O2 SFO investigation and the importance of robust compliance programmes

The telecoms company O2 has revealed that it is under investigation by the SFO for potential breaches of the Bribery Act and that it has made financial provision to cover the costs of the possible violation in its latest financial statement. Whilst the investigation appears to be in the early stages, other telecoms operators may be watching the outcome of the investigation with interest as the SFO often looks at the activities in the wider sector.

Bribery does not always happen in remote jurisdictions, with rogue staff who are on the other side of the world and are difficult to control. The same could be happening right here in the UK. With industry sources reported as referencing a “wild west” culture, at a time when “there was so much money to be made”, the SFO probe may indicate that the company’s systems and processes have not been all that they should be. If that is found to be the case, O2 may be looking down the wrong end of a s.7 Bribery Act charge, namely one of Failure to Prevent Bribery, a strict liability offence.

Undertaking compliance and controls reviews

All telecoms companies would be well advised to undertake their own compliance and controls reviews in light of the SFO investigation. It is rare that one company in a sector is investigated on its own and where egregious practices are uncovered, a prosecuting agency is likely to conclude that competitor companies may have been engaged in similar conduct.

Getting ahead of the curve is vital for criminal risk management, particularly in times when self-reporting is expected by the SFO. That is not always a palatable route for many businesses, and whether it is advisable will depend on the findings of a compliance review. If evidence of wrongdoing is found, it is far better to get ahead, be properly and fully briefed by counsel, and take the initiative with the SFO.

A review does not need to be high profile and expensive – quite the opposite, in fact. The best review exercises in these circumstances will be discreet to be effective. Those conducting the review will need the help and co-operation of business leaders, so it is in no one’s interests to set a hare running. Furthermore, if there are potential whistleblowers amongst staff, they will need to receive the message clearly that they should come forward and will be heard. A whistleblower account may be extremely enlightening and helpful to both the lawyers doing the review and, in time, the Board.

Hopefully the review will find nothing more than a few improvements which could be made, but if there is something worse to uncover, it is better that that is done in a controlled and confidential manner, rather than in response to external accusations.

A proper compliance review allows a responsible organisation not only to do the right thing and be seen to be doing it but also enables it better control of a situation and to make good, calm decisions.

If you’d like to discuss the drafting and implementation of a compliance programme tailored to the needs and risks of your business, contact Claire Shaw.

Contributing Advisors