Authors: Catherine Lewis Emma Shafton
Catherine Lewis and Emma Shafton team up to discuss the UK's Economic Crime and Corporate Transparency Act of 2023 and its potential impact on directors and officers (D&O) insurance coverage. Both based in London, the lawyers discuss important steps that policyholders can take to mitigate risks.
Transcript:
Intro: Hello and welcome to Insured Success, a podcast brought to you by Reed Smith's insurance recovery lawyers from around the globe. In this podcast series, we explore trends, issues and topics of interest affecting commercial policyholders. If you have any questions about the topics discussed in this podcast, please contact our speakers at insuredsuccess@reedsmith.com. We'll be happy to assist.
Catherine: Welcome back to Insured Success. My name is Catherine Lewis. I'm a senior associate in our London office. I am joined today by my colleague Emma Shafton, who is a senior associate in our global regulatory enforcement group who specializes in white collar crime and investigations. Today, Emma is going to talk to us about the two new corporate criminal offenses contained in the Economic Crime and Corporate Transparency Act 2023 which came into force in the UK at the end of 2023. And we are going to share our insights on what this means for policyholders operating in the UK. The potential impact on your directors and officers and other insurance cover and some of the steps that policyholders can take to mitigate risks. Emma, could you give us an overview of this new legislation?
Emma: Sure. So the Act, ECCTA I'll refer to it as, came about as part of the UK government's response to Russia's invasion of Ukraine in February 2022. By this time, there was an increasing understanding that London had become um a dumping ground really for dirty money by foreign elites, Kleptocrats and other bad actors and that the UK's economy was being abused. So the act represents a complete overhaul of the UK government's framework for tackling economic crime. The act itself covers a very broad range of issues. You know, beyond the scope of this podcast, including companies house reforms, but today, we're going to focus on two significant changes to corporate criminal law. The first is the new senior manager's offense and the second is the new failure to prevent fraud offense. So let's deal with the first offense first. So that's the senior manager's offense and that's under section 196 of ECCTA. Uh This came into force very quietly on boxing day last year actually. Um and a lot of Corporates have been caught by surprise by it and it's worth flagging at the outset that this is completely separate to the FCA's existing senior managers and certification regime. These are different things. It's perhaps unfortunate that the draftsman of a decided to use the same language because the definitions unhelpfully do not correlate. Um So I just wanted to flag that at the beginning, we're dealing with a completely new corporate criminal offense here. What the offense means basically for corporates is that if a senior manager of the organization acting within the actual or apparent scope of their authority commits a relevant criminal offense and those offenses are economic crimes. So things like theft, bribery, fraud, false accounting money laundering, and also certain tax offenses. If that senior manager commits one of those specified offenses, the corporate can be criminally liable. Now, what the repercussions of that would be, is a very large fine. Essentially. Now, this offense um can apply to senior managers of a body corporate or partnership and there's no size criteria or threshold. So that means that all organizations um of any size could be liable so long as the jurisdictional requirements are met, you know, this is a UK act and we'll come on to that um, Later.
Catherine: Interesting, this seems like a really big shift from the previous regime. Is, is that right?
Emma: It is. So the new senior manager's offense is one of the biggest changes really in corporate criminal liability in over 100 years. So under previous law, uh which was, you know, Victorian law, um, corporates could only be prosecuted and criminally liable for the offenses of its employees if it could be shown that that individual was acting as the directing mind or will of the corporate and you know, they had the necessary state of mind for the offense in question. So with a lot of the economic crimes, usually that involves dishonesty. So historically, this made it very challenging for authorities to prosecute corporate successfully. Um because there's just a very small group of people who would meet that criteria of directing mind and will. And this is particularly so in large corporates, with complex management systems became very difficult to identify whether an individual belonged to that group. So that was the sort of historic position. This new offense essentially makes it much easier for corporates to become criminally liable for the actions of its senior managers now.
Catherine: So, I mean, who are these uh new senior managers that have been identified?
