Extending the “Failure to Prevent” Model of Corporate Criminal Liability in the UK

by Liz Campbell

Prosecuting corporate criminality is not straightforward. As a result of these difficulties, the UK Parliament is turning to an indirect form of corporate criminal liability: the Bribery Act 2010 introduced the corporate offence of failure to prevent bribery (FtPB), and this provision has been emulated with respect to the failure to prevent the facilitation of tax evasion in the Criminal Finances Act 2017.  

In brief, a relevant commercial organisation (C) is guilty of FtPB if a person associated with C bribes another person with the intention of obtaining or retaining business or an advantage for C.  An ‘associated’ person is an individual or body who ‘performs services’ for or on behalf of the organisation, and this definition was framed broadly intentionally.[1]  Crucially, the corporate entity can rely on the section 7(2) defence that it had “adequate procedures” in place designed to prevent persons associated with it from bribing.

To date, five entities have been charged with FtPB: Standard Bank; Sweett Group; XYZ (an anonymised small-to-medium enterprise); Rolls-Royce PLC, and Skansen Interiors Ltd (“Skansen”).[2] The first four of these prosecutions were initiated by the Serious Fraud Office (SFO), the specialist investigating and prosecuting authority for cases of serious or complex fraud, bribery and corruption in England, Wales and Northern Ireland.  While no other charges were brought against Standard Bank and Sweett Group, XYZ was the subject of an indictment alleging conspiracy to corrupt, conspiracy to bribe and failure to prevent bribery, and the Rolls-Royce PLC indictment alleged offences of conspiracy to corrupt, false accounting, and failure to prevent bribery. Critically, these first four cases were not contested at trial: Sweett Group pleaded guilty to the section 7 charge, and the remaining cases involved Deferred Prosecution Agreements (DPAs).

DPAs have a close and special connection to FtPB and, one could infer, to indirect omissions liability now that it is being extended.  In England and Wales[3] a DPA is an agreement between the prosecutor and a corporate entity[4] that could be prosecuted for an economic crime,[5] but criminal proceedings are suspended automatically if the Crown Court approves the agreement. The DPA entails suspension of the prosecution for a certain timeframe, so long as the corporate entity meets certain specified conditions, such as paying a financial penalty or compensation and co-operating with future prosecutions of individuals suspected of involvement in criminality. In order for the DPA to be approved, the judge must be convinced that the DPA is ‘in the interests of justice’ and that its terms are ‘fair, reasonable and proportionate’.[6]  

The use of DPAs and the corresponding absence of a criminal trial until this year meant that there had been no judicial articulation or confirmation of the terms of section 7, especially the meaning of adequate procedures.  One could add that if the procedures fail to prevent bribery they are, by definition, inadequate! While the statement of facts in a DPA include a narrative and thus indicate what failure to prevent bribery looks like, there is no outline of the specific compliance procedures.

To date, Skansen Interiors Ltd, heard before Southwark Crown Court in February 2018, is the only contested case under section 7.  Skansen was a small company of 30 staff, and their former managing director had paid bribes to win contracts in office refurbishment.  At the time of the bribes, their anti-bribery policies were limited, to say the least.  Since then, a new CEO had been appointed, new policies introduced, and further problematic behaviour had been reported to the authorities. Moreover, the company itself had been dormant since 2014. The Crown Prosecution Service pursued this case, and a DPA was not offered.  At trial the jury rejected the company’s defence that it had adequate procedures designed to prevent bribery in place at the time of the offense.   After conviction, however, an absolute discharge was the only option, given the absence of company assets. At publication, we still await an appeal in which the details of the adequacy of procedures are examined in legal argument and judicial comment. Whether there is any incentive for the company to appeal is another matter. Trials and appeals of this type are lengthy and complicated, risky, and costly, for both parties.

Beyond FtPB, Part 3 of the Criminal Finances Act 2017 created two new corporate offences of failure to prevent facilitation of tax evasion: one for failure to prevent facilitation of UK tax evasion and the other for foreign tax evasion. Like FtPB, these offences hinge on the behaviour of “associated persons”. Notably, the associated person need not personally evade tax but must facilitate the evasion.[7] This makes more remote the nexus between the corporate entity and the substantive offence.    

Reminiscent of the FtPB defence, it is a defence for the entity to prove that, when the UK tax evasion facilitation offence was committed, it had in place reasonable prevention procedures.[8]  This is a lesser standard than “adequate procedures” and allows the company more scope to negotiate as to industry standards and reasonableness. In addition, there is no need for benefit to be intended or to accrue in respect of the taxation offence, in contrast to FtPB.  

