Thank you for giving us your time today, Sue. You have also given the Committee some written evidence, which I will come to in a second. Before I do that, I just want to let you know that a number of witnesses on Tuesday were more clearly focused on the European end of the Bill—the onshoring of various regulations—but with you we will probably concentrate more on the later clauses in the Bill. Before I come to your written evidence and your specific suggestions about financial crime, what is your general impression of the Bill?Q139
Than you, Pat. We very much focus on, and our expertise is on, the potential of the Bill to bring the UK into greater equivalence with the EU on money laundering and to ensure high standards of corporate governance in the financial services sector. Overall, we support some of the points made by our colleagues, which I think you might be hearing later today—from Jesse Griffiths of the Finance Innovation Lab, for example—around ensuring that there really is strong parliamentary accountability for regulatory changes.
May I come to your specific suggestions? You submitted written evidence that focuses on a suggestion for an amendment to the Bill on the prevention of economic crime. Could you talk us through your suggestion and where you think the Bill may have a gap to fill in that area?Q
Absolutely. We really welcome this opportunity, and many thanks for inviting us to give evidence to the Committee. We want to make the case for the urgent introduction, through the Bill, of a “failure to prevent economic crime” corporate offence. We think that could fit in the “Insider dealing and money laundering etc” part of the Bill. We want it to focus particularly on the areas of fraud, money laundering and false accounting.
Just to explain the problem we think needs addressing, fundamentally at the moment, particularly after the judgment in the Barclays case, which was the only prosecution for financial crime following the last financial crisis, there is increasing legal commentary that large financial institutions are beyond the reach of prosecutors for certain economic crimes. Legal attempts to resolve this have failed—in fact, the Barclays judgment has now made it even more difficult for prosecutors to prosecute large financial institutions—and only action by Parliament can change that.
If I may, I will say a little about the reasons why this amendment is needed. We outline in our evidence four broad areas that we think the amendment would resolve. One of them is about the protection of market integrity. The real issue is whether the current state of the law, particularly after Barclays, promotes strong enough corporate governance and deters corporate wrongdoing. The Treasury Committee has already highlighted that it does not—in its words, it is “wrong” and “dangerous”.
The second issue is about fairness and ensuring equality before the law for large and small financial institutions and companies. That is particularly important, we think, in the context of the burgeoning fraud crisis, which is being exacerbated by the pandemic. It cannot be fair or right that small companies face the burden of prosecution in the UK and that large companies can be seen as getting away with it.
The third area is about equivalence, or parity with international standards, on the enforcement of economic crime. The Law Commission—I will come on to the Law Commission later in our evidence, if I may—has announced it is doing a review of corporate crime rules. It has said that one of the reasons for that is so that the UK does not fall behind. We think there is a real danger that the UK falling behind might happen very speedily. It is already quite behind the US—we have seen a lot of commentary from legal experts about how the UK, effectively, outsources its economic crime enforcement to the US, which means that some British institutions are being fined very heavily by the US authorities, and that money is going to the US Treasury.
It is not just the US, but the EU. There is a real emerging issue with the sixth EU anti-money laundering directive, which requires EU states, from early December this year, to have strong corporate criminal liability for anti-money laundering. That liability must include where there is a lack of supervision or control, and the Government recognised when they looked at whether we should opt into this directive—which they chose not to do—that the UK’s corporate liability regime would not fit the directive but would need to be amended if the UK were to opt in. A real issue here is that UK companies might end up operating in the EU to higher standards than they are operating to in the UK, and that might become more of an issue of market access for UK financial services.
The final area is consistency across economic crime. We have seen a “failure to prevent” offence introduced for bribery and for tax evasion. No less harm is caused to society by fraud and money laundering than is caused by the other offences, and it creates real problems for enforcement agencies. Prosecutors have long asked for that “failure to prevent” offence to be extended to other economic crimes. We think its introduction would benefit the UK, because it would see more enforcement—higher fines—coming into the UK Treasury, and it would benefit society, because when companies have in place procedures that prevent economic crime, it helps to reduce the cost of that crime to society.
