[00:00:00] Speaker A: Foreign.
[00:00:14] Speaker B: Hi everyone. Welcome to this special live episode of the Ethicast. I'm your host Bill Coffin and I'm joined by Ethisphere Chief Strategy Officer Erica Salmon Byrne. Erica, it is great to see you as always.
[00:00:25] Speaker A: Well Bill, anytime we have interesting new guidance for the companies out there who are wondering how they make sure that their programs are are ready for what's coming. It's a pleasure to jump on the live stream and talk about it with you.
[00:00:36] Speaker B: Well, today we're going to talk about something that just dropped. The UK's Serious Fraud Office has just released its SFO external guidance on Corporate Cooperation and Enforcement in relation to Corporate Criminal offending, an updated set of guidelines around corporate self reporting of misconduct, parameters for obtaining a deferred prosecution agreement, and fresh details on what will be considered cooperation and non cooperation when it comes to seeking a dpa. So Erica, let's unpack this.
[00:01:02] Speaker A: Yep.
[00:01:03] Speaker B: How does this new guidance interact with the Economic Crime and Corporate Transparency act of 2023?
[00:01:09] Speaker A: So Bill, the ECCTA is set to come into effect in September of this year. So September 1, 2025 that new legislation is going to come into effect. And for those of you out there listening, thinking to yourself, yeah, cool, I don't do business in the uk, if you're sure about that, then that's one thing. But you know, the way the ECCTA is written, it is going to capture businesses of a wide variety of sizes that have exposure to the uk, Northern Ireland, you know, Wales, those jurisdictions. And it created a corporate offense that is failure to prevent fraud. And the reason that I raised this is because this is one of the wider types of potential corporate offenses that organizations can find themselves running afoul of. And the primary reason for that is one of the pieces of the analysis is was the fraud for the benefit of the business. So kind of like with the Bribery act, we saw a component of this which was the bribe was paid in order to advantage the organization. This is a similar sort of a structure but it's obviously much, much broader. So you could think about somebody in the accounting department that decides to present the numbers in such a way that the companies financials look rosier to investors. Well that's obviously to advantage the business to the benefit of the organization and would be the kind of thing that would get captured by the eccta. So as companies are thinking about what their preparation for the enforcement of the act or the implementation of the act is going to look like as they're doing the risk assessments, this is a piece of the Process, which is okay in the event we have found something.
How do we engage with serious frauds? What are the parameters of that look like so that we can show that we had reasonable prevention practices, which is one of the standards of the act, and address the issue so that the company doesn't get in trouble.
[00:03:01] Speaker B: So how does this new guidance align with the Deferred Prosecution Agreements Code of Practice from the Crimes and Courts act of 2013?
[00:03:09] Speaker A: Yep. So the, this new guidance cites that, that code of practice, which was a set of guidelines for Crown Prosecutors on how to think about whether or not it is in the public to enter into a deferred prosecution prosecution agreement with a particular organization. And what this guidance does is it really lays out process. So I'm, you know, let's say hypothetically speaking, I'm a corporation and I discover that my employees in Malaysia are engaging in some sort of a kickback process that is, you know, making the, our sales, falsely inflating our sales numbers.
I discover that Serious Frauds now has a way for me to enter into a secure online portal that allows me to communicate directly with the Serious Frauds Office Intelligence Division. So, you know, I have a person, I have a way electronically to contact Serious Frauds. Serious Frauds commits that they will get back to me within 48 hours after I make that submission. And then there are set timelines of when I can expect Serious Frauds to make make decisions as to whether or not I'm going to get a dpa, whether or not my cooperation is sufficient. And it also establishes the presumption of a Deferred Prosecution Agreement. So if I self report, kind of like here in the US where we had the presumption of a dpa. If you self report. Now in the UK if I self report, I also have the presumption of a DPA in the, in the, with the exception that if there are extraordinary circumstances that would indicate that that's inappropriate, then we, you know, obviously you shouldn't count on it, but the presumption is that if you do self disclose, you will be treated expeditiously. So this is not a situation where things are going to drag on and on and on and on and you have the presumption of a dpa.