Since its enactment, there have been proposals to emulate section 7 of the Bribery Act with respect to a range of economic offences.[9] And beyond the economic sphere, the Joint Select Committee on Human Rights has recommended the introduction of an offence of failure to prevent human rights abuses,[10] though this has not gained equivalent political attention.  A comparable suggestion also has been made in relation to institutional child sexual abuse in Australia.[11]

Indirect omissions liability has many potential benefits.  For one, it is likely to be more straightforward and effective than orthodox criminal prosecution for substantive offences. It can also penetrate the breadth of corporate entities and, through its conception of the corporation as a multi-dimensional organisation, ends up being fairer than pure vicarious liability.  This is evidenced through its allowing the organisation to show that it has addressed the risks of its employees and agents engaging in criminal activity on its behalf through the adequate procedures defence. [12] Moreover, indirect omissions liability and the associated defences aim to ensure that corporate management fosters a culture of compliance and communicates commitment to the prevention of bribery and tax evasion throughout the organisation. The extraterritorial dimension is also significant, as it would otherwise be difficult to criminalise and pursue behaviour overseas. 

All that said, there is limited evidence that compliance programmes, which are required by these defences, are truly effective in preventing or deterring crime.  In fact, they may have a negative impact in permitting the rationalisation of problematic behaviour. Moreover, internally the procedures can project a façade of compliance, and they may overlap with pre-existing recording obligations. Even if the programmes are worthwhile hypothetically, corporate entities might construct ‘cosmetic’ procedures so as to meet the requirements through unproductive ‘ritualism’.[13] This could be for criminal or questionable purposes or simply due to the perceived complexity of the undertaking. While reasonable procedures must be proportionate to the size and nature of the entity,[14] bigger firms can absorb and adapt to these requirements more easily. Compliance programs will necessitate tax and legal risk assessments, the complexity of which is compounded by the global mobility of employees and associates and by diffuse and diversified corporate structures and supply chains. These factors may consequently incentivise superficial compliance.

In essence, the UK is criminalizing compliance failures despite the fact that no one seems to know what adequate procedures really look like. And overall, this is another incremental reform to corporate criminal liability, albeit one that has transformative potential, not least if extended to non-financial crimes such as labour exploitation and other human rights abuses. While FtP is far from a panacea, it nonetheless represents a useful tool in addressing corporate wrongdoing. 

This post is based on the author’s paper “Corporate Liability and the Criminalisation of Failure.


[1] Ministry of Justice, The Bribery Act 2010 Guidance about procedures which relevant commercial organisations can put into place to prevent persons associated with them from bribing (PDF: 390 KB).

[2] See Standard Bank DPA (PDF: 43 KB); XYZ DPA; SG guilty plea; and Rolls-Royce PLC DPA.

[3] The DPA scheme does not apply in Northern Ireland or Scotland, though in the latter there is a self-reporting initiative for bribery offences with a view to consideration of civil settlement (PDF: 185 KB).

[4] This is a body corporate, a partnership or an unincorporated association, but not an individual: Crime and Courts Act 2013, sch 17.

[5] Courts Act 2013, sch 17, pt 2. This includes theft, fraud, forgery, money laundering, bribery, and fraudulent evasion of tax.

[6] Crime and Courts Act 2013, s 45 and ch 17.

[7] See ss 45(4) and 45(5) respectively.

[8] s 45(2).

[9] See consultation.

[10] Joint Select Committee on Human Rights, Human Rights and Business 2017: Promoting responsibility and ensuring accountability [191]-[193].

[11] P. Crofts ‘Criminalising institutional failures to prevent, identify or react to child sexual abuse’ (2017) 6 International Journal for Crime, Justice and Social Democracy 104‐122.

[12] C. Wells, ‘Corporate failure to prevent economic crime’ [2017] Criminal Law Review 426, 439.

[13] J. Braithwaite, V. Braithwaite and T. Makkai Regulating Aged Care: Ritualism and the New Pyramid (Edward Elgar 2007) 220, 227-30; H. Charlesworth and E. Larking (eds) Human Rights and the Universal Periodic Review: Rituals and Ritualism (Cambridge: Cambridge University Press, 2015).

[14] See Ministry of Justice, The Bribery Act 2010 Guidance (n 1).

Liz Campbell is a Professor in the Durham Law School at Durham University


The views, opinions and positions expressed within all posts are those of the author alone and do not represent those of the Program on Corporate Compliance and Enforcement (PCCE) or of New York University School of Law.  PCCE makes no representations as to the accuracy, completeness and validity of any statements made on this site and will not be liable for any errors, omissions or representations. The copyright of this content belongs to the author and any liability with regards to infringement of intellectual property rights remains with the author.