This is an Insight article, written by a selected partner as part of GIR's co-published content. Read more on Insight
We are delighted to publish the first edition of the GIR Guide to Compliance, which brings together compliance guidance and criminal enforcement trends relating to financial crimes and misconduct.
While laws prohibiting and punishing financial crimes and misconduct have long existed, during the past 20 years or so, governments have steadily increased efforts to enforce these laws and to prosecute those who violate them. In parallel with (and often embedded) in those enforcement efforts, many governments have issued compliance guidance and, in many instances, codified that guidance in regulatory or legal obligations. Compliance now lies firmly at the heart of prevention and enforcement of financial crimes and misconduct, and the developments in this area demonstrate a firm commitment from global legislators, policymakers and law enforcement to continue in this approach.
For instance, in June 2022, the United Kingdom published the Law Commission Options paper for reform to corporate criminal liability. Among the options under consideration is a new corporate criminal offence in the United Kingdom of ‘failure to prevent fraud by an associated person’. If accepted and brought onto the statute books in the United Kingdom, the consequences for corporate compliance programmes will be highly significant. In October 2021, US Deputy Attorney General Lisa Monaco issued a memorandum announcing ‘initial revisions’ to the Department of Justice’s (DOJ) corporate criminal enforcement policies and announcing the creation of a Corporate Crime Advisory Group with the DOJ. The Group will have a ‘broad mandate’ to update the DOJ’s approach to ‘cooperation credit, corporate recidivism, and the factors bearing on the determination of whether a corporate case should be resolved through a deferred prosecution agreement (DPA), non-prosecution agreement (NPA), or plea agreement’, among other topics.
In the Asia-Pacific (APAC) region, a number of jurisdictions are moving into a compliance-based approach in relation to corporate bribery issues. In June 2020, Malaysia introduced corporate liability on a failure-to-prevent basis and the Malaysian Anti-Corruption Commission charged a company and its director under this new corporate liability regime for the first time in March 2021. Elsewhere in the region, Australia is awaiting the enactment of a corporate offence of failure to prevent bribery by an associate, while Singapore is also reviewing its foreign bribery laws.
The prominence of environmental, social and governance (ESG) issues in recent years exemplifies the global policy shift to a compliance-based approach to corporate good conduct. ESG topics are deeply interwoven into financial misconduct issues. Supply chain issues represent an obvious example, as they can be highly complex and often extremely difficult to navigate for a corporate.
The rapid increase in the use and evolution of cryptocurrency in the past decade has posed challenges for governments as they consider whether and how to regulate the use of digital assets. Although the United States has opted, at federal level, to rely on existing regulatory and compliance regimes, other jurisdictions, such as Singapore and Switzerland, have recently introduced specific laws aimed at promoting themselves as ‘crypto-friendly’ environments.
For many global and multinational corporations, evaluating enforcement risk and navigating the patchwork of compliance expectations can be a challenge. Hence, the idea for this Guide to Compliance was born.
Overview of the Guide
This Guide undertakes to capture enforcement and compliance trends across the globe. Specifically, the Guide aims to:
- bring together an overview of the compliance regimes in respect of economic crime and misconduct in difference jurisdictions in terms of both requirements and enforcement;
- provide practical assistance to practitioners tackling the challenges created by multi-faceted and multi-jurisdictional global compliance issues; and
- provide insight and guidance on key emerging areas in respect of compliance in economic misconduct.
The challenge of summarising an entire body of enforcement and compliance trends is not a simple one. Each of the chapters included in this Guide seeks to summarise the trends that best capture the current state of enforcement and compliance in the relevant region or subject matter. We look forward to continuing to build on and deepen these summaries in future editions.
Part I: Global Compliance Requirements and Enforcement
- UK Compliance Requirements: The focus of this chapter is on those areas of criminal risk and regulatory risk arising from compliance failures. In terms of criminal risk, the authors consider bribery, tax evasion and money laundering and set out the relevant legislative framework together with the guidance issued by the authorities in respect of each. From a regulatory risk perspective, the authors expand on the approaches to compliance failures taken by the Financial Conduct Authority and the Gambling Commission.
- UK Compliance Enforcement: This chapter builds on the first chapter and sets out the main areas of enforcement activity in the United Kingdom, drawing on lessons that can be derived from previous enforcement outcomes together with statements of policy from the various UK enforcement agencies. As with the UK Compliance Requirements chapter, the authors divide the chapter between criminal enforcement and regulatory enforcement.
- US Compliance Requirements: This chapter discusses the four main sources of documents on compliance requirements issued by the DOJ. The chapter specifically sets forth the elements of an effective compliance programme and DOJ expectations with regard to each.
