Late last year, ICBC Standard Bank Plc, a U.K.-based financial institution with operations around the world, agreed to pay a $37 million fine and enter into a deferred prosecution agreement (DPA) with British financial authorities to end an investigation into whether it bribed government officials in Tanzania. This arrangement, the first-ever DPA in the U.K., has compliance professionals taking note.
Long used by U.S. regulators, DPAs allow authorities to suspend prosecution if an organisation under investigation agrees to certain conditions, including paying penalties and implementing institutional reforms.
As I’ve previously written about the U.K. approving DPAs for use, “As U.S. experience has shown, DPAs can allow authorities to utilise scarce resources more efficiently by deferring prosecution instead of bringing a case and taking it to a lengthy (and expensive) trial. DPAs also can result in significant fines, which then can be used to help fund further enforcement activities.”
That U.K. authorities used a DPA so soon after it was made available underscores how serious they are about the new tool. And, as a result of the Standard Bank DPA, the U.K. is now better funded for future enforcement.
Self-Reporting Triggered the DPA
DPAs in the U.K. offer incentives to organisations that recognise an issue internally and self-report to authorities. Those incentives likely were part of the impetus for Standard Bank to self-report the bribery that ultimately led to the DPA.
The wrongdoing centred on a transaction with the Tanzanian government in which Standard Bank and a Standard Bank subsidiary, Stanbic Bank Tanzania Ltd, bid to issue $600 million of bonds for the country. In its initial pitch, Standard Bank and Stanbic proposed a fee of 1.4 percent of the bond sale amount. They later raised the fee to 2.4 percent and won the business. The incremental 1 percent fee totalled $6 million—an amount that became significant shortly afterward.
After the transaction was completed, someone at Stanbic authorised a payment of $6 million into an account for EGMA, a Tanzanian company, allegedly as payment for consulting services. Days later, the money was withdrawn through several large cash transactions. The cash withdrawals raised a red flag with some Stanbic employees, four of whom reported the suspicious activity internally. Stanbic management then raised the suspicious withdrawals with Standard Bank officials.
After an investigation, Standard Bank discovered that two EGMA employees were either current or former government officials, which raised the question: Was this payment a violation of the U.K. Bribery Act? Standard Bank self-reported the incident to the Serious Fraud Office (SFO). By self-reporting, Standard Bank was able to enter into a DPA and likely received a much lighter fine than it would have otherwise.
Standard Bank’s Speak-Up Culture
It was thanks to employees at Stanbic that Standard Bank became aware of potential wrongdoing—which speaks volumes for the strong ethics and compliance culture the bank had fostered throughout its organisation, including its subsidiaries.
In this case, the system worked soup to nuts—at least, after the initial transgression. The bank had policies in place requiring the reporting of suspicious transactions, employees (presumably due to effective training) recognised the large cash withdrawals as suspect, the employees spoke up, the bank investigated, and, when it appeared that bribery had taken place in violation of the U.K. Bribery Act, the bank self-reported to the SFO.
U.K.’s First DPA: Lessons Learned
The ICBC Standard Bank DPA indicates that U.K. authorities are serious and willing to bring these cases.
For businesses already set on doing the right thing, the DPA doesn’t really change things much. But companies that weigh the benefits of bribery and other financial violations against the cost and likelihood of getting caught may be altering their calculations now that the SFO has demonstrated its willingness to use DPAs as an enforcement tool.
For years, the U.K. Bribery Act has been viewed as one of the most aggressive in the world. At the same time, the SFO has been widely viewed as underfunded and struggling to prosecute financial crimes except in conjunction with other countries. Now, it has the DPA tool and has wielded it effectively. As SFO Director David Green said in a statement, the ICBC Standard Bank case will serve as a “template” for future agreements.
How Effective is Your Compliance Programme in Preventing Bribery & Corruption?
The underlying bribery stands as a warning to all companies: Even companies that have policies and procedures in place to prevent bribery may still have gaps that allow crooked employees to violate the law. In Stanbic’s case, the key question is how a payment of $6 million could be authorised for consulting services without proper scrutiny.
Any company with exposure to bribery should use the Standard Bank case as a reminder to take another look at its own controls to identify whether they are sufficient to prevent rogue employees from using company funds to bribe.
Want to talk with a solutions expert about creating a speak-up culture in your organisation?