Emma: So, um this we foresee is going to be one of the issues with this legislation and for corporates in actually identifying who their senior managers are, and it's not entirely clear from the legislation. Um there's no guidance. The government are not required to publish guidance for this offense uh about this point so that the act defines a senior manager as an individual who has a significant role in the decision making of the whole or a substantial part of the corporate and someone who is involved in the actual management of the whole or part of the corporate. So it's somebody who's making decisions, really somebody who is making decisions at a high level. Um Apart from directors who are perhaps a sort of obvious class of people who would fall within this definition, other roles could include a regional manager, for example. Uh but you know, as, as I've already said, it's not clearly defined who senior managers are. And it may be difficult in practice for corporates to identify who their senior managers are because depending on the sector and the business, this may be a fluid category of individuals. We also foresee that one of the biggest challenges for prosecutors is going to be proving apparent authority. So actual authority, perhaps you might look at a job's description or somebody's responsibilities to determine what is within someone's actual authority. But what does apparent authority mean? It sort of implies that that person doesn't have authority to do um the act in question. So we think there's going to be substantial debate on this topic. And um it'll be very interesting to see. The SFO have indicated, the Serious Fraud Office that they may publish some guidance about how this new offense will be enforced. So it will be very interesting to see in due course, what they say about this. So, um yeah, that sort of is broadly um the position on the definition of senior managers.
Catherine: That's really helpful. Thank you. And so is the senior manager events limited to individuals within the UK?
Emma: So the definition of a body corporate or partnership in, in the act includes um those incorporated outside of the UK, so um it's not limited to the UK, and what this means is that a non-UK company could be liable under this act where um an offense is committed by a UK national senior manager, for example, or by a foreign national senior manager when the offense is committed in the UK. So there is certainly a degree of extra territoriality.
Catherine: Really interesting. So it seems to me that policyholders will need to be carefully considering their directors and officers insurance as well as their liability policy wording to take into account these pretty serious and significant changes. Directors of offices or D&O policy is one that a policyholder would typically look to respond if it's faced with an investigation or a potential investigation by a regulator or an authority um, in respect of the conduct of its senior management and clearly an important point for policyholders is to, as you said, Emma consider who their senior managers are and to ensure that those individuals are falling within any applicable policy definitions of individual insured or insured persons. Are we expecting to see a significant number of investigations or prosecutions or penalties being levied as a result of this legislation?
Emma: Yes, we think so. So on paper, the offense is astonishingly wide. The group of individuals whose conduct can lead to the prosecution of their company for their actions, their criminal actions has, it's really expanded the pool of people is much bigger now. And therefore, um the new offense significantly increases the risk of criminal liability for corporates but of course, um, you know, these offenses are only as good as the enforcement agencies, um, who might use them. So this offense is only going to be a game changer and is only going to see more prosecutions and so on if the agencies actually use them. So at the moment, we, we understand that the serious fraud office are, are quite excited about this new legislation. Um, yesterday, I, I heard a senior person from the serious fraud office describe it as a game changer this offense and said, you know, where appropriate obviously, they will use this offense where they can. They've had um a very bad track record of securing convictions against individuals in relation to corporate settlements and have lobbied very hard to change the law in this area. So, you know, we certainly um would expect to see them using this relatively soon in an appropriate case. And as I highlighted earlier, they've hinted that they are going to publish some corporate guidance in relation to this. So we, we await that with interest. There's definitely a sense though that the office is buoyed by this new offense. It's got a new director in place and are doing things differently. It seems so we, we can expect the SFO certainly to be looking at this offense very closely. And then from an FCA perspective, they've recently published their 24/25 business plan and commitment number one is reducing and preventing financial crime. So we would expect, you know, the FCA to be looking very closely at this new tool available to them as well. Another point to highlight in relation to, you know, whether this is going to see a significant number of or an increase in prosecutions and investigations is that there is no defense, there's no defense of having reasonable procedures in place. Uh, which is very interesting. So, um, yeah, we, I think we can expect to see more investigations and prosecutions. The penalty is an unlimited fine for the corporate.
Catherine: Wow, that's pretty, pretty significant for, for anyone doing business that touches the UK. So what can companies and businesses do to mitigate and, and reduce their risk? What steps should they be taking now?
