We look back at the key developments and global trends that emerged during 2022, and make some predictions for 2023.
Global trends in key areas of corporate crime and investigations
Bribery and corruption
Geopolitical instability, the ongoing impact of the pandemic and rapid inflation have exacerbated commercial pressures – particularly on supply chains – and have created an environment ripe for corruption as companies struggle to maintain growth and meet stakeholder expectations. Against this backdrop, bribery and corruption have continued to be a priority for enforcement agencies globally this year, with authorities restating their commitment to investigate and prosecute instances of suspected illegality.
In May 2022, French authorities indicted a former executive of an aerospace company for active and passive bribery of a foreign public official, in connection with the alleged Libyan financing of former French President Nicolas Sarkozy’s election campaign in 2007. This serves as a reminder that individuals may be held criminally liable under foreign bribery provisions in France for both committing bribery and aiding and abetting it. In November, the same company entered into a new €16 million settlement with French authorities in relation to the Libyan bribery charges, an extension of the deal struck with prosecutors in 2020.
In July, an AUD$1.35 million (£756,000) penalty handed to engineering company Jacobs Group in 2021, for bribes paid to public officials in the Philippines and Vietnam, became the first corporate penalty for foreign bribery to be considered by an Australian appellate court. The New South Wales Court of Criminal Appeal rejected attempts by prosecutors to argue that the lower court had been too lenient. It upheld the decision to give Jacobs Group reductions of 25% for its cooperation and 40% for pleading guilty at an early stage, an outcome lawyers have described as offering a blueprint for companies facing similar allegations. The prosecution has since obtained leave to appeal to the High Court (Australia’s highest court), so 2023 should see the High Court of Australia’s first consideration of foreign bribery penalties.
In the UK, the SFO has had a year of notable successes and failures. The standout success was the recent conviction of a commodity trading and mining company for five counts of bribery and two counts of failure to prevent bribery under the Bribery Act 2010.
The SFO investigated in collaboration with US authorities and Dutch and Swiss prosecutors, finding that the company had paid US$29 million in bribes to maximise its oil trading profits in five African countries between 2011 and 2016.
The company was ordered to pay £280 million (the highest amount ever ordered in a corporate criminal conviction for bribery), and this was the first ever admission by a company of a principal bribery offence under section 1 of the Bribery Act. The outcome underscores both the focus of enforcement agencies in the energy and natural resources sector, and the SFO’s commitment to securing corporate convictions against non-cooperating companies. Lisa Osofsky, the current Director of the SFO, recently reiterated that proactive cooperation from companies under investigation was an essential pre-condition of their ability to obtain a DPA.
There remain, however, significant questions concerning the SFO’s capabilities, particularly concerning its ability to investigate and prosecute individuals. Summer 2022 saw the publication of Brian Altman KC’s review into the collapse of the R v Woods and Marshall trial and Sir David Calvert-Smith’s review into the SFO’s handling of the Unaoil investigation, both of which identified significant failings on the part of the SFO, particularly in relation to disclosure and resourcing.
The UK needs a strong and effective enforcement authority focused on economic crime, and with Lisa Osofsky due to step down next summer, it will be the job of the next Director to find a way to deliver that in an atmosphere of increasing financial crime, and potentially decreasing financial resources.
Enhancing ABC compliance programmes
Corporate ABC systems and controls continued to evolve throughout 2022, as companies sought to become more proactive in identifying corruption risks. The global political and technological landscape has changed significantly since ABC compliance programmes began to be adopted widely in the early 2010s. This has caused companies to enhance programmes, including employing data analytics to pre-emptively identify risks in supply chains/third party relationships, before they crystallise. Governments and enforcement authorities are encouraging developments in this area. For example, the UK Department for International Trade published new guidance in May to help companies prove that their business and supply chains are free from bribery and corruption.
ESG is a driver of change. Companies are increasingly incorporating ESG factors into the ABC risk-rating systems which are used to vet clients, suppliers and other third parties. Corporates leading the way in ESG compliance are realising that bribery and corruption risks may be posed by some sustainability and climate change mitigation schemes. A recalibration of compliance programmes to reflect the link between ABC and ESG risks is something we expect to see more of in 2023.
