Who’s watching you? Rise of corporate monitoring

The new zealous and robust approach adopted by the Serious Fraud Office (SFO) to combat corporate fraud and corruption offences has been increasingly described as the Americanisation of the organisation. The US Department of Justice (DoJ) and Securities and Exchange Commission (SEC) (equivalent to the SFO and Financial Services Authority (FSA) here) have made anti-corruption enforcement history – the biggest of scalps being Siemens who lost out financially to the tune of €2.5bn.

new approach to corporate compliance and enforcement

In mid-2009 two sets of guidelines were issued (‘Approach of the Serious Fraud Office to dealing with Overseas Corruption’ (the SFO’s guidelines) (21 July 2009) and ‘Attorney General’s Guidelines on Plea Discussions in Cases of Serious or Complex Fraud’ (18 March 2009)). As a response to the De Grazia Review (by US lawyer Jessica De Grazia), which excoriated the SFO’s poor prosecution record, the organisation has not only stepped up enforcement of overseas bribery offences, it has adopted a wholly new US-style approach, encouraging:

  • corporate self-regulation;
  • self-reporting if wrongdoing is uncovered; and
  • continued monitoring.

This mirrors a style of enforcement more familiar to US companies.

The SFO’s guidelines set out several factors that it takes into consideration when deciding the appropriate route to take. These include whether any existing board members have personally connived in the corrupt activity or derived personal benefit from it. The SFO’s guidelines are similar to US government guidelines, the ‘Holder Memo’ (Memorandum from Eric Holder, Deputy Attorney General US DoJ), published in 1999 in an attempt to recognise and address uncertainty surrounding the same issue.

In cases where the reported wrongdoing is perceived to be of too serious a nature to justify a civil settlement, the SFO took the view that it could nevertheless engage in negotiations with the corporate, and other US regulators and prosecutors, to carve out a global plea agreement. That approach was adopted in SFO v BAE Systems plc (2010) and R v Innospec Ltd [2010], but has come in for criticism. On 26 March 2010, Thomas LJ’s sentencing of Innospec, reminded the SFO that it had no power to agree corporate pleas with both the company and the US prosecutors, nor could it expect the courts in the UK to rubber-stamp agreements. In his sentencing remarks, Thomas LJ also expressed the view that it would rarely be appropriate for criminal conduct by a company to be dealt with by way of a Civil Recovery Order (CRO).

The assurance that, by self-reporting, the errant company will stand more of a chance of obtaining a civil settlement, or the equivalent of a US-style deferred prosecution agreement (DPA) or non-prosecution agreement (NPA), is a major incentive for the company. But the SFO is now somewhat restrained by its inability to enter into global plea agreements.

Despite the Innospec ruling, if the SFO decide that it is more sensible to take the civil path against the companies and prosecute only individuals where appropriate to do so, part of any negotiated deal with the offending corporate will be the agreed placement of a corporate monitor for a set number of years. The corporate monitor will watch over the activities of the board and its senior managers, and will report back to the SFO on corporate crime and compliance issues.

US Approach

In the US, the government’s approach to the appointment of a corporate monitor is now well established and has evolved over the past 25 years. Initially the court, as a result of post-judgment action, appointed an overseer to ensure compliance with any cease and desist orders. More recently the appointment of a corporate monitor has become a standard step taken by the DoJ and by the SEC in the US, before any court verdict is announced. The monitor’s ambit is dictated by the terms of the DPA or the NPA under which the government agrees settlement terms with the corporate, but retains the right to prosecute any subsequent breach of such terms.

The first landmark case was US v Prudential Securities Inc (1994), after which the use of an independent expert, whose role was to monitor the compliance of the company as part of the DPA, was increasingly relied on in settlements.

The incentive for corporations to settle before going to trial was bolstered by the George W Bush administration when it adopted a policy that allows companies to quietly avoid criminal prosecution in exchange for a probationary agreement to make certain internal reforms.

In SEC v WorldCom Inc (2002), the monitor’s efforts were initially directed at preventing corporate looting and document destruction, but then expanded to that of overseer initiating controls and corporate governance. In 2008 the DoJ issued guidelines relating to the appointment and use of corporate monitors, which set out nine basic principles (‘Selection and Use of Monitors in Deferred Prosecution Agreements and Non-Prosecution Agreements with Corporations’, 7 March 2008). The guidelines were issued in response to increasing criticism levelled at a lack of transparency in the selection process and cost levels of corporate monitors.

As there are no equivalent guidelines for this new process issued by the SFO, the principles are instructive as to the likely scope and role of any corporate monitor appointed in this jurisdiction (particularly as, increasingly, deferred prosecution settlements are likely to be made in conjunction with authorities in other jurisdictions).

The principles, in summary, are as follows:

  • Selection – monitors should be appointed on merit, with the specific factual situation in mind and to ensure the avoidance of any conflict.
  • Independence – a monitor is an independent third party, not an employee or agent of the corporation or of the government.
  • Role – the monitor’s primary responsibility should be to assess the corporate’s compliance with the DPA or NPA. They do not have responsibility to the shareholders. As such, while they can provide their input, the responsibility for compiling and implementing an effective compliance programme remains with the corporate.
  • Communication – open communication between the government, the corporate and the monitor is expected, and, in some circumstances, written reports may be made to both parties.
  • Corporate action – where the corporate does not adopt suggested recommendations, this should be reported to the government, along with the reasons given. This may be taken into account by the government when considering whether the corporate has fulfilled its obligations under the DPA or NPA.
  • Other misconduct – the DPA or NPA should set out the types of previously undisclosed and/or new misconduct that should be reported directly to the authority (including, in some circumstances, without the knowledge of the corporate).
  • Duration – this will depend on several factors to be considered in each case, including the seriousness of the wrongdoing, the corporate culture and the involvement of senior management.
  • Flexibility – the term may be extended or reduced depending on the process.

