Search for:

The science of compliance: SFO releases guidance on how it will assess corporate compliance programmes

The SFO’s Operational Handbook1 has been updated with new guidance on how it will evaluate corporate compliance programmes (

While the guidance is far less prescriptive than many corporates would wish and, in many respects, repeats well-trodden ground for the SFO and adds little that is truly new, some aspects of it are of interest.

The guidance makes it clear that, in evaluating a compliance programme, prosecutors will assess the state of a compliance programme at different periods in time for different purposes:

  • the state of the compliance programme at the time of offending;
  • the current state of the compliance programme; and
  • how the compliance programme could change going forwards.

The guidance also confirms that “[a]n organisation with a poor programme at the time of wrongdoing may, nonetheless, have strengthened its programme by the time of the charging decision. This would be relevant to a charging decision under the Guidance on Corporate Prosecutions…

As such, whilst the only procedures that are relevant to the assessment of adequacy for the purpose of corporate liability under section 7 are those in place at the time of the alleged offence, the guidance helpfully outlines that the ultimate outcome of an SFO investigation will require more than this evidential snapshot. The likelihood that the SFO will charge the corporate entity or offer a DPA (and the severity of any potential sentence) will be impacted by the degree of correction of the control environment and other aspects of the compliance programme after the event and the extent to which there is still work to be done going forwards. Accordingly, corporates must ensure that, in the event a compliance incident triggers a criminal investigation, steps are taken to properly assess the root cause
of the issue, take related remedial measures, and enhance the compliance programme, as doing so may help reduce the risk of prosecution, increase the prospect of a DPA and/or reduce any sentence imposed by the court.

The guidance makes it clear that SFO investigation teams should begin to explore (and obtain evidence in respect of) a company’s compliance programme very early in any investigation. This confirms that, when under an SFO investigation (whether following a self-report or otherwise) companies should expect to be asked to provide detailed information about compliance programmes early on in an investigation.

The guidance also places heavy reliance on the “Six Principles” set out in the statutory guidance under the Bribery Act 2010 (,
referring to them as “a good general framework for assessing compliance programmes”:

  • Principle 1 – proportionate procedures
  • Principle 2 – top level commitment
  • Principle 3 – risk assessment
  • Principle 4 – due diligence
  • Principle 5 – communication (including training)
  • Principle 6 – monitoring and review

The focus on the six principles is unsurprising and serves to emphasise their importance (as statutory guidance) and the need for organisations to focus on the six principles when designing and improving their compliance programmes.

The guidance emphasises not only the importance of having a robust compliance programme in place, but also being able to evidence it. It is in this respect that the guidance is most lacking in that it does not provide any real further insight into the questions that companies should be expected to be asked by the SFO regarding the operation of their compliance programme or the methodology that the SFO
will use to test it. Tracking and evidencing the effectiveness of a compliance programme can be a challenge for most organisations, but there are tools available to assist, including Baker McKenzie’s Compliance Cockpit. The Compliance Cockpit is a holistic risk assessment and risk monitoring tool that can be used to track improvements to, and the effectiveness of, a compliance programme on a global scale. (

1 The SFO Operational Handbook is an internal-facing document which is for use by SFO investigation teams. It is of relevance to corporates because it provides an insight on the approach that the SFO will take to certain issues.


Tristan Grimmer is a partner in Baker McKenzie's London office and the UK Head of the International Trade Practice Group. He is also a member of the Compliance & Investigations and the International Trade and Competition practice groups. Tristan joined Baker McKenzie as a trainee in March 2004, qualifying in March 2006. He has advised on parallel investigations by authorities in the United States, Switzerland, Brazil and Japan, and has spent time working in Baker McKenzie's Chicago office. Tristan is named as a "Leading Individual" for EU And Competition: Trade, WTO Anti-Dumping and Customs in the UK Legal 500 2023 directory.


Joanna Ludlam is a partner in the Dispute Resolution team in Baker McKenzie's London office, where she leads the market-leading Regulatory, Public & Media law team and also co-leads the office's Compliance & Investigations Practice Group. At an international level, she co-chairs the Firm's Global Compliance & Investigations Steering Committee. In 2016, Joanna was named as one of The Lawyer’s “Hot 100” for her practice, and is recognised by Legal 500 and Chambers & Partners.



Jonathan chairs the firm's Financial Institutions Global Industry Group and is a partner in the London Dispute Resolution practice. Jonathan has deep experience in advising boards, executive teams and individuals dealing with issues of market integrity, ethics, brand and reputation impact, conduct risk, whistleblowing, market misconduct, systems and controls failings and remediation, public statements and investor relations, financial crime, fraud, regulatory investigation and enforcement, public policy, public law and civil and criminal litigation. Jonathan's substantial in-house experience delivers a highly strategic and commercial focus aimed at re-establishing confidence in the brand and individuals. Jonathan joined Baker McKenzie from Barclays Bank PLC. Spanning a decade of unique pressure in the financial sector amidst the global financial crisis, he led the global litigation, investigations and enforcement function and established the bank's financial crime legal team. Jonathan was responsible for a series of high-profile regulatory and criminal investigations in EMEA, the US and Asia Pacific regions and led a significant portfolio of wholesale and retail litigation. Supporting the bank's risk and compliance functions, he implemented and improved systems and controls in respect of money laundering, bribery and corruption, fraud and international sanctions. Jonathan worked with UK and US law enforcement and government intelligence agencies on counter-terrorism, organised crime and other domestic and international security initiatives. Jonathan is the contributing author to a number of leading legal and sector publications, including: Banks and Financial Crime: International Law of Tainted Money (Oxford University Press 2008, 2016); Global Investigations Review - The Evolution of Risk Management in Global Investigations (GIR 2016, 2017, 2018); and's annual Top 10 Operational Risks (2018-2022).


Charles Thomson is a partner and solicitor advocate in Baker McKenzie’s Dispute Resolution Practice Group in London. He co-manages the Business Crime Unit, and is part of the Financial Institutions Disputes, Contentious Trusts and Compliance and Investigations Groups. Charles joined the Firm as a trainee in 2002, and concurrently spent three months on secondment as a judicial assistant at the Royal Courts of Justice in the Civil Appeals Division. A solicitor advocate since 2007, Charles appears as an advocate in all Higher Courts in England and Wales. Chambers and Legal 500 both commend Charles for his legal practice. Charles is also listed as a Rising Star in Litigation by Legal Week.


Henry Garfield is a senior associate in Baker McKenzie's Dispute Resolution department based in London. Henry's practice focuses on fraud, asset tracing, internal investigations and business crime. He also undertakes general commercial litigation. Henry has just completed an 11 month secondment to the Serious Fraud Office, during which he was the Case Lawyer on an investigation into a £60 million fraud. The investigation involved unravelling trust and company structures in several offshore jurisdictions and has recently resulted in two individuals being charged with fraud and forgery offences.


Yindi is a partner in the Baker McKenzie Dispute Resolution team based in London, and a member of the Compliance and Investigations group. Yindi’s practice includes a broad spectrum of complex and high-value international and domestic commercial litigation for multinational clients, with specialist expertise in anti-bribery and corruption investigations, compliance and trust disputes.