The UK's Serious Fraud Office has updated its five-page guide for the banks and other corporations that it investigates. The paper describes the circumstances in which the SFO is prepared to set aside penalties in return for exceptional co-operation during or before investigations.

In the SFO's eyes, the word 'co-operation' means the provision of help to the SFO that goes above and beyond what the law requires. It includes: identifying suspected wrongdoing and criminal conduct together with the people responsible, regardless of their seniority or positions in the organisation; reporting this to the SFO within a reasonable time of the suspicions coming to light; and preserving available evidence and providing it promptly in an evidentially sound format.

Genuine co-operation is inconsistent with: protecting specific people or unjustifiably blaming others; putting subjects on notice and creating a danger of tampering with evidence or testimony; "silence about selected issues," whatever that means; tactical delays; and information overloads.

Co-operation will be a relevant consideration in the SFO's charging decisions to the extent set out in the pre-existing "Guidance on Corporate Prosecutions" and the Deferred Prosecution Agreements Code of Practice.

The paper unfortunately adds that "co-operation — even full, robust co-operation — does not guarantee any particular outcome," which leaves the reader wondering why the SFO published it in the first place. It seems to contain nothing that the SFO has not said before. It proffers no checklist that can cover every case. In the midst of the document the SFO states that it will retain full and independent control of its investigation process, a fact not borne out by the Cabinet Office's interference in its investigation of the damaging Al Yamamah corruption scandal in which the SFO abruptly ceased to investigate the skulduggery behind premier Tony Blair's £50 billion arms deal with Saudi Arabia.

Waiving of privilege

When a bank conducts an internal investigation which, the SFO hopes, will prompt it to contact the SFO with the details of any problems it uncovers, it typically obtains accounts from people. These may fall under legal privilege and the SFO is keen to prevail on banks (and other corporations) to waive that privilege. As the paper promises nothing concrete in return for this extraordinary sacrifice, and as it says nothing new about the length of time that a bank ought to take in its investigation before contacting the SFO, it might not prompt anyone to satisfy this wish. Equally maddeningly, it stops short of guaranteeing that the SFO will not view a failure to waive privilege as a failure to co-operate.

Moreover, when a bank or other organisation elects not to waive privilege, it must establish the existence of a valid claim to privilege. The paper is silent regarding the method by which this may be done, as it is on questions of data protection, the law of which has become far more onerous lately with the advent of the European Union's General Data Protection Regulation. It also says nothing about how the bank might defend itself against any non-SFO litigation by ordinary account-holders that might follow on as a consequence of its decision to 'self-report' (a strange term that the SFO uses when a firm spontaneously tells it about frauds that it has uncovered).

The US Financial Regulatory Authority (FINRA) issued its own update on the subject last month.