On 21 October 2020, Her Majesty’s Revenue and Customs (HMRC) – the UK’s tax authority – released updated figures regarding the number of investigations that it has open into potential offences under Part 3 of the Criminal Finances Act 2017 (the Act). Part 3 of the Act makes it a criminal offence for businesses to fail to put in place reasonable procedures to prevent their employees and associated persons – i.e. those who act for or on behalf of them – from criminally facilitating tax evasion.

According to the information released by HMRC, as at 13 October 2020, HMRC had 13 investigations into potential offences under the Act and a further 18 cases currently under review. HMRC also report that its investigations span 10 different business sectors, including financial services, oils, construction, labour provision and software development, and that those investigations span all HMRC customer groups from small business through to some of the UK’s largest businesses.

The number and range of investigations appear to show that HMRC is actively enforcing the Act across businesses of all shapes and sizes, even despite the pressures on workload and resources caused by the COVID-19 pandemic. This reach, together with potentially unlimited fines for businesses found guilty of the offences, is a salutary reminder that businesses must take their responsibilities seriously and put in place reasonable procedures to stop the facilitation of tax evasion.

Continue Reading The Future of the Facilitation of Tax Evasion Offences in the UK

Following a recent rise, the price of Bitcoin once again exceeds $10,000, a key resistance level which, if sustained, could see it rising even further. Interest in cryptocurrencies is, according to some observers, likely to rise as measures taken by Central Banks to combat the effects of the coronavirus pandemic result in the devaluing of their own fiat currencies, and while Central Banks themselves experiment with digital currencies. The Libra Association continues to work on Libra, a token designed to be used on Facebook. Rumors swirl of imminent support by the global payments giant PayPal for cryptocurrencies, supported by recent job listings for cryptocurrency engineers. Whilst it might not yet have returned to the levels of mania seen during 2017-2018, cryptocurrency appears likely to continue to grow in both maturity and usage. Such a rise will inevitably be marked with a corresponding increase in the debate over the extent of regulation needed in the area. Should it be a case of caveat emptor or should government regulators take greater steps to introduce guard rails in this area?

Continue Reading Sheriffs of the Wild West? Regulators will Likely Continue Debating the Necessity of Greater Cryptoasset Regulation

In May 2020, the U.K. Financial Conduct Authority, the authority charged with regulating financial firms and maintaining the integrity of the financial markets in the United Kingdom, reported that whistleblowing reports to the Financial Conduct Authority on workplace culture issues in 2019 had increased by 35%. There is also evidence of an increase in whistleblowing reports made during the COVID-19 lockdown, with WhistleB, the Swedish-European provider of whistleblowing solutions, reporting an increase of 40% in the number of concerns raised by whistleblowers in Europe from January to May 2020. Similarly, in the United States, the Securities and Exchange Commission (SEC) reported a 35% increase in the number of whistleblower tips, complaints and referrals between mid-March and mid-May 2020. And although the filing of whistleblower complaints (also known as “qui tam” complaints) are reported to be down compared to the same time last year, the recent distribution of billions of dollars in federal money to companies (discussed further below) is sure to reverse that trend.

In addition, there have been a number of high-profile press reports of investigations and enforcement actions which were prompted by whistleblower reports, with perhaps the most significant recent example being that of Wirecard AG, the German payment processor and financial services provider at the center of a financial scandal in Germany. In June 2020, the company reported €1.9 billion in missing cash. It is reported that Germany’s financial watchdog (BaFin) received a tip-off from a whistleblower about alleged irregularities at Wirecard.

In the wake of the COVID-19 pandemic, a wave of whistleblower reports alleging misconduct in key areas is likely to be inevitable. Whether they come via a regulator, a government authority, the media or directly to the company, companies must be prepared properly to tackle these cases as and when they arise, as a failure to do so could prove fatal to companies that are already fighting to recover from the detrimental economic impact caused by COVID-19. This will undoubtedly be made more difficult as those who usually investigate the reports are not in the office physically to gather all of the facts and evidence using established procedures. Perhaps more than ever, companies should understand the risks posed to their businesses and be ready for the inevitable emergence of whistleblower reports.

