ALRC recommends broad changes to Australia's corporate criminal responsibility regime

By Christopher Kerrigan, James Campbell, Cindy McNair, Andrew Wilcock, Victoria Eastwood

In brief

On 31 August 2020, the Attorney-General tabled the Australian Law Reform Commission's (ALRC) report into Australia's corporate criminal responsibility regime in Parliament (Report).

The Report is the culmination of the first comprehensive review undertaken into federal criminal laws and how they apply to companies. The ALRC is proposing an ambitious reform agenda to recalibrate the role that criminal law plays in the overall regulation of companies and better align corporate criminal liability with corporate culpability. 

How does this affect you?

  • In a thorough, comprehensive and considered Report, the ALRC has recommended broad and deep changes to Australian corporate criminal law.
  • The recommendations focus on changes to the substantive law relating to corporate criminal responsibility, and not the process by which regulatory and prosecutorial agencies currently investigate corporate misconduct, which the ALRC considered to be outside the scope of its review. The ALRC agreed with Allens' submission (and reiterated in other consultations it received) that an inquiry into criminal investigative processes would be appropriate to ensure that serious corporate malfeasance is being effectively investigated and prosecuted.
  • If adopted, the ALRC's recommendations would strengthen and clarify the law in this area and reserve corporate criminal enforcement for misconduct that warrants denunciation and condemnation and is truly 'criminal' in nature. In particular, the ALRC's recommendations aim to make corporate criminal law more effective at holding corporations to account for the culture within their organisations. Corporate culture is already an area of focus for regulators, prosecutorial agencies and courts. We have published a guide to help corporations and their boards improve their corporate culture and reduce risk.
  • It is now left to the Government to decide whether to implement the Report's recommendations, in whole or in part, which it can do according to its own timeline. Given the scale of the reforms, many of the recommendations could take years to be implemented fully, however, we expect that some will be adopted in the shorter term.

ALRC recommendations and Allens' insights

In its 567-page Report, the ALRC makes 20 recommendations for reform. Our insights into the key recommendations are set out below. 

ALRC problem one: Lack of principled basis for corporate criminal offences at the federal level

What's the ALRC's solution?

Recommendation two

Corporations should be subject to a criminal offence only when:

  • denunciation and condemnation of the conduct is warranted; 
  • the stigma of being a ‘criminal’ would be appropriate;
  • the deterrence from a civil penalty would be insufficient;
  • the potential harm that may occur justifies a criminal offence; or
  • it is in the public interest.

Recommendation three

Infringement notices should not be available as an enforcement response for criminal offences committed by corporations.

Recommendation four

If a proposed law includes a new criminal offence provision for corporations, government should be required to explain publicly why it is appropriate and necessary.

Our insights

These recommendations seek to address the over-proliferation of low-level criminal offences under the federal regime, many of which do not reflect any rational or principled concept of criminality and are complex and duplicative.

The ALRC's view is that:

  • criminal liability should be reserved for only serious misconduct that deserves to be labelled as criminal; and
  • the vast majority of corporate conduct is more appropriately regulated by civil regulatory provisions, which should be the default model of regulation.

In a move away from the position in its earlier discussion paper, the ALRC has not recommended ending dual-track regulation (that is, where the same conduct is prohibited by an identical or near-identical civil and criminal prohibition). Instead, where such regulation exists, the ALRC has recommended that the criminal offence be distinguished from the relevant civil penalty provisions by a requirement to prove an additional fault element.

In light of the very large number of Commonwealth corporate criminal offences (more than 3,200) it is likely to take some time to 'clean up' the statute book. However having a clear set of guidelines in place is likely to assist in the meantime for new or amended criminal offences.

In the short term the ALRC's view that only serious conduct be criminalised may also provide a signal to regulators to focus their attention on morally blameworthy conduct, rather than more minor or technical offences that could not be said to involve any true criminality.

ALRC problem two: Multiple inconsistent mechanisms for holding companies criminally liable (ie attribution)

What's the ALRC's solution?

Recommendations five to seven

The law should contain one clear method of determining when a corporation is responsible for a crime. That method should apply in the vast majority of situations.

A corporation should be criminally responsible for the conduct of a person acting on its behalf. The nature of the relationship between the person and the corporation should be more important than the person’s job title or job description, when determining whether the person is acting 'on behalf of' the corporation.

A corporation should be considered at fault when an employee, officer or agent of the corporation has the relevant state of mind for the particular criminal offence.

A corporation should have a defence of having taken ‘reasonable precautions’.

