunct News of the World and obstructing the investigation, News Corporation approached the police with the suggestion that a Management Standards Committee (MSC) was set up to monitor the disclosure process. The police agreed to this in what may appear to many to be an unorthodox way of proceeding given the seriousness of the hacking allegations. The MSC assessed material from News Corporation papers and determined what documentation was relevant and which material should be handed across to the prosecution team.

This method of disclosure meant that News Corporation could largely control the disclosure process and make decisions on what was relevant particularly in relation to evidence pertaining to more senior officials within News International. Evidence was given throughout the Elveden trials that the payment of sources, including public officials, went at least very high up the chain of command. In fact, disclosure requests were made in the first trial of Chris Pharo and others for material highlighting this. As a result of this request, material was forthcoming at a late stage which threw into question the way that the disclosure process had been managed by the MSC and the independence and thoroughness of the police investigation.

A final issue with the disclosure process that the defendant journalists were rightly concerned was that the MSC had provided the police with privileged journalistic material without the knowledge or consent of the individual journalists nor the sources. This compromised numerous confidential journalistic sources, the protection of which is one of the first rules of journalism.

Who is to blame if any?

Some would think that this investigation cried out for a corporate prosecution of the papers, given the wild scale occurrence of payments to public officials and the evidence suggesting that the method of obtaining stories was known and authorised by senior members of the papers. Yet despite an investigation, nothing has been done in respect of this.

Roy Greenslade was quoted in the Guardian as saying that fault lies with “the corporate culture, and that the people it [Operation Elveden] arrested were not responsible for that culture”. It appears that the method of investigation led to a case of ‘low hanging fruit’ being sacrificed whilst individuals higher up the chain remained safe.

As far back as 2003 it was reported that very senior members of the paper were aware that payments to public officials for information were being made. Rebekah Brooks (who was known by her maiden name ‘Wade’ at this time) was the editor of the Sun in 2003. When giving evidence to a committee of MPs she admitted paying police officers for information. Fast forward to 2012, during the Leveson Inquiry, Rupert Murdoch, owner of News Corporation was reported saying that there was a “culture of illegal payments”. Despite these comments, the police appeared unable to make a case against the cooperate entities concerned and instead pressed on against the “low hanging fruit” that may have made headlines but risked scapegoating rather than obtaining the actual facts that would have been so important to the democratic process and the issue of the free press generally.

Was a criminal prosecution necessary?

The failure in securing convictions for journalists prosecuted in this matter would suggest that this prosecution was misguided and unnecessary. Perhaps alternative penalties could have been instigated such as cautions or public warnings to both journalists and the papers who encouraged this course of conduct. A more proportionate response to the conduct of the journalists would unquestionably have saved the tax payers millions and would have possibly better maintained the democratic safeguard of the freedom of the press.

Scam Emails – How Much of a Threat Are They to Law Firms?

The rise in targeted email attacks to businesses worldwide continues to dominate the news headlines. Attacks like these are dangerous by their very nature. Not only are they increasing in frequency, but they are also becoming smarter by the day.

At the moment, we’re seeing a rise in activity related to of the Business Email Compromise (BEC) scam, where an employee is tricked into believing that he or she needs to make a bank transfer to a known external entity, but ends up sending these funds to a criminal instead.

Targeted spoofing is one of the biggest risks that firms currently face. This is not the age-old problem of SPAM emails, but something much more threatening. SPAM emails involve a single email being sent to millions of addresses, often with falsified branding of a well known company, for example a bank.

This ‘hit and hope’ exercise depends on a number of factors in order to be successful: the recipient must actually be a customer with that bank; the SPAM or anti-virus systems must fail to identify the email as a risk; and the recipient doesn’t recognise it as a dangerous email. As a result, the sender may not even get one bite from sending out hundreds of thousands of these emails.

Targeted email attacks are much more sophisticated – and now involve much more than just email; they merge emails, calls and sometimes physical visits to a target firm’s office- this is truly hacking for the masses. A number of hacking tools are now available for anyone to download, along with all the information they need to manipulate employees into performing actions or divulging confidential information – a key hacking term known as ‘social engineering’.

This will no doubt add to the cybersecurity hysteria that is running rampant across many different sectors, including both legal and professional services. However, the truth is that the security systems that are needed to protect the majority of firms from the majority of hacks are probably already in place.

What does this mean for the legal sector?

In the US alone, the FBI has reported that between October 2013 and August 2015, $750 million was lost across 7000 victim companies through targeted email attacks – an average of $100,000 per attack. In one high profile incident, Ubiquitii Networks lost an incredible $46 million. Most recently, a new report analysed Cryptowall 3.0 ransomware attacks in the US and found that it has cost victims $325 million, with that entire sum potentially going to a single source.