Verdict: We expect authorities globally to continue to open new investigations into suspected bribery and corruption in 2023 as misconduct emerging from the pandemic and economic instability crystallises. The risk of detection has been heightened by the activity of investigative journalists and increasing protections for whistleblowers. Businesses should refresh ABC risk assessments to ensure that emerging risks are properly mitigated, and take steps to remediate any control weaknesses. We further expect ABC and modern slavery in supply chains to remain a focus for governments as they seek to enforce ESG agendas.
2022 continued to see an increase in AML/CTF-related regulatory actions around the globe. For example, Denmark’s largest bank, Danske Bank, is expected to pay approximately US$2 billion in fines after a 2018 probe found approximately €200 billion of suspicious transfers sent through its Estonian branch.
There has also been increased focus on gatekeeping professions, with regulators enhancing the regulation of, and increased investigation into, professionals suspected of helping money launderers.
International cooperation has been notable in 2022, reflecting the cross-border risk that money laundering poses. INTERPOL launched a new Financial Crime and Anti-Corruption Centre to focus on complex money laundering schemes and transactional financial crime. The new crime centre will work with key stakeholders to “strengthen collective efforts against financial crime and corruption”, in addition to providing investigative, operational and analytical support.
In Australia, gambling providers continue to be a key focus for authorities, with major casinos and their directors and officers facing the aftermath of inquiries into their suitability to hold a gambling licence due to (among other things) historical AML concerns. The Australian Transaction Reports and Analysis Centre (AUSTRAC) commenced its third civil penalty proceeding against a business operating in the casino sector, and the Australian Securities and Investments Commission (ASIC) also commenced proceedings against directors and officers of a casino operator for alleged breaches of duty associated with the subject matter of earlier public inquiries.
Other jurisdictions continued to expand the breadth of their AML laws. For example, in April, Canada enacted new regulations extending AML obligations to payment service providers and crowdfunding platforms.
In the US, the Anti-Money Laundering Act of 2020 has been hailed as the most significant piece of such legislation in the past 20 years. The US Financial Crimes Enforcement Network (FinCEN) has also given advance notice of the proposed rulemaking (the ANPRM) and request for comment on potential regulatory amendments to establish that all covered financial institutions subject to an AML programme requirement must maintain an “effective and reasonably designed” AML programme.
Singapore commenced its presidency of the Financial Action Task Force (FATF) in June. One of FATF’s focusses will be implementing measures to prevent contemporary money laundering and terrorist financing risks associated with cross-border cyber-enabled crimes (e.g. phishing activities). The FATF will also continue progressing its work identifying and understanding money laundering and terrorist financing trends.
Focus on crypto-assets and real estate
The crypto-asset market has continued to grow, with the UK seeking to position itself as a global hub for crypto-asset technology and investment. Associated AML risks grow in parallel. In response, the EU imposed stringent traceability and transparency requirements for crypto-asset transactions; new legislation introduced by the European Parliament extends the “travel rule”, which already exists in traditional finance, to cover crypto-asset transfers. The rule requires that information on the source of the asset and its beneficiary is stored on both sides of the transfer and “travels” with the transaction.
The European Union is considering a stand-alone cryptocurrency regulator, while the UK’s National Crime Agency has called for regulation of “decentralised crypto-mixers”, which can be used to disguise transactions otherwise traceable on blockchains.
Efforts to manage AML risk in the real estate sector continue. The UK’s Register of Overseas Entities, held by Companies House, now requires overseas entities with land or property holdings in the UK to declare their beneficial owners and/or managing officers. Non-compliance can lead to restrictions on rights to deal with the property.
The FATF has also updated its risk-based guidance for the real estate sector, while the UAE has introduced new reporting requirements for real estate transactions. However, in the EU such efforts suffered a setback following a recent decision of the ECJ which cast doubt on the compatibility of the fundamental human right to respect for private and family life with company beneficial ownership registers under EU AML laws.
