Recent moves on bribery and corruption are signs of a new approach to the issue by the FSA and SFO that will affect brokerages. Richard Burger explains
The increased regulatory focus on bribery and corruption by the Financial Services Authority (FSA) and the Serious Fraud Office (SFO) present a double whammy for the insurance sector.
First, the scrutiny of anti-bribery and corruption systems and controls in the commercial insurance intermediary sector by the FSA’s financial crime team and second, potentially costly internal investigations for UK businesses driven by the new Bribery Bill and guidance from the SFO on self-reporting of acts of bribery and corruption.
The FSA’s regulatory focus
Tucked away in the pages of the September edition of its Financial Crime newsletter, the FSA published its interim findings on anti-bribery and corruption systems and controls in commercial insurance brokers. The final report had been anticipated at the end of 2009, the FSA having commenced its review in 2008; however, the financial crime team were seconded to the FSA’s major retail groups division to undertake banking supervision, thereby diverting their attention away from its thematic review. This may be taken as a sign of the Regulator’s priorities for 2010.
While the Regulator may temporarily have less focus on anti-bribery systems and controls, the interim findings certainly lay the bedrock of potential robust supervisory visits, or even enforcement action. The interim report found some “significant weaknesses” in the due diligence undertaken on third parties and the payments made. Such phrases are invariably used by the FSA to send a message that it expects improvement across the sector.
The FSA is a creature of habit – that habit is to undertake thematic reviews or supervisory visits examining the adequacy of systems and controls and then publishing findings or publishing best practice with stark warnings about the sector benchmarking itself against these findings. Follow up visits which still identify similar weaknesses or inadequacies are very likely to result in enforcement proceedings. We have seen this before with the warnings made by the FSA in relation to anti-financial crime, such as money laundering, systems and controls, which were subsequently followed up by significant financial penalties for breaches of the FSA Handbook.
The commercial insurance intermediary sector would therefore be well advised to assess their own systems against the interim findings. The FSA’s interim review found:
Significant dependence on informal reviews expressed within the market as to the integrity of third parties and/or very basic checks on the third party’s identity. A limited number of firms actually undertook the enhanced due diligence on potential third parties equivalent to the standards applied in anti-money laundering checks. Only a handful of firms undertook formal checks on whether third parties were actually connected with the insured, the client or public officials.
Examples of failing to ascertain the reason for the third parties’ involvement in the actual transaction and furthermore to keep this under review.
Insufficient assessment on whether the payments to third parties were proportionate to the services being provided and clear audit trails of payments, such as receiving payment details from third parties via email rather than obtaining a signed letterhead with recognised signatories.
Relatively little or no specific staff training on anti-bribery and corruption and no specialist training for compliance officers who would have to deliver wider training to their firms and action frontline queries.
The adoption of a ‘one-size-fits-all’ approach to the development and implementation of systems and controls, as opposed to a risk-based approach, for example focusing on high risk jurisdictions and individuals who pose greater risks, such as Politically Exposed Persons and/or public officials.
Broadening horizons for the SFO
Whereas the FSA is focusing its attention on commercial insurance brokers (although it has indicated that it may widen the scope of its thematic review to cover other financial services sectors), the SFO is making headway in its fight against bribery and corruption by looking beyond regulated firms.
While the SFO has traditionally been seen as a pure investigator and prosecutor, in the Summer of 2009 it published a code outlining its approach for dealing with UK businesses suspected of committing overseas corruption.
The emphasis of the code for a UK business is the prospect of a civil, rather than criminal, sanction if the business steps forward and whistle blows to the SFO about its knowledge and/or involvement in overseas corruption. This is a bold policy for the SFO to publish and an even bolder step for any business to take. Although arguably, given the natural link between bribery and money laundering, there is a well trodden reporting path, under the Proceeds of Crime Act 2002, to the Serious Organised Crime Agency.
The SFO acknowledges how alien such self-reporting is for UK businesses. The code states:
“We appreciate that a decision to approach us is not easy for a corporation when it discovers a problem concerning overseas corruption. …A key question for the corporation and its advisers will be the timing of an approach to us.”
Mental gymnastics
UK businesses who identify potential acts of corruption overseas will now have to go through mental gymnastics to decide when and how to make an approach to the SFO in order to gain the potential benefit of a civil settlement. While a company’s first port of call may be their professional advisers, lawyers and accountants, they may also wish to speak with their insurance brokers about the wider implications of self reporting.
Once the business has made its report, and the SFO is content that the business acknowledges it has a potential bribery or corruption issue and there is a genuine corporate intent to resolve the issue, then the SFO will agree to the business undertaking an investigation into the circumstances of the alleged corruption.
The code states “Wherever possible, this investigation will be carried out by the corporation’s professional advisers. This will be at the expense of the corporation. We [the SFO] undertake to look at this in a proportionate manner and to have regard, where appropriate, to the cost to the corporation and the impact on the corporation’s business”.
While the SFO indicates a proportionate approach to the investigation, internal investigations do have a mind of their own. Significant costs could be incurred by the business to ensure that the investigation is as thorough as possible so as to avoid the possibility of a criminal sanction.
The code goes on to state that the SFO will want to discuss, and no doubt agree, the methodology for the recovery and analysis of documentation during the internal investigation and to receive regular updates. No doubt the SFO would also seek for the firm to waive privilege and to disclose the internal investigation report. This is again another unfamiliar step for a business to take, the disclosure of a potentially privileged lawyer’s report.
The code effectively places the burden of investigation upon the business. This removes that hefty drain on resources away from the SFO, but the cost (both financial and in terms of management time) will fall to the business. However, such costs have to be balanced with the impact of the considerable publicity and disruption of an investigation conducted by the SFO.
But what of the rights of individual directors and/or employees during the internal investigation? Individual directors and senior managers may well find themselves under personal scrutiny during the internal investigation. The business would not necessarily be obliged to provide them with separate legal representation and/or funding for such representation. However, individuals under suspicion should have separate legal representation, especially as their responses to questioning by the internal investigators could well find their way to the SFO. Perhaps this illustrates the need for directors and senior employees to ensure that their own Directors & Officers policies will allow for separate legal representation.
With the anticipated Bribery Bill due to become law before the General Election, all UK businesses should be aware of the provisions of the new Act, in particular the new corporate offence for negligently failing to prevent a bribery.
The new offence requires corporates and partnerships, whether regulated or unregulated, to have such procedures in place to counter the risk that they, or anyone performing services on their behalf, such as the third party, do not engage in bribery and/or corruption either in the UK or abroad.
Just as UK PLC prepared itself for the new Corporate Manslaughter Act, so should it now prepare itself for Bribery Bill. It should also prepare itself to deal with the issue of self-reporting to the SFO and if regulated by the FSA, show sufficiently robust and up-to-date systems and controls to counter the risk that it may be used to commit bribery and corruption.
Richard Burger is a senior associate in the Commercial Regulatory Group of city law firm, Reynolds Porter Chamberlain LLP, and a former FSA enforcement lawyer
