Banks must adapt to new aggressive regulatory regime in UK

Law enforcement agencies are targeting individuals and companies involved in financial crime more aggressively than ever before. This is particularly true in the UK, where legal changes have been accompanied by a full shakeup of the regulatory and law enforcement structure.

"The tide has changed towards a more aggressive approach to corporates," says Barry Vitou, a partner at Pinsent Masons, a UK law firm. "Law enforcers are prepared to take on the corporation. Are corporates becoming more cautious and beefing up their anti-fraud systems? Have they realised the seriousness? The answer is no, they should be doing more."

"I would expect prosecutions to increase," he adds.

The 2013 Financial Services Banking Reform Act, a measure that followed the investigation of the banks' role in the financial crisis by the Parliamentary Commission on Banking Standards and the UK Treasury Select Committee, opens the way for legal action against reckless bankers. Senior managers judged by the courts to have brought down a bank as a result of reckless management can be charged under Section 36 of the Act.

But prosecutors seeking to use the new law will face high hurdles. Proving that senior management were alone responsible for the failure of an institution will be an insurmountable obstacle and may jeopardise the success of this clause, some lawyers believe. For example, senior executives may seek to spread the blame for the mismanagement by arguing that junior colleagues were complicit, or they may use external events as mitigating factors.

David Kirk was chief criminal counsel at the Financial Conduct Authority until the start of 2014; he is now a partner at US law firm McGuireWoods in London. "No single group of small bankers makes a decision without a huge amount of advice, outside and inside," he says. "Secondly, no bank falls over for one reason or decision alone. Maybe they were thinking of RBS and ABN Amro. That was a decision made by the board which was reckless. Well, RBS was already fatally torpedoed, under the waterline, by the amount of toxic debt it had. Not only that – the main reason it collapsed was because of the global financial crisis, an external event, which it didn't cause."

While the Act may still serve as an incentive for better risk management, the prospect of any prosecutions under Section 36 is "absolutely nil", Kirk says.

The new priority given to fraud and financial crime has resulted in the reshuffle and enhancement of many enforcement agencies, notably the UK's National Crime Agency. Here, the Economic Crime Command (ECC) has been established under the directorship of Donald Toon, a former director of criminal investigation at HM Revenue & Customs. The ECC co-ordinates efforts to curb economic crime, and can point to its recent clampdown on an international boiler room ring as an example of the new more focused approach. Pete O'Doherty, a detective superintendent at the City of London Police, says the ECC is also critically important in co-ordinating the response to cyber threat – and to make sure there is no overlap or duplication of effort between agencies. Commentators regard the new direction as one driven by the US model, with the NCA having the potential to be a UK equivalent of the Federal Bureau of Investigation.

Preventative measures

A proposal by David Green, director of the Serious Fraud Office (SFO), if passed into law, will also herald a further clampdown on institutions whose staff have behaved fraudulently. Green is pushing for a law that puts companies in the dock if they "fail to prevent" fraud or other financial crime, in much the same way as they can already be prosecuted under Section 7 of the UK Bribery Act for failing to prevent bribery.

According to Vitou, there is a tailwind behind Green's proposal. "This change would have very significant ramifications in dropping the barrier to corporate prosecution. In the new environment, there is a lot of backing for a change to a section which would make it much easier to prosecute fraud."

Vitou believes the necessary legislation could be introduced swiftly with minimal fuss, as an amendment to the Bribery Act – or "back-doored", as he terms it.

The SFO's battle to bring to book manipulators of the Libor (and possibly foreign exchange) markets and Barclays Bank for its payment of ‘commissions' to Qatar at the peak of the crisis sends out a signal that no bank is too big to be made to account for its actions, especially during the freewheeling run-up to the crisis (see box below for a brief account of the Barclays Bank deal with Qatar).

But there are still question marks about the institutional structure of the anti-fraud agencies. This was demonstrated in the confused path taken in the pursuit of the Libor case. The Serious Fraud Office, at that time run by its previous director Richard Alderman, passed the evidence over to the Financial Services Authority (FSA) believing it to be a regulatory offence, rather than a criminal one. The FSA, together with US counterparts, treated it as a very serious breach of regulations and levied heavy fines against a number of offending institutions.

