Overview

While expressly not making recommendations but detailing options for reform, which the Government must decide whether to implement, the Law Commission identifies twelve options only one of which would maintain the status quo. The direction of travel was never in doubt: the options are aimed at making it easier to prosecute or otherwise sanction commercial organisations, most significantly by finding new ways to hold organisations liable for the misconduct of individuals.

The Law Commission's exploration of options for reform was agreed to avoid 'disproportionate burdens upon business.' Nevertheless, the options are directed at dealing with misconduct carried out by and on behalf of organisations, a radical starting point which shows how much attitudes to corporate criminal liability have changed.

It used to be uncontentious that criminal liability only results from personal fault. With some qualified exceptions in the 'regulatory' sphere, we did not punish persons (legal or natural) in criminal courts for the misdeeds of others. The introduction of the first 'failure to prevent' (FTP) offence – under section 7 of the Bribery Act 2010, now over ten years ago – marked a sea change in approach in relation to economic crime, followed more recently with two offences of failure to prevent the facilitation of UK or overseas tax evasion under the Criminal Finances Act 2017 (CFA).

The Law Commission's proposals lead further down that road, but also tackle the problem from the other direction, by proposing reform of the doctrine that determines whose acts and omissions can be attributed to the company for the purpose of determining criminal liability.

Reforming the identification doctrine

For corporations to commit 'mens rea' offences, that is offences that require proof of the relevant mental element such as knowledge or intention, it typically requires a directing mind, usually a director, to commit the offence which is then attributed to the company.

The Law Commission's options paper identifies ways in which the 'identification doctrine' could be expanded so as to apply to 'senior management'. This would include someone who is involved in taking decisions relating to the corporate policy and strategy and management of (i) the affairs of the company as a whole or (ii) a substantial part of it. The Law Commission clarified that this would not require the senior manager to have responsibilities across the whole of a company's business: they would be a senior manager if their responsibilities involved taking decisions relating to corporate strategy and policy in a particular area – such as health and safety, finance, or legal affairs.

If implemented, such a reform would significantly broaden the category of persons whose acts or omissions could be attributed to the company, potentially even extending the scope to a lower level of managers than those usually considered 'senior management' – which is to say, it would significantly broaden the scope of a wide range of criminal offences with potentially surprising consequences.

Addressing principled criticism of corporate criminal liability that shareholders who will pay the fine may well be innocent, the Law Commission pointed out that shareholders share in the profits of an enterprise where the value of their investment is contingent on the company's performance. 'Shareholders are liable to suffer where a company is poorly managed – that is the risk they choose to take – and it is unclear why mismanagement that is not just poor but criminal should be any different.'

Such an argument may have some force where 'senior management' has behaved criminally. It has less relevance to FTP offences. The Law Commission noted that in the absence of reform to the identification doctrine, the case for additional measures to tackle economic crime, such as FTP offences, would be even more compelling.

Failure to prevent

While rejecting a broad offence of failure to prevent economic crime, the Law Commission proposes a number of new FTP offences, most notably for fraud, but also (subject to further work and consultation) other offences including an offence of failure to prevent human rights abuses.

Broadly speaking, FTP offences make organisations criminally liable if an 'associated person' (e.g. an employee or agent) commits a relevant offence, subject to a defence that requires the organisation to prove that they did all that they reasonably could to prevent the offending. That is, such offences make organisations criminally liable if someone else commits an offence.

The justification is that organisations are in a position to prevent the wrongdoing of those acting on their behalf; if the organisation did all that they reasonably could to prevent such offending, but an 'associated person' still committed the offence, then the organisation has a defence in law. This however is to overlook the practical realities. Still largely untested, FTP offences will often be difficult to defend, even for organisations which have conscientiously implemented procedures to prevent wrongdoing. Combined with commercial risks inherent in defending such prosecutions, many organisations will face significant financial and reputational harm for the (alleged) misconduct of others, even when any failures on the organisation's part might be minimal.

Experience to date with the Bribery Act offence has seen a small number of successful prosecutions and a larger number of deferred prosecution agreements (DPAs) but very few related convictions of individuals. This suggests that a further practical consequence is that, whether due to the focus or scope (or cost) of investigations, FTP offences risk culpable individuals avoiding conviction, or not even being prosecuted – or, alternatively, corporations being punished for the alleged offences of associated persons that may not have been committed (but which the corporations admit for commercial reasons).

An FTP fraud offence would be particularly impactful because it could be committed in a wide range of ways and circumstances, and therefore potentially impact most commercial organisations. Further, unlike bribery for example, it is very easy to imagine relatively common circumstances which could give rise to criminal complaints. To date there been a relatively modest number of prosecutions (and DPAs) for the Bribery Act offence, and no prosecutions at all for the CFA offences. Notwithstanding resourcing issues with investigating authorities, an FTP fraud offence would likely see investigations and prosecutions on a far greater scale.