These attacks aren’t conducted at random; they are aimed specifically at certain firms, particularly within the legal market. At a legal roundtable event last month, it was surprising to see how many law firms are being actively targeted. Other sectors have obviously struggled with this same issue, but to nowhere near the same degree.

Law firms have always been a prime target for email attackers due to the large amount of monetary transfers they process, and it appears that the criminals have now realised this too. These attacks show a concerted effort to merge online and offline methods of extracting funds from law firms, to the extent that offices are actually being visited by attackers to gain further information about a firm.

How do you spot risks and threats via email?

It can be difficult, but there are several ways to combat this threat, including watching out for domain names that aren’t quite right, and looking out for language use and spelling mistakes. But these change on a daily basis. As a result, if they are developed properly, targeted emails can get past most, if not all, IT systems.

A firm’s greatest weakness – and greatest protection – therefore lies with its employees. Understanding which emails are suspicious will require training throughout the firm – and that means every firm. It’s a serious mistake to think: ‘but we have bright employees, so it’s not an issue for us’. Firms cannot make any assumptions when it comes to security; they will need to check, assign controls and systems, and check again.

How can businesses avoid succumbing to these attacks?

In security terms, the human factor will always be a firm’s weakest link. This comes down to employee training, from support staff, to trainees to managing partners –anyone who picks up an email, answers the door, or takes a call.

Firms that train their employees well and keep them informed of any security threats will be on the right track. By showing employees how easy it can be to succumb to an attack, firms can help to sharpen their defences dramatically. However, it’s important to ‘make the threat real’ – talk and text just won’t cut it.

Training staff on IT security is also key. Don’t take shortcuts with this – take staff into seminar-based training and explain the risks. Giving them real world examples will help reinforce the training. It’s crucial that employees understand that the whole firm is in this together, with a duty to protect both the firm’s and clients’ interests.

Of course, SPAM filtering, anti-virus software and firewalls will already be a part most firms’ arsenals against these sniper-like attacks. However, it is still imperative to devise internal controls and systems that dictate when and how staff can release confidential information, financial information and funds. Think passwords, phone-out verification, electronic signatures, encryption and secure portals. This might seem like overkill, but implementing at least one or two of these steps will help to ensure that only the right people have access to sensitive information, whether it’s the firm’s data or a client’s.

The ISO 27001 standard

When we are talking about IT security, we are basically talking about the threat to assets. An asset can be a PC, a server or even a member of staff. The largest assets that a law firm possesses are its reputation and its brand. The most effective way of protecting these assets will be to train the user base on how to identify suspicious behaviour, how to report it, and how the firm takes responsibility for review and remediation.

The ISO 27001 standard is, without a doubt, the best way for a firm’s leadership to understand at a high level what the security risks are and the likelihood of an attack, in addition to the impact that a breach would have on the firm.

As such, all law firms should look into implementing the ISO 27001 standard, as this actually takes much of the thought out of the process. It’s not difficult, and certification can normally be achieved for the price of a holiday for two. This is a vital first step for a firm that wants to focus on improving revenue and profit, rather than never knowing for certain if it is secure.

Do trusts have a future in the context of the 4th AML Directive?

It is an undisputed fact that money laundering is a major hindrance to a stable EU market. Money laundering distorts economies by allowing the corrupt to legitimise the illegal. It has unfortunately become increasingly common to witness the world’s most corrupt to launder their funds derived from illicit sources into financial centres.

The Fourth EU Anti Money Laundering Directive (the “Directive”), which has just made its way through the EU’s legislation, is designed to update and improve the EU’s Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) laws. The changes are in line with the recommendations issued in 2012 by the Financial Action Task Force (FATF) which is the international global AML and CTF standard-setting body.

What becomes immediately clear from an overview of the Directive is that it obliges, for the first time, EU member states to maintain central registers listing information on the ultimate beneficial owner of corporate and other legal entities, as well as trusts in certain cases. Interestingly enough, it appears that these central registers were only included by MEPs during the negotiations and were not envisaged in the European Commission’s initial proposal.

Clearly, the aim is to enhance transparency and target those criminals in Europe who have for many years used the anonymity of offshore companies and accounts to hide their financial dealings. In the words of Krisjanis Karins (EPP, LV) (Economic and Monetary Affairs Committee rapporteur) “Creating registers of beneficial ownership will help to lift the veil of secrecy of offshore accounts and greatly aid the fight against money laundering and blatant tax evasion”.

Essentially, a central register of an EU country would contain a list of the ultimate owners of companies which register would be accessible to the competent authorities and their financial intelligence units (without any restriction) as well as to “obliged entities” (such as banks conducting their “customer due diligence” duties). Additionally, any person or organisation who can demonstrate a “legitimate interest” (such as investigative journalists and other concerned citizens) with respect to money laundering, terrorist financing and the associated predicate offenses – such as corruption, tax crimes and fraud – are granted access to beneficial ownership information, such as the beneficial owner’s name, month and year of birth, nationality, residency and details on ownership. Timely access to beneficial ownership information should be ensured in ways which avoid any risk of tipping-off the company concerned.