Verdict: We expect the regulatory focus on AML to continue throughout 2023, particularly in relation to identified areas of concern such as gambling, crypto-assets and real estate. As the war in Ukraine continues, we expect the spotlight to remain on the flow of funds from Russian companies and individuals. We anticipate updates to the FATF Standards this year. Businesses should ensure their AML programmes are responsive to emerging risks and to regulators’ expectations.
Unauthorised communication channels
2022 has seen substantial penalties imposed in respect of a range of wrongdoing.
A key trend is action taken against individuals using unauthorised channels of communication to conduct corporate business – most notably WhatsApp. At the start of the year, the US Securities and Exchange Commission (SEC) and US Commodity Futures Trading Commission (CFTC) charged a regulated firm with widespread and longstanding failures by the firm and its employees to maintain and preserve written communications. A US$125 million penalty was levied and an agreement reached to implement compliance improvements. Later in the year, SEC and CFTC charges against a raft of other Wall Street firms followed. Orders referred to firm employees outside, as well as inside the US. Total penalties levied in September exceeded US$1.8 billion.
The UK regulator issued warnings about the increased use of unmonitored and/or encrypted communication channels, such as WhatsApp, for sharing potentially sensitive information connected with work, pointing to compliance risks. We expect to see enforcement action in this area in 2023.
As ESG remains at the top of the agenda, we saw a focus on the accuracy of ESG-related disclosures to the market, and enforcement action taken in ‘greenwashing’ cases. For example, the Australian regulator, ASIC, has imposed penalties in two cases the second half of 2022 for ‘greenwashing’.
Insider dealing risks have continued to be met with enforcement action, both civil and criminal. In the UK, a Listed PLC board member was fined by the FCA for disclosing inside information to shareholders, and fines have been imposed against companies for issuing misleading statements to the market, or for failing to disclose information in a timely manner. In the US, the SEC issued a civil lawsuit against Archegos Capital Management, for alleged fraud in connection with the collapse of the firm once worth US$36 billion, and individuals at the firm are also the subject of criminal proceedings, with a criminal trial scheduled for October 2023.
In Australia, ASIC secured guilty pleas from a number of individuals for market manipulation and insider trading offences. Sentencing in some of those cases is pending; in others, custodial sentences and banning orders were issued. ASIC’s civil penalty proceedings against a major Australian bank for alleged insider trading continues and is scheduled for hearing in -2024.
In Hong Kong, the court ordered that profits of $12.9 million arising from insider dealing in shares of a technology company be paid to 63 affected investors by the company’s administrators following the civil proceedings commenced by the Securities and Futures Commission.
In France, there have been a number of insider dealing cases including a €1 million fine imposed by AMF against a biotech company, and fines for its co-founder and one of its shareholders for failure to disclose and the subsequent use of inside information. Other AMF cases have resulted in fines imposed on portfolio and asset management firms for breach of their professional obligations.
Systems and controls
There has been a continued focus worldwide on the importance of appropriate systems and controls to satisfy regulatory requirements. In Australia, for example, a major bank was ordered to pay penalties of $113 million for a range of compliance failures across its banking, insurance and superannuation businesses. This followed from ASIC’s investigations and six civil penalty proceedings against the bank in November 2021. The bank agreed to pay around $80 million to affected customers by way of remediation.
Verdict: We predict a continuing focus on inside information and market manipulation investigations and enforcement cases in 2023, together with an emphasis on adequacy of systems and controls for monitoring for suspicious activities. With ESG issues and “greenwashing” at the top of the agenda, listed companies will want to focus on their ESG-related disclosures. Tech companies will also be a focus of regulation this year. In the UK, a changed at in the head of enforcement at the financial regulator is predicted to bring a change
Focus on crypto-currency
As we predicted, in relation to AML /CTF-risks, cyber and the use of crypto-currency was a theme in fraud enforcement in 2022, with the high-profile collapse of crypto-currency exchanges shining a light on criminal risk. Data gathered by law enforcement agencies revealed that financial losses related to crypto-fraud increased by a third in the UK, while the number of reported incidents rose by 16%. In the US, one in every four dollars reported lost related to crypto fraud, more than any other payment method. We expect this is a trend which is here to stay.
