I. Corporate liability deriving from criminal activity
1. What it is the nature of corporate liability deriving from criminal activity? What is its legal basis?
Generally speaking, to convict a company of a criminal offense in England and Wales, it is necessary to prove beyond reasonable doubt that:
- The company committed the act prohibited by the offense (actus reus).
- The company had a guilty state of mind (that is, the company had the required intention when committing the act that makes it an offense) (mens rea).
As artificial legal persons, companies do not have their own intentions. However, such intentions may be attributed to a company using the identification principle. The identification principle imputes to the company the acts and the state of mind of those who represent the “directing mind and will” of the company. Generally speaking, the application of the identification principle is restricted to the actions of the board of directors, the managing director and other superior officers who carry out functions of management and speak and act as the company. This means that where the criminal act and criminal state of mind in question can be attributed to such individuals, the company can be prosecuted for the offense as a principal offender.
To establish who the directing mind and will of any one company is, prosecutors will review the company’s constitutional documents (eg, the memorandum and articles of association).
In practice, the identification principle makes it difficult to convict a company for a criminal offense. This is especially true in large corporations, where those individuals who are the directing mind and will (eg, the Board) may be far removed from the areas of the business where the criminal activity takes place. These difficulties have been a source of much frustration for prosecutors and have resulted in a broad review of the law in this area and the introduction of specific laws to make it easier to prosecute companies for certain offenses. The best example of this is Section 7 of the Bribery Act 2010 (UKBA). Section 7 of the UKBA imposes strict liability on companies that fail to prevent an act of bribery, unless the company can demonstrate that it had in place adequate procedures to prevent such an offense from occurring.
There are also some relatively limited situations in which a company can be held “vicariously” liable for the criminal acts of its employees. Generally speaking, a corporate employer is vicariously liable for the acts of its employees and agents where a natural person would be similarly liable. Normally, vicarious liability will arise from offenses of strict liability. These are relatively rare offenses, which do not require intention, recklessness, or even negligence as to one or more elements of the actus reus, such as some traffic offenses. If an employee commits a strict liability offense in the course of carrying out their employment (which falls to be determined on a case-by-case basis), the company may also be vicariously criminally liable.
When considering whether to charge a company with a criminal offense, prosecutors will consider two questions:
- Is there sufficient evidence to provide a realistic prospect of conviction?
- Is it in the public interest to prosecute?
If the answer to both of these questions is “yes” then a prosecution will ensue. The more serious the offense, the more likely it is that prosecution will be in the public interest. Indicators of seriousness include not just the value of any gain or loss, but also the risk of harm to the public, to unidentified victims, shareholders, employees and creditors, and to the stability and integrity of financial markets and international trade. The impact of the offense in other countries, and not just the consequences in the UK, will also be taken into account.
2. Type of crimes/administrative offenses from which, according to the legislature, corporate liability may arise
It is possible for a company to commit most criminal offenses. However, for a company to commit an offense as a principal:
- The offense must be punishable with a fine (eg, this excludes murder, treason, piracy).
- A company cannot be criminally liable for offenses that cannot be committed by an official of a company in the scope of their employment (eg, rape).
- A company can be party to a criminal conspiracy, but only with at least two other conspirators who are human beings ― including at least one who is an appropriate officer of the company and acting within the scope of his authority.
The offenses most typically encountered by large international businesses include:
- Money laundering offenses
- Tax evasion
- Bribery and corruption
- Breach of export controls
- Environmental offenses
- Health and safety offenses
- Market abuse
It is worth specifically mentioning the UKBA. As noted above, Section 7 of the UKBA imposes strict liability on companies that fail to prevent an act of bribery, unless the company can demonstrate that it had in place adequate procedures to prevent such an offense occurring. This is a considerable change in the approach toward corporate criminal liability in the United Kingdom. This trend toward strict corporate liability for economic crime looks set to continue. In October 2016, the Criminal Finances Bill 2016-17 was published, which introduces corporate offenses for the “failure to prevent facilitation of tax evasion.” The second reading of the bill took place on 9 March 2017 and the bill is likely to become law in 2017.