I will stop there, in case there are any questions. I am very happy to talk about how we think this amendment is compatible with the ongoing Law Commission review.
Q I have a couple of questions, and my colleagues might too. There are quite a lot of different parts to this, and I want to ensure that I understand properly what you are saying. You referred, I think, to a corporate offence. Is the first big point that you are making here that, although individual prosecutions may be rare—you are right that on LIBOR, for example, they were very rare—even then it tends to be the individual trader who gets prosecuted, rather than the organisation they were working for? The organisation they were working for can always say, “We didn’t know what he or she was doing,” and wash their hands of it. Is the first essential point you are making that you want to create a corporate offence rather than an individual offence whereby somebody goes to jail for a certain number of years for committing an economic crime?
Absolutely. We think that the corporate offence is essential, but that does not mean we do not think that individual accountability is very important. There is also a real issue about how senior executives are held to account. If we take LIBOR as an example, I think there were four convictions out of 13 prosecutions for the rate rigging in the UK, and in a lot of those cases people said, “The management knew we were doing this.” That was their defence. If that is really the case, you are not going to change the culture. There are two really important reasons for having a corporate offence, and part of it is about changing the culture. If corporates know that they might face a huge fine, they will put in place procedures to stop that happening. That is really important.
Q The other part I want you to explain a little more is that you said that small and large companies are treated differently under the law as it stands, and you implied that there is a greater sense of liability for small companies. Can you explain that a little more to us? What do you mean by that, and why is that the case?
Under the current law, if there is not a “failure to prevent” offence in a piece of legislation, a company can be held to account only if its directing mind can be found to have intended for the crime to occur. In a small company, the directors are much more hands-on, so it is much easier for prosecutors to pin the blame on someone at a senior level—it has to be at the board level—and therefore prove that the company is guilty. That is not how large corporations and businesses work, and that is what prosecutors have been saying for a long time. They work on a much more devolved basis.
The problem is that the way the law is at the moment, not only does it make it easier to prosecute small companies —small companies bear the burden of prosecution—but it incentivises bad corporate governance in larger companies because it encourages people to insulate the board from knowledge about wrongdoing. That is the point that prosecutors and people in the legal community have been making for some time.
Q So there is almost an incentive for the board to be in ignorance, because that is a legitimate defence when wrongdoing is exposed in the company. Is that what you are saying?
This is what we write about in our evidence. HMRC, in its consultation on its new “failure to prevent tax evasion” offence, specifically highlighted that these laws encourage bad corporate governance. It says that they provide incentives for senior management to turn a blind eye to wrongdoing in order to shield the corporate body from criminal liability and they disincentivise the reporting of wrongdoing to senior members of corporate bodies. That is not me; that is the Government consultation on the “failure to prevent tax evasion” offence for criminal finances, but that is no different from the other economic crime offences. That is a corporate governance issue that cuts across all these economic crimes.
Q The final question I want to ask you is about what you said about equivalence. We had a series of bodies give evidence to us the other day, all of which said that they had no desire for a race to the bottom, that they want the highest possible standards of regulation and corporate governance, and that that is good for the UK, the financial services sector and so on. You are implying that there is a danger here of a looser standard on this issue in the UK than in the EU. Could you explain that to us a bit more? What is the difference in terms of the way that they will view corporate offences and the gap that you see in the UK?
In the UK at the moment there are two ways in which companies could be held to account for money laundering. One of them is under the money laundering regulations, and that is a minor offence. To give you a comparative example, if it is an individual being fined for that, they would get two years in prison. The kinds of fines we are seeing are around the £5,000 mark. There have been some higher marks—sorry, that was HMRC’s enforcement at a regulatory level. We have not seen any corporate criminal fines in this space at all. There is no criminal enforcement going on under the money laundering regulations, but that is a different issue. To explain the law, theoretically companies could be held to account, but it is a relatively minor offence. That is very different from holding them to account for the main offences under the Proceeds of Crime Act, which, for an individual, carries a maximum sentence of 14 years. You can see from that that it is a very different type of offence, and the courts would treat it very differently.
