Client Alert

UK Quarterly Review: Business Crime, Investigations and Regulatory Enforcement

September 2020

23 Sep 2020

In our Quarterly Review, we bring you important UK developments relating to business crime, investigations and regulatory enforcement from the last three months. Please contact us if you would like to discuss any of these issues.

We commented last month that the scale of the impact of the COVID-19 pandemic on the white collar arena will only be understood in the months to come; that remains the case. In the UK, Her Majesty’s Revenue and Customs (“HMRC”) has said that up to £3.5 billion may have been claimed fraudulently or paid in error under the furlough scheme introduced by the Treasury – if that is right, then it will require substantial resource at HMRC to investigate if employers at fault do not take advantage of an amnesty period to self-report. Other leading government enforcement authorities, including the Serious Fraud Office (“SFO”) and the Financial Conduct Authority (“FCA”), continue to achieve some results on historical investigations, as well as making positive noises about their future plans to combat serious breaches. That, of course, includes money laundering although a successful regulatory prosecution for money laundering beyond systems and controls breaches remains a gap which has not been narrowed after decades of enforcement. Meanwhile, the Financial Reporting Council (“FRC”) continues to bare its teeth with a record £15 million fine imposed on Deloitte for misconduct in its audit of Autonomy.

Two Unaoil executives convicted in SFO bribery trial: A jury found Ziad Akle, Unaoil’s territory manager for Iraq, and Stephen Whiteley, former vice president at SBM Offshore and subsequently Unaoil’s territory manager for Iraq, both guilty of making corrupt payments to secure contracts in Iraq. Ziad Akle was sentenced to five years’ imprisonment, while Stephen Whiteley was sentenced to three years’ imprisonment. The jury was unable to reach a verdict on a third defendant, Paul Bond, who will be retried in 2021.

Despite the SFO’s much-needed win in securing the two individuals’ convictions, the SFO did not come out of this process completely unscathed. In an application to dismiss the case for abuse of process, Ziad Akle claimed that a retired U.S. Drug Enforcement Administration agent, engaged by the Unaoil owners, approached him and tried to convince him to plead guilty, while he was also in communication with SFO Director and others at the SFO claiming he could secure Ziad Akle’s guilty plea. 

Despite dismissing Ziad Akle’s application for dismissal, Judge Martin Beddoe noted that he “upheld some of the criticism which has been advanced at a very senior level within the SFO”, mainly that the SFO Director allowed the private investigator with no recognised legal role in the case to contact the defendants. The SFO later announced that a review will be conducted into this matter, and a protocol covering contact with non-legal representatives has already been put in place. 

SFO charges Airbus subsidiary with corruption: On 30 July 2020, the SFO announced that it had charged a subsidiary of Airbus and three individuals as part of its investigation into allegations of corruption in Saudi Arabia. In January this year, Airbus itself paid a total of €3.6 billion to the UK, U.S., and French regulatory authorities in settlement for potential bribery charges for conduct in multiple jurisdictions. GPT Special Project Management Ltd (“GPT”), the Airbus subsidiary in question, was subsequently charged with corruption relating to a UK government contract worth £2 billion for the provision of communications services to the Saudi Arabian National Guard. The SFO has also charged the former managing director of GPT, the financial officer of two subcontractors to GPT, and an employee of a government contractor in relation to the same probe. The conduct in question was not addressed under the Deferred Prosecution Agreement entered into by Airbus with the SFO in January, and therefore, the company could face additional penalties for corruption. GPT itself ceased operations in April 2020.

The SFO’s investigation into GPT began in 2012 after it was alleged that GPT executives had bribed Saudi officials in order to broker the deal between the Saudi Arabian government and the UK Ministry of Defence. Given the sensitivities around UK-Saudi relations and the fact a UK governmental body is implicated in this case, these charges are seen to be a bold statement regarding the SFO’s willingness to investigate and prosecute sensitive cases.

SFO assists Brazilian authorities with Petrobas linked recovery: On 10 July 2020, the High Court approved the seizure of a £5 million property in London belonging to the Brazillian businessman, Julio Faerman. In 2016, Faerman, who worked as an agent for SBM Offshore N.V., admitted his involvement in the Petrobas bribery scheme, agreeing to pay $54 million to Brazilian authorities. Prior to 2016, the Brazilian authorities sought the assistance of the SFO in recovering Faerman’s assets in the UK. The SFO subsequently commenced its own civil recovery investigation alleging that the London property had been purchased (at least in part) with funds that were linked to the Petrobas scandal.

SFO and Rio Tinto enter DPA discussions: Industry sources have indicated that mining giant Rio Tinto is seeking a Deferred Prosecution Agreement over a $10.5 million consultancy fee it paid to French banker, François Polge de Combret. The fee was paid to Combret in relation to his work on the Simandou project in Guinea. Simandou is the world’s largest untapped iron ore deposit, which Rio Tinto bought for $700 million in 2011. Emails leaked in relation to the payment describe Combret’s interaction with Guinea’s President Alpha Condé. Rio Tinto reported the payment to the SFO in November 2016 and fired its head of legal affairs and the executive overseeing the project for failing to “maintain the standards expected of them under our global code of conduct.”