- US Compliance Enforcement: Building on the chapter on US Compliance Requirements, the authors explain how US authorities incorporate compliance factors into white-collar enforcement. They describe key considerations that companies should bear in mind when evaluating potential enforcement risks and when embarking on the reporting and settlement process with US authorities.
- Asia-Pacific Compliance Requirements: There are unique challenges in covering the APAC region from a compliance perspective owing to the diversity of government regimes, cultures and economies. The authors have risen to the challenge and provide a valuable overview covering issues in a thematic way in respect of key areas of risk such as bribery and money laundering.
- Asia-Pacific Compliance Enforcement: The authors cover enforcement priorities, outcomes and trends by reference to key jurisdictions in the region – Australia, China, Hong Kong, Japan and Singapore – while also providing a commentary on emerging trends and key compliance issues for corporates in the APAC region.
- Latin America Compliance Requirements: During the past decade, compliance has increased in importance in Latin America. In this chapter, the authors provide an overview of the guiding compliance principles applicable to the region and lay out best practices for designing, implementing and maintaining an effective corporate anti-corruption compliance programme that complies with such requirements and principles, helps companies avoid and identify misconduct, and mitigates liability where a violation occurs.
- Latin America Compliance Enforcement: Latin America as a region continues to evolve in its enforcement efforts with each individual country being at a different stage in that evolution. In this chapter, the authors focus on enforcements trends in some of the more developed jurisdictions – Argentina, Brazil and Mexico.
Part II: Compliance Issues in Practice
- Navigating Global Compliance Issues: The authors provide guidance for in-house counsel and compliance teams in multinational businesses on how to navigate global compliance issues, taking into account particular risk vulnerabilities, including in different jurisdictions, sectors and emerging risks, together with how to put in place an effective compliance framework to mitigate these risks. The chapter includes a checklist for managing a crisis should one arise.
- Compliance Issues in Corporate Transactions: Identifying compliance risks in corporate transactions is essential not just to avoid the risk of a purchaser making a bad buy but also to avoid any risk of successor liability or future civil claims for historic or ongoing compliance issues. The authors identify the key compliance areas in due diligence and how to conduct an effective assessment of compliance policies and procedures or issues in third-party dealings. Finally, the authors consider how best to remediate any compliance issues identified in the course of the due diligence process.
- The Role of Audit and Monitoring in Compliance: Periodic risk-based audits and ongoing monitoring are emblematic of a maturing compliance programme. In this chapter, the authors discuss regulators’ expectations with respect to the role of audits and monitoring, the differences between the two exercises and the critical role of data and enterprise resource planning systems. Recognising the inherent challenges in developing and implementing effective monitoring and auditing programmes, the authors provide practical guidance on how to action such programmes.
Part III: Emerging Compliance Fields
- Compliance Issues in Cryptocurrency: The advent of digital assets has presented a number of unique regulatory and compliance challenges. In this chapter, the authors provide overviews both of those challenges and the current regulatory landscape, primarily in the United States but also in a number of other jurisdictions where the regulatory landscape and compliance regimes are evolving to address those challenges.
- Compliance Issues in Environmental, Social and Governance Matters: The authors have focused on two fundamental areas of risk for corporates in the ESG arena: supply chain issues and specific reporting requirements. They also examine the emerging issue of voluntary reporting in respect of ESG matters and consider issues of practical importance, such as investigation and remediation.
- Understanding and Shaping Organisational Culture to Disrupt the Cycle of Misconduct: The importance of a company’s culture on the effectiveness of its compliance programme cannot be understated. This chapter considers how corporates can use behavioural science to enhance their compliance culture, introducing the concept of the ‘culture cycle’ and using examples to demonstrate how deficient corporate culture can enable misconduct. The authors look at ways to measure and assess corporate culture and the changes that can be made to foster a stronger culture of ethics and compliance.
We are extremely grateful to our wonderful contributors. Their deep expertise and thoughtful insight are demonstrated and shared in the chapters that follow. It has been a great pleasure to work with them in bringing this project to fruition, and we will look forward to continuing to work with them in future editions of this GIR Guide. We also extend our thanks to Celia Marr, managing associate at Mishcon de Reya LLP, for her assistance with preparing chapter outlines.
Mahnaz Arta, Hannah Higgins and Georgia Goldberg, at Law Business Research, have honed to a fine art the skill of herding busy practitioners to make these GIR Guide publications possible and we are extremely grateful that they do so, and that they do it with such professionalism, patience and good humour.
 Johanna Walsh is a partner at Mishcon de Reya LLP, Alejandra Montenegro Almonte is a member and vice chair of the international department at Miller & Chevalier Chartered and Alison Pople KC is a barrister at Cloth Fair Chambers.