ALRC recommends broad changes to Australia's corporate criminal responsibility regime

These recommendations seek to address the over-proliferation of low-level criminal offences under the federal regime, many of which do not reflect any rational or principled concept of criminality and are complex and duplicative.

The ALRC's view is that:

• criminal liability should be reserved for only serious misconduct that deserves to be labelled as criminal; and
• the vast majority of corporate conduct is more appropriately regulated by civil regulatory provisions, which should be the default model of regulation.

In a move away from the position in its earlier discussion paper, the ALRC has not recommended ending dual-track regulation (that is, where the same conduct is prohibited by an identical or near-identical civil and criminal prohibition). Instead, where such regulation exists, the ALRC has recommended that the criminal offence be distinguished from the relevant civil penalty provisions by a requirement to prove an additional fault element.

In light of the very large number of Commonwealth corporate criminal offences (more than 3,200) it is likely to take some time to 'clean up' the statute book. However having a clear set of guidelines in place is likely to assist in the meantime for new or amended criminal offences.

In the short term the ALRC's view that only serious conduct be criminalised may also provide a signal to regulators to focus their attention on morally blameworthy conduct, rather than more minor or technical offences that could not be said to involve any true criminality.

These recommendations seek to address the key issue of when, and how, a company should be held liable for the criminal acts of its employees (ie the attribution of criminal liability to the company).

The ALRC found inconsistent and outdated methods for attributing criminal liability to corporations under the federal regime, with little principled discussion as to why certain methods were used over others.

Under the ALRC's recommendations, a single legislative attribution method would be adopted whereby:

• a company is held liable for the conduct of its officers, employees and agents acting within the scope of their authority (as well as those acting at the direction, or with the agreement or consent, of those persons); and
• with respect to the fault element, the ALRC has proposed two alternative options for the Government to consider:
  • Option 1 involves modifying the fault element in the current Criminal Code and replacing the requirement to prove fault on the part of a 'high managerial agent' with any officer, employee or agent acting within the actual or apparent scope of their authority. Consistently with the current Code, a company could still be liable if its corporate culture directed, encouraged, tolerated or led to non-compliance.
  • Option 2 involves utilising a 'TPA model' approach, which attributes to a corporation the states of mind of officers, employees or agents who were engaged in the relevant conduct (or who directed, agreed or consented to the conduct) and were acting within the scope of their authority. The 'corporate culture' limbs of attribution in the Criminal Code would be dropped.

In the ALRC's view, the recommended attribution model above would achieve a better reflection of corporate blameworthiness by removing some of the unjust and unfair impacts of attribution under the current law, particularly with respect to the 'high managerial agent' concept, including that:

• the concept has tended to focus the inquiry on 'who' the actor is, which the ALRC points out disproportionately impacts smaller businesses and is no longer suited to modern business, where lines of responsibility and decision-making are often diffused within an organisation as a matter of fact; and
• the genesis or cause of the misconduct could be the same regardless of seniority levels (ie the misconduct could be symptomatic of a broader compliance or corporate culture issue). The recommended attribution model seeks to move the inquiry to 'how' the misconduct was able to occur and whether a company instituted sufficient measures to guard against the specific risks of misconduct for its business (see further below on the reasonable precautions defence).

In proposing the above, the ALRC has stepped back from its initial position in its discussion paper to make companies liable for the actions of 'associates' (an even broader group of persons acting on behalf of the corporation).

Reasonable precautions defence - To soften the proposed attribution model above, which many may see as lowering the bar on criminal attribution, the ALRC is proposing there be a 'reasonable precautions' defence available to companies. The defence would operate as a full defence to liability if the company can establish, on the balance of probabilities, that it had in place objectively reasonable policies and procedures to prevent criminal activities. This defence had widespread support in submissions and provides real and tangible incentives for companies to invest in risk and compliance systems, controls and training. The defence again highlights the importance being placed on corporate culture. The ALRC has recommended the defence be supplemented with guidance. In the interim companies may wish to consider, by way of best practice guidance, the six principles of ‘reasonable measures’ from the UK Bribery Act 2010 and the draft Australian guidance on adequate procedures to prevent the commission of foreign bribery.

A consistent approach to corporate attribution would provide welcome clarity to business and regulators in driving the approach to risk management, compliance and regulation, notwithstanding that there may still be some circumstances in which a unique method of attribution is required. The proposed options are something of a mid-point between the corporate attribution regimes currently in play. For example, they will significantly expand the scope of people whose conduct and state of mind can be attributed to a company under the Criminal Code, for example in relation to foreign bribery or false accounting. On the other hand, the introduction of a 'reasonable precautions' defence would reduce the harshness of the attribution model used in Chapter 7 of the Corporations Act 2001 (Cth) (s769B).  

The ALRC found that current laws were not well-equipped to deal with persistent or repeat offenders of civil regulatory provisions.

