The Proceeds of Crime Act (POCA) 2002 imposes obligations on businesses operating in the regulated sector (for example, banks and other financial institutions) to disclose knowledge or suspicion of money laundering to the Serious Organised Crime Agency (SOCA). Such disclosure is known as a suspicious activity report (SAR).
There is no corresponding disclosure obligation on non-regulated businesses, but they may benefit from making a disclosure nonetheless. What, then, are the risks and rewards to such a business in choosing to make a SAR?
A SAR may be of relevance to companies in the non-regulated sector in circumstances where they find evidence of unlawful conduct in their ranks. If that unlawful conduct causes the company to be in possession of criminal property (for example, the proceeds of a contract obtained through bribery) the current directors of the company may commit a money laundering offence if they deal with that property, unless the necessary consents are obtained.
Under part 7 of POCA 20021, a person commits a money laundering offence if they:
- conceal, disguise, convert or transfer criminal property or remove it from England and Wales or from Scotland or Northern Ireland (s327);
- enter into or become concerned in an arrangement which they know or suspect facilitates the acquisition, retention, use or control of criminal property by or on behalf of another person (s328); or
- acquire, use or have possession of criminal property (s329).
Under POCA 2002, no offence is committed if the person makes an authorised disclosure under s338 of the Act and:
- if, where the disclosure is made before the act mentioned, they have the appropriate consent from SOCA; or
- if, where the disclosure is made after the act mentioned, they intended to make such disclosure but have a reasonable excuse for not doing so.2
Criminal property is defined as a person’s benefit from theirs or another’s criminal conduct (in whole or in part, directly or indirectly) where the alleged offender knows or suspects that it constitutes or represents such benefit.
Criminal conduct is defined as conduct that constitutes an offence in the UK or would do if it occurred in the UK (unless it occurred in a country where it was not unlawful under the laws of that country).
The ‘reward’ for a company in the non-regulated sector making a SAR, is the provision of a complete defence for potentially implicated individuals against a charge of money laundering. By way of example:
- A company discovers that its managing director has instructed an employee to engage an agent to pay a substantial sum to a government official in order to ensure that a particular contract is awarded to the company.
- It carries out a brief internal investigation, dismisses the agent, employee and managing director, tightens up its internal controls and carries on with business, including the contract won by bribery.
- The remaining directors are fully aware that a bribe was paid, but feel they have done all they should to deal with the problem.
Aside from any other offences that may have been committed (the ‘consent and connivance’ offences under s14 of the Bribery Act 2010, for example), the remaining directors could be guilty of money laundering in dealing with the proceeds of that contract (by authorising dividend payments, for example). However, if the remaining directors made a SAR and received consent from SOCA to make the dividend payments, they would have a complete defence to any allegations of money laundering in connection with those payments. Note that this would not necessarily protect the dividends if there were to be any other form of prosecution. In a recent case (Mabey & Johnson – civil settlement, January 2012), the Serious Fraud Office (SFO) used POCA 2002 to claw back the proceeds of crime that had already been paid out in dividends to shareholders.
It is important to bear in mind that there are many means by which information can reach law enforcement agencies and thereby trigger an investigation. The credit that can be gained by going to the authorities and coming clean about the situation can be lost if someone else, such as a whistleblower or an auditor, makes contact with them first. Other reporting obligations can also cause information to pass outside of the company (for example, a company’s insurers may need to be notified of unlawful conduct in order to ensure that cover is triggered under directors and officers insurance). The more people that know about the unlawful conduct, the more likely it is that such information will reach the law enforcement authorities, and the less control the company will have over its resolution.
Such considerations might lead a company to decide to make a SAR in conjunction with a self-report to the relevant law enforcement agency but there needs to be careful consideration of the risks involved in making, or not making, either of these reports.
A key risk of making a SAR lies in the certainty that SOCA will share any information set out in the SAR with law enforcement agencies. This makes the timing of any SAR critical, particularly in circumstances where a company is considering making a self-report to the SFO. The SFO will generally give credit to companies that choose to report discovery of their own unlawful conduct, in some circumstances even agreeing to pursue a civil settlement, rather than a full-blown criminal prosecution. However, a company making a SAR before it has self-reported to the SFO runs the risk of the SFO launching its own investigation. This will inevitably bring the risk of dawn raids, compulsory and wide-ranging document disclosure, interviews under caution, compulsory interviews, and the loss of any credit that a self-report might bring.
The wider distribution of information in the SAR is not only a local concern. SOCA is a party to the Strategic Alliance Group, a collaboration of seven international law enforcement partners intended to reduce the threat of global organised crime and its international impact. The UK, USA, Canada, Australia and New Zealand are all party to the group. Information in a SAR is also shared with other European countries via Europol and with countries throughout the rest of the world via Interpol.
Recent years have seen an increasing prevalence of multijurisdictional investigations, particularly in relation to bribery and corruption. The US, for example, is always quick to claim jurisdiction over conduct that touches its territory, even in the slightest way, and with penalties in the US being significantly higher than those imposed in the UK, the consequences of the US becoming involved in an investigation can be significant.
Companies should understand that, although making a SAR is effectively a mode of reporting unlawful conduct to the authorities in the UK, there is a possibility that law enforcement action will follow at home and abroad. If the possibility of a self-report in a bribery context, for example, has been considered and rejected, it will seldom then make sense to make a SAR to SOCA.
If a company decides to go ahead with making a SAR, it should consider precisely what it wishes to report. The SAR should give precise, specific information gleaned from an internal inquiry into the matter. Giving broad, non-specific information could cause the police, SFO or other agency to believe the issue to be wider than it is and to institute a wide-ranging investigation.
If a SAR is to be made, it will often be appropriate to make it in conjunction with a report to the authorities, in order for the company to retain as much control of the matter as possible, both in terms of the scope and cost of the investigation and the media management that is often required.
At the outset of an internal investigation, in-house lawyers should consider whether their directors are fixed with knowledge or suspicion that the company is in possession of the proceeds of crime and advise them of the potential ramifications of that. External legal advice may be required given the complexities of POCA 2002 and the consequences of a decision to make, or not make, a SAR. While pursuing a charge of money laundering against directors who were not involved in the commission of the original offence has not been a high priority for law enforcement agencies to date, it does present a risk that directors should be aware of.
By Laura Ford, solicitor, DLA Piper UK LLP.
- Note that these provisions apply to offences conducted after 24 February 2003. Similar offences under the Criminal Justice Act 1988 apply to conduct taking place prior to that date.
- Further offences can be committed by those in the regulated sector, including failure to disclose knowledge or suspicion of money laundering and tipping off. Such offences are not covered in this analysis.