Our insights

These recommendations seek to address the key issue of when, and how, a company should be held liable for the criminal acts of its employees (ie the attribution of criminal liability to the company).

The ALRC found inconsistent and outdated methods for attributing criminal liability to corporations under the federal regime, with little principled discussion as to why certain methods were used over others.

Under the ALRC's recommendations, a single legislative attribution method would be adopted whereby:

  • a company is held liable for the conduct of its officers, employees and agents acting within the scope of their authority (as well as those acting at the direction, or with the agreement or consent, of those persons); and
  • with respect to the fault element, the ALRC has proposed two alternative options for the Government to consider:
    • Option 1 involves modifying the fault element in the current Criminal Code and replacing the requirement to prove fault on the part of a 'high managerial agent' with any officer, employee or agent acting within the actual or apparent scope of their authority. Consistently with the current Code, a company could still be liable if its corporate culture directed, encouraged, tolerated or led to non-compliance.
    • Option 2 involves utilising a 'TPA model' approach, which attributes to a corporation the states of mind of officers, employees or agents who were engaged in the relevant conduct (or who directed, agreed or consented to the conduct) and were acting within the scope of their authority. The 'corporate culture' limbs of attribution in the Criminal Code would be dropped.

In the ALRC's view, the recommended attribution model above would achieve a better reflection of corporate blameworthiness by removing some of the unjust and unfair impacts of attribution under the current law, particularly with respect to the 'high managerial agent' concept, including that:

  • the concept has tended to focus the inquiry on 'who' the actor is, which the ALRC points out disproportionately impacts smaller businesses and is no longer suited to modern business, where lines of responsibility and decision-making are often diffused within an organisation as a matter of fact; and
  • the genesis or cause of the misconduct could be the same regardless of seniority levels (ie the misconduct could be symptomatic of a broader compliance or corporate culture issue). The recommended attribution model seeks to move the inquiry to 'how' the misconduct was able to occur and whether a company instituted sufficient measures to guard against the specific risks of misconduct for its business (see further below on the reasonable precautions defence).

In proposing the above, the ALRC has stepped back from its initial position in its discussion paper to make companies liable for the actions of 'associates' (an even broader group of persons acting on behalf of the corporation).

Reasonable precautions defence - To soften the proposed attribution model above, which many may see as lowering the bar on criminal attribution, the ALRC is proposing there be a 'reasonable precautions' defence available to companies. The defence would operate as a full defence to liability if the company can establish, on the balance of probabilities, that it had in place objectively reasonable policies and procedures to prevent criminal activities. This defence had widespread support in submissions and provides real and tangible incentives for companies to invest in risk and compliance systems, controls and training. The defence again highlights the importance being placed on corporate culture. The ALRC has recommended the defence be supplemented with guidance. In the interim companies may wish to consider, by way of best practice guidance, the six principles of ‘reasonable measures’ from the UK Bribery Act 2010 and the draft Australian guidance on adequate procedures to prevent the commission of foreign bribery.

A consistent approach to corporate attribution would provide welcome clarity to business and regulators in driving the approach to risk management, compliance and regulation, notwithstanding that there may still be some circumstances in which a unique method of attribution is required. The proposed options are something of a mid-point between the corporate attribution regimes currently in play. For example, they will significantly expand the scope of people whose conduct and state of mind can be attributed to a company under the Criminal Code, for example in relation to foreign bribery or false accounting. On the other hand, the introduction of a 'reasonable precautions' defence would reduce the harshness of the attribution model used in Chapter 7 of the Corporations Act 2001 (Cth) (s769B).  

ALRC problem three: Inadequate consequences for repeated civil contraventions

What's the ALRC's solution?

Recommendation eight

There should be new criminal laws that address systems of conduct or patterns of behaviour that result in multiple contraventions of civil penalty provisions.

Our insights

The ALRC found that current laws were not well-equipped to deal with persistent or repeat offenders of civil regulatory provisions.

To address this, the ALRC has recommended a novel offence be introduced that would criminalise repeated contraventions of certain prescribed civil penalty provisions. In its Report, the ALRC suggests that key features of such an offence include:

  • use of a 'system of conduct' or pattern of behaviour concept that would result in two or more contraventions of the same or similar civil penalty provisions; and
  • the requirement to prove intention or recklessness with respect to the repeat contraventions.

As noted above, the ALRC contemplates that the proposed offence would not apply to all civil penalty provisions, but rather would be adopted in appropriate regulatory contexts only. These would likely include heavily regulated industries like the financial services industry—and indeed, the ALRC provides an example of how the offence might apply in the consumer financial protection space.