As well as committing primary offenses, companies may also be held liable for committing “inchoate offenses.” Inchoate offenses are offenses in which no substantive offense may have been completed, but nevertheless an offense of a different kind has been committed because of the actions or agreements in preparation for the substantive offense. Examples include assisting or encouraging a crime, incitement, attempting to commit an offense and conspiracy.
3. Identification of companies and entities to which liability may apply
All types of corporate entities may be prosecuted for criminal acts, including both public and private limited companies. Limited Liability Partnerships (LLPs) created under the Limited Liability Partnerships Act 2000 have separate legal personality from its members and it therefore appears that criminal liability can be attached to an LLP for crimes requiring mens rea in the same way as a company. Unincorporated bodies (for example, partnerships and clubs/societies) may also be prosecuted for some types of criminal statutory offenses where criminal liability can be established on the basis outlined above (for instance, Section 14 of the Corporate Manslaughter and Corporate Homicide Act 2007 explicitly extends the offenses set out in that Act to partnerships).
4. Corporate liability for crimes committed abroad by representatives or subsidiaries
Generally, an offense will only be prosecuted in the jurisdiction in which the offense takes place, unless there is a specific provision to ground jurisdiction, for instance where specific statutes enable the United Kingdom to exercise extraterritorial jurisdiction.
For example, under the UKBA, individuals and companies that have a “close connection” to the United Kingdom can be prosecuted for bribery offenses committed overseas. A person/company has a close connection with the United Kingdom, if they satisfy one of a number of criteria, such as that they are a British citizen, an individual ordinarily residing in the United Kingdom or they are a body incorporated in the United Kingdom.
Likewise, a company can be prosecuted under Section 7 of the UKBA for failing to prevent bribery if it is a UK company or if it is an overseas company and “carries on a business” in the United Kingdom. There is to date very little guidance as to what “carrying on business” in the United Kingdom means. The guidance on the UKBA provides that, “the courts will be the final arbiter as to whether an organisation “carries on a business” in the UK taking into account the particular facts in individual cases.”
5. Corporate liability in the case of transactions taking place after the commission of a crime (acquisitions, mergers, demergers, etc.)
Depending on how a transaction is structured, the purchaser (or other successor company) could in some circumstances be criminally liable for acts of an acquired company, for instance following a share sale.
The Crown Prosecution Service’s (CPS) guidance on Corporate Prosecutions states that prosecutors regard the dissolution of a company as having the same effect as the death of a human defendant, as the company ceases to exist. Furthermore, the CPS guidance notes that where, “the company in its current form is effectively a different body to that which committed the offense,” that will be a public interest factor against prosecution. The guidance specifically notes the following examples: where the company, “has been taken over by another company, it no longer operates in the relevant industry or market, all of the culpable individuals have left or been dismissed, or corporate structures or processes have been changed in such a way as to make a repetition of the offending impossible.”
The CPS guidance further states that another public interest factor against the prosecution of a company is where the company is “in the process of being wound up.”
Therefore, where a company is wound up or dissolved in the course of a corporate transaction, for example as part of a corporate reorganization, or if it is to be taken over by a much more compliant organization whose procedures are robust enough to prevent a repeat of the wrongdoing, then according to the CPS guidance, those would be factors that weigh against the public interest in pursuing a prosecution against the company. However, it should be noted that while the risk of prosecution in those circumstances are mitigated, the risk is not entirely eliminated as it is possible for prosecutors to apply for an order to declare a dissolution of a company to be void or to restore a company to the Companies’ Register.
Companies engaged in buy-side M&A activities should therefore ensure that possible corporate criminal wrongdoing is considered part of the due diligence process and/or appropriate contractual mechanisms, such as indemnities, are used to protect the buyer from the repercussions of a criminal conviction of the target company.
II. Applicable sanctions
1. Type of sanctions applicable to the company
Penalties for companies convicted of criminal offenses can include fines, compensation orders (ie, orders that the company compensate victims), debarment from public procurement processes and/or confiscation orders (ie, orders that the proceeds of any crime are confiscated). Where there is evidence that an offender has benefited financially from the offense, the court must, in accordance with the Proceeds of Crime Act 2002 (POCA), consider whether to make a confiscation order.