Under the EU’s sixth anti-money laundering directive, all states must have corporate criminal liability and must impose criminal and non-criminal sanctions that are proportionate and dissuasive. We are already seeing countries such as Germany taking really strong steps to implement that. It has a corporate sanctions Bill coming up, which has a clause that requires prosecutors to investigate suspicions of corporate crime. It is a very strong Bill. Before that, Germany was the outlier and had no proper corporate criminal liability. We see it in the Netherlands as well, where increasing levels of corporate fines are being imposed for money laundering, and there is a very strong corporate liability framework there as well. In Ireland, the Irish Law Commission has recommended changes to the law on corporate liability. We are seeing a raising of standards across the EU that the directive will bring in the context of money laundering.
Q Thanks for giving evidence, Susan. Following the December 2018 Financial Action Task Force mutual evaluation on the UK, which was pretty positive, there were a few elements that we need to address. You will know that BEIS is taking forward a lot of that work with Companies House and looking at the registration of overseas entities as well. This Bill ensures that HMRC retains its ability to access the ownership of beneficiaries of UK-linked overseas trusts. Can you explain to the Committee how important that is, notwithstanding what you have just been talking about?
There is a Law Commission consultation going on. We have fully transposed the fifth anti-money laundering directive in line with international best practice. You gave us some perspectives on Germany and Holland in terms of future orientations, which is something that I imagine we would look at in the context of that review. How would the provisions of the Bill help?
Obviously, we have welcomed the leadership that the Government have taken on beneficial ownership and the implementation of the fifth AMLD. My colleagues from Transparency International, who are giving evidence later to the Committee, have done more work on the beneficial ownership side. They are the people to talk in more detail about how the Bill specifically relates to that.
We hope that there will be other legislative vehicles brought forward soon to introduce the property register of beneficial ownership and the Companies House reforms. It is excellent that that consultation has now come out and the Government have taken strong steps towards looking at how Companies House can be strengthened, because, as FATF noted, it was, as you have mentioned, an area of weakness.
I do not want to bang on about it, but FATF also highlighted the lack of high-end money laundering convictions in the UK and questioned whether that was really reflective of the risk within the UK. We are carrying out some analysis into what is happening with regulatory fines in this space. The number of fines seems to be going down dramatically, and we are not seeing an increase in high-end money laundering convictions. To be honest, we are a bit worried that the Law Commission review, which we really welcome, will take too long.
Q To be clear, you are really arguing that we should pre-emptively bring forward measures before that review has been completed.
I am actually saying something different. That review rightly focuses on the identification doctrine that was the primary focus that the Law Commission was given, and it is absolutely right that the Law Commission does that. We monitor bribery cases as they go through the courts, and we have seen that, even with the Bribery Act, there is still an ongoing unfairness. A small company can be prosecuted for a main offence and a “failure to prevent” offence. We have heard directly from prosecutors that they can say to a small company, “Look, if you co-operate with us, we will only prosecute you for failure to prevent. But if you don’t, we will prosecute you with section 1 or section 2.” We also have the fact that a section 1 or a section 2 offence incurs mandatory debarment from public procurement and a “failure to prevent” offence does not. So small companies face the risk of being excluded from public procurement in a way that large companies do not. We think that that is not compatible with the Government’s stated intention of levelling the playing field for small companies in public procurement.
What we would say—and it is something we have always said—is that we absolutely need the Law Commission to look into the identification principle, but we do not think it would pre-empt the review to introduce the “failure to prevent” offence for these crimes, because we already have that offence for bribery and tax evasion. That would complement the Law Commission’s work. We still need the review of the identification doctrine, and that cannot be done by anyone other than the Law Commission.
ThankQ you, Dr Hawley, for the information you have shared so far. Can I refer you point 16 of your written submission? It says:
“However, there is no corporate offence in the FSA and it is therefore not clear that prosecutors would be able to hold companies to account were similar conduct to reoccur.”