To avoid obvious unfairness where the organisation is the victim of the offending, the Law Commission proposes that the offence would require that the associated person intended to benefit the company, or to benefit a person (perhaps another company) to whom the employee or agent provides services on the company's behalf. This however should be broadly understood and would encompass situations in which benefitting the company was an indirect rather than a primary purpose – a common example being when a salesperson makes misleading, fraudulent claims in order to win both commission for themselves and sales for the company.

Sentencing organisations

The options paper also discusses the sentencing of organisations, with the most interesting aspect being what was not expressly addressed. The Law Commission summarises key sentencing principles that recurred in responses to its earlier discussion paper, including the need to make sentences proportionate to harm, and consideration of the economic impact of a fine. It is noteworthy that the principle of proportionality to culpability did not feature, although this is an integral aspect of the assessment of the seriousness of offending (alongside harm) in the current sentencing guidelines. The Law Commission expressly endorsed the principles in these guidelines, and this aspect was supported in some responses.

The proposed expansion of FTP offences makes this particularly relevant. The assessment of an organisation's culpability when it failed to prevent someone else from committing an offence is inherently problematic. While the sentencing guideline makes provision for assessing the culpability of organisations guilty of the Bribery Act offence, a number of DPA judgments raise questions as to how the guideline is applied. In addition to the readiness of courts to judge as 'highly culpable' organisations that made significant efforts to put effective systems in place, those same courts judged the involvement of individuals who used dishonest and sophisticated methods to circumvent these systems as an aggravating feature of the organisation's offending, when in fact this could be its defence.

It is an essential feature of FTP offences that they require organisations to put in place procedures to prevent dishonest individuals from committing serious criminal offences. Such individuals may be determined to commit offences no matter what procedures an organisation puts in place. And, while to a degree the harms that FTP offences are seeking to prevent will require anticipation of dishonest methods and appropriate levels of scrutiny, commercial organisations are not law enforcement agencies, and cannot be expected to act as such in the ordinary course of their business.

Civil options

Other options proposed by the Law Commission include the introduction of a regime of administratively imposed monetary penalties (however, this is opposed by the Crown Prosecution and Serious Fraud Office) and a regime of civil actions in the High Court based on Serious Crime Prevention Orders under the Serious Crime Act 2007, but involving a power to impose monetary penalties, as well as punitive and preventative measures that the corporation would be required to take. To a significant degree, the question of which, if any, civil options are implemented will depend on which criminal reforms are preferred, and is perhaps something to keep an eye on as that debate progresses.

Next steps

Whether or not this Government continues the trend towards corporate criminal liability by implementing some or most of the options proposed by the Law Commission is likely to depend on concerns about increasing the 'costs of doing business', particularly in the light of current economic circumstances. However, it is difficult to see the main thrust of these proposals being resisted in the longer term. The direction of travel was set many years ago, and been reaffirmed many times since, not just by a succession of UK governments, but by other leading nations and through various multinational organisations. Commercial organisations are now expected to behave responsibly, which means not merely doing no wrong, but preventing others from doing wrong, on pain of criminal sanctions.

Summary of options

1. Retention of the identification doctrine as at present.

2A. Allowing conduct to be attributed to a corporation if a member of its senior management engaged in, consented to, or connived in the offence. A member of senior management would be any person who plays a significant role in the making of decisions about how the whole or a substantial part of the organisation's activities are to be managed or organised, or the actual managing or organising of a substantial part of those activities.

2B. As 2A, with the addition that the organisation's chief executive officer and chief financial officer would always be considered to be members of its senior management.

3. An offence of failure to prevent (FTP) fraud by an associated person. The offence would be committed where an associated person (who might be an employee or agent) commits an offence of fraud with intent to benefit the corporation, or to benefit another person to whom they provide services on behalf of the corporation. The offence would cover the following fraud offences:

  • fraud by false representation
  • obtaining services dishonestly
  • cheating the public revenue
  • false accounting
  • fraudulent trading
  • dishonest representation for obtaining benefits
  • fraudulent evasion of excise duty

4. An offence of FTP human rights abuses.

5. An offence of FTP ill-treatment or neglect.

6. An offence of FTP computer misuse. If any of these options (4 to 6) were taken forward, further work and consultation would be necessary on the scope of the offences.

7. Make publicity orders available in all cases where a non-natural person is convicted of an offence.

8. A regime of administratively imposed monetary penalties.

9. Civil actions in the High Court, based on Serious Crime Prevention Orders, but involving a power to impose monetary penalties.

10A. A reporting requirement based on section 414CB of the Companies Act 2006, requiring public interest entities to report on anti-fraud procedures.

10B. A reporting requirement based on section 54 of the Modern Slavery Act 2015, requiring large corporations to report on their anti-fraud procedures.

This article was first published by Reports Legal on 20 June 2022.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.