The UK government announcement that 'failure to prevent' offences will be expanded to include additional areas of financial crime is a welcome development.
The introduction of these offences targeted at fraud, false accounting and money laundering would harmonise these areas of financial crime with existing offences related to bribery and tax evasion.
We can generally surmise that the introduction of additional strict liability offences will require incremental enhancements to existing risk assessments, controls, and policies and procedures.
That said, there is a question over whether a proliferation of offences will make it harder for prosecutors to secure convictions rather than easier. Capacity and capability are real issues.
We should not forget that we are yet to see a prosecution for failure to prevent the facilitation of tax evasion, despite the offence being available to prosecutors for more than five years. So while the introduction of new offences has a deterrent effect in isolation, the strength of that deterrent is determined by the likelihood of enforcement.
We should not underestimate the awareness and appetite for doing the right thing that already exists within many organisations.There needs to be some stick; it is hard to convince organisations of the importance of compliance when there has been no evidence of it being a top priority for prosecutors, particularly when they are already dealing with so many competing priorities, such as ESG, health & safety and cyber.
Whatever the likelihood of UK enforcement, we should not underestimate the guidance that organisations will need in response to these new offences. Similar to the existing offences for bribery and tax evasion, we can expect a reasonable or adequate procedures defence to be available to companies facing prosecution.
The company will likely need to demonstrate that at the time of the conduct it had in place reasonable prevention procedures. Establishing and maintaining those procedures, without detailed and up-to-date guidance from regulators, risks increasing the compliance burden on companies, without guaranteeing the outcomes and organisational change that underpins this legislation.
Similarly, we should not underestimate the awareness and appetite for doing the right thing that already exists within many organisations. Recent research from Ashurst Risk Advisory revealed that 88 per cent of in-house lawyers are concerned about financial crime.
However, we can now ignore the corresponding compliance burden with three-fifths (57 per cent) of in-house lawyers stating that they were only just able to keep up with their workload, and with nearly one-third of this group admitting they were falling behind.
Any failure to prevent offence has to be the opening gambit and not the endgame.Ultimately, financial crime, whether fraud, false accounting or money laundering (or even the original offences of bribery and tax evasion) is exceptional activity, often perpetrated by criminals that are both organised and innovative.
As such, preventing and detecting financial crime is often described as being like searching for a needle in a haystack. If so, it does not help if the effect of this legislation is to just add more hay.
In light of the above, where organisations conclude that they need to enhance their procedures, it is critical that these changes are incremental: for regulated entities, there will be existing financial crime controls, whether directly (money laundering) or indirectly (fraud and false accounting) related, that can be leveraged to meet new compliance targets.
Unregulated businesses, on the other hand, may not have a mature or sophisticated financial crime risk and compliance framework. In these circumstances, an effective risk assessment is paramount.
Key questions include: where is the financial crime risk most likely to crystallise and what needs to be done to mitigate it? The objective has to be a framework that is proportionate, sustainable and, in a world of increasing personal accountability, defensible.
As with all legislative proposals, the devil will be in the detail but the legislation is only the starting point for tackling corporate criminal liability.
Any failure to prevent offence has to be the opening gambit and not the endgame. Companies will need clear and up-to-date guidance on what is expected of them, and regulators will need investment in talent and technology to prosecute successfully.
There may be no guarantees on enforcement, but is ignoring new offences worth the risk? No, full stop.
Ruby Hamid is a partner and Anthony Asindi is an associate from law firm Ashurst; and Matthew Russell is a partner and Tristan Bramble is executive of Ashurst Risk Advisory