I will be open and honest with you: I do not have a legal background, so perhaps you could elaborate on that further. Either there is the ability to do something or there is not. That ties in with the remarks about Barclays in point 21, which quotes remarks that it
“effectively removes companies with widely devolved management and functioning boards”.
The term “effectively” implies that it could or could not. Can I have a little more clarity on that point?
Yes, absolutely. We have checked that with lawyers, and it is the case currently under the Financial Services Act that if you wanted to bring a prosecution for misleading statements on benchmarks—let us hope that will not happen again because financial institutions have learned the lessons from last time—the only way that you could hold a company to account would be under the directing mind principle that I mentioned earlier. You would have to show that one of the directors knew and intended for this to occur. There is no comparative offence, as there is under the Bribery Act, of a failure to prevent misleading statements being made, for which there could be a corporate fine. That would be almost impossible to do if a bank were making misleading statements.
The Barclays judgment has made that even more difficult and narrower. Prosecutors and the Serious Fraud Office can no longer say, “We’ve got the evidence on the CEO and CFO, and we think we can prove it, so we will take this to court.” The court then turns round and says, “No, it’s not just that. You have to show that the board actually delegated authority to these people.” It set a whole new hurdle for how you hold corporates to account. What we are hearing from people is that this is going to lead to a massive decrease in corporate prosecutions, because the grounds for bringing a company to account are so narrow now that they are almost impossible. I cannot say that it would not happen, but I can say that it would be an extremely brave prosecutor to risk public money in the courts to try.
Q Thank you for that clarity. To play devil’s advocate a little, in terms of the individual versus collective responsibility, which is effectively what is being inferred here, do you see any dangers in going down that route?
We do not see any dangers, because, generally, if you can hold the company to account, you are more likely to be able to hold the individuals to account. There is some evidence from the US, where the lack of senior executives going to jail has been contentious.
I think there is a real issue around senior executive accountability. We have seen a series of acquittals in the UK courts, in the Tesco’s case and in the Barclays case. There are some quite serious issues that need to be looked at in terms of how senior executives are held to account. I could argue to bring forward an amendment to address that as well, but that is not what we have done in this written evidence. We are just focusing on the corporate offence, and we do not see any reason why it would undermine efforts to hold senior executives to account. I would be interested to hear those arguments, because I have not heard any coherent arguments about why it undermines individual accountability.
It might be helpful for colleagues and our witness to say that we have 18 minutes left and three people who want to ask questions, so people might want to be mindful of that.
I want to go back to what Mr McFadden and Mr Flynn talked about, particularly regarding this Bill, so that I have a better understanding. One of the things I am concerned about is that there seems to be more of an onus on punishing the individuals, in comparison to the companies. Earlier in your comments, when questioned about creating corporate and not individual offence, you mentioned holding a company to account, and that, to an extent, that can be done by holding the individuals to account. However, there have been concerns about holding senior executives to account, particularly with Barclays and Tesco. Do you have any direct recommendations that can strengthen the Bill so that it can hold companies to greater account so that we do not have that loophole where individuals are held responsible for this?Q
We actually have two suggestions. One is to introduce a “failure to prevent” offence for individuals, where, effectively, you are in a senior position and this happens on your watch. That is one way of doing it. The other way is to do what happens with the Competition and Markets Authority, where the court has the power to disqualify a director where there is a corporate offence. That is something that was put down in an amendment to the sanctions and money laundering regulations. Those are two legislative options—one of them a bit more radical than the other. The Competition and Markets Authority one is already there in law; it is just a matter of making it effective for these particular economic crimes.