Companies House to clamp down on fraud with greater powers and new identity checks: On 18 September 2020, the UK government announced reforms to Companies House to clamp down on fraud and money laundering by giving greater powers to Companies House to query, investigate and remove false information. Under the new reforms, directors will be unable to be appointed until their identity has been verified. The announcement follows the government’s full response to the consultation on enhancing the role of Companies House to increase the transparency of UK corporate entities. According to the government, Companies House data has been accessed 9.4 billion times in the past year. Given the reliance placed on Companies House information, the government has been criticised for not setting a timeframe for implementation of the reforms which it states will happen “in due course”.

The UK’s national security plans to reform its espionage law have taken a step forward: On 1 September 2020, the Law Commission published the Protection of Official Data Report (“Report”) setting out the final recommendations on the reform of the Official Secrets Act and modernisation of the law to take account of cyber-attacks and other developments. The Report makes 33 recommendations focused on reforming the criminal law provisions contained in the Official Secrets Acts. These recommendations mainly relate to espionage and disclosing official information without authorisation, and the UK government has stated its intention to introduce reform in this Parliament.

Economic crime levy introduced by the UK government: On 21 July 2020, the government published its economic crime levy policy consultation. The levy forms part of the government’s commitment to developing a sustainable resourcing model highlighted in its Economic Crime Plan. The levy aims to raise approximately £100 million annually to assist with the expansion of the National Crime Agency. Following the consultation, the government anticipates the first levy payments will be made in the 2022/23 financial year. The levy calculation is expected to include three separate elements: a base; a small business exemption; and a money laundering risk weighting.

FCA consults on extending annual financial crime reporting obligation: In August 2020, the FCA published a consultation paper (CP20/17) on extending its annual financial crime reporting obligation (referred to as “REP-CRIM”). Approximately 2,500 of the 23,000 firms supervised by the FCA under The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 submit annual REP-CRIM information. The FCA proposes extending its requirements to include firms that carry on regulated activities that it considers potentially pose a higher money laundering risk. This extension will be irrespective of a firm’s revenue threshold and could lead to about 4,500 more firms being required to report.

FCA censures Conor Foley for market abuse: On 9 September 2020, the FCA published a Final Notice, which censured Conor Foley, the former CEO of WorldSpreads Group plc (“WSG”), a financial spread trading company for engaging in market abuse. Mr Foley played an instrumental role during the process of floating WSG on the Alternative Investment Market in August 2007, including drafting and approving the necessary documents required for the planned flotation. The FCA found that the information was “materially misleading” and failed to disclose substantial internal loans, in breach of the obligation to ensure that the information provided by WSG was accurate. Foley had also authorised the use of fake client trading accounts and obtained for himself unauthorised loans from a subsidiary of WSG. As a result, and in addition to the censure, the FCA has prohibited Foley from performing any roles associated with a regulated activity in the future.

FCA enforcement cuts half of money laundering investigations: The FCA has discontinued seven of its 14 criminal investigations into breaches of UK money laundering rules, including The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017. Five of the investigations were solely criminal probes with two being investigations that could have resulted in either criminal or civil proceedings. This reduces the FCA’s odds of securing a first prosecution under money-laundering regulations; however, the decision to reduce the number of investigations may demonstrate alignment with the SFO’s approach to run fewer cases with a hope of more successful prosecutions.

UK releases maritime sanctions guidance: On 27 July 2020, the UK’s Office of Financial Sanctions Implementation (“OFSI”) released guidance for entities and individuals who operate in, or with, the maritime shipping sector, highlighting the importance and vulnerability of the industry. The guidance identifies several suspicious shipping practices, including ship-to-ship transfers, disabling the automatic identification system, cyberattacks, use of crypto assets, abuse of the financial system, and concealment of illicit cargo, and offers due diligence best practices to aid with compliance. Although OFSI stresses that every company must assess its own exposure to sanctions risks and take appropriate due diligence measures, the guidance outlines several recommendations that could potentially help those operating in the maritime industry to comply with sanctions. For full details see our 5 August 2020 client alert.

Global human rights sanctions regulations come into force:  On 6 July 2020, the UK Global Human Rights Sanctions Regulation 2020 (the “2020 Regulations”) came into force. The 2020 Regulations, which are the UK’s first autonomous sanctions regulations, aim to deter and provide accountability for serious violations of an individual’s right to life, right not to be subjected to torture, and right to be free from slavery, carried out by state and non-state actors. The 2020 Regulations are made under the Sanctions and Money Laundering Act 2018 (“SAMLA”), enacted in anticipation of Brexit. Under the 2020 Regulations, the persons designated by the Secretary of State as being responsible for or involved in serious violations of human rights are subjected to asset freezes and travel bans, to ensure that funds and economic resources are not made available to them, either directly or indirectly, and that they are refused leave to enter or remain in the UK. Breach of the financial sanctions imposed under the 2020 Regulations carries a maximum sentence of seven years’ imprisonment or a fine (or both). For full details see our 13 July 2020 client alert.