To address this, the ALRC has recommended a novel offence be introduced that would criminalise repeated contraventions of certain prescribed civil penalty provisions. In its Report, the ALRC suggests that key features of such an offence include:

• use of a 'system of conduct' or pattern of behaviour concept that would result in two or more contraventions of the same or similar civil penalty provisions; and
• the requirement to prove intention or recklessness with respect to the repeat contraventions.

As noted above, the ALRC contemplates that the proposed offence would not apply to all civil penalty provisions, but rather would be adopted in appropriate regulatory contexts only. These would likely include heavily regulated industries like the financial services industry—and indeed, the ALRC provides an example of how the offence might apply in the consumer financial protection space.

In general, this recommendation also underlines that policymakers, regulators and prosecutors are increasingly using the law to strengthen corporate compliance cultures, and reinforces the need for corporations to invest in robust compliance programs.

Sentencing

The ALRC recommends that the Crimes Act 1914 (Cth) be amended to require courts to consider a range of corporate sentencing factors, including whether a corporation self-reported unlawful conduct, has taken steps to reform itself, and to empower courts to order independent pre-sentencing reports on the circumstances of a corporate defendant, including its compliance culture.

These recommendations reemphasise the policy need to provide concrete incentives for businesses to thoroughly investigate misconduct, cooperate with regulators and address the root causes of misconduct at their own initiative. This is particularly important in setting 'norms' for how companies are expected to respond to corporate misconduct when identified, and to ensure that 'good' corporate citizens are not treated in the same way as those who choose not to proactively respond to and address misconduct.

Penalties

The ALRC's review found limitations on courts' abilities to impose meaningful penalties on corporations. In particular, the ALRC observed that fines were typically the only available sentencing remedy for convicted corporations, and that these are inadequate because they are often levied years after the misconduct occurred and are more likely to be borne by third parties removed from the actual misconduct, such as employees, shareholders and other innocent stakeholders. In addition, it found that fines might give the impression that offences are a 'purchasable commodity'.

In its Report, the ALRC proposes significant new non-monetary corporate penalties that would allow courts to impose bespoke and targeted penalties on corporations to address the particular misconduct, including:

• publicity orders, requiring a corporation to publicise information about its unlawful conduct;
• community service orders, requiring a corporation to undertake activities for the benefit of the community;
• probation orders, requiring a corporation to take corrective actions like investigating misconduct or implementing organisational reforms;
• disqualification orders, restraining a corporation from conducting certain commercial activities or trading in a geographic area for a period, or suspending its licences or freezing its profits; and
• dissolution orders, dissolving a corporation in the most extreme circumstances – the 'corporate equivalent of a death sentence'.

The ALRC acknowledges that probation and disqualification orders could significantly intrude upon corporations' internal affairs and proposes that the courts develop practice notes setting out when these penalties are appropriate and what conditions should attach to them.

Debarment

The ALRC recommends that the federal, state and territory governments develop a regime providing for the exclusion of convicted corporations from government contracts. Internationally, such regimes are increasingly common, however, careful thought will need to be given to how this will apply in practice so as to not foreclose the possibility of a company successfully rehabilitating from serious corporate wrongdoing.

As we reported in December 2019, a bill is currently before the Federal Parliament that would establish a DPA regime (CLACCC Bill). The ALRC is broadly supportive of the regime, but recommends a revision to it whereby the rationale and approval of a DPA be subject to judicial oversight through a sitting judge, rather than a retired judge (as is currently contemplated by the bill). This support from the ALRC may provide fresh impetus to the implementation of the DPA regime, but potentially delays the passage of the bill if the Government adopts the ALRC's recommendation.

The ALRC recommends that the Government consider extending the proposed 'failure to prevent' offence under CLACCC Bill to crimes such as tax evasion, modern slavery, terrorism financing and other human rights offences. A defence of reasonable measures would be available. The ALRC considers that this would incentivise corporations to proactively manage risk, while still protecting them from 'rogue actors'. In making this recommendation, the ALRC is seeking to reduce the accountability gap between conduct perpetuated by a company domestically versus in overseas jurisdictions, where laws and systems are potentially less robust but could still expose a company and its stakeholders to significant legal and reputational risk in Australia.

We expect that any potential extensions to the CLACCC Bill will require consultation before any such changes are adopted, which in turn will extend the timing before any changes are adopted.

In its review, the ALRC found it very difficult to obtain complete, timely, and accessible data relating to corporate defendants in the criminal justice system.

Improved collection, maintenance and dissemination of corporate criminal justice data could be of significant assistance to the Australian public and businesses, as well as regulators and policymakers, to understand the true nature and extent of corporate crime in Australia. Having access to robust data could also assist business to conduct compliance risk analyses, strengthen their compliance functions and assess counterparty risk.