Emma: Policyholders should identify their senior managers as, as the first port of call. And we've already explained that this may be challenging to do in practice, but that's the first point. And, and once you've identified that group of individuals, you need to consider the risks really that those individuals might do something that results um, in criminal liability for the corporate. So introducing comprehensive training relating to economic crime, money laundering for senior managers is going to be key and I've referred to money laundering and that's because it's very important to note that in addition to bribery fraud, theft and so on, there are some money laundering offenses, um, that are caught under this act, in particular in relation to the AML mandatory reporting regime, suspicious activity reports. It's a criminal offense under the process of Crime Act when a relevant person in the regulated sector fails to notify the authorities about suspicion of money laundering and under this act. Now, if that substantive offense could be made out, the corporate could also be liable which wasn't the position before. So, very significant changes here.
Catherine: Yeah, absolutely. So, moving on a little bit, then can you tell us about the new failure to prevent fraud events?
Emma: Yes, sure. This is under section 199 of ECCTA. It follows the failure to prevent model that our listeners are probably quite familiar with now. So section seven of the Bribery Act um was the first offense of this nature and subsequently, we've had failure to prevent tax evasion. The, the key difference though, in relation to this new offense and the Bribery Act, however, is that it only applies to large organizations. Section seven of the Bribery Act applies to all organizations irregardless of size. So it's a smaller pool of corporates who will be affected by this. But the definition of large organizations for the purposes of this new offense is the organization must have a turnover of more than £36 million a balance sheet total of on aggregate more than £80 million in assets or more than 250 employees. And it has to meet two of those criteria.
Catherine: Thanks, and so how does the offense work?
Emma: So if you're a relevant body, so as defined, meeting two of those three criteria, that relevant body will be criminally liable when an associate of it commits a specified fraud offense. So there are four requirements of the offense. The first is there must be a specified fraud offense. Um Those are all listed, but you know, it would be offenses under the fraud act and false accounting, fraudulent trading. The second requirement is the offense is committed by an associated person to that corporate. So associated person is a term we're very familiar with from the Bribery Act, but it's an employee, an employee of a subsidiary agent that those are the sorts of people who are associated persons. It's apparent that the SFO is taking quite an expansive view of who falls within, into associated persons and recently indicated that it's looking at whether social media companies could be liable for failing to prevent investment fraud perpetrated on their platforms, for example. So that just gives you an idea of how expensively they are looking at it. The third requirement is that the offense um is intended to be for benefit of the organization. The fraud doesn't have to be successful, uh doesn't have to 100% be for the benefit of the organization. But it's important to note that if a corporate is the victim of an employee or associated persons fraud, they will not be liable under this offense. So that's an important carve out. And then the last requirement, the fourth requirement is that no reasonable fraud prevention procedures are in place if they are. It, it's a defense. The offense itself is actually not in force yet. Um And that is because there is a requirement for the government, the home office in this case to publish guidance and, and that has not been finalized yet. There's draft guidance in circulation and the final guidance is said to be expected imminently. The offense is meant to come into force six months after the final guidance has been achieved. So um could be this year we're waiting to see um in our view though, that six month period isn't enough time for corporates to get ready.
Catherine: Yeah, I agree. That seems like a pretty, pretty short amount of time to get ready for some fairly significant potential offenses there. I asked this question regarding the senior manager offense, but does this offense apply just to UK companies?
Emma: So there's also scope for um extra territoriality in relation to this offense. It depends really on where the specific underlying fraud offenses take place. So a non-UK organization could be caught by this offense where say an employee or agent commits fraud under UK law or targeting UK victims. So the key thing is where the fraud is taking place, not necessarily where the person is, who's committing it.
Catherine: Right, That makes sense. Are we expecting then to see a significant number of investigations and prosecutions once this element of the legislation comes into force?
Emma: Given the offense only applies to very large companies. We're not expecting as many prosecutions or a significant uptick as we are with the senior manager offense. But we are definitely expecting prosecuting authorities will look to use this new tool where they can and it is possible to see joint charging because the way the legislation for the senior manager offense is drafted, it's not the case that a senior manager has to be taken to a court convicted. And only then once that conviction is, you know, confirmed, the prosecutor would then go on to prosecute the corporate. It, there's no requirement for that. So what we might see is joint charging of senior managers and corporates for the failure to prevent offense. At the same time as with the senior manager's offense, the penalty is an unlimited fine again. So it's essential that large companies are prepared for this legislation.