Focus on auditors
The role of auditors in the fight against fraud also came under scrutiny in 2022. A statement from the SEC reminded US-based auditors that they must exercise “professional skepticism” when conducting their work, following the identification of shortcomings related to auditors’ responses to fraud risks and failures to comply with auditing standards. Enhanced professional scepticism on the part of external auditors is a trend we have observed across jurisdictions. Businesses should be aware of a changing approach, and should be ready to answer more incisive questions from their auditors on issues relating to integrity.
Allegedly inaccurate accounting practices were also the focus of a long-awaited UK High Court case: HP v Autonomy; the claimants succeeded in their claim against the former directors in the first case of its kind under the UK’s Financial Services and Markets Act. A decision on quantum is expected this year.
Focus on tax fraud and international cooperation
Tax fraud continued to be a key area of investigation in 2022. The European Public Prosecutor’s Office announced that it uncovered the largest cross-border VAT fraud scheme ever investigated, with estimated damages of €2.2 billion.
Demonstrating a commitment to tackling tax fraud across jurisdictions, the latest Joint Chiefs of Global Tax Enforcement summit between the heads of tax enforcement from the UK, Canada, Australia, the Netherlands and the US was held in May 2022. The summit enabled tax enforcement authorities to discuss emerging threats and operational priorities, in addition to enabling intelligence-sharing and the conduct of coordinated investigations.
Cooperation among international regulators in respect of fraud continued to increase in 2022. The SFO partnered with regulators across the globe, including the Brazilian Ministério Público Federal, in its successful prosecution for green investment schemes fraud: 2,000 investors were defrauded in respect of investments totalling circa. £37 million.
Increased economic crime
Enforcement authorities flagged an upward trend in economic crime in 2022. COVID-19-related fraud – including defrauding government-backed business support schemes – has been reported worldwide. In the UK, a new Public Sector Fraud Authority has been created, to meet this challenge. In the US, the House Select Subcommittee on the Coronavirus Crisis has targeted fintech’s failures to address “obvious and preventable fraud” in the administration of COVID-19 support loans.
Due to the prevalence of fraud-related offences, it came as no surprise that 2022 saw increased calls for legislative reform to target fraud. In the UK, the House of Lords called for the introduction of a new “failure to prevent fraud” offence modelled on similar offences under the UK Bribery Act 2010 and the Criminal Finances Act 2017.
Verdict: The authorities have shown an increased appetite to pursue fraud-related offences through to enforcement. This will continue in 2023. Cooperation between international law enforcement on fraud is also likely to increase, as authorities use information-sharing methods, modelled for other areas of financial crime enforcement.
Crypto and cyber-crime will be a prevalent and growing threat. We expect authorities to focus their attention on investigation and legislation here. Businesses should be ready to enhance existing compliance programmes to meet the changing nature of economic crime, and a likely extension to the ‘failure to prevent’ model of prosecution.
Response to Russian aggression
Global sanctions activity in 2022 was dominated by the rapidly evolving international response to Russia’s invasion of Ukraine. Sanctions authorities around the world introduced wide-ranging measures designed to target the Russian state and individuals and entities deemed to “own or control” Russian assets. Although the detail of the measures varies from country to country, we have seen significant coordination among jurisdictions, which has resulted in a number of common sanctions measures. These included:
- asset freezes and/or travel bans against a number of entities and individuals, including Russian ministers and senior government officials, members of the Russian military, Russian oligarchs, prominent business people and their immediate family members. A number of prominent Russian companies were also targeted, including defence and infrastructure companies, media outlets and banks such as Sberbank and VTB. For example, the UK’s Office of Financial Sanctions Implementation (OFSI) made over 1,200 new designations under the Russian sanctions regime in the period from February;
- wide-ranging financial sanctions aimed at restricting access to UK and EU capital markets, including restrictions on dealing with certain Russian transferrable securities or money market instruments (including crypto-assets) and advancing new loans or credit available;
- transport restrictions, including restricting access by Russian ships and planes to the UK and EU;
- a prohibition on the export of a large number of products to or for use within Russia, including gold and other luxury goods, goods deemed critical to or which generate significant revenue for Russia’s economy, military/defence goods, and certain aluminium products;
- a prohibition on the import of certain goods from Russia, including iron and steel, gold, oil, petroleum, coal and gas (see further below regarding oil, petroleum and gas). The UK and Australia also withdrew entitlements to “Most-Favoured Nation” tariff treatment and now apply an additional 35% tariff to imports from Russia and Belarus;
- a ban on the provision of certain professional, business and other services by UK and EU persons, including accounting, management consulting, PR, audit, engineering, trust, architectural, IT consultancy and legal advisory (EU only to date) services;
- restrictions on the Russian media were imposed by the UK and EU, including social media and internet restrictions, and the removal of broadcast licences for various Russian outlets;
- extensions of the existing sanctions on Crimea and Sevastopol, implemented following Russian’s annexation of Crimea in 2014, to the Donetsk and Luhansk regions, and, in the EU, also to the Kherson and Zaporizhzhia regions of Ukraine.
