Prevention is better than the cure – a salient lesson from the UK’s ninth DPA

Somewhat out of thin air, on 22 October the Serious Fraud Office (“SFO”) announced that it had reached a Deferred Prosecution Agreement (“DPA”) in principle with Airline Services Limited (“ASL”). The DPA was subsequently approved by Mrs Justice May at Southwark crown court (sitting at the Royal Courts of Justice) on 30 October.

The news was out of the blue given that the SFO had not publically announced that ASL was under investigation; such similar announcements have become the norm. This DPA is the third of 2020, and follows those entered into with Airbus and G4S.

Background

Briefly, the DPA related to three counts of failing to prevent bribery contrary to section 7 of the Bribery Act 2010 (“Act”), and concerned ASL’s use of an agent to assist it in securing contracts with a commercial airliner. The same agent also doubled up as a procurement consultant for the airline. The gross profits from the three tainted contracts were just over £900,000.

This case was a textbook example of why the Act, and in particular section 7 was introduced. All the hallmarks were present in the ASL case; bribes paid under the guise of commission to an agent to assist in securing business for that company.

The terms

As part of the financial terms of the DPA, there was a (i) disgorgement of the gross profits made under the tainted contracts (£990,971.45); (ii) financial penalty of £1,238,714.31; and (iii) payment of the SFO’s costs of £750,000.

The non-financial term of the DPA was for ASL to continue to cooperate with the SFO and other investigative agencies.

Interests of justice

The interests of justice test was satisfied by a number of factors that lent in ASL’s favour. These included:

  • ASL’s self-report following an internal investigation;
  • Actively” cooperating with the SFO throughout the SFO’s investigation, which included facilitating interviews with ASL staff;
  • The historic nature of the offending, which covered the period 2011-2013; and
  • The change of ASL’s personnel.

Compliance

One salient fact that came out of the DPA was how ASL had approached its compliance obligations. These were described by Mrs Justice May as “woefully inadequate”; there being “negligible efforts to educate its staff or to introduce processes to identify and counteract occasions of bribery”. Clearly, there was no way the company would have been able to rely on the adequate procedures defence under the Act had the company been subject to a prosecution.

A catalogue of compliance errors were spelt out by the court as the DPA was being approved. ASL had in 2010, like many others during that period, engaged external advisors to undertake a review of its compliance programmes in light of the Act’s imminent coming into force.

The external advisors made a number of recommendations that not only included a draft anti-bribery and corruption (“ABC”) policy, but training on that policy and the Act. In addition, ASL was advised to introduce contractual protections by way of amended standard terms and conditions. It is worthy to note that the external advisors picked up on the fact that the use of overseas agents increased the risk of bribery to ASL’s business.

To assist ASL in implementing the recommendations, the external advisors provided the business with (amongst others):

  • A risk assessment checklist; and
  • A due diligence checklist to assist the business with assessing the bribery risks presented by third party suppliers/contractors.

Unfortunately, despite these recommendations, ASL’s senior executives decided to take a “different approach”. It appears that approach was to do nothing. The recommendations were not implemented, and bar one training session in 2011, ASL did not heed to the advice.

By the time ASL introduced an ABC policy, it was far too late as it was implemented in 2015 – after the offending.

Having an ABC policy - just the tip of the iceberg?

The details of the DPA are not particularly unusual, apart from the fact that the SFO has demonstrated once more the dormant status of a company will not be a barrier to a DPA being negotiated (an approach far different to that taken by the CPS’ in the Skansen Interiors Limited case, discussed here). However, it is the commentary on ASL’s lack of compliance that is important.

When corporates are advised about their responsibility under the Act, the introduction and implementation of an ABC policy is always likely to be at the top of any list that is compiled. However, having an ABC policy is just the tip of the iceberg.

When drafting an ABC policy, that policy can only be informed by the results of a risk assessment that must be undertaken by/on behalf of the company to ascertain the risks of bribery that the business faces. Without a risk assessment, the ABC policy is unlikely to be worth the paper it is written on. It is only when any risks are known can the ABC policy truly begin to take shape. The level of detail will very much depend on the type of business and the jurisdictions that the business operates in, and therefore, what may be adequate for an SME operating solely in the UK, is unlikely to be so for a larger corporation with a national and international focus, particularly where some of its business is undertaken in high risk jurisdictions.

Once the ABC policy is implemented, it should be regularly reviewed to ascertain its efficacy. The frequency of any review will be dictated by the business’ needs and/or its growth. That policy should also be benchmarked against existing business processes to ensure that it remains fit for purpose.

Once in place, employees should be directed to where the ABC policy is held, and the business’ stance on bribery. Senior management commitment here is vital. It is of little use to have the policy if no one is made aware of its existence/location and importantly, its purpose. So rather than gathering dust, it should form the basis of any employee/agent/third party on-boarding.

Each employee (and where relevant, agents and third parties) must be trained on that policy. Training should be regular and when completed, records should be retained on each employees' HR file as evidence of that completion. Face to face training resonates more with employees and is far more engaging, but given the current pandemic that is unlikely to be possible. The alternative would be to deliver the training remotely or via software tailored to the business’ needs.

Prevention is, as is often the case, far better than the cure so rather than leaving the business exposed, as the ASL management did, if a corporate is to rely on the adequate procedures defence under the Act, compliance needs to be very much at the top of its agenda.

The details of ASL’s DPA can be found here.

Who to contact