Anti-Corruption Enforcement 
2023 Year in Review

Introduction

Perspective from the United States

In 2023, the US government continued to address anti-corruption through changes in enforcement policy, as well as the enactment of a new law. Starting with the enforcement policy, the US Department of Justice announced a new Voluntary Self-Disclosure Policy that will provide guidance about when imposing corporate monitors is appropriate and will govern corporate prosecutions by US Attorneys Offices nationwide. Under the new policy, DOJ hopes to encourage companies to “maintain effective compliance programs capable of identifying misconduct” while disclosing and remediating the issues “expeditiously.” DOJ’s goal is to incentivize companies to fully cooperate with the government in its corporate investigations by instructing USAOs to consider a company’s cooperation and remedial efforts when deciding whether to impose a compliance monitor.

And right before the new year, Congress passed the Foreign Extortion Prevention Act, which will serve as a partner statute to the Foreign Corrupt Practices Act. Under FEPA, foreign officials are prohibited from making demands or receiving anything of value in return for being influenced to perform an official act, omit performing an act, or provide an improper advantage “in connection with obtaining or retaining business” for a business or person. With the passing of FEPA, US authorities will be able to charge foreign officials for their roles in demanding bribery payments. Traditionally, US-based companies and individuals were charged for their roles in making bribery payments under the FCPA, but the foreign official counterpart was not held accountable unless there was a jurisdictional hook to permit prosecution. With the passage of FEPA, the United States seeks to hold more individuals accountable for their roles in corporate crimes.

Compared to 2022, DOJ resolved fewer matters in 2023, but the US Securities and Exchange Commission slightly increased its enforcement actions. Out of the 15 actions that DOJ resolved last year, more than half were enforcement actions brought against individuals as opposed to corporations. DOJ has publicly expressed its priority of prosecuting individuals, and last year’s enforcement trend is consistent with DOJ’s policy updates and announcements. In general, it appears that DOJ will continue to hold individuals accountable as the ones perpetrating the wrongdoing. Also notable from last year, DOJ did not impose more corporate monitorships—instead, DOJ only imposed two new monitorships during the year.

In 2023, the SEC continued to bring FCPA actions for unlawful payments and gifts under the act’s anti-bribery, books and records, and internal accounting controls provisions. This past year, the SEC brought two more FCPA enforcement actions than it did in 2022, and these actions encompassed allegations of misconduct in Africa, Asia, Europe, and South America. In addition, the SEC announced the “largest-ever award” in the SEC program’s history, awarding nearly $279 million to a whistleblower who led to a successful enforcement of SEC and related actions, and continued to signal its high expectations of cooperation from entities.

Recent US court decisions and ongoing litigation will likely impact FCPA investigations moving forward. Late in 2023, the US Court of Appeals for the Second Circuit issued a decision against the SEC in SEC v. Govil in which the court found the SEC could not seek disgorgement where the SEC had not shown that investors suffered pecuniary harm. This decision may impede the SEC’s ability to seek disgorgement in situations where there are no identifiable victims (as is the case in many FCPA actions). Likewise, the pending appeal before the US Supreme Court in SEC v. Jarkesy, which concerns the SEC’s authority to use its own administrative proceedings, could change the way the SEC approaches cases for potential resolution.

Finally, a US court provided another reminder about the risks of waiving privilege when conducting internal FCPA investigations. In United States v. Coburn, a US district court judge held that a company had waived attorney-client privilege when the company’s outside counsel made disclosures to DOJ as part of its cooperation with the government. After two of the company’s executives were indicted, they subpoenaed the company and requested documents from the outside counsel’s internal investigation; these documents included witness interview summaries and other work product. In finding waiver of the attorney privilege, the court noted that the company provided “detailed accounts” of witness interviews to the government, including by the defendants who had subpoenaed the documents from the company. Although the court relied on well-established principles related to attorney-client privilege, the opinion served as another warning about the risks of potentially waiving privilege in connection with efforts to cooperate with the government.

Perspective from the United Kingdom

There were a number of important developments last year in the fight against corruption in the United Kingdom. The most significant legislative developments relate to reforms of corporate criminal liability in the United Kingdom, which has long been criticised for its high threshold and limitations in holding companies accountable. Generally, under English law, a concept known as the “identification principle” means that a company will be liable for criminal offences only where the criminal conduct of a sufficiently senior individual or group of individuals can be attributed to the company. However, the UK government in 2023 reformed the identification principle to make organisations liable for economic crimes such as fraud, bribery, or money laundering if the crime is committed by a “senior manager”—being a person who is responsible for managing the whole or a substantial part of a company’s activities—while acting within the scope of their authority. In addition, the UK government has introduced a new “failure to prevent” offence in respect of fraud. Under “failure to prevent” offences (which currently exist in respect of bribery and the facilitation of tax evasion), a company can be held liable for failing to prevent misconduct by any person associated with the company (subject to a defence of having in place “adequate” or “reasonable” procedures to prevent the misconduct). The new offence is designed to bring about a systemic change in the way that businesses approach preventing fraud. Attempts to expand the scope of the new offence further to include failure to prevent money laundering were rejected by the government, and despite proposals for additional offences following the same model, there is unlikely to be additional expansion in the near future.

There has also been a changing of the guard at the Serious Fraud Office. The former director, Lisa Osofsky, has stepped down and been replaced by former police officer Nick Ephgrave. Prior to her departure, and in a move largely seen to be “clearing the decks” for her successor, Osofsky closed two of the SFO’s longest-running investigations into mining companies Rio Tinto and ENRC in August 2023. The SFO also suffered a set-back earlier in the year when its prosecution of three G4S executives collapsed following disclosure issues—the third such example of the SFO’s struggle to manage its disclosure issues in the last two years. Ephgrave’s previous experience of large-scale disclosure reform in criminal proceedings will likely help the SFO tackle the systemic procedural issues that have recently plagued the prosecutor. In the coming year, all eyes will be on Ephgrave as he seeks to revitalise the agency and drive the SFO forward.

Finally, the only deferred prosecution agreement to be agreed in the United Kingdom last year was between Entain Plc and the Crown Prosecution Service. Entain agreed to pay a total penalty of £615 million to resolve an investigation initiated by HM Revenue and Customs. As part of the DPA, the company accepted that it failed to prevent bribery contrary to section 7 of the UK Bribery Act 2010. The resolution represents the first-ever DPA entered into by the CPS, and it is the second-highest corporate criminal penalty to be paid in the United Kingdom.