This article first appeared in Financier Worldwide Indepth Feature: Corporate Fraud & Corruption.
Iskander Fernandez specialises in advising and representing corporates and high-net-worth individuals in a variety of complex financial crime investigations and proceedings, including allegations of bribery, corruption, fraud and money laundering where external investigations and proceedings are initiated by the Serious Fraud Office, Crown Prosecution Service or HMRC. He has significant experience in providing training to senior management on anti-bribery and corruption compliance and where necessary, drafting or amending existing policies and procedures. Mr Fernandez also regularly advises clients on range of sanctions-focused instructions.
To what extent are boards and senior executives in your country of focus taking proactive steps to reduce incidences of fraud and corruption from surfacing within their company?
The introduction of the Bribery Act 2010 heralded a significant shift in how boards and corporates approached their business’ compliance policies and procedures. Suddenly, companies’ compliance programmes were thrust into the spotlight and at risk of being severely tested if an associated person bribed an individual for the benefit of the company and the company had no procedures to prevent that conduct from taking place. More than 10 years later, senior executives and boards have made compliance the backbone of their business as regulatory oversight into their business practices has intensified, especially following the introduction of the Criminal Finances Act 2017, which criminalised a corporate if it was found to have failed to prevent the facilitation of tax evasion, whether in the UK or abroad, and, more recently, the new failure to prevent fraud offence contained in the Economic Crime and Corporate Transparency Act 2023.
Have there been any significant legal and regulatory developments relevant to corporate fraud and corruption in your country of focus over the past 12-18 months?
The passing of the Economic and Corporate Transparency Act in 2023 was the biggest development in the UK’s fight against corporate fraud and corruption in the last 10 years. Following years of consultation with experts, professionals and academics, the Act has introduced two significant changes to the UK’s compliance landscape – a new failure to prevent fraud offence and an amendment to the ‘directing mind and will’ test, which plagued prosecutors when attempting to successfully prosecute corporates. The weaponry now available to law enforcement bodies could lead to an increase in investigations and prosecutions, something that boards should be acutely aware of when monitoring their business’ conduct.
Bribery and corruption tracker (UK)
The UK formally notified the European Council of its decision to withdraw from the EU on 29 March 2017. Our timeline illustrates what has happened to date and how we expect the process to unfold going forward.
When suspicions of fraud or corruption arise within a firm, what steps should be taken to evaluate and resolve the potential problem?
When faced with such a scenario, a corporate should consider whether to engage lawyers to assist it in understanding whether there is any merit to the allegations, and if so, the extent to which the allegation extends across the business. The board should seek to assemble a small internal investigative team, that is likely to pull in individuals from finance, IT and HR, to assist lawyers in their investigation of the issues. With the assistance of its legal team, the business should consider whether relevant individuals should be spoken to and the extent to which each individual’s data needs to be interrogated to assess whether there is any evidence that points to or away from the suspicion. The investigation could take weeks if not months, and so the business must ensure that the investigation is not prejudiced through the inadvertent release of information.
Do you believe companies in your country are paying enough attention to employee awareness, such as training staff to identify and report potential fraud and misconduct?
Due to the significant regulatory and legal change across the UK corporate landscape in recent years, companies would be unwise not to pay due regard to how employees are onboarded, trained and supported for the simple fact that ignoring these integral compliance processes could result in the company itself being pulled into an investigation or prosecution which could highlight any deficiencies in its internal governance. Simply having a policy in place is not enough to extricate a business from any suggestion of wrongdoing, especially if the business’ employees are clueless about what is expected from them, their employer and, crucially, the law.
How has the renewed focus on encouraging and protecting whistleblowers changed the way companies manage and respond to reports of potential wrongdoing?
One change that a corporate may be faced with once a whistleblowing report is made about potential wrongdoing is that the corporate should, where possible, keep the whistleblower informed about the progress of any investigation, although care should be taken not to take any steps that might result in a loss of privilege or confidentiality. The whistleblower’s expectations should be carefully managed, particularly when they have expectations that may not be deliverable.
Could you outline the main fraud and corruption risks that can emerge from third-party relationships? In your opinion, do firms pay sufficient attention to due diligence at the outset of a new business relationship?
The role of third parties has been a thorn in the side of some businesses, particularly where those third parties are located in high-risk jurisdictions. In furthering the interests of a corporate, the business may become entangled with the conduct of the third party, in some cases unwittingly. Risks may come in the form of facilitation payments to individuals to speed up certain processes or payments to public officials in a jurisdiction that the business does not yet have a foothold in. With criminal liability now attaching to a corporate because of the conduct or actions of its ‘associated person’, businesses are now acutely aware that onboarding third parties is of paramount importance in the due diligence process, particularly with the expansion of the failure to prevent offence, which now applies to bribery as well as the facilitation of tax evasion and fraud.
What advice can you offer to companies on implementing and maintaining a robust fraud and corruption risk management process, with appropriate internal controls?
Implementing policies and procedures that are designed to protect the business is one thing, but the key is to ensure that not only have those documents been informed through a risk assessment, identifying areas of weakness for the business, but that those policies and procedures are filtered across the business to ensure that all employees are fully aware of the company’s stance. Training employees on those policies ensures a seamless process from paper to practice, reminding each business partner of the role they play in safeguarding the business’ interests. Monitoring policies and procedures is also key, for the simple fact that what may be relevant in year zero may not address the risks in the business in year five, particularly if the business has expanded in size and scope.