In terms of the Directive, any exemption to the access provided by member states would be possible only on a case by case basis in exceptional circumstances. Access to the information on beneficial ownership shall be in accordance with data protection rules and may be subject to online registration and to the payment of a fee. It is very dangerous that the Directive failed to define “legitimate interest” as this may give rise to confusion and uncertainty as well as potential room for abuse.

The persons who are able to demonstrate a legitimate interest should have access to information on the nature and extent of the beneficial interest held consisting of its approximate weight. Member States may, under national law, allow for access that is wider than the access mandated under this Directive. The UK, for example, has opted for a publicly accessible register of corporate beneficial ownership.

As far as trusts are concerned, the FATF recommendations have likewise obliged countries to take measures to prevent the misuse of legal arrangements for money laundering or terrorist financing. The FATF recommendations have specified that countries should ensure that there is adequate, accurate and timely information on express trusts, including information on the settlor, trustee and beneficiaries that can be obtained or accessed in a timely fashion by competent authorities. This was faithfully transposed in Articles 30 of the directive which provides that Member States shall require that trustees of any express trust governed under their law obtain and hold adequate, accurate and current information on beneficial ownership regarding the trust. This information shall include the identity of the settlor, the trustee(s), the protector (if any), the beneficiaries or class of beneficiaries, and of any other natural person exercising effective control over the trust.

The Directive further provides that Member States shall ensure that trustees disclose their status and provide in a timely manner the information referred to above to obliged entities (such as banks in the course of undertaking customer due diligence measures), when, as a trustee, the trustee forms a business relationship or carries out an occasional transaction above the threshold set out in points (b), (c) and (d) of Article 111 and accessed in a timely manner by competent authorities and FIUs.

This has inevitably triggered a debate as to how to reconcile this easy access to information with the right to confidentiality especially when once bears in mind that that trusts are widely used to protect the interests of vulnerable family members. As professionals, we all appreciate the importance of having measures in place to prevent the movement of illicit funds, and commit to ensuring that such measures are effective. We are experiencing on a daily basis the loss of human lives caused by terrorist attacks and we all feel this innate drive to do our part to curb the flow of funds to terrorist organisations and help curb these atrocities. Equally, as professionals, we have a commitment to preserve the legitimate confidentiality of our clients’ financial affairs. This will be an ongoing dilemma that most are confronted with. It is interesting to note that a much wider debate is under way in many countries on whether it is time to give power to governments to monitor email traffic to fight serious crime at the clear expense of the right of individuals to privacy. As a profession, we need to recognise that we are confronted by similar dilemmas and need to help develop effective solutions.

Thankfully, the mandatory register of trusts applies only to taxable trusts and it will not be public. In terms of the Directive, Member States shall require that the information mentioned above is held in a central register only when the trust generates tax consequences. The central register shall ensure timely and unrestricted access by competent authorities and FIUs, without alerting the parties to the trust concerned. Moreover, information on trusts will only be available to competent authorities. Ultimately this information could nonetheless be collected by tax authorities as a result of automatic exchange of tax information agreements and therefore one does not envisage that the impact on the institute of trusts will be too major in this sense. The abovementioned strict limitations placed on access to trust registers were naturally welcomed by trust practitioners especially when one considers that trusts in common law countries are regularly used to protect vulnerable beneficiaries, some of whom could be at significant risk if their identities were published. Therefore said limitations allowed families to maintain their fundamental right to respect for a private family life. Whilst the focus is on the Directive and therefore the direct impact on EU countries, the pressure to allow public access to beneficial ownership information is spreading around the world in the wake of the revised FATF Recommendations. To mention a few, it appears that the government of the British Virgin Islands is planning to introduce some new measures whilst the government of the Cayman Islands said it will work on the Directive. It is clear to everyone that we’re living in an era where there’s nowhere to run to or hide!
[i]

1 Article 11 provides that “Member States shall ensure that obliged entities apply customer due diligence
measures in the following cases:
(b) when carrying out an occasional transaction:
(i) amounting to Eur15,000 or more, whether that transaction is carried out in a single operation or in several
operations which appear to be linked; or
(ii) which constitutes a transfer of funds, as defined in point (9) of Article 3 of Regulation (EU) 2015/847 of the
European Parliament and of the Council exceeding Eur1000;
(C) in the case of persons trading in goods, when carrying out occasional transactions in cash amounting to
Eur10,000 or more, whether the transaction is carried out in a single operation or in several operations which
appear to be linked;
(d) for providers of gambling services, upon collection of winnings, the wagering of a stake or both, when
carrying out transactions amounting to Eur2000 or more, whether the transaction is carried out in a single
operation or in several operations which appear to be linked.[i]