Catherine: Yeah, fully agree with that. Um Let's go on to about what what steps they can do to prepare. We talked about it a little bit earlier about the senior managers events, but what steps should uh policyholders be taking taking here?
Emma: The critical thing to do is risk assess so specifically focused on fraud, risk and the risk of other economic crime. And if a corporate has already undertaken a fraud risk assessment, that should be reviewed to make sure that it remains fit for purpose. As part of that risk assessment, you should be assessing your geographies, sectors, clients and suppliers. So the second thing is once you've done that risk assessment, ensure that you have proportionate policies and procedures in place to cover those risks, um identify who your most at risk employees, subsidiaries and associated persons are as part of that risk assessment, consider introducing comprehensive training for your employees, subsidiaries and associated persons in relation to financial crime risks and monitor and incentivize compliance. Those are the key things that policyholders can be doing to prepare for this legislation.
Catherine: This all sounds really critical for policyholders and I expect that it's these are the sort of questions that insurers will be asking policyholders when it comes to renewing insurance policies. I certainly think we can expect questions about the identification of senior managers as well as copies of risk assessments and reporting procedures. So any potential concerns are raised and addressed appropriately within the organization?
Emma: Yeah, I totally agree. Are there any other final points from an insurance perspective that you think policyholders should be aware of when considering the impact of the two new offenses?
Catherine: There are Emma, and I've been thinking a lot about all the really helpful analysis and explanation you've done of these pretty significant offenses and some of the key considerations I think that policyholders should have in mind entering into a renewal process since the introduction of the legislation and the two offenses are, is there sufficient investigatory costs cover? So will the policy respond to an investigation being instigated by any of the authorities? And what is the trigger for any investigation or pre-investigation costs? So at what point does the policy step in and help uh a policyholder cover any of its legal costs or investigation costs in looking into the facts and events that the authorities are also looking at. And is there an extension for any specific pre-investigation or mitigation costs? It's also worth bearing in mind what the notification requirements are under the policy in the event that there is an issue down the line when faced with an investigation or request for information from an authority that often requires a really quick response from the business. And the priority obviously will be engaging with the authorities and insurance may not always be front and center of everyone's mind in that context. It's incredibly important that any notification requirements are not unduly onerous to making sure that the policy allows for plenty of days for a notification to be made and avoiding any conditions precedent to cover in case notification isn't made as promptly as everyone would like. When it comes to D&O policies as well as having side A and side B cover protecting individuals, as corporate entities as well as natural persons can be liable under these offenses, I think businesses should be considering whether they want any side C cover as well and having a discussion with their broker about the benefits of having sort of this additional D&O cover. And a basic point but nevertheless important one checking an overall limit of indemnity, making sure that the limits of liability continue to provide adequate protection for the business, particularly in light of what you've been saying about expecting an increase in investigations as a result of the senior managers, events in particular. In my experience when there's an investigation or inquiries are being made by a regulator or other authority clients, customers, investors all tend to get pretty nervous if things lead to a prosecution or a threat of prosecution. A policyholder might also start to see some civil claims coming from allegedly injured parties trying to seek compensation, whether that's investors and shareholders or customers and clients. I think in those circumstances, policyholders should also ensure that any civil liability policies provide the right level of cover for their businesses. So that's it from Emma and I today. Emma, thank you for sharing all your insights on this important new legislation and your tips for mitigating and managing some of the risks. Don't forget to tune in to our next episode.
Emma: Yeah, thanks for having me, Catherine. It was great to chat about these new offenses and yeah, please do everyone feel free to, to reach out if you have any queries about them.
Outro: Insured Success is a Reed Smith production. Our producer is Ali McCardell. This podcast is available on Spotify, Apple Podcast, Google Podcasts, PodBean, and reedsmith.com. To learn more about Reed Smith's Insurance Recovery Group, please contact insuredsuccess@reedsmith.com.
Disclaimer: This podcast is provided for educational purposes. It does not constitute legal advice and is not intended to establish an attorney-client relationship, nor is it intended to suggest or establish standards of care applicable to particular lawyers in any given situation. Prior results do not guarantee a similar outcome. Any views, Opinions, or comments made by any external guest speaker are not to be attributed to Reed Smith LLP or its individual lawyers.
All rights reserved.
Transcript is auto-generated.