The Serious Fraud Office, the United Kingdom’s anti-corruption agency, has released guidance for the first time ever that lets corporates know what it expects from them to be considered for leniency.

The SFO says in its five-page guidance note that cooperation means “providing assistance that goes above and beyond what the law requires.” It includes identifying suspected wrongdoing and criminal conduct, naming the people responsible, reporting suspicions to the SFO “within a reasonable time,” and preserving available evidence in a variety of paper and digital formats and providing it promptly.

The SFO also wants companies to identify potential witnesses, provide contact details of current and former employees, provide industry knowledge (especially regarding context and common practices), and identify potential defenses that are particular to the market or industry at issue.

The agency is also quick to say, however, that “co-operation—even full, robust co-operation—does not guarantee any particular outcome,” a stance several lawyers suggest may have prevented companies from going down the DPA route and instead prompted them to take their chances in court.

Crucially, the SFO stopped short of proposing controversial measures that would have asked companies to hand over confidential evidence protected by legal privilege, a proposal the SFO has been pushing rigorously under former director David Green and latterly by new director Lisa Osofsky since she took office last August.

Instead, the SFO has said companies should have privileged evidence “certified” by independent counsel in order to retain it.

It is the first time the fraud agency has formally set out expectations integral to deferred prosecution agreements (DPAs), U.S.-style corporate plea deals introduced in the United Kingdom in 2014 as a way of securing faster punishments against companies. Under the arrangement, companies that self-report wrongdoing can avoid prosecution by agreeing to overhaul their businesses’ compliance measures, pay a fine, and be subject to a monitoring program.

But in the five years since they came into being, just five companies have accepted criminal responsibility—and no senior executives have been convicted in relation to any of those cases, “a record that may lead some to question if cooperation is the right thing to do,” says Matthew Bruce, a partner at law firm Freshfields.

“In a ‘slam dunk’ case, where the evidence of wrongdoing is overwhelming, there is now clear guidance as to what is going to be involved if a company chooses to self-report and/or cooperate in order to avoid a prosecution.” 

Claire Shaw, Lawyer, Keystone Law

During DPAs, companies surrender evidence the SFO can use to prosecute high-ranking individuals involved. But such outcomes are never certain.

Despite reaching a DPA with Tesco, a judge threw out the agency’s prosecution of three former executives. Meanwhile, the SFO’s £500m (U.S. $608 million) agreement with Rolls-Royce in January 2017 was followed two years later by its decision to not to bring charges against any of the company’s former employees.

Last month, the SFO lost a case against three former executives of metals company Sarclad, which signed a DPA in 2016. Former Managing Director Michael Sorby, Senior Sales Manager Adrian Leek, and Project Manager David Justice were cleared of taking part in a £17m (U.S. $21 million) bribery plot.

Several lawyers say the list of requirements to attain leniency is long and comprehensive and at long last provides a template of what the SFO actually wants companies to do if they want to be considered for leniency.

While “the guidance doesn’t cover everything,” says Bruce, “this clear shopping list of things the SFO likes to see is a step in the right direction after many years of companies having to glean pointers from speeches as to what the SFO wants to see from a cooperating company.”

Morgan Miller, a lawyer based in the Washington D.C. arm of law firm Paul Hastings, believes the SFO’s approach “is generally consistent with what has been the norm for cooperation in the U.S.,” particularly in its focus on proactively identifying senior level misconduct. He adds, however, that “certain critical areas continue to distinguish the SFO’s approach from the U.S.”—in particular, its requirements in relation to a company’s internal investigation and legal privilege.

In addition, some lawyers say the list of criteria is perhaps more indicative of the areas where the SFO has struggled to find the appropriate quality of evidence needed to prosecute cases successfully in the past.

Richard Reichman, a partner specializing in corporate crime, financial crime, and regulatory investigations at law firm BCL Solicitors, says that “while the guidance is helpful in providing some ground rules regarding what amounts to cooperation in the SFO’s eyes, considerable uncertainty remains, including in relation to waiver of legal privilege,” pointing out that “much greater detail is provided regarding what is expected of corporates than what they can expect from the SFO in return.”

According to Claire Shaw, a lawyer at Keystone Law, “the guidance is helpful but not exhaustive and sets out just how much full cooperation involves, without giving guarantees, as decisions on how a case is disposed of are ultimately for a judge, not the SFO.”

Nor does the guidance address the costs involved, says Shaw, which would in any significant case be very considerable. “The guidance makes it clear that cooperation involves the almost wholesale outsourcing of the SFO’s job to the corporate and/or its advisers. It would require the preservation of what could be huge volumes of digital data. That could be hugely costly for a business.”

Shaw also criticizes the SFO guidance for focusing on “high-end” financial crime, where the risks of prosecution (and reward of leniency) are greater, rather than producing guidance that makes it clearer how companies can cooperate with regard to financial crime generally.

“In a ‘slam dunk’ case, where the evidence of wrongdoing is overwhelming, there is now clear guidance as to what is going to be involved if a company chooses to self-report and/or cooperate in order to avoid a prosecution,” says Shaw.

She adds, however, that the guidance does not begin to address the difficult decision as to what to do if companies find low- to medium-level wrongdoing. “In those cases, if you investigate, take action, remediate, and move on, why would you want to involve yourself in such hugely costly cooperation? The balance would only favor cooperation if you were confident that the organization itself would be likely to be prosecuted—and convicted—on the evidence you have uncovered,” she says.