United States: Willis Limited Hit With Record Fine For Failure Of Anti-Corruption Controls

I. Background

The recent fine of £6.895 million levied by the UK's Financial Services Authority ("FSA") against insurance broker Willis Limited, a subsidiary of Willis Group Holdings, ("Willis") represents the largest penalty imposed by the FSA in its history for inadequate financial crime systems and controls. The action, which pre-dates the effective date of the UK's Bribery Act 2010 (the "Bribery Act"), relates to conduct in breach of Principle 3 of the FSA's Principles for Businesses Sourcebook and Rule SYSC 3.2.6 R of the FSA's Senior Management Arrangements, Systems and Controls Sourcebook of the FSA Handbook^1.

Willis is one of the leading insurance and re-insurance brokers in the London market with clients in the marine, aerospace, construction, and energy industries. Willis also engages in reinsurance, risk management, and financial and human resource consulting. The record penalty follows the FSA's publication of the results of its eighteen-month investigation into anti-bribery and corruption in the commercial insurance banking industry in May 2010² and demonstrates the continued attention of the FSA in this area.

The FSA's 24 page Final Notice³ and related press release⁴ set out the facts of the Willis case and contain valuable lessons for the financial services industry.

II. Claims

Between January 2005 and December 2009, Willis made payments totaling £27 million to overseas agents who in turn helped the company secure contracts from international clients, particularly in high risk markets such as Russia and Egypt. The FSA set out the factors it considered in imposing its penalty and highlighted the following shortcomings in particular:

• From January 2005 to December 2009, Willis failed to establish and record an "adequate commercial rationale" for its payments to overseas third parties or to ensure that adequate due diligence was performed with respect to those parties.
• While Willis was found to have strengthened its policies in August 2008, it did not confirm that they were being implemented properly. Moreover, until that time, it failed to review third-party arrangements periodically to confirm their necessity and appropriateness.
• During the period in question, the company's senior management lacked sufficient information about the company's policies to form a basis for whether the company was adequately addressing corruption-related risk.

These deficiencies produced a "weak control environment", resulting in an "unacceptable risk" – and reality - of third-party payments being used to mask bribes.

Willis identified a number of suspicious payments totalling USD 27,000 which it made to two overseas third parties during the course of the FSA investigation. These payments were reported to the UK's Serious Fraud Office. However, to date, no corruption charges have been brought with respect to those payments.

III. The £6.895 million fine

The Willis penalty is not unprecedented. In January 2009, the FSA fined Aon Limited £5.25 million for failing to take reasonable care to establish and maintain effective systems and controls to counter the risks of bribery and corruption associated with making payments to overseas firms and individuals.

In assessing the appropriate penalty in the Willis case, the FSA considered:

• the nature, seriousness and impact of the breach in question;
• that the breach was not deliberate or reckless;
• the steps Willis had taken to address its failings and mitigate their seriousness;
• the size and financial resources of Willis;
• the amount of the benefit to Willis as a result of the breach (£27 million was paid in overseas commissions in high risk jurisdictions wholly or partly for introducing new business. Gross commissions or brokerage earned by Willis on business relating to the £27million payments amounted to approximately £59.7 million, 45% of the brokerage earned); and

• Willis' co-operation with the FSA investigation and agreement to settle at an early stage.

The FSA initially assessed the appropriate fine to be £9.85 million but reduced the fine by 30% under the FSA's settlement discount scheme, in light of the factors listed above.

IV. The FSA's message and the Bribery Act

The FSA has stated that the action taken against Willis demonstrates that "it is vital for firms not only to put in place appropriate anti-bribery and corruption systems and controls, but also to ensure that those systems and controls are adequately implemented and monitored" (emphasis added) in order to maintain the integrity of the UK financial services sector. While Willis had anti-corruption policies on paper, the company failed to put them into practice. The clear message to all companies is that even a very robust anti-corruption policy on paper is worth very little if it is not implemented appropriately and vigilantly.

The risk of a financial institution's exposure to liability for financial crime is heightened under the Bribery Act, which is now in force. The Bribery Act provides that a corporation may be liable for an unlimited fine for failing to prevent bribery, unless such corporation is able to demonstrate that it had in place "adequate procedures" designed to prevent persons associated with it from undertaking such conduct, in which case it will have a complete defence. The Ministry of Justice has published guidance⁵ regarding such "adequate procedures", as discussed in UK Bribery Act Part 1: Guidance Overview. The guidance states that such procedures should be informed by the following six principles:

• proportionate procedures;
• top-level commitment;
• risk assessment;
• due diligence;
• communication (including training); and
• monitoring and review.

V. Action points

The Willis case demonstrates the FSA's continued commitment to tackling corruption in the insurance industry and wider financial services sector. Organizations should note that, following the FSA's industry-wide letter to commercial insurance intermediaries reminding them of their regulatory obligations in relation to bribery and corruption risks in November 2007,⁶ Willis improved its policies in August 2008. However, Willis was ultimately fined because such policies were not adequately enforced, and senior management did not monitor them or assess the risks associated with doing business with third parties in high risk jurisdictions to reduce such risks. While it is too soon to tell whether the Serious Fraud Office will bring charges under its own authority, members of the financial services sector should be aware that although words on paper alone may create a solid compliance policy, they do not create a solid compliance program. Corporations must assess their exposure to risk and design their due diligence programs accordingly while recognizing that the failure to adopt and implement such procedures can create liability on multiple fronts.

The FSA's interest in this area is further indicated by the publication in June 2011 of a consultation paper on its financial crime guide, which contains good and poor practices for firms on implementing and monitoring anti-bribery and corruption systems and controls to reduce their exposure to risk of financial crime. The consultation closes for comment on September 21, 2011 and can be found here.

Footnotes

1 The FSA's Principles for Businesses can be found here and the Senior Management Arrangements, Systems and Controls Sourcebook can be found here.

2 The FSA report can be found here.

3 The FSA Final Notice can be found here.

4 The FSA press release can be found here.

5 The Ministry of Justice guidance can be found here.

6 The FSA letter can be found here.

The content of this article does not constitute legal advice and should not be relied on in that way. Specific advice should be sought about your specific circumstances.