UK Serious Fraud Office Releases New Guidance on Self-Reporting, Cooperation and Deferred Prosecution Agreements

On 24 April 2025, the Serious Fraud Office (SFO) released new guidance on corporate self-reporting, cooperation and deferred prosecution agreements (DPAs).

• The guidance provides a framework for corporates seeking to navigate criminal investigations and their potential resolutions with the SFO, and highlights that corporates that self-report better position themselves to obtain DPAs than corporates that do not.
• It also addresses previously debated topics such as (i) discussing with the SFO in advance the parameters of a parallel internal investigation, (ii) the voluntary waiver of privilege over internal investigation interview records and (iii) a corporate’s responsibility to identify and/or produce relevant overseas documents within its control.

Self-Reporting Misconduct and DPA Eligibility

To date, the SFO has entered into a total of 12 DPAs. Companies self-reported misconduct in nine of them.

• The new guidance reflects that prompt self-reporting and full cooperation will generally result in an opportunity for a corporate to negotiate a DPA rather than face criminal prosecution.¹ This presumption in favour of a DPA where a corporate self-reports signals that the SFO intends to make greater use of DPAs in its investigations going forward.
• Under the guidance, the SFO commits to more proactive engagement in response to self-reporting. The SFO will contact the reporting corporate within 48 hours of receiving a self-report.²
• The SFO will also decide within six months of receiving the report whether to open an investigation and, where DPA negotiations are initiated, will generally plan to conclude commenced negotiations within six months.³ This expedited time frame is intended to accelerate the resolution of SFO investigations (which the agency has previously been criticised for).
• The SFO emphasises that “[w]hether, when and how a corporate self-reports suspected offending is a ‘key consideration’ when assessing the public interest in favour of a DPA.”⁴ The guidance states that a knowing failure to promptly self-report suspected corporate criminal conduct will weigh heavily against a company in the SFO’s assessment of cooperation and mitigation.⁵

Although the guidance recognises that corporate entities may need to conduct preliminary investigation to understand the nature and extent of a suspected offence before considering self-reporting, the SFO does not expect a corporate to fully investigate a matter before self-reporting. The SFO will assess the question of reporting within a “reasonable time” on a case-by-case basis — which will continue to be a challenging point for corporates to navigate.⁶ The SFO director acknowledged that there are no hard rules regarding the timing of a self-report — what will be appropriate timing will be fact-specific. The SFO director added that corporates should engage with the SFO as soon as there is “reasonable suspicion” that a criminal offence has been committed (though this position is not directly stated in the guidance).

Cooperation Versus Non-Cooperation

The guidance asserts that the degree of cooperation provided by a corporate during an SFO investigation is a key determinant in the resolution of the case and the level of penalty imposed. The guidance also expressly states that self-reporting and being cooperative “are not one and the same,” and notes that the cooperation must be “genuine.”⁷ For example, the SFO may invite a corporate to DPA negotiations in circumstances where the corporate has not self-reported but has provided “exemplary co-operation.”⁸ The SFO expects cooperation to provide assistance that “goes above and beyond what the law requires.”⁹

The SFO’s position on cooperation is set out in a non-exhaustive list that includes:

• Proactively preserving all relevant digital and hard-copy materials.
• Collecting and identifying documents and information likely to be relevant in the investigation, including (i) providing a list of relevant document custodians and the location of material and (ii) identifying and/or producing relevant overseas documents within the corporate’s control.
• If the corporate undertakes an internal investigation, the SFO expects:
  • Early engagement to outline the parameters of the investigation.
  • Advance notice of proposed steps to ensure that the SFO’s investigation is not prejudiced (an issue particularly relevant to internal interviews).
  • The corporate to provide the facts gathered during the investigation to the SFO.
  • The corporate to provide non-privileged records of interviews to the SFO: Regarding internal investigation interview records that are subject to legal professional privilege, the guidance provides that voluntary waiver of privilege over such records will weigh “strongly in favour of co-operation.”
  • That the corporate will refrain from interviewing employees at the SFO’s request.
  • To be informed of previous relevant corporate criminal conduct and how it was resolved.
  • A thorough analysis of (i) the corporate’s compliance programme, (ii) procedures in place at the time of the offence and (iii) remediation plans.
  • The facilitation of access to employees for interviews and assurance that independent legal advice is available to employees when appropriate.¹⁰

The guidance has adopted a broader approach to conduct considered to fall within “genuine” cooperation as compared to earlier SFO guidance. Significantly, the guidance also outlines several examples of non-cooperative conduct, including:

• “Forum shopping” by unreasonably reporting offences to another jurisdiction for strategic reasons. The SFO will not consider a report to another agency, whether domestic or foreign, as a self-report unless the offence is also reported to the SFO “simultaneously or immediately thereafter.”¹¹
• Seeking to exploit differences between international law enforcement agencies or legal systems.
• Attempts to conceal the involvement of individuals, minimise or withhold the full extent of the suspected offending.
• Strategic delay in providing information or material.
• Overloading the SFO’s investigation by unnecessarily providing large amounts of materials that impede the efficacy of the investigation.¹²

The SFO’s point to discourage self-reporting to any “domestic or foreign” agencies before a corporate reports to the SFO will likely present a new challenge for companies. This condition is likely to raise considerations in the context of cross-border misconduct where multiple reports to enforcement authorities may be required.

Takeaway Points

The guidance demonstrates the SFO’s intention to make more robust use of DPAs as a tool to address corporate misconduct. The new guidance also builds on the position adopted by the SFO in prior DPAs, providing clarity and greater transparency for companies regarding the SFO’s expectations on self-reporting and cooperation during investigations. However, the challenge for corporates remains in weighing whether to self-report to the SFO in the first instance and continue to cooperate in any investigation.

What is clear is that the SFO is seeking to improve the way it investigates potential misconduct and to increase the speed of resolutions and the level of enforcement activity. The SFO has indicated that changes to the identification principle and the new failure to prevent fraud offence have significantly lowered the bar for proving corporate criminal liability — and the agency intends to make use of those new tools. This, coupled with the SFO’s intention to explore whistleblower incentive schemes and the greater use of DPAs, is likely to change the UK law enforcement landscape in the near future.

_______________

1 SFO External Guidance on Corporate Co-Operation and Enforcement in relation to Corporate Criminal Offending, ⁋ 2 (published 24 April 2025).

2 Id., ⁋ 4.

3 Id.

4 Id., ⁋ 5.

5 Id., ⁋ 6.

6 Id., ⁋ 6

7 Id., ⁋ 19

8 Id., ⁋ 3.

9 Id., ⁋ 21.

10 Id., ⁋ 22.

11 Id., ⁋ 14.

12 Id., ⁋ 23.

[View source.]