In general, this recommendation also underlines that policymakers, regulators and prosecutors are increasingly using the law to strengthen corporate compliance cultures, and reinforces the need for corporations to invest in robust compliance programs.

ALRC problem four: Limited penalty and sentencing options for convicted corporations

What's the ALRC's solution?

Recommendation 10

The law should require courts to consider a number of specified factors when sentencing a corporation.

Recommendation 12

Courts should be able to impose a range of non-monetary penalties when sentencing a corporation, including:

  • publication or disclosure;
  • community service;
  • corrective action;
  • facilitating redress; and/or
  • not participating in certain commercial activities.

Recommendation 13

Courts should be able to make orders dissolving a corporation, if it is the only appropriate sentencing option.

Recommendation 14

Courts should be able to make orders disqualifying a person from managing corporations, if that person managed a corporation that has been dissolved by a court.

Recommendation 15

The Australian Government, together with state and territory governments, should develop a national debarment regime.

Recommendations 16 and 17

Courts should be able to make orders for the preparation of presentence reports for corporations, and should be able to consider victim impact statements.

Our insights


The ALRC recommends that the Crimes Act 1914 (Cth) be amended to require courts to consider a range of corporate sentencing factors, including whether a corporation self-reported unlawful conduct, has taken steps to reform itself, and to empower courts to order independent pre-sentencing reports on the circumstances of a corporate defendant, including its compliance culture.

These recommendations reemphasise the policy need to provide concrete incentives for businesses to thoroughly investigate misconduct, cooperate with regulators and address the root causes of misconduct at their own initiative. This is particularly important in setting 'norms' for how companies are expected to respond to corporate misconduct when identified, and to ensure that 'good' corporate citizens are not treated in the same way as those who choose not to proactively respond to and address misconduct.


The ALRC's review found limitations on courts' abilities to impose meaningful penalties on corporations. In particular, the ALRC observed that fines were typically the only available sentencing remedy for convicted corporations, and that these are inadequate because they are often levied years after the misconduct occurred and are more likely to be borne by third parties removed from the actual misconduct, such as employees, shareholders and other innocent stakeholders. In addition, it found that fines might give the impression that offences are a 'purchasable commodity'.

In its Report, the ALRC proposes significant new non-monetary corporate penalties that would allow courts to impose bespoke and targeted penalties on corporations to address the particular misconduct, including:

  • publicity orders, requiring a corporation to publicise information about its unlawful conduct;
  • community service orders, requiring a corporation to undertake activities for the benefit of the community;
  • probation orders, requiring a corporation to take corrective actions like investigating misconduct or implementing organisational reforms;
  • disqualification orders, restraining a corporation from conducting certain commercial activities or trading in a geographic area for a period, or suspending its licences or freezing its profits; and
  • dissolution orders, dissolving a corporation in the most extreme circumstances – the 'corporate equivalent of a death sentence'.

The ALRC acknowledges that probation and disqualification orders could significantly intrude upon corporations' internal affairs and proposes that the courts develop practice notes setting out when these penalties are appropriate and what conditions should attach to them.


The ALRC recommends that the federal, state and territory governments develop a regime providing for the exclusion of convicted corporations from government contracts. Internationally, such regimes are increasingly common, however, careful thought will need to be given to how this will apply in practice so as to not foreclose the possibility of a company successfully rehabilitating from serious corporate wrongdoing.

ALRC problem five: Proposed Deferred Prosecution Agreement (DPA) scheme does not provide sufficient transparency

What's the ALRC's solution?

Recommendation 20

There should be judicial oversight of DPAs and publication of the reasons for any approval of a DPA in open court.

Our insights

As we reported in December 2019, a bill is currently before the Federal Parliament that would establish a DPA regime (CLACCC Bill). The ALRC is broadly supportive of the regime, but recommends a revision to it whereby the rationale and approval of a DPA be subject to judicial oversight through a sitting judge, rather than a retired judge (as is currently contemplated by the bill). This support from the ALRC may provide fresh impetus to the implementation of the DPA regime, but potentially delays the passage of the bill if the Government adopts the ALRC's recommendation.

ALRC problem six: Little accountability for corporate conduct overseas

What's the ALRC's solution?

Recommendation 19

The Government should consider applying the new model of ‘failure to prevent’ offences to misconduct overseas by Australian corporations.