We consider below some of the main areas where whistleblowing reports are predicted to increase, as well as how companies can prepare to ensure that they are in the best position to handle any future claims.

Continue Reading Whistleblowing and Internal Investigations

The Financial Reporting Council (FRC) is an independent regulatory body in the U.K. and Republic of Ireland (ROI) responsible for regulating auditors, accountants and actuaries. The FRC and its subsidiaries also play important roles in the oversight and development of corporate governance standards in the U.K. and ROI, such as the U.K. Corporate Governance and Stewardship Codes and the general standards for the accounting industry.

Founded in 1990, the FRC historically has tended to attract less attention than some of the better known and better funded U.K. enforcement bodies including the Financial Conduct Authority (FCA) which regulates the U.K. financial services authority and Serious Fraud Office (SFO) which investigates and prosecutes serious or complex fraud and corruption in England, Wales and Northern Ireland.  But any complacency or ignorance of the significance or broad range of powers and sanctions at the FRC’s disposal may come at a significant cost – the FRC’s enforcement activities are on the increase and the entity is becoming a major player in the U.K. regulatory environment.

The provisions governing FRC enforcement were originally set out in an Accountancy Scheme and Actuarial Scheme (the Schemes) – contractual arrangements between the FRC and the various accountancy and actuarial professional bodies.  Following the implementation of EU legislation in June 2016, however, a new Audit Enforcement Procedure (AEP) is used for all new audit matters.  The Accountancy Scheme continues to be used for non-audit matters and audit investigations that commenced before June 2016 while the Actuarial Scheme continues to be used for all actuarial investigations.

Continue Reading The Financial Reporting Council’s Bite Proves Worse than its Bark

Companies that operate in more than one jurisdiction that are either carrying out an internal investigation or are subject to a criminal or regulatory investigation by U.S. law enforcement agencies will almost certainly need to consider the legality of trans-Atlantic data transfers.  Under European law, in particular, companies falling short in compliance with data protection laws could face fines of up to the higher of €20 million or 4% of annual global turnover.

With the introduction, in 2018, of the General Data Protection Regulation (“GDPR”) which generally prohibits (with some exceptions) the transfer of EU-based personal data outside of the European Economic Area (“EEA”) and other legislation, the overhaul of the EU data protection framework often leaves companies under investigation by U.S. law enforcement with tough decisions to make between complying with their obligations – or their wish – to meet U.S. prosecutors’ demands and abiding by relevant data protection laws.  In particular, some EU-based companies have found themselves at the receiving end of U.S. prosecutors’ requests or subpoenas for documents, in circumstances where compliance with them could potentially risk hefty domestic fines for breaching data protection laws.  There may also be other considerations to be borne in mind, such as relevant bank secrecy laws and common law rights to privacy, where a failure to comply with the relevant law could result in criminal sanctions including imprisonment.

Developments in U.S. and U.K. law, however, have introduced a framework for the legal cross-border transfer of data via cooperation between international authorities.  In addition to ensuring compliance with the GDPR and other privacy obligations in conducting data transfers,  U.S.- and U.K.-based communication service providers (“CSPs”)[1] should familiarize themselves with the recently signed U.K.-U.S. Bilateral Data Access Agreement (the “Agreement”).  The Agreement facilitates the objectives of the U.S. Clarifying Lawful Overseas Use of Data Act (the “CLOUD Act”) and the U.K. Crime (Overseas Production Orders) Act 2019 (the “COPOA”).  According to a communication by U.S. Attorney General William Barr to Congress earlier this year, the Agreement was scheduled to become effective on July 8, 2020, but there has been no official announcement from either the U.S. or U.K. governments on the status of the Agreement.  Indeed, earlier this month, the U.K. government anticipated that the Agreement would “come[] into use later this year[.]”  We discuss the implications of these developments and considerations for U.S.- and U.K.-based companies needing to transfer personal data[2] across the Atlantic to facilitate investigations.

Continue Reading Data Transfer Considerations in Investigations

We live in a world where, almost overnight, “social distancing” entered both our lexicon and our way of life. The constraints associated with keeping a minimum distance with one another have caused, and will continue to cause, significant difficulty for restaurants, pubs, bars, gyms, sporting events, concerts and more. Another established practice, however, also must address the reckoning that it too faces: the jury trial.