European Commission opinion on “control” test in EU sanctions: The European Commission published an opinion to clarify the interpretation and application of EU financial sanctions. This follows requests from several national competent authorities (“NCAs”) of Member States on the application of financial measures of EU regulations in particular relating to the scope of asset freezes imposed on sanctioned individuals and entities. The purpose of the opinion is to ensure that NCAs act consistently and effectively when implementing financial sanctions. The Commission clarified that assets of an entity which is controlled by a listed (natural or legal) person can be frozen, even if the entity itself is not listed. The entity, however, can obtain a freezing lift if it is able to produce evidence that the entity is not in fact controlled by the listed person. Further, the opinion clarifies that providing services to or working for an entity controlled by a listed person can be considered as making economic resources indirectly available to the listed person exerting control over the entity, where the listed person ultimately obtains an economic benefit.

Schrems II renders EU-U.S. privacy shield redundant: On 16 July 2020, the Court of Justice of the European Union (“Court”) issued its judgment in the Schrems II case. The case relates to the validity of certain transfer mechanisms to legitimise international sharing of personal information from the EU to the U.S.outside the EU. The Court ruled that the EU-U.S. Privacy Shield certification, a transfer mechanism relied upon by thousands of U.S. businesses, was not valid.. but that Another commonly used transfer mechanism for personal data transfers out of the EU, “Standard Contractual Clauses” were found to be valid – but with a catch. The Court effectively imposed a requirement on companies and data protection regulators to evaluate an importing country’s legal regime (e.g., the level of government surveillance and access to judicial redress) and assess the impact of that regime on data protection. rendering the EU-U.S. Privacy Shield redundant. The decision has had huge implications for international data transfers out of the EU. For full details see our 16 July 2020 client alert.

ICO rules that Rolls Royce reports should remain private: On 17 June 2020, the UK Information Commissioner’s Office (“ICO”) ruled that reports the company provided to the SFO about Rolls Royce’s efforts to fix failings in its anti-bribery systems, including measures taken in light of its £497 million Deferred Prosecution Agreement with the SFO, should remain private. The ruling came after the SFO refused to comply with a freedom of information request by investigations publication Global Investigations Review, which related to details of Rolls Royce’s compliance mechanisms dating back to 2013. The ICO rejected any public interest argument that the reports should be disclosed, on the basis that any public interest in seeing them is outweighed by that of maintaining confidentiality more generally.

FRC Tribunal fines Deloitte record £15m over its audit of Autonomy: On 17 September 2020, the FRC announced that an independent Tribunal had ordered Deloitte to pay a record fine of £15m for serious misconduct in its audit of Autonomy, a former FTSE 100 technology group which was acquired by Hewlett-Packard (“HP”) for $11 billion in 2011. Deloitte and two of its partners failed to act with integrity or objectivity in the audit of Autonomy’s financial statements and disclosures to regulators in the years leading up to the acquisition. HP had to write down the value of Autonomy by nearly $9 billion leading to a number of investigations in the U.S. and UK including a trial in California which resulted in Autonomy’s Chief Financial Officer being sentenced to five years in prison.

High Court gives guidance on privilege in statutory audit regulation: In A v B and another [2020] EWHC 1491 (Ch), the High Court found that, when fulfilling its obligation to produce documents to the FRC, an auditor, rather than the auditor’s client, was required to form its own view as to whether certain documents were privileged and can, therefore, be withheld from production. The Court’s decision anticipated that the auditor would inform the client of the request but set out that the auditor could only refuse to disclose documents that it actually believed to be privileged rather than documents that the client had claimed to be privileged.

The Court also ruled that a number of documents, including minutes for an executive corporate governance meeting created by the General Counsel, labelled confidential and privileged, were not covered by privilege because the function being provided by the General Counsel was not that of giving legal advice. The case is of interest to any regulated entity whose regulator has document production powers, for example, financial services companies regulated by the FCA.

NCA launches investigations at textile factory premises following allegations of modern slavery and exploitation: In July, the UK’s National Crime Agency (“NCA”) issued a statement confirming that it is working with the police, HMRC, immigration authorities, and others to investigate allegations of modern slavery and exploitation in the textile industry in Leicester. According to news reports, workers in textile factories in Leicester were being paid £3.50 per hour, which is significantly below the UK national minimum wage of £8.72. The factories allegedly supply clothes to fashion outlet Boohoo.

HMRC nudge employers to investigate furlough fraud: HMRC has issued thousands of letters to employers informing them that they may need to repay sums received under the Coronavirus Job Retention Scheme (“CJRS”). In the ‘nudge’ letters, HMRC acknowledge that ‘mistakes happen’ and have provided employers with an ‘amnesty’ period in which to notify HMRC of any wrongful or erroneous claims. Those employers found to have deliberately concealed wrongdoing may be subject to criminal penalties and ‘named and shamed.’ HMRC is also able to claw back CJRS payments by way of a 100% income tax charge.

We are grateful to the following team members for their contributions: MoFo associates Pietro Grassi, Ioanna Lamprinaki, Rayhaan Vankalwala, and Sampaguita Tarrant; and trainee solicitors Stephanie Pong, Tom Macintosh Zheng and Georgia Wright.



Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.