A number of the above restrictions have also been extended to Belarus in response to its involvement in the Ukraine invasion.
The most significant restrictions were directed at the Russian energy sector and developed during 2022. Initial carve-outs for energy-related activity gave way to restrictions on the import of Russia coal and much-debated ban on importing Russian oil into the UK and EU, which came into force in December 2022 (with some exemptions), with further restrictions including on LNG, coming into force in January 2023.
Other restrictions included the designation by Australia of 39 individuals under the thematic sanctions regime introduced by its Autonomous Sanctions Amendment (Magnitsky-style and Other Thematic Sanctions) Regulations 2021; restrictions on foreign investment in Russia, by the UK; and the exclusion of key Russian banks from the SWIFT payment system by the EU. (Read our briefing: Heightened focus on Australian sanctions: Ensuring your sanctions compliance systems remain “fit for purpose”).
A comprehensive list of all Russian sanctions imposed by the UK, EU, Australia and Japan, and is accessible here.
2022 saw unprecedented levels of cooperation among international sanctions authorities in response to Russia’s invasion. In March, Financial Intelligence Units from Australia, Canada, France, Germany, Italy, Japan, the Netherlands, New Zealand, the UK and the US established the Russia-Related Illicit Finance and Sanctions FIU Working Group, an international network for the sharing of financial intelligence on sanctions-related matters.
Representatives from Australia, Canada, the European Commission, France, Germany, Japan, Italy, the UK and the US also established a Russian Elites, Proxies, and Oligarchs (REPO) Task Force with the aim of working together to find, freeze, seize and, where appropriate, confiscate or forfeit the assets of those individuals and entities that have been sanctioned in connection with Russia’s invasion of Ukraine. The Task Force reported in June that it had blocked or frozen more than US$30 billion worth of Russian assets.
A “Freeze and Seize” Task Force was set up by the European Commission in March to promote the efficient implementation of EU sanctions against listed Russian and Belarussian oligarchs across the EU.
In its annual review published in November, OFSI reported on 75 engagements held in the wake of the invasion, with over 50 countries or territories, concluding that international collaboration will remain an area of “acute focus” in 2023. (Read our full briefing on OFSI’s annual review).
Increased enforcement in 2023
The majority of sanctions-related activity over the past year has focused on the widespread implementation of new measures, with few high-profile enforcement actions. We predict an increase in enforcement action in 2023, particularly driven out of the US.
In Australia, AUSTRAC, Australia’s money laundering regulator, announced that it had established a dedicated intelligence team to monitor and triage financial reporting Russian sanctions, which will be used to assist the Australian Sanctions Office and Australian Federal Police to detect sanctions evasion.
In the UK, OFSI reported its intention to bolster resources ahead of the end of the year enable additional enforcement to be taken around its expanded powers (in particular, the introduction of strict liability for breaches of financial sanctions in June 2022).
In the EU, the violation of EU sanctions was added to the “List of EU Crimes”. This means that Council and the European Parliament are now able to adopt minimum rules in respect of sanctions offences and penalties. Previously, responsibility for this sat exclusively with Member States, resulting in a significant divergence in approach across the EU. In December, the European Commission announced proposals for a Directive providing for such minimum rules. This marks a major milestone in the harmonisation of EU sanctions enforcement. The legislative process is expected to be completed during 2023.
