A lot has been written about the UK’s new failure to prevent fraud (‘FTPF’) offence, its potential implications, and what organisations can do to prepare.
With this in mind, while we brace ourselves for the short-term arrival of the guidance and the subsequent enforcement of the offence itself, the following post takes a moment to reflect on the broader implications of FTPF, by exploring its connection to existing requirements in the areas of bribery, ESG and modern slavery.
The potential to go further
FTPF has a famous parent in the form of the 2017 ‘failure to prevent facilitation of tax evasion’ offence. However, its grandparent, the 2010 ‘failure to prevent bribery offence’, has perhaps drawn the most attention for its ability to cause significant financial and reputational damage.
Since its enforcement, the UK’s failure to prevent bribery offence (‘FTPB’) has led to a string of successful enforcement cases, with several highly-publicised nine-figure sums agreed in the context of corporate criminal failures to prevent bribery at home and abroad.
Although the scope of firms covered by the FTPF offence is smaller by comparison, having been limited by specific size criteria, there is potential for the enforcement of this new offence to go even further than its predecessor in the area of bribery.
This is partly because the number of potential offenders has increased, through FTPF’s expanded definition of an ‘associated person’. However, it is worth reflecting on the fact that the number of potential claimants has increased too. Recent FTPB cases have mainly been brought by large institutional claimants such as the Serious Fraud Office and the Crown Prosecution Service. However, under the FTPF offence, there is a heightened risk of claims being brought via private prosecutions, where disgruntled members of the general public seek redress for an organisation’s failure to prevent fraud committed at their expense.
With the scope for offence and litigation both conceivably greater under FTPF, its potential for fines could go even further than what we have seen in the area of bribery.
What organisations can do
a) Leverage existing ‘procedures’
The forthcoming guidance on the FTPF offence is expected to set out a statutory defence for firms who can prove they had sufficient anti-fraud controls in place.
Although this guidance has yet to be released at the time of writing, we expect that its concept of ‘reasonable procedures to prevent fraud’ will follow the prior concept of ‘adequate procedures to prevent bribery’ closely.
‘Adequate procedures to prevent bribery’ are based around six principles of good practice, which the constraints of space preclude us from discussing in full here. However, taking one example, firms will be able to draw on existing efforts made in line with the principle of ‘top-level commitment’.
Under this requirement, organisations in the financial services industry and other sectors are expected to ensure that their board, or equivalent, fosters an organisational culture in which bribery is never acceptable. Many firms will already be meeting this requirement from an anti-bribery perspective and should, therefore, be able to extend these existing efforts to cover fraud as well. This could be done, for example, by including counter-fraud considerations in existing top-level communications, public statements, and board-agenda items.
b) Create a programme of work to adapt to the new offence
To align with the FTPF legislation and ensure requirements are met, organisations will also need to create a programme of work across their business units and functions and include a variety of stakeholders. This will need to consider the firm’s global footprint and group structure and should include milestones, deadlines, individual ownership, and accountability.
This programme should be monitored in an appropriate governance forum with representation from relevant senior people from the business units and functions affected, such as Finance, Human Resources, Legal, Compliance, Procurement and Business Operations.
To begin this process, organisations will need to understand how mature their fraud risk management frameworks are, and leverage established best practice, which may include drawing on existing risk assessment processes in place for anti-bribery or financial crime.
At this point, it may be helpful to ask whether current risk assessments identify fraud risks that benefit the company. Typically, in the financial services sector, fraud risk assessments have focussed on the organisation as a victim, through the products, services and channels offered. Less detailed analysis has been given to fraud committed by employees or associated persons, which represents a shift in focus. If areas of weakness are identified in the approach taken, organisations will need to make enhancements to their fraud risk assessment methodologies. This will enable the robust identification and assessment of fraud risk exposure and the implementation of corresponding controls.
The outputs from this risk assessment should be used to inform an enhancement plan, focusing on where control gaps exist. As part of this, organisations should also consider existing anti-bribery and financial crime procedures, and ensure any new action taken is ‘proportionate’ to the risks faced, as this is one of the key anticipated features of the FTPF ‘reasonable procedures’ defence.
c) Look more broadly at potential implications in the areas of ESG and modern slavery
The new FTPF offence includes ‘fraud by false representation’ among its underlying offences. For this reason, it may affect organisations who falsely represent their sustainability credentials.
Firms are under increasing pressure to report on their sustainability performance as part of ESG regulation and good practice. In this context, ‘greenwashing’ has emerged as a buzz-word for the process of making inaccurate or exaggerated ESG claims for competitive advantage. Under the new FTPF offence, this could get a lot more serious, as its ‘false representation’ component could be used as a new weapon against organisations who falsely represent the sustainability performance of their products, services, operations, or supply chains.
In particular, this has the potential to add teeth to the UK’s Modern Slavery Act 2015, which requires directors to sign off statements outlining the steps taken by the firm to eradicate modern slavery. As the ‘issuance of false statements by company directors’ will constitute a breach under the FTPF offence, organisations may be exposed to prosecution if a third-party or civil-society organisation can prove that directors signed off a modern slavery statement which they knew to be misleading.
The FTPF offence therefore provides firms who make strong claims in the areas of ESG and modern slavery with an added incentive to ensure that these claims are substantiated.