9 min read

Is self-referral ever a 'Safe Harbor'?

Read more

By Mathew Wale & Gareth Hall


Published 14 November 2023


On 25 September 2023, former police officer, Nick Ephgrave, took over as director of the Serious Fraud Office (SFO) from Lisa Osofsky, the dual US/UK qualified lawyer, who had served since 2018.

The US and UK approach to reporting misconduct discovered during M&A transactions

On 25 September 2023, former police officer, Nick Ephgrave, took over as director of the Serious Fraud Office (SFO) from Lisa Osofsky, the dual US/UK qualified lawyer, who had served since 2018. During her tenure one of Ms Osofsky's key priorities was increased transparency and cooperation between the SFO and the US Department of Justice (DOJ), an objective which many saw as a desire to adopt a more US style approach to the investigation and prosecution of serious fraud, bribery and corruption in the UK. It is of course early days for the new Director, and it remains to be seen whether he will seek to continue this narrative or not. Either way, it is widely accepted that cooperation between the SFO and the DOJ (and US authorities in general) is essential, bearing in mind the cross border nature of fraud, bribery and corruption and the myriad ways in which such conduct may be discovered. In this article, we consider the world of Mergers and Acquisitions (M&A) and we compare the differences in the approach taken by US prosecutors when such transactions reveal issues of misconduct, with that of the UK and in particular, the SFO.

The DOJ's 'Safe Harbor' Policy

Earlier this month, US Deputy Attorney General, Lisa Monaco gave a speech setting out the DOJ's new 'Safe Harbor Policy' which, broadly, promises a presumption of prosecutorial 'declination' for acquiring companies who discover criminal conduct during the course of M&A transactions and fully cooperate with the ensuing investigation.

Under the Policy, acquiring companies in 'arms length' transactions will be presumed to qualify for a written 'declination' - or waiver to prosecute - if they self-refer within the six month 'Safe Harbor' period after the transaction completes. They will also have to engage in effective remediation - to prevent future misconduct - as well as restitution of affected parties and disgorgement of all profits gained from the misconduct within one year from the date of closing (a deadline that may be extended in complex cases), including the withholding of compensation from executives who are responsible for misconduct.

This DOJ policy of non-prosecution in such cases places a premium on timely compliance and provides a level of consistency and certainty to acquiring companies as well as further incentivising robust pre and post-closing due diligence, and internal investigations where appropriate.

The UK approach

In general, there are a number of challenges faced by companies that are considering self-reporting including the conflicting needs of the company itself. Internal investigations can be costly and – when improperly managed – can have a adverse effect on corporate morale. Companies must also consider issues of legal privilege and how best to secure maximum efficiency within minimum disruption to its employees and the business as a whole. Ultimately self-reports that follow diligent and thorough investigations have significant potential benefits not only to the company but to the individuals involved including lower financial penalties, an increased ability to manage reputational fallout, and the potential to secure a Deferred Prosecution Agreement (DPA) in appropriate cases.

The UK does not have a specific equivalent to the DOJ's Safe Harbor Policy. In broad terms, in respect of serious or complex fraud, bribery and corruption, the current UK approach to the self-reporting process is detailed in the Corporate Co-operation Guidance, issued by the SFO which states that in order to be considered as a public interest factor against prosecution (and in favour of a DPA), self-reports must be characterised by a 'genuinely proactive approach', going 'above and beyond' what the law requires, with such steps being taken by the corporate management team as soon as they are on notice of offending. All such principles will apply equally to misconduct discovered during a merger or acquisition.

This includes but is not limited to:

  • Identifying wrong-doing and criminal conduct with the parties responsible, regardless of position or seniority;
  • Prompt reporting to the SFO once suspicions come to light;
  • Preserving and providing available evidence in an evidentially sound format;
  • Making witness statements available;
  • Disclosing the results of any internal investigation
  • Waiving privilege or providing certification by independent counsel that the material in question is privileged.

It is clear, however, that unlike the 'Safe Harbor' approach, self-reporting is no guarantee that a prosecution will not follow and that each case will turn on its own facts. The SFO's Guidance states that 'even full, robust co-operation – does not guarantee any particular outcome'. Self-reporting is considered to be a public interest factor to be taken into account only. Other factors such as the effectiveness of any corporate compliance programme, a lack of any previous history of similar conduct and the availability of civil or regulatory remedies that are more proportionate are also relevant. The wide margin of discretion that this approach affords the SFO, may lead to a lack of consistency in addition to significant ambiguity, thereby creating difficulties for prospective self referrers, not to mention the potential that the policy may not cater for the variances and complications that may be present when misconduct is discovered by an acquiring company in an M&A context.

Take the carrot…avoid the stick (mostly)

Although the 'Safe Harbour Policy' is – in its current form - in its infancy, and it remains to be seen how long it will be before an acquiring company seeks to utilise it, the broad approach of offering non-prosecution following self-report which fulfil an comply with number of criteria has long been an approach adopted by the US including in an M&A context, where the quality of due diligence conducted (pre or post-acquisition) is a key factor and we have identified some examples below:

Safran SA

On 21 December 2022, the DOJ confirmed that it would decline to prosecute Safran for violations of the Foreign Corrupt Practices Act (FCPA - the principal US anti-corruption legislation) for bribery having been committed by Monogram and EVAC between 2009 and 2015, prior to Safran's acquisition of both entities.

According to the documents in this case, between 1999 and 2015, Monogram and EVAC paid millions of dollars to a China-based business consultant - a close relative of a then-senior Chinese government official - in order to obtain lucrative train lavatory contracts with the Chinese government.

Under the terms of the declination, Safran agreed to disgorge $17,159,753 and the DOJ cited Safran's voluntary self-disclosure of the misconduct, its full cooperation and remediation, and the fact that Safran was a successor-in-interest to the misconduct which all occurred pre-acquisition. The DOJ's declination letter states:

"The Government has decided to decline prosecution of this matter based on an assessment of…factors…including but not limited to…(6) Safran's identification of the misconduct through post-acquisition due diligence, which Safran voluntarily..."

#BBD0E0 ยป


Key Contacts