UK Serious Fraud Office Issues Further Guidance on Deferred Prosecution Agreements

Skadden Publication

Andrew M. Good Ryan D. Junck

On 23 October 2020, the UK Serious Fraud Office (SFO) updated its Operational Handbook, publishing a new chapter on deferred prosecution agreements (DPAs) (the Chapter). This note summarizes key points from the Chapter and compares the SFO’s approach to DPAs to that taken by the US Department of Justice (DOJ).

DPAs are a mechanism for resolving a criminal investigation without a criminal conviction. They appeal to investigated parties because the party can avoid the damaging collateral consequences that accompany a conviction and because a DPA is viewed as a less severe sanction. They appeal to prosecutorial authorities because, particularly when dealing with a corporate defendant, a DPA can provide many of the same remedies that a criminal conviction would — financial penalties, cooperation obligations, potential monitorships and stiff penalties in the event of recidivism. In the UK, the SFO and the Crown Prosecution Service can enter into DPAs. Mechanically, DPAs allow prosecution of the investigated entity to be suspended (deferred) for a set time period and, provided certain conditions are met during that period, dismissed. They are concluded under the supervision of a judge.

Since their introduction in 2014, the SFO has granted nine DPAs. Notably, 2020 saw the conclusion of three DPAs (Airbus SE, G4S Care & Justice Services (UK) Ltd and Airline Services Limited), suggesting a trend toward increasing use.

The Chapter largely follows and affirms the structure of the existing DPA Code of Practice, setting out the rules relating to evidential and public interest tests; the DPA negotiation process; parallel investigations; invitations to enter DPA negotiations; terms of negotiations; DPA disclosure; statement of facts and agreement; DPA terms; financial penalties; court applications; and steps after a DPA is concluded.

The key points within the Chapter are set forth below along with a brief comparison to the US approach:

  • Waiver of Privilege: The Chapter directs the SFO to weigh a party’s cooperation as a “key factor to consider when deciding whether to enter into a DPA”. The Chapter suggests that waiving privilege is an important component of cooperation, although the SFO notes a company cannot be compelled to waive privilege or be penalised for not waiving privilege. This contrasts with US practice, which has evolved over the past 20 years to a clear position that “[e]ligibility for cooperation credit is not predicated upon the waiver of attorney-client privilege or work product protection”.1
  • Timing of Disclosure: Voluntary self-reporting within a “reasonable time” after “suspicions com[e] to light” is also highlighted as an important aspect of cooperation under the Chapter. This seemingly provides companies the ability to take some time to initiate an internal investigation and begin to understand the conduct at issue, as opposed to immediate self-reporting. US practice is similar to the UK. The DOJ’s Foreign Corrupt Practices Act Corporate Enforcement Policy (DOJ’s Corporate Enforcement Policy), which is often followed in enforcement of other statutes, requires disclosure to occur “within a reasonably prompt time after becoming aware of the offense”. The US guidance’s use of the word “prompt” is tempered by its reference to awareness of an offence, which suggests that a company has investigated and a determination has been reached that an offence was committed.2
  • Admission of Guilt: The Chapter notes that there is no requirement under a DPA for companies to formally admit guilt in respect of the offences charged. Rather, in a statement published on 23 October 2020, the SFO states that DPAs merely require the company “to admit misconduct”. Similarly, in the US, companies agreeing to a DPA must accept responsibility and acknowledge that the statement of facts recounting the misconduct is true and accurate, but there is no obligation to plead guilty.
  • Parallel Investigations: The Chapter suggests that where overseas or other UK agencies are conducting parallel investigations, companies seeking the benefit of a DPA should try to take consistent positions with respect to the admission of facts and liabilities, early communication and de-confliction, and the assertion of legal professional privilege. Although the SFO’s new Chapter does not expand further on the topic of de-confliction, the SFO’s Corporate Co-operation Guidance (published in August 2019) reiterates the SFO’s warnings on how a company should conduct an internal investigation, with companies advised to “consult in a timely way with the SFO before interviewing potential witnesses ... or taking other overt steps” in order “[t]o avoid prejudice to the investigation”. In practice, this can result in a conflict between the SFO’s desire to discuss de-confliction and its guidance regarding the timing of voluntary self-reporting, which seemingly allows companies to take the time to at least initiate an internal investigation prior to self-reporting. In the US, the DOJ’s Corporate Enforcement Policy makes clear that “‘[d]e-confliction’ is one factor that the DOJ may consider in appropriate cases in evaluating whether and how much credit ... a company will receive for cooperation”, and while the DOJ has clarified that it will not direct a company’s investigation, the company should ensure that witness interviews and other steps do not impede the DOJ’s own investigation.
  • Joint DPAs: The Chapter acknowledges the possibility of entering into a joint DPA with more than one entity rather than entering into separate DPAs for each related company (e.g., in the case of a parent and its subsidiary or multiple subsidiaries).3 This allows the SFO to more easily secure parent company guarantees and undertakings in relation to future compliance commitments. In the US, as a practical matter, a DPA with a parent company will create binding obligations the company must impose on its subsidiaries.
  • Identity of Individuals: The Chapter emphasizes the importance of protecting individuals’ identities, noting that consideration must be given to the “necessity for and impact of the identities of third parties being published”, and anonymisation of identity may be required. This acknowledgment of the importance of protecting individual identities is a positive step, in contrast to the silent DPA Code of Practice and to earlier DPAs entered into by the SFO, where identities of individuals were inadequately protected. Although the new Chapter does not provide an outright prohibition of naming individuals, it does highlight the need to consider whether it is necessary to do so. Similarly, in the US, prosecutors are instructed to “remain sensitive to the privacy and reputation interests of uncharged third-parties in all public filings” and “in the context of public plea and sentencing proceedings ... [that] it is not appropriate to identify (either by name or unnecessarily-specific description) ... a third-party wrongdoer” unless there is “some significant justification”.4
  • Individual Conduct: UK DPAs do not provide any protection against the prosecution of linked individuals, and as part of the terms, subject entities are obligated to cooperate with ongoing investigations and prosecutions, in particular those of linked individuals. As part of the key indicators of cooperation, the Chapter notes that companies should, where practicable, make witnesses available for interview when requested. The SFO’s Corporate Co-operation Guidance goes further, stating that cooperation includes “identifying suspected wrongdoing and criminal conduct together with the people responsible, regardless of their seniority of position in the organisation” and requires companies to “[a]ssist in identifying material that might reasonably be considered capable of assisting any accused or potential accused or undermining the case for the prosecution”. US DPAs similarly fail to protect against the prosecution of linked individuals and also require their cooperation. The issue of individual conduct remains a focus in the US with the DOJ’s current guidance, revised in November 2018, requiring companies to provide information about the “individuals substantially involved in or responsible for the misconduct” in order to receive cooperation credit.5
  • Penalties: The Chapter provides that companies entering into DPAs can achieve discounts on their penalties as compared to fines that would be imposed under a conviction. The level of discount applied may be determined “in large part on the nature and extent of the company’s co-operation with the SFO’s investigation”, and in the majority of DPAs to date, the court has approved terms permitting discounts of 50% in relation to cooperation. Penalties may be adjusted further where companies are able to evidence substantial financial hardship. The US goes further, providing detailed guidance with respect to the credit a company may obtain under the DOJ’s Corporate Enforcement Policy, noting the use of declinations where voluntary self-disclosure, full cooperation, and timely and appropriate remediation are satisfied. By contrast, the SFO has no concept of declinations. Additionally, the US guidance notes that if a company voluntarily discloses wrongdoing and satisfies all other requirements, but aggravating circumstances compel an enforcement action, the DOJ will recommend a 50% reduction off the low end of the US Sentencing Guidelines fine range and will not require appointment of a monitor if the company has implemented an effective compliance program. The SFO does not go as far in its guidance of discounts awarded specifically in the context of voluntary self-disclosure.