We also think that there needs to be some more blue-skies thinking about whether, when there is a deferred prosecution agreement, companies should be required to claw back some of the money from the senior executives who were running the company when the wrongdoing occurred, because it is unfair that they get to move on, often with huge financial benefits. We saw that with the recent Airbus case—the director left with a massive golden handshake, and then the company and shareholders were left to pick up the fine. I think there is a way to make how the corporate fine is shared fairer. There are quite a lot of potential ways to do it, and we would be happy to provide a paper on that before
Q That would be helpful. The Bill also increases the maximum sentence for criminal market abuse from seven to 10 years, in line with comparable economic crimes. Do you think that is a strong enough incentive to prevent offences? Is that something you have come across, with crimes going on for some period of time? Do you feel that the maximum sentence will deter that?
It is welcome that it has increased. Higher sentences are important, as we see in the US—there are higher sentences for white-collar crime, and people actually go down. To be honest, it is also about enforcement. Actually, quite a few prosecutions for a certain level are better than very few for a high level. It all comes down to regular enforcement, which is something that we very much hope there will be greater thinking about—enforcement resourcing for any of the laws that will be put in place.
Q Thank you. I have a final question, which is about your report. I know that my right hon. Friend the Member for Wolverhampton South East asked you a question about the prospect of smaller companies being at a higher risk of fines, which you said you were concerned about. Is there anything specific that could be put into the Bill to help ensure that does not happen? You mentioned earlier that it is easier for smaller companies to be prosecuted, because it is easier to identify the people involved. That seems like a massive and unfair disadvantage for smaller businesses. I am worried that if we do not address this issue, smaller businesses will be prosecuted whereas, effectively, larger companies will not. Do you have specific recommendations that could be looked into?
The basic and essential one is that if you introduce a “failure to prevent” economic crime, it immediately covers that gap; it immediately brings larger companies into the reach of prosecutors for economic crimes. We still think the Law Commission will need to look at how the identification doctrine still applies and carries on creating unfairness, even after you have introduced a “failure to prevent” offence, but it would be an immediate stopgap that would stop that happening. I cannot think of any other way of doing that.
Thank you for your evidence, Susan. I think we all agree that it is such an important area, and your evidence is really interesting.Q
I was looking at some of the specialist fraud and financial crime law firms’ response to the Law Commission’s review, particularly how it relates to the “failure to prevent” suggestion. They have called the Government’s desire to look at that in the round a very measured approach, and they have pointed to the fact that there have been lots of developments in regulatory and legal environments since the call for evidence. They have said that, actually, the best approach is probably to wait and see—to review, and to look at the entire issue in the round. Given the complexity and the cost to business, what is your response to that?
What has happened since the call for evidence closed is the Barclays judgment. We have also had a judgment in the Serco case, in which Serco was involved in procurement fraud against the MOJ, and it could not be the party to a deferred prosecution agreement—only its subsidiary could—because of these corporate liability rules. How it fits with the regulatory system is a really important question. As you will have seen from our evidence, we think that can be really properly thought through and hammered out at the guidance stage to the “failure to prevent” offence. That is where you would have a really good discussion with the private sector, bringing them in to show how you make those parts fit together.
I would like to add that on the regulatory side, as I mentioned earlier, we are seeing a worrying decline in the number of fines imposed by some of the regulatory bodies, for instance in the money laundering space. Creating a criminal offence—it is important to note that it is not a new criminal offence, but a different way of holding people to account for the same criminal offence—would open up a broader range of people who might bring action against a company. We have seen criticism in the paper, including from some of the law firms, about a lack of action by the Financial Conduct Authority on money laundering regulations, very few investigations and no prosecutions of corporates. If it were a criminal offence, companies might be looking at investigations by the SFO, which would really make them sit up.
I think it is about deterrence and how you ensure that compliance with the regulations is not just a box-ticking exercise, which is the risk if you take only a regulatory approach. What is really interesting about the responses to the Government’s call for evidence is that the vast majority of respondents do not think that where a serious crime occurs, a regulatory approach is appropriate; there need to be criminal approaches. I was really struck by how common that was. I think there is some urgency, if I am honest, particularly in relation to the UK falling behind emerging standards elsewhere, but also with the problem of inequality before the law, which I think could become really heightened when the response to the covid crisis plays out. You might get quite a lot of resentment when large actors are seen as getting away with it.