Application in the UK

The SFO does not have the power unilaterally to impose a corporate monitor. Therefore, such appointment has to be as part of a civil agreement between the parties and/or through the criminal courts. There is little doubt that both the SFO and the company have strong incentives to settle the case without the need to involve the criminal courts. For the government, corporate criminal cases are difficult, complex and expensive to prosecute. Corporations usually have access to greater resources than the average criminal defendant, which increases the likelihood of a vigorous defence. For the company, the advantages of settling early and avoiding charges are significant too, limiting amongst other things, severe reputational losses.

According to the SFO guidelines, one of the aspects that the SFO will consider following a self-report is whether:

‘At the end of the investigation… the corporate [will] be prepared to discuss resolution of the issue on the basis, for example, of restitution through civil recovery, a programme of training and culture change, appropriate action where necessary, and at least in some cases external monitoring in a proportionate manner.’ [Emphasis added.]

The SFO further sets out that monitoring will be by:

  • ‘an independent, well-qualified individual nominated by the corporate and accepted by us’;
  • that ‘the scope of the monitoring will be agreed [with the SFO]’; and
  • that it will be ‘proportionate to the issues involved’ (paragraphs 4 and 14 of the SFO’s guidelines).

Such is the extent of the existing SFO guidance in this area.

The few cases where a monitor has been appointed in this jurisdiction offer little by way of further instruction. A brief look at recent law provides an overview of the sort of cases in respect of which a monitor might be appropriate.

SFO v Balfour Beatty plc (2008)

The SFO reached a civil settlement with Balfour Beatty under its new civil recovery powers in 2008, in the first case of this kind. Balfour Beatty self-reported payment irregularities by its subsidiary in relation to a construction project in Egypt. Balfour Beatty agreed to a settlement payment of £2.25m, together with a contribution towards the costs of the CRO proceedings. It also agreed to introduce certain compliance systems and to submit these systems to a form of external monitoring, for an agreed period.

R v Mabey & Johnson Ltd (2009)

The SFO and the company entered into a criminal plea negotiation that was agreed by the criminal court. This was the SFO’s first criminal conviction for overseas corruption since the implementation of the Anti-Terrorism, Crime and Security Act 2001. It was also the first time that the appointment of corporate monitor was approved by the criminal courts. The company pleaded guilty to the making of corrupt payments in Ghana and Jamaica, and to the breach of a United Nations embargo on trade with Iraq. Penalties of approximately £6.6m were imposed (which incorporated fines, a sum for confiscation, reparations to the countries impacted and a contribution to the SFO’s costs). Also included in this sum was a provision of £250,000 for the appointment of an independent corporate monitor for a period of three years.


The company pleaded guilty to conspiracy to corrupt in this jurisdiction and entered pleas to violating the Foreign Corrupt Practices Act (FCPA) 1977 in the US. A global settlement was agreed between prosecuting bodies and the offending company.

As part of its plea agreement, Innospec agreed to hire an independent monitor to review and evaluate internal controls, record-keeping, and compliance practices. Monitors, who are generally attorneys, have become commonplace in plea agreements and deferred prosecution agreements, stemming from FCPA 1977, money-laundering and other charges. While the DoJ frequently assists in selecting a monitor, they leave it up to the company to set a fee.

The appointment of the monitor and the likely cost was criticised by the district judge in the US. This indicates the ongoing difficulties with the appointment and control of independent monitors in the US, and it is a problem that is also likely to arise here.

The SFO appears to have agreed to share that monitor’s reports, although for what purpose (since it had prosecuted the company) it is difficult to comprehend.

Practical Considerations

It is still early days in the UK. Monitors are being appointed post charge, or as part of a civil deal, rather than early on, post self-report and with a view to assisting with settlement. The recent judgement in Innospec will inevitably force the SFO to look at several issues again and will predictably steer it further towards a US-influenced approach.

It is likely that the concerns that have arisen in the US are also likely to resonate here. Key considerations are likely to be:

  • Appointment – does the appointed individual have the necessary experience and sector understanding to enable them to properly assess and evaluate the corporate’s policies and systems?
  • Cost – is the level of projected cost proportionate to the level of seriousness of the wrongdoing?
  • Duration – is the length sufficient to enable the corporate to demonstrate that its compliance procedures are being properly implemented and not too long to cause financial difficulties?
  • Role and scope – is the scope sufficiently clear as to the role of the monitor, including which aspects of the day-to-day operation of the company they will be expected to be appraised of to fulfil their duties? Is the scope sufficiently tightly worded to avoid any unnecessary duplication of duties?
  • Fiduciary duties – does the monitor have duties towards vulnerable shareholders, whose assets they are monitoring?
  • Confidentiality – is the monitor bound by confidentiality as between the SFO and the corporate (this may be directed by the obligations of the company to report to its shareholder as to the progress being made)?


Corporate monitors assist with the elimination of corporate wrongdoing and will predictably become more common in the UK, as new approaches to dealing with corporate offences, particularly bribery and corruption, evolve. The role of the those at the top of a company and their duties to prevent wrongdoing has been emphasised by the ‘Walker Review of Corporate Governance of the UK Banking Industry’ (by Sir David Walker) and by the Financial Reporting Council. The FSA has also increased the pressure on, and raised expectations of, non-executive directors of FSA-regulated firms. Looking further down the track, the emergence of a market for specialist non-executive directors or professional supervisors to monitor compliance is not an unrealistic prospect.