But the SFO under its new director Green retrieved the case, seeing the opportunity to bring criminal charges against senior individuals from the firms that had paid fines. Several charges have now been brought and although criminal trials are imminent, some scepticism remains about the chances of success. One prominent lawyer, who did not wish to be named, says: "It's going to be a challenge. It would have been better to leave it where it was and to pursue the regulatory actions; run people out of town who weren't behaving properly – fine them lots of money, fine the companies, and reform Libor. I firmly believe that the people who were in the firms manipulated Libor, with several exceptions... They simply thought these were the rules of the game."

At the time that the charges were being prepared in 2012, Green told OpRisk: "[Libor] is unbelievably complicated. A criminal investigation is to an altogether different depth and thoroughness than that of the FSA which has been regulatory. We have to take it much further than the FSA and spread it to other banks. There is an international dimension to the criminality."

Green was also highly critical of Alderman's decision to pass on Libor. "With hindsight it would have been better [if the SFO had made the initial investigation]. I couldn't say if I was in Richard's shoes, I would have made a different decision."

This clash of regulators leads Mark Tantam, head of fraud investigation at accountants Deloitte, to argue that the SFO has lost its way.

"It is widely argued that the SFO has really got to nail one of these trading-related cases to rebuild its reputation. This is largely undermined not because of current events but because of events in the past. When the SFO started, there was the potential for it becoming like the US Department of Justice, to be seen as a shining star, dealing with the biggest cases, taking on the biggest issues and thereby attracting the top talent. There is a danger now that the critical headlines will deter people as they will fear that they are going into an organisation that is failing in its remit."

The system for prosecuting fraud was no less exposed when police failed to act in the case of Ravi Sinha, a managing director at JC Flowers, the private equity firm. Sinha was found to have created £1.4 million of false invoices to claim expenses from a client of his employer after a failed personal investment. The City of London Police examined the case but concluded an investigation would waste public money unless it had the support of JC Flowers itself. JC Flowers refused to support it and it was passed over to the FSA in 2012 which levied a fine of £1.5 million (excluding disgorgement of the original false claim) on Sinha. The police and prosecutors' failure to bring a criminal case when such a substantial fraud had occurred unleashed a degree of public indignation.

The City of London Police has beefed up its own fraud resources with the creation of a series of regional fraud teams within its regional organised crime units in the UK, says O'Doherty. The force receives up to 20,000 reports per month of cyber crime. It can follow up only a fraction, although its National Fraud Intelligence Bureau (NFIB) co-ordinates reports and directs resources accordingly.

Resources are the greatest barrier to the new push against fraud. And the NFIB is greatly stretched financially, admits O'Docherty, with the Cabinet Office putting £2 million into the collection of intelligence about cyber crime, and the Home Office putting £2.5 million into intelligence gathering by the NFIB on non-cyber fraud. The NFIB supports a national pursuit of cyber criminals under the National Cyber Security Programme, which is to receive a total of £650 million over four years from the UK government.

The pursuit of the largest frauds by the SFO is similarly constrained. It has an annual budget of £30.6 million for 2014/15, down from £52.8 million in 2008/09, although there is scope to apply to government for "blockbuster financing" of specific high profile and resource intensive prosecutions. The SFO has said that blockbuster funding has been granted for the investigation of the Barclays/Qatar case.

Outside help

The use of internal investigations carried out by outside consultants such as auditors and lawyers can mitigate the cost of a prosecution by a public body, although it comes with the risk that the firm has not disclosed the entire investigation, either because the information is privileged or because the SFO disclosure order is inadequate. The SFO was relying on evidence provided by a US law firm in its prosecution of Victor Dahdaleh, the Anglo-Canadian billionaire, for alleged corruption in Bahrain. But when the law firm was shown to be conflicted and could not produce evidence at the trial, the UK prosecutor withdrew the case in December 2013.

It is now widely argued that the regulatory approach to punishing individuals is more effective than the criminal one. Observers are hailing the Financial Conduct Authority, the successor body to the FSA, as the standard bearer in the new drive against financial criminals for its success in taking targeted individuals 'out of the market'. With an approach that mirrors the more interventionist US Securities and Exchange Commission, the FCA has lower key but more decisive cases to its credit, Kirk says. "The FCA wants to have a go at the high-ups. They want to fix accountability on senior management. Now whether they will ever be able to do this or not is a very open question."

