Adding to the patchwork rather than wholesale revolution: the future of corporate criminal liability

8 min read

The Law Commission has published its long-awaited Options Paper for reforming the laws on corporate criminal liability for economic crimes. What was seen by many as an opportunity to fundamentally get to grips with an often antiquated patchwork of laws has instead resulted in a list of options that represent an evolution of the existing framework. The paper presents ten options the UK government could consider enacting.

The options presented by the Law Commission broadly fit into three categories: reforming the attribution principle; extending the “failure to prevent” model to specific additional offences; and creating new (or expanding existing) ways to use civil remedies for enforcement. Perhaps just as interesting about this paper is what were not presented as viable options, as well as options to consider that sit outside the economic crime framework.

1. Reforming corporate attribution

For offences with a mens rea element, including most economic crimes, the identification doctrine is used to attribute the mental state of persons within the company to the company itself.

To establish that a company possessed the requisite guilty state of mind for these offences, it must be proven that one or more persons representing the “directing mind and will” of the company is behind the offence (Tesco Supermarkets Ltd v Nattrass [1971] UKHL 1). However, in modern corporations with devolved management structures, this has proven very challenging for prosecutors (even to the point in SFO v Barclays [2018] EWHC 3055 (QB) that the CEO and CFO were not considered the directing mind and will in the specific circumstances of that case).

The Law Commission rejected an American-style, simpler “vicarious liability” approach which would have undoubtedly represented a significant widening of the criminal law exposure for companies. Instead, it presents the option of reforming the identification principle by defining the “directing mind” as those who constitute “senior managers” within an organisation. The Law Commission thought that the definition used within the Corporate Manslaughter and Corporate Homicide Act 2007 could work well in this context: a senior manager is someone who plays a significant role in decision making about the whole, or a substantive part, of the company’s activities, or in the actual managing or organising of those activities. This could capture senior leaders of individual business units, where their units represented a substantial part of the company’s affairs, as well as those with “responsibilities involving taking decisions relating to corporate strategy and policy in a particular area – such as health and safety, or finance, or legal affairs”. The Law Commission thought that this reform could always include the company’s Chief Executive and Chief Financial Officers within the definition of a “senior manager”.

Though putting the definition of the “directing mind” on statutory footing could provide a degree of greater certainty, and also lowers the bar by including a wider pool of candidates whose actions would be attributable to the company, the actual application of this in practice would likely present fertile ground for defence lawyers.

2. Extension of “failure to prevent”

The second significant option is to introduce a specific offence of “failure to prevent fraud by an associated person” which would include: fraud by false representation; obtaining services dishonestly; the common law offence of cheating the public revenue; false accounting; fraudulent trading; dishonest representation for obtaining benefits; and fraudulent evasion of excise duty. Importantly, the offence would only be committed where the fraud was undertaken by the associated person (which includes an employee or agent) with intent to benefit the company, or to benefit another person to whom they provide services on behalf of the company. It would not create corporate liability for fraud carried out by employees for their own benefit, where the company is the victim.

This would become the third “failure to prevent” law after the well-known section 7 of the Bribery Act 2010, and sections 45 and 46 of the Criminal Finances Act 2017.

The Law Commission did not support the expansion of this model of liability to all economic crimes (such as those eligible for a Deferred Prosecution Agreement under Part 2, Schedule 17 to the Crime and Courts Act 2013), though it did leave open the possibility that there may be reason to further extend this model in the future. 

The Law Commission thought that, notwithstanding the application of the other failure to prevent offences, there should not be automatic extraterritorial application for any new offence: “A ‘failure to prevent’ offence should only be extended to cover conduct overseas where there is a demonstrable need for extraterritoriality in relation to that offence specifically”.

The paper supports the inclusion of a defence modelled on sections 45(2) and 46(3) of the Criminal Finances Act, that a company had prevention procedures in place that were “reasonable in all the circumstances”. This differs from the language in the Bribery Act, that the company had “adequate procedures” in place. The paper also suggests that there may be circumstances in which having no procedures at all may be seen to be reasonable. Given the many forms “fraud” can take, one can imagine the difficulties present in developing prevention policies.

Third, and perhaps most unwelcome to those who have been advocating for these laws, the Law Commission did not believe that creating additional “failure to prevent” laws should be done solely because it is difficult to convict under the “directing mind” test. Instead, failure to prevent offences “should only be introduced if there is a good reason to expect corporations to have put in place reasonable prevention procedures”.

Finally, the Law Commission ruled out a “failure to prevent money laundering” offence, on the basis that there is already a strong regime in place for penalising money laundering offences, which already places extensive obligations on relevant organisations, and for which specific agencies (namely the Financial Conduct Authority (FCA) and Prudential Regulation Authority) already have oversight. Those who criticise the UK’s apparent weak enforcement may beg to differ that the existing regime is proving adequate.

3. Civil remedies

The Law Commission has also offered several options by which corporations might be held liable for criminal acts outside of the criminal justice system. The most interesting suggestion tabled is the creation of a regime of administratively imposed monetary penalties, which could operate where fraud was committed by an employee or agent with intent to benefit the company and it was not feasible to prosecute the company. The Law Commission proposed that a new (or existing) agency could be tasked with monitoring and enforcement. There are four existing categories of misconduct that the Law Commission considered could be used as a template for expansion: market abuse and insider dealing (dealt with by the FCA); price fixing and other anti-competitive practices (the Competition and Markets Authority); financial sanctions (the Office of Financial Sanctions Implementation); and money laundering and terrorist financing offences for the regulated sector (the FCA and HM Revenue and Customs).

Adopting this option would not change the laws of corporate criminal liability, but would have a material impact on the enforcement framework. Companies of all kinds could face the prospect of regulatory enforcement on the balance of probabilities rather than criminal prosecution, although that would remain the prospect for cases which met the test necessary to bring such a criminal case, whether under an existing (or expanded) failure to prevent regime or the existing (or modified) directing mind test.

4. What next?

It is likely to be a long time before this subject is revisited by the Law Commission. The question is now a political one of whether the current or any future UK government has the energy and desire to tackle what is, for most people, an arcane topic. If there is such a will on the part of the UK government, unless there is a substantial departure from the options presented, some of the above, or a combination, are the most likely place any reforms will start.

There are two additional features of the paper which merit consideration. The first is that, as noted above, the Law Commission wholly dismissed the adoption of US-style respondeat superior (“let the master answer”), or vicarious liability, as a system of attributing liability. This door seems to be fully closed.

Second, and though it represented a departure from their remit to examine corporate criminal liability for economic crimes, the Law Commission thought there were additional areas in which it might be reasonable to extend “failure to prevent” laws, namely: failure to prevent human rights abuses (including by a UK company overseas); failure to prevent neglect and ill-treatment; and failure to prevent computer misuse. These would have to be examined separately and on their merits, but a “failure to prevent overseas human rights abuses” offence would be a very significant development in corporate criminal law.

Until the future is clearer, we are left with a menu of options and no indication yet from the UK government which will be pursued. When, or if, such an indication is forthcoming, we will simply be adding more elements to an already complicated patchwork.