SFO Internal Guidance on evaluating a Compliance Programme

On 17 January 2020, the Serious Fraud Office (“SFO”) updated its Operational Handbook to include a new chapter on evaluating a compliance programme. The update considers the relevance of compliance programmes for SFO cases and how the SFO will investigate the effectiveness of a compliance programme.  Compliance programmes are expected to be proportionate, risk-based and regularly reviewed, and cannot be merely a “paper exercise”.  Prosecutors are therefore required to assess the past, present and future effectiveness of an organisation’s compliance programme. In relation to the scope of the assessment, the Ministry of Justice’s 2011 statutory guidance on the Bribery Act setting out six key principles (Proportionate procedures, top-level commitment, risk Assessment, due diligence, communication (including training) and monitoring and review) continue to represent a good general framework for assessing compliance programmes.

The SFO’s Operational Handbook is an internal document which sets out standard processes, instructions and guidance on the conduct of SFO casework. It is intended as a practical reference guide for staff and does not constitute official guidance to third parties and is published in the interests of transparency. However, it can be instructive in revealing the SFO’s approach to certain matters.

In a recent speech at a Society of Corporate Compliance & Ethics conference the SFO Director Lisa Osofsky asked the audience

“Are [compliance programmes] part of the company’s DNA?  Or do they just adorn a very nice couple of binders that are held on a bookshelf that don’t really do much more than provide window-dressing?”.

She confirmed that building on the principles released last year, the SFO will continue to deepen its understanding of compliance and engagement with compliance professionals:

We’re upskilling ourselves to be better and smarter in this evaluation, including bringing in people with experience and expertise in this area”.