Mark Tantam, the head of fraud at Deloitte, is optimistic about the FCA's approach: "The FCA has done a good job saying that nobody is above the law. They are dealing with markets on a regulatory basis," he says. The regulator's recent targets include interest rates of payday lenders and insurers' sales and retention practices in the annuity market. Chief executive Martin Wheatley has presented the agency as a powerful defender of consumers who have been misled by sharp selling of complex financial products.

The FSA was the victim of political pressure to maintain a 'light touch' regime over the course of the decade before the financial crisis. But Wheatley can now point to the consequences of such a regime in the crisis to justify the need for a much tougher and more focused approach to abuse. He can argue that the stables need to be thoroughly swept clean while his institution needs to give a message that standards of conduct must be raised.

"We consider that firms need to focus much more clearly on the conduct of their employees than on specific fraud," says Tantam. "There is unlikely to be another fraud in the Libor markets, but financial institutions need to try to anticipate the next fraud. The best way to do that is to scrutinise people's behaviour, to look for changes and to ask questions. People are the constant factor in these companies and they are its critical moving force. Firms that can interpret signs of a change in behaviour are on the road to understanding their risks."

A growing number of regulators target fraud, says Vitou. "Criminal enforcement risk has increased from a variety of regulators. The regulatory snowball continues to roll. The FCA have put down a strong marker that they are looking to ramp up enforcement... Lots of people have got criminal powers, including the competition authorities, and they are starting to flex their muscles."

Vitou says that the regulatory landscape will have changed dramatically in five years' time, predominantly following the US direction. Much tougher US prosecutors, under the aegis of the Department of Justice, are feared by US companies or foreign companies operating in the US, and levels of fines and settlements imposed in the US dwarf anything seen outside the country.

The US influence is seen most clearly in the recent introduction of the Deferred Prosecution Agreement (DPA). This enables the SFO to settle cases against companies, while extracting a maximum fine from the wrongdoer. The company is able to reduce its reputational damage from a public trial, avoid a conviction that might disqualify it from tendering for public sector contracts and (most likely) protect its directors from individual prosecution.

Companies increase their chances of obtaining such a deal by approaching the authorities with their evidence, so-called "self-referral". They then show their contrition not merely by handing over their evidence but by paying for an investigation, whose findings they pass on to the authorities.

The legal structure requires the company to admit to an offence before it qualifies for a DPA. But Harry Travers, a partner at London law firm Burton Copeland, says the odds are stacked against the company in negotiations. "Companies are desperate to take the DPA and so avoid a trial. So the prosecutors know that they can push out the boundaries of the agreement and the company has little power to resist. The prosecutors are in the driving seat and the company and its lawyers basically look on and take what they are given."

And the agreements may also attract the same criticism in the UK as they have already done in the US: that they leave the individual culprits unpunished, while allowing corporations to pay their way out of justice.

New York district court judge Jed Rakoff recently attacked the DPA on the grounds that it failed to provide a "deterrent value". He said that "successfully prosecuting individuals far outweighs the prophylactic benefits of imposing internal compliance measures that are often little more than window-dressing. Just going after the company is also both technically and morally suspect. It is technically suspect because, under the law, you should not indict or threaten to indict a company unless you can prove beyond a reasonable doubt that some managerial agent of the company committed the alleged crime; and if you can prove that, why not indict the manager? And from a moral standpoint, punishing a company and its many innocent employees and shareholders for the crimes committed by some unprosecuted individuals seems contrary to elementary notions of moral responsibility."

The discussions around DPAs, as with many other regulatory issues, reflect the degree to which financial regulation is becoming a borderless world. DPAs have crossed the Atlantic and rewards for whistleblowers may soon do so as well; the US Foreign Account Tax Compliance Act and the UK Bribery Act aim for enforceability around the world; international organisations such as the Financial Action Task Force are becoming ever more active. The future of enforcement in the UK may depend as much on decisions made abroad as on the policies of the government currently in power in London.