Q I have just one quick follow-up question. You are quite right that in that evidence there was quite a consensus on the need to act. Is it fair to say that there was less of a consensus on exactly how to act—that plays into what we are looking at, waiting for the Law Commission to respond—and that, given the length of time since the call for evidence, there might be less consensus because there have been more actions since?
Since the call for evidence, we have seen the SMCR and the money laundering regulations, but they were kind of around and being introduced—the SMCR in 2016 and the money-laundering regulations were on the books for 2017—so I do not think that there has been anything dramatically new since then. Those were on the cards at the time of the 2017 call for evidence. This does need private sector consultation and it needs to be thought through carefully.
On the consensus about where to go, another problem we are worried about is that that lack of consensus will be replicated in the Law Commission’s consultation, because you have essentially two options—that is how it has been put to me, quite often by prosecutors. You go with the US model, with vicarious liability, or you have a “failure to prevent” offence. There was not really any clarity in the way the call for evidence was worded that would result in a kind of consensus. Quite a lot of law firms think we should have vicarious liability, because that is the strongest form of liability there is.
I worry about coming to the end of the Law Commission consultation with exactly the same result: no consensus about the way forward, let’s not do anything, and then we will be stuck in the same place. Do you see my point with that?
Q I was just getting you to reaffirm that is what you meant: that essentially that is what we have done, because presumably you think that our enforcement and activity against this kind of economic crime is much inferior to what is going on in the US?
I am afraid it is widely held consensus that what we do here is significantly inferior to what happens in the US, and I do not think there can be any doubt about that. I could share some research we did in 2019, which very specifically compared only London and New York banks, so that we did not get an unfair comparison because of the much larger size of the US. The level of fines that the US imposes, both criminally and on a regulatory level—that is, the money laundering space—is 22 times higher.
Q It would be very useful if you would share that information. What can we do to improve the incentives to prevent this activity? Is that more about enforcement and the almost wiping out of action fraud and much of the criminal work that goes on to prevent fraud, which—let’s face it—has fallen off a cliff in terms of its success rates? You have made some very interesting points about how you think the law should be changed, but is that about the law or is this an enforcement problem? Do you think the FCA is fit for purpose when it comes to the enforcement for which it is responsible?
Absolutely, it is an issue of the law and of enforcement—law is only as good as its enforcement. We need a fairly wide consensus among the enforcement community, non-governmental organisations and academics in this space. We need a massive boost to economic crime enforcement in this country.
With the FCA, what we hear is it is much easier for them to bring civil actions, and that is what they do. For corporates, they are not using the corporate criminal liability laws that we think need to be used to ensure real deterrence, and that corporate wrongdoing, when it does occur—by the few bad people—is properly held to account and prosecuted. I know the Competition and Markets Authority wants to get rid of its prosecuting function to the SFO. Some people, such as Jonathan Fisher QC, have argued that we need one big super-enforcer in the criminal sphere, because regulators will always have more interest in taking the easier, quicker and cheaper route, taking the regulatory approach rather than the criminal approach.
Q Finally, because you answered that so fast, do you think that the way to deal with the larger global companies is vicarious liability, rather than “failure to prevent”? Should we be thinking of introducing a law saying that after a company gets beyond a certain size, we switch to vicarious liability, because this idea of directing mind is simply not present in larger global corporates?
It is a really complicated issue, which I am very pleased the Law Commission is looking at. One of the options is vicarious liability. Some people feel a bit uneasy about vicarious liability and say it is too strong, but that is where you need the best legal minds of the Law Commission. However, the immediate gap can be immediately filled by the introduction of the “failure to prevent” offence. Otherwise, large companies are beyond the law; the “failure to prevent” offence brings them within the reach of the law.
Order. I am afraid that brings us to the end of the time allotted for the Committee to ask questions. I thank our witness for her evidence on behalf of the Committee. That brings us to the end of the morning sitting. The Committee will meet again at 2 pm in the same room to take further evidence.