Verdict: Russia has unsurprisingly dominated the sanctions headlines in 2022. The sanctions imposed by the international community in response to the invasion of Ukraine have been unprecedented. While the introduction of new sanctions measures has certainly slowed from the frenzy of activity in the weeks and months that followed the 24 February invasion, we predict that enforcement activity will be prominent this year. Sanctions risk and compliance should remain at the top of the agenda for businesses in 2023.
Modern slavery, and its role as part of the human rights and ESG agenda, has been a key factor in the corporate crime conversation in 2022.
Bolstering existing legislative frameworks, and creating new ways to manage risk, have been a target area of governments in many jurisdictions.
In the UK, the government included the announcement of a new Modern Slavery Bill designed to “strengthen the protection and support for victims of human trafficking and modern slavery and increase the accountability of companies and other organisations to drive out modern slavery from their supply chains.” The Bill restates earlier Government intentions, including:
- the mandating of reporting areas to be covered in modern slavery statements;
- a single reporting deadline and requirement to publish statements on the Government’s online registry;
- more effective enforcement through the introduction of civil penalties for non-compliance; and
- the inclusion of public sector bodies.
The announcement of the Bill came weeks after a report by the Financial Reporting Council found that 1 in 10 eligible organisations in the UK failed to publish an annual modern slavery statement, while only one-third of such statements were considered clear and easy to read. It remains to be seen whether the Bill, whenever it materialises, will have any meaningful impact on organisations’ non-compliance in this area and, in particular, whether it will kick-start companies into allocating the resource required to devise and implement proactive anti-modern slavery strategies.
Legislative changes designed to tackle modern slavery have been made throughout Europe in 2022, with the EU Commission publishing its long-awaited draft sustainable Corporate Due Diligence Directive in February. The Directive would go further than UK legislation and includes mandatory human rights and environmental due diligence requirements across EU Member States, as well as obligations on companies to identify, prevent and remedy adverse human rights and environmental risk “value chains”.
While EU measures are likely still to be a couple of years away, a number of EU countries have passed their own domestic legislation which mirrors, or goes further, than the draft Directive. Germany’s Supply Chain Due Diligence Act came into force on 1 January 2023 and obliges major companies to make reasonable efforts to ensure that there are no violations of human rights in their own business operations and in their supply chains. Similarly, a Dutch human rights and environmental due diligence law is expected to be finalised later in 2023, requiring companies that know or “should reasonably suspect” their activities may have adverse impacts on human rights or the environment in countries outside the Netherlands, to take all reasonable prevention measures.
In France, environmental groups recently lodged a claim under the 2017 “duty of vigilance” law which requires French companies to monitor human rights and environment concerns within their supply chains – we suspect that cases of this sort will become more common in coming years.
In Australia, where the Modern Slavery Act has been in force since 2018, critics have called on the Federal Government to overhaul the legislation which they say is failing. Similarly to the FRC’s report in the UK, a coalition of human rights organisations and academics published a report in November 2022 which found that the majority of Australian companies are failing to comply with mandatory reporting requirements and to identify risks in their supply chains. We expect pressure on the Australian Government to take steps to strengthen measures.
Verdict: We predict governments around the world will continue to legislate to prevent modern slavery in 2023, as the growing focus on companies’ supply chains give rise to more human rights-focused litigation.
Countries which once led in this area, such as the UK and Australia, may be forced to update domestic prevention measures to ensure they are keeping pace with European counterparts.
2022 was another huge year for corporate crime and regulatory enforcement globally. In 2023, we expect to see greater legislation and regulation across a broader range of corporate crime: modern slavery, health and safety, crypto and cyber-crime areas.
Sanctions became a major area of focus after the Russia-Ukraine conflict began and that looks set to continue for the foreseeable future.
The ESG lens will focus attention on corporate crime in 2023, triggering investigations and ensuring that corporate crime compliance remains a key priority for boards and businesses.