In addition, there exists a statutory scheme for the recovery in civil proceedings of property obtained through unlawful conduct. The powers are exercisable regardless of any criminal proceedings or any prosecution. Such orders are called civil recovery orders. Recoverable property is defined in POCA as “property obtained through unlawful conduct,” and property is defined as “all property wherever situated,” including money, real, personal, heritable or moveable property, and things in action.
As regards fraud, bribery and money laundering offenses, specific sentencing guidelines were published in October 2014. The specifics of how a fine is calculated are determined by reference to multipliers of between 20% and 400% of a figure representing the financial “harm” caused by the particular offense in question. Higher levels of “culpability,” characterized by, for example, orchestrated or sustained wrongdoing, lead to the application of higher “multiplier” figures. The guidelines are clear that fines may be high: “The fine must be substantial enough to have a real economic impact which will bring home to both management and shareholders the need to operate within the law. Whether the fine will have the effect of putting the offender out of business will be relevant; in some bad cases, this may be an acceptable consequence.”
Since February 2014, prosecutors in the United Kingdom have had the power to enter into a Deferred Prosecution Agreement (DPA) with companies in respect of certain economic crimes.
A DPA is an agreement entered into between a prosecutor and a corporate entity under which the prosecution will be commenced, but then immediately suspended for a defined period, during which time the corporate entity has to meet certain specified conditions. It is not an agreement not to prosecute the corporate organization. However, the prosecution will only continue to trial if the conditions are not met. It is contemplated that the conditions may include payment of a financial penalty, compensation for victims, disgorgement of gains, and compliance with measures to prevent future offenses. An independent monitor may be appointed to police compliance with the terms of the DPA, although this will not always be necessary.
Whether a DPA is appropriate is decided by reference to relatively detailed prosecutorial guidance and its proposed terms are the product of negotiations between the prosecutor and the company, although the DPA itself requires the approval of the Court. As of March 2017, three DPAs have been approved, one in each of 2015, 2016 and 2017.
2. Interim measures, cease and desist orders, bans and confiscatory measures
Prior to trial, prosecutors can apply for a number of interim orders over defendants, including orders to restrain property that the prosecutor considers to be the proceeds of crime (see above for more details). Such steps can be taken in support of criminal proceedings underway in the United Kingdom or overseas.
Following conviction, the court can make a confiscation order, under which the proceeds of criminal conduct will be confiscated from the company.
A period of debarment from public contracts can be a consequence of a conviction for some offenses. For example, under Regulation 57 of the Public Contracts Regulations 2015, a company convicted of an offense under Sections 1, 2 or 6 of the UKBA face mandatory exclusion from participation in public procurement.
3. Liability of directors or managers for not having adopted (intentionally or negligently) measures for the prevention of the crime
There is no specific offense that will be committed by a director or manager for failing to have adopted measures to prevent crime generally. However, directors and managers may be prosecuted as individuals if they commit any criminal offenses (such as bribery and fraud) and could also potentially be liable for committing an inchoate offense (see above).
In addition, there are a number of provisions that apply individual criminal liability to directors or senior managers of corporations, whose “consent, connivance or neglect” is attributable to the criminal offense of the company. No actual conviction of the company is necessary to found the prosecution of one of its officers. Examples of such provisions are contained in the Fraud Act 2006 and the UKBA.
III. Measures and “models” of prevention and effects of the same on corporate liability and applicable sanctions
1. Consequences of the adoption of a compliance “model” and effects on corporate liability for crimes committed by the company’s managers, directors or representatives (cases in which it is possible to obtain an exemption from liability or a mitigation of the sanction)
As a matter of law, the implementation of a crime prevention model will not (save in very limited circumstances ― see below) do anything to remove criminal liability from a company, save that such measures may make it less likely that a criminal offense will be committed in the first place. However, in most cases, if a company can show that it took appropriate steps to reduce the risk that the offense would occur that may serve to mitigate the seriousness of the offense and reduce any sentence imposed by the court.