[00:05:05] Speaker B: So Erica, to what degree does this align UK self reporting guidelines with US DOJ guidelines or perhaps certainly do you know, are there still any significant differences between cooperation standards in the UK versus the US and should we expect to see similar guidance in Commonwealth countries such as Canada, Australia and elsewhere?
[00:05:24] Speaker A: Yeah, it's A good question, Bill. There are a lot of similarities between the way that the Department of Justice has laid out their self reporting guidance and the way that the SFO has laid out its self reporting guidance. Couple of interesting differences. One is this portal, right, the fact that you can go, there's a, there's now a secure system that allows you to communicate, communicate directly with the Serious Frauds Office. There's some very specific time horizons that the Serious Frauds Office has committed to engaging with companies around. There's a little bit more information in the guidance that came out from Serious Frauds on what cooperation looks like. You know, we did get some of that from the DOJ as well, but we, you know, we see, we see a little bit more detail on that from Serious Frauds. So very similar themes, I would say, between the two sets of guidance with, you know, with the exception of the, the SFO guidance has, as I said, a little bit more particularities around how quickly you should expect to hear back and things along those lines.
[00:06:24] Speaker B: The parameters for timing around self reporting appear to be somewhat subjective and left to the company to determine for itself what is an appropriate amount of time to run its own investigation before self reporting.
[00:06:34] Speaker A: Yeah.
[00:06:34] Speaker B: Erica, what does this tell you about how much the UK is deferring to internal best practices when it comes to ethics compliance?
[00:06:41] Speaker A: Yeah, I think, you know, it's the, the, the, and the, the math that a company has to do is very similar here in the US or really in, in any jurisdiction where there is a, the possibility of criminal consequences for the organization for employee behavior is, you know, you, you figure out something has happened and the question is always, well, do I take it to the government or do I, do I roll the dice and assume that the government is never going to know about this? And basically what this guidance from the UK is doing is it is joining the pantheon of other guidance that we have seen to say to companies, don't roll the dice, right. It is going to be better for you if you come to us than it's going to be if we come to you. The, you know, the way you're going to be treated, the size of the fine all of those pieces are going to be, are going to be treated. You're going to be treated better if, if you bring it to us as opposed to, you know, if we find out about it on our own and you know, with some of the, the work that's been done on whistleblowing, you know, the, the EU whistleblower directive and some of the other things that are out there. Your chances that somebody's going to bring it to the government or bring it to the attention of the government are higher than they have been in years past. Also social media and all of the other, you know, the other pieces that make our, our world so significantly information heavy. So I think, you know, the, the, what the, what the guidance says is basically if you think there's a real issue, bring it to us and we can partner with you.
That said, we know you have to do a certain amount of internal investigation before you know if it's a real issue. And we're going to leave it up to you to, to decide together with your council in all in, in all likelihood, when the right time is to, to, to bring the issue to us. You don't have to bring it to us on a platter. You shouldn't bring it to us tied up in a bow. We do want to partner with you because there may be nuances that we need to be aware of or, and slash or, and the guidance talks about this, there may be cross jurisdictional issues that you're dealing with as well. So, you know, a lot of the people who are listening to you and I talk about this bill work for multinational companies that do business in lots of places. And so it may very well be that you have exposure in four or five different jurisdictions. And that is going to be a coordination process that SFO has said they want to be involved in. And they've specifically called out, and I do want to emphasize this, they've specifically called out that something that will diminish their perception of your cooperation is forum shopping. So if you are, you know, dealing with a situation where you've got a couple different jurisdictions that are involved and you make the decision that you're going to self report to the one where you think you're going to be in the least trouble, they are going to look upon that poorly. We'll just say poorly.
[00:09:32] Speaker B: Yeah, yeah. So. So to follow up on that in its notes on what constitutes cooperation when it comes to internal investigations, the SFO highlights the importance of, I'm going to quote them here, early engagement with us as to the parameters of the investigation. So is there an argument for companies to complete their internal investigation before deciding whether or not to alert the authorities just in case the internal investigation concludes in good faith that there really isn't much of a there there?