Key Takeaways

Although the Chapter does not materially alter the existing DPA regime, it does offer more practical guidance, collating information from the various legal sources into one resource. It aims “to provide further transparency on what [the SFO] expect[s] from companies looking to co-operate” and will prove a useful resource for companies to consult.

In particular, the Chapter provides helpful guidance for companies considering the advantages and disadvantages of entering into a DPA, notably in relation to the waiving of privilege and the timing of internal investigations in relation to self-reporting. Companies navigating multijurisdictional investigations with different regulators will need to be particularly cognizant of differing expectations with respect to the waiving of privilege, admission of guilt and determination of penalties.

From a cross-border perspective, the proper recognition afforded to protecting the identity of individuals is a positive step. This encourages compliance with potentially varying international data privacy regimes. The ability to internally investigate prior to self-reporting also allows a company to determine which regulator and jurisdiction to approach first.


1 See Justice Manual § 9-28.720; see also §§ 9-28.710 and 9-47.120(4).

2 See Justice Manual § 9-47.120 (DOJ’s Corporate Enforcement Policy) (citing U.S.S.G. § 8C2.5(g)(1)); See also Justice Manual § 9-28.900 (Voluntary Disclosures) (note: nonbinding for other matters).

3 Despite paragraph 1(1) of Schedule 17 of the Crime and Courts Act 2013 stating that a DPA “is an agreement between a designated prosecutor and a person”.

4 See Justice Manual § 9-27.760 (Limitation on Identifying Uncharged Third Parties Publicly).

5 See Justice Manual § 9-28.700. See also our 10 December 2018 client alert, “DOJ Announces Revisions to Yates Memorandum Policy”.

This memorandum is provided by Skadden, Arps, Slate, Meagher & Flom LLP and its affiliates for educational and informational purposes only and is not intended and should not be construed as legal advice. This memorandum is considered advertising under applicable state laws.