2. Modality according to which a compliance “model” must be adopted in order to benefit from exemption from responsibility or mitigated punishment (codes of ethics, procedures, etc.)
As noted above, the UKBA introduces a corporate offense of failure to prevent bribery. It is a defense for a company to show that it had adequate procedures in place to prevent bribery. The director of the Serious Fraud Office, the prosecuting authority tackling serious or complex fraud, has publicly commented that the procedures, “have got to be simple, straightforward, familiar to the workforce, and they have to be lived by senior management” and “senior executives need to behave at all times in a manner consistent with” such procedures. The question of whether a company had adequate procedures in place to prevent bribery in the context of a particular prosecution is a matter that can only be resolved by the courts, taking into account the particular facts and circumstances of the case. The onus will remain on the company, in any case where it seeks to rely on the defense, to prove that it had adequate procedures in place to prevent bribery.
The British government has issued guidance on the procedures that should be put in place by companies that wish to prevent bribery being committed on their behalf. Those procedures should be informed by six principles:
Principle 1 – Proportionate procedures
Principle 2 – Top-level commitment
Principle 3 – Risk assessment
Principle 4 – Due diligence
Principle 5 – Communication (including training)
Principle 6 – Monitoring and review
These principles are not prescriptive. They are intended to be flexible and outcome focused, allowing for the variety of circumstances that commercial organizations find themselves in. Small organizations will, for example, face different challenges to those faced by large multinational enterprises. Accordingly, the details of how organizations might apply these principles, taken as a whole, will vary, but the outcome should always be robust and effective anti-bribery procedures.
Bribery prevention procedures should be proportionate to risk.
3. Monitoring: independent person or body to control/supervise, with the purpose of verifying the correct application of the “model.” Model of operation of such person or body
In the UK, it is not a requirement to appoint a monitor to supervise a DPA. The DPA Code of Practise notes that, “the appointment of a monitor will depend upon the factual circumstances of each case and must always be fair, reasonable and proportionate” and, where a monitor is appointed, “no two monitoring programmes will be the same.”
The Code of Practise provides that a monitor’s “primary responsibility is to assess and monitor [an organisation’s] internal controls, advise of necessary compliance improvements that will reduce the risk of future recurrence of the conduct subject to the DPA and report specified misconduct to the prosecutor.”
IV. Judicial proceedings to determine corporate liability
1. Court competent to decide the liability of and penalties applicable to the company
The Crown Court is the usual court in which serious criminal offenses are heard in England and Wales. Generally, trials will take place before a judge and jury.
If the company is found guilty by a jury, the judge will then pass sentence on the company using the applicable sentencing guidelines. As regards the nature of those sentences, please see below.
2. Possibility of the application of interim measures
As noted above, prior to trial, prosecutors can apply for a number of interim orders over the defendants, including orders to restrain property that the prosecutors consider to be the proceeds of crime. Such steps can be taken in support of criminal proceedings underway in the United Kingdom or overseas.
3. Plea bargains and related effects on corporate liability
Cooperation and early acceptance of guilt by a company are likely to be taken into account when sentencing decisions are being made. Defendants can receive up to a third off the applicable sentence for an early plea of guilty and can also be given immunity or reduced sentences for cooperating with the prosecuting authorities in certain limited circumstances.
Whether or not a company “self-reports” itself to and/or co-operates with the SFO will be a factor in determining whether the SFO is willing to offer a company a DPA (and thus avoid the risk of a prosecution). While self-reporting will not guarantee a DPA, a deferred prosecution may be deemed appropriate as a means of potentially disposing of criminal proceedings against a company if there is full cooperation by the company.
4. Persistence of corporate liability if the crime is extinguished
Limitation periods in English criminal law vary, depending on the type of offense.
For less serious offenses (known as “summary” offenses), Section 127(1) of the Magistrates’ Court Act 1980 sets out the general rule that prosecution should be brought within six months from the time the offense was allegedly committed.