Our insights

The ALRC recommends that the Government consider extending the proposed 'failure to prevent' offence under CLACCC Bill to crimes such as tax evasion, modern slavery, terrorism financing and other human rights offences. A defence of reasonable measures would be available. The ALRC considers that this would incentivise corporations to proactively manage risk, while still protecting them from 'rogue actors'. In making this recommendation, the ALRC is seeking to reduce the accountability gap between conduct perpetuated by a company domestically versus in overseas jurisdictions, where laws and systems are potentially less robust but could still expose a company and its stakeholders to significant legal and reputational risk in Australia.

We expect that any potential extensions to the CLACCC Bill will require consultation before any such changes are adopted, which in turn will extend the timing before any changes are adopted.

ALRC problem seven: Insufficient data relating to corporate crime

What's the ALRC's solution?

Recommendation 1

National principles and policies for the collection, maintenance, and dissemination of criminal justice data should be developed.

Our insights

In its review, the ALRC found it very difficult to obtain complete, timely, and accessible data relating to corporate defendants in the criminal justice system.

Improved collection, maintenance and dissemination of corporate criminal justice data could be of significant assistance to the Australian public and businesses, as well as regulators and policymakers, to understand the true nature and extent of corporate crime in Australia. Having access to robust data could also assist business to conduct compliance risk analyses, strengthen their compliance functions and assess counterparty risk.

What happens next?

The Attorney-General has indicated that the Government will now 'carefully consider each of the recommendations with a view to seeking opportunities for future law reform'. The Government is under no statutory requirement to formally respond to the ALRC's report; and will decide whether to implement the ALRC's recommendations, in whole or in part, according to its own timeline. Given the breadth and depth of the proposed reforms, we expect that this could take years. In the meantime, your business must continue operating in the current legislative framework.

What should companies be doing?

Australian companies should be investing in their risk and compliance functions now. Corporate compliance culture is already an area of focus for regulators, prosecutorial agencies and courts in the wake of the Financial Services Royal Commission, and many of the ALRC's recommendations will further sharpen this focus. For example, having a strong corporate compliance culture could position a company to establish a reasonable precautions defence, counter allegations of systematic conduct and be a powerful mitigating factor in any sentencing decision. While the implementation of the ALRC's proposed reforms could take years, developing and maintaining appropriate processes to assess compliance risk, and effective controls to manage and mitigate it, will set your company up well to navigate the current regulatory and enforcement landscape, as well as any reforms to come.

Status of other developments on foot

There are several other developments in corporate criminal law and enforcement on foot, and the publication of the ALRC's reports may have implications for each of these.

  • Reform of foreign bribery laws and implementation of a DPA regime: As we reported in December 2019, the CLACCC Bill currently before Parliament would reform Australia's foreign bribery laws, including by creating an offence of failing to prevent foreign bribery and implementing a DPA regime. Under the new offence, companies would face absolute liability for bribery by 'associates' (including subsidiaries) if they do not have adequate procedures in place designed to prevent bribery of foreign public officials by their associates. The ALRC is broadly supportive of the new offence and DPA regime, but, as discussed above, recommends certain revisions to the DPA regime. The ALRC's support may provide fresh impetus for these reforms, but may also delay the passage of CLACCC Bill if the Government adopts the ALRC's DPA-related recommendations.
  • Implementation of the Financial Accountability Regime and reforms to individual liability for corporate conduct: In its interim discussion paper, the ALRC proposed that, if a corporation commits a relevant offence, an officer in a position to influence relevant corporate behaviour should be civilly liable, unless the officer took steps to prevent the behaviour. In light of the Government's current proposal to adopt the Financial Accountability Regime, an extended version of the Banking Executive Accountability Regime applicable to all APRA-regulated entities, the ALRC considers it would be inappropriate to introduce another significant individual liability reform at this point in time. Instead, it recommends a detailed review of individual liability mechanisms within five years of the commencement of the Financial Accountability Regime.
  • Investigation of corporate crime: In Allens' submissions to the ALRC, we commented that we 'have recently seen a paradigm shift in ASIC's and APRA's approaches to investigation and enforcement', and that there 'is every reason to believe that similar shifts in approach to investigation and enforcement within the corporate criminal sphere would address many of the perceived challenges and difficulties with current laws'. We suggested that, 'without a parallel review of the investigation and enforcement process, it is impossible to determine whether this failure is because of a deficiency or difficulty in the laws or whether the issues arise from the approach to investigation and enforcement'. The ALRC agreed with Allens' comments, and has recommended an inquiry into criminal investigative processes.

Stay informed

Subscribe to our insights and updates