[00:10:00] Speaker A: Yeah, you know that. I mean that's the million dollar question. And I say million dollars bill because often companies will pay outside counsel a million dollars to help them answer that question. Right, but it is, that's the big question. How much of my investigation do I have to complete before I decide that there is something that I should voluntarily self disclose? And every company is going to have to make that determination for themselves. There are a couple of things that factor into it that the SFO does talk about. They talk about prior conduct. Much like the US DOJ has said, if you're a recidivist, we are going to, you know, come down on you a little bit more harshly. They talk about public interest. There are a few different factors that, that play into that analysis, but every company is going to have to try to answer that question for themselves.
That said, a compliance program with strong parameters for prevention of fraud is going to be your best friend in this regard for a couple of reasons. It's going to allow you to figure to learn about issues early so that you can make that determination as to whether or not it's appropriate to voluntarily self disclose. The better your process, the higher the likelihood is that SFO will say, we're just going to sell, we're going to partner with you, keep us in the loop, finish what you're doing and then, you know, just, just keep us updated. And that is in a lot of ways going to be, you know, your, your best case scenario, which is you've, you know, you figured out there's enough of a there, there, you get together with council and council agrees, you go to sfo, you say, here's what we're dealing with. Here's where we are in the investigation. Here's our plan to figure out the rest of what happened. SFO says, great, just keep us in the loop and you know, we'll, we'll keep talking and then you're allowed to finish out your investigation and then you can, you know, negotiate a DPA in good faith with serious frauds. So that's, you know, that's kind of what you're aiming for and, and clearly what SFO is aiming for in this regard in the way that they've set up both the, the portal and the responsibility on their side for who's involved and the timelines and you know, sort of when you'll be invited to enter into negotiations around the dpa. They're, they're very clearly leaning in the direct leaning into this idea of resolving issues quickly, provided you fully cooperate and self disclose. So that's, that's the, the carrot that they're, they're dangling out in front of organizations to let them know about the things that they are finding and to let them know as opposed to engaging in some jurisdictional shopping. Now Bill, I realized as, as I was listening to you ask the next question, I didn't answer the Commonwealth piece. Right. So what else are we going to see from, from similarly situated Commonwealth countries? We have seen out of Australia the good practice guidance that came out around their particular anti corruption standards. So you know, I think we are seeing kind of a coordinated move in the direction of the regulators in a wide variety of countries looking for ways in which they can structure their program similarly so that multinational companies can negotiate both in terms of how to travel and also negotiate the resolution of issues that are multi jurisdictional. So while we might not see exactly what we're seeing out of serious frauds, I do think this is part of that kind of coordinated effort that we are seeing between different regulators across borders as they are attempting to address issues that touch the multinational companies that operate within their countries.
[00:13:22] Speaker B: In light of the recently announced uk, France, Switzerland, anti barber, anti corruption alliance, what are we to make of this particular announcement from the sfo? Is this a separate evolution that just has coincidental timing or is this part of a broader effort to create a more unified regulatory regime among the the EU and the uk?
[00:13:41] Speaker A: Yeah, I think, I think it is part of a, I think it's a part of an effort that the UK government is making to set their prosecutorial regime up for the greatest success possible by making the process something that is as transparent as they can to the companies that they are engaging with. So if you think about a company that finds a corruption related issue, the easier it is, the more transparent it is, the simpler it is to navigate what that process looks like. The more likely a company is going to be to engage.