For more serious criminal offenses (known as “indictable” offenses) and offenses that can be tried either summarily or on indictment (known as “either-way offenses”), there is no general limitation period. A small number of indictable or either-way offenses may however be subject to specific statutory limitation periods.
Most corporate offenses typically encountered by large international businesses are likely to be sufficiently serious to be tried on indictment. There are no specific statutory provisions creating limitation periods in respect of offenses typically encountered by companies under the UKBA, Proceeds of Crime Act 2002 or the Fraud Act 2006 in relation to either individuals or corporate entities. In this respect, it is unlikely that the prosecution of the types of offenses typically faced by large international businesses, either against individuals or companies, will be barred by the passage of time.
In any event, due to the separate legal personality of a company, the criminal liability of a company is not strictly contingent upon the criminal liability of an individual in the company (although it may hold evidential weight).
V. Corporate liability in multinational groups
1. Liability of parent companies located abroad in the case of offenses committed by directors, managers or representatives of the local company
English law recognizes the concept of separate legal personality. Accordingly, a foreign parent company will not automatically be criminally liable for the criminal acts of its English subsidiary or its directors/managers and, likewise, an English subsidiary will not automatically be held criminally liable for the acts of its overseas parent company. This is however subject to the normal rules of attribution, as set out above.
Parent and subsidiary companies and/or directors/managers could however be criminally liable for any of the inchoate offenses outlined above if the various elements of the offense are proved.
A common example of the interaction between companies is where the proceeds of crime flow from one company to another. For example, if an overseas company is in possession of the proceeds of crime (whether or not it committed the underlying criminality) and it passes on those proceeds of crime to another company (for example, by way of the distribution of company dividends to its UK parent company), the UK parent company could be liable for a money laundering offense if it deals with those proceeds of crime knowing or suspecting that they represent the proceeds of crime, unless it obtains the prior consent of the UK authorities. Similarly, those proceeds of crime may be seized by the UK authorities if they are shown (on the balance of probabilities) to represent the proceeds of unlawful conduct.
2. Basis of liability and applicable sanctions
VI. Significant case law concerning corporate liability arising from crimes and draft laws under discussion
1. Significant case law, if any
One of the most important English cases in this area is the case of Tesco Supermarkets Ltd v. Nattrass  UKHL 1, as it is the leading case on the identification principle outlined above.
Despite the increase in the number of criminal offenses that are targeted at corporate entities, there have been few high-profile corporate convictions for economic crime outside of the regulatory context for some financial institutions. However, the first conviction under Section 7 of the UKBA was made in February 2016; Sweett Group PLC was ordered to pay EUR 2.25 million in relation to its activities in the United Arab Emirates and elsewhere.
2. Proposed or contemplated new legislation
As noted above, the Criminal Finances Bill 2016-17 was published in October 2016, which, when it comes into force, will introduce a new corporate offense for failure to prevent agents from facilitating tax evasion.
In addition, in January 2017, the Ministry of Justice issued a Call for Evidence, inviting parties to consider whether there is a case for changes to the regime for corporate criminal liability for economic crime in the United Kingdom. It is concerned with criminal offenses designed to punish and prevent economic crimes such as fraud, false accounting and money laundering when committed on behalf, or in the name of, a company. The Call for Evidence is due to end on 24 March 2017, and follows comments of then Prime Minister David Cameron in May 2016 that, “in addition to prosecuting companies that fail to prevent bribery and tax evasion, we will consult on extending the criminal offense of “failure to prevent” to other economic crimes such as fraud and money laundering so that firms are properly held to account for criminal activity that takes place within them.”
 This note covers the law of England and Wales. It does not cover the law in the rest of the UK, such as in Scotland.
 This note only considers the liability of companies under the general criminal law. It does not consider the regulatory environment in which companies in the regulated sector may operate (for example, financial institutions and individuals regulated by the Financial Conduct Authority).
 However, some offenses are so-called “strict liability” offenses and so can be prosecuted without proof of mens rea.
 However, companies and individuals in the regulated sector may be required to have in place proper procedures; otherwise, they may face regulatory sanction.