While the coronavirus pandemic temporarily brought jury trials in England and Wales to a grinding halt, jury trials had for some time prior been beset with pressures and challenges as a result of austerity measures. In January 2020, a report by barristers in the west of England found that Her Majesty’s Courts and Tribunals Service had cut the number of sitting days for courts in the region by 15%. This had led to “rocketing delays”, some courts being booked up for months on end. Amanda Pinto QC, chair of the Bar Council, noted that the problems were not confined solely to the west of England; indeed, at a national level, the average time from commission of offence to resolution at Crown Court increased from 392 days in 2010 to 525 days in 2019. According to Ms. Pinto, the issue was “fast becoming a national crisis.”

Continue Reading Trial by Jury: Inalienable Right or Anachronistic Practice?

Amongst those who operate or act (whether voluntarily or not) within global law enforcement arenas, there has long been a tendency in some quarters to view the UK law enforcement landscape with less trepidation than that in the US.[1] For many years law enforcement agencies in the United States and particularly the US Department of Justice (DOJ) and Securities and Exchange Commission – exponentially better funded and resourced – have drawn the limelight with billion-dollar bribery-related settlements such as the $1.78 billion settlement with Brazilian petrochemicals company, Petrobras, and the $1.01 billion settlement with Swedish telecommunications company Telia. There are signs, however, that a confluence of factors is now resulting in an increasingly aggressive posture being taken by UK law enforcement bodies and those who discount the appetite, powers and ability of those bodies may do so at their own peril.

Of all the UK law enforcement agencies, none has faced more apparent recent criticism and calls for reform than the UK Serious Fraud Office (SFO), the agency charged with tackling the top level of serious or complex fraud, bribery and corruption. The collapse of the 2019 trial of two former Tesco directors accused of false accounting (with the trial judge declaring that “I concluded in certain crucial areas the prosecution case was so weak it should not be left for a jury’s consideration”) was a high profile setback for the SFO, as was both the 2020 acquittal of three Barclays executives accused of making illegal payments to Qatar and the collapse of the case against the bank itself. Whilst it continues to defend itself against allegations that it is unfit for purpose and that a complete overhaul of the agency is necessary, the attacks appear to be having an unwelcome consequence for those in the SFO’s eyesight; namely, whilst the SFO faces increased scrutiny and the pressure of bringing significant prosecutions, there is likely to be much less shirking of high-profile investigations and, once an investigation is open, it will bring all its powers and expertise to bear. Put simply, once an investigation is opened, the SFO will play to win.

Continue Reading Ramped-Up Powers, Performance Anxiety and Political Pressure: A Perfect Storm for UK Law Enforcement Agencies?

According to the European Commission,[1] fraud offences against the European Union (EU) budget cost the EU and its member states over €1 billion in losses in 2018, in addition to the annual losses of around €150 billion resulting from VAT fraud. With current criminal enforcement efforts across the EU apparently failing to effectively tackle such offences, the EU established the European Public Prosecutor’s Office (EPPO) to act as an independent and decentralized office with the power to investigate and prosecute crimes against the EU budget, such as fraud, corruption, misappropriation and cross-border VAT-related fraud.

Set to become fully operational in November 2020, based in Luxemburg, with its funding for 2020 increased by nearly 50%, the EPPO is expected to ramp up prosecutions of corporate crime concerning the EU’s financial interests and facilitate the recovery of misused EU funds. Previously, only national authorities could investigate and prosecute such offences within the scope of their own borders.

Continue Reading European Public Prosecutor to Take EU Finance Fraudsters to Task?

Patrick Linehan, Zoe Osborne, Brittany Prelogar, Katherine Dubyak, and Jefferson Klocke co-authored an article titled “Considerations For Conducting Remote Internal Investigations” for Law360. The article, published April 3, discusses some of the legal and practical considerations in conducting remote investigations as the world grapples with containing the spread of COVID-19.

UK law enforcement is not immune to the unprecedented levels of business disruption caused by COVID-19. While not all agencies have published specific guidance on how they propose to operate and conduct enforcement investigations during this crisis (including, for example, Her Majesty’s Revenue & Customs, the Serious Fraud Office, and the National Crime Agency), a