And so I think this is really an effort on the part of serious frauds to say this is what engagement with us self disclosure engagement with us looks like. This is what voluntarily voluntary self disclosure looks like. And it's not, you know, with the exception of some of the timelines in the portal and that sort of thing, it's not that dissimilar to what we saw out of the DOJ over the course of the last couple of years. Right. You know, a couple years ago, Deputy Attorney General Monaco really leaned into this voluntary self disclosure presumption of a declination, presumption of a dpa, a very similar kind of talk track to what we're seeing out of serious frauds. And so I think, you know, I think this is a lot of the Same kind of thinking on the part of the prosecutors, which is the more we can cooperate with companies, the more we can incentivize companies to set in place the kind of practices that prevent fraud in the first place, the more likely we are to, to be upholding the public interest. So I, I think it's, it's being driven by a lot of those, that same thinking that we saw out of the US DOJ around this concept of how do we get companies to think proactively appropriately about voluntary self disclosure, what can we offer them to get them to engage in that kind of a dialogue with us? And that's, that's what I think what we're seeing a lot of, a lot of what we're seeing here. Now the one thing I will highlight is I do think the note on forum shopping is an interesting one as it pertains to the FCPA pause that we're seeing here in the US If I were a company that was operating both in the US and in the UK and I ran into a particular anti corruption related issue and I had a choice between where I was going to potentially disclose that issue, that piece of it would give me pause in my analysis as I chose, which jurisdiction I was going to approach with what it is that I found. So you know, that, that is a, that is the one piece in here where I think we are seeing serious frauds as it pertains to that announced coordination effort with the Swiss authorities and the French authorities really put a stake in the ground to say, you know, just because you think you're going to get special treatment somewhere else, if that is what is motivating your choice, that is going to be something that we don't look kindly upon. Now of course, if you are a company that has, you know, you could make a jurisdictional argument, you can make an operational argument, you could make a, you know, degree of harm to different jurisdictions argument. But if there's a piece of it where the prosecutors are going to be like you were looking for a pass and you thought you would get it there as opposed to getting it here, your likelihood of getting that, you know, sort of preferential treatment with serious frauds, I think probably just went down.
[00:16:53] Speaker B: Well, Erica, it is always really exciting when big news drops in our world and it's always a pleasure to jump on the other cast with you and get the lowdown from you on this. So thank you so much for stopping by and being our ear to the ground on this one.
[00:17:04] Speaker A: Yeah, absolutely, Bill. No, it's, it's It's a really interesting set of developments to track. For those of you who are kind of hearing about things like the Economic Crime and Corporate Transparency act implementation or you're hearing about the Serious Frauds Office piece, Bill's going to drop, drop a whole bunch of links in the show notes for this particular episode of some of the things that, that you might want to take a look at. And to the extent that you haven't started to, and you have exposure to the UK, right. You're an organization with more than 250 employees over there.
Really start digging in on that ECCTA piece because implementation of that is coming and there's some wonderful guidance on how to think about the three components of the fraud triangle. Right. This is a, this is a place, Bill, where you and I should probably do a separate Ethisphere reacts, Ethicast reacts on this one at some point. But, but the, the ECCTA guidance includes this question of motivation. Right? So, so there's the, the three classic pieces of the fraud triangle are in the way to think about your risk assessment and so thinking about what are my, you know, what kind of incentives have I set up? Well, we, we, we've been talking about that under the DOJ guidance for a long time. But also what motivated the behavior on the part of the employee, right? Was it, you know, you didn't think you get caught? Was it resentment? Was it pressure? So you have to start thinking about some of those pieces as you think about what your reasonable practice, reasonable prevention practices look like under that act, there's going to be a lot there for compliance professionals to unpack. There's some really, it's obviously in legislation that's been informed by some of the research on behavioral ethics and kind of employee behavior. So definitely something worth digging into. If you are listening to Bill and I and thinking to yourself, well, you know what, we do have a little bit of exposure over there. Spending a little time with that piece in particular and thinking about whether or not your current program tracks those reasonable prevention practices is going to be time well spent.
[00:19:04] Speaker B: Well, just to follow up Erica's comments, to read the full text of the SFO's latest guidance, please visit the SFO website at www.gov.uk and as Erica said, we'll also link to this guidance as well as a few other helpful documents in this episode's show notes. And as always, for plenty of resources around self reporting, DPAs, internal investigations and more, please visit the Ethisphere resource
[email protected] resources thanks for joining us on this special live episode of the Ethicast, everyone. For more episodes, please Visit the Ethisphere YouTube
[email protected] ethisphere and if this is your first time enjoying the show, please make sure to like and subscribe on YouTube, Apple Podcasts and Spotify. Thanks so much for joining us. And until next time, remember, strong ethics is good business. Bye now.
