In January, Global Investigations Review published “The Practitioner’s Guide to Global Investigations.” The impetus was to help lawyers deal with the tricky issues associated with cross-border investigations – particularly those involving the United States and the United Kingdom. Spanning more than 700 pages, the Guide is edited by Christopher J. Morvillo, a partner in the New York office of Clifford Chance; Judith Seddon and Luke Tolaini, partners in Clifford Chance London; and barristers Michael Bowes Q.C. of Outer Temple Chambers and Eleanor Davison of Fountain Court Chambers. We had a chance to sit down with Morvillo to discuss the background and focus of the Guide, which he described as “a real team effort, between the publishers, the five editors and a number of outstanding associates." MCC talked to him as a second edition was nearing completion. The interview has been edited for length and style.
How and when did the idea for this book originate?
Christopher Morvillo: The concept of the Guide evolved over time and really took root during the summer of 2015. Given the rise in global investigations over the past decade, the editors and publisher perceived that a book addressing global investigations was missing from the literature in this practice area. Volumes have been written on internal and regulatory investigations and criminal white-collar work on both sides of the Atlantic. But there was nothing that really approached the issue from an international perspective or that highlighted the unique problems that arise when multiple regulators are investigating the same set of facts.
What was your involvement?
Morvillo: I primarily handled editorial responsibilities of the U.S.-focused chapters, but also was deeply involved with my co-editors and the publisher in sketching out the broad outlines of the table of contents and chapters. Once the general content was agreed, we then developed very rough outlines for each chapter and found authors on both sides of the Atlantic for each one. As the completed chapters rolled in from the authors we reviewed, edited and worked with the authors to polish and integrate the chapters into the style and scope of the book and to reduce any redundancy across overlapping chapters. The editors also together authored one chapter on corporate criminal liability, and I also co-authored a chapter with Richard Lissack, Q.C., a barrister in the UK, on corporate monitorships. There was a lot of proofreading, and we worked closely with a terrific and very engaged team from the publishing company. As editors, we were all involved in every aspect of the process, from creating the outlines to liaising with the authors to getting the final proofs edited and, ultimately, coordinating the launch. We're now working on the second edition and hoping to publish in the fall.
The focus of the book is cross-border investigations?
Morvillo: Yes. Responding simultaneously to an investigator from the Serious Fraud Office (SFO) or the Financial Conduct Authority in England, and from the Department of Justice (DOJ) or the Securities and Exchange Commission (SEC) in the United States, requires you to understand the legal and procedural and practical differences and similarities between the jurisdictions. I've seen circumstances in my practice where an attorney does something that follows the traditional path in the United States, in terms of responding to an investigation, but winds up creating an issue in another jurisdiction. And vice versa. Small but meaningful conflicts in the law relating to employees’ rights or privilege or data protection, to name a few,exist across jurisdictions. And the local practice is distinct enough that you need to understand the law and potential exposure in both jurisdictions to be able to come up with a creative solution that applies to the unique situation you are facing.
So we saw the need for a book that covered this topic from a practitioner’s perspective. To give you an example, if I'm handling an investigation launched by the SFO and the DOJ at the same time into the same conduct, I'm likely going to read the relevant chapters written by my UK counterparts on the UK process so I understand the applicable laws and what the regulators expect. I know the U.S. piece, so I don't really need that part as much (though, admittedly, I have consulted it from time to time). What's really helpful to me, though, is seeing the UK side. And having it all under one roof, to be able to consider the issues side by side,is really the key. And I think the same is true for UK lawyers trying to navigate the often murky waters of US practice and procedure.
What about turf battles between regulators and law enforcement on both sides of the Atlantic? Isn't that a big problem?
Morvillo: When that happens, it is newsworthy, and there is certainly a lot of attention paid to it. But the reality is that regulators on both sides of the Atlantic cooperate far more than not. In the corporate context, because companies cannot go to jail, they often choose to resolve such matters by paying a fine – whether it's through some sort of plea agreement or deferred prosecution agreement or a nonprosecution agreement. In these instances, multiple regulators can split the resources and the penalty or defer entirely to the sister jurisdiction. On the other hand, when you're trying to put an individual in jail, such as an employee or exeuctive who has engaged in conduct on both sides of the Atlantic or whose conduct has caused effects in multiple jurisdictions, one regulator will have to take primacy. That's typically where you see the public turf battles. But when it comes to purely corporate investigations, you see a lot more cooperation than antagonism.
When you began working on the book, Brexit wasn't even a word. Now it's a reality in progress. Does this change the book? Does it still apply to the EU, or is it now a book about the U.S. and a country that is on its way to leaving?
Morvillo: It's a very interesting question. We don't know the extent to which Brexit will affect the practice of representing corporations and individuals in global investigations. The criminal laws themselves will not be much affected, I imagine, but different data privacy regimes may start to have more of an impact, and regulators in non-UK jurisdictions may become more prominent in the wake of Brexit as they seek to establish primacy. This is already happening in France and Germany, though the reasons are not Brexit-related, but rather just part of the evolution of their thinking about enforcement and corporate criminal liability. So I don't foresee Brexit having a major influence on global investigations, but it's still too early to know exactly how hard or soft the UK's exit from the European Union will be, and what ramifications it will have for practitioners in this area.
The Yates Memo has made the subject of cooperation increasingly important in the eyes of lawyers involved in internal investigations in the U.S. It pressures companies to report as much information as they can about the involvement of individuals. Is there any corresponding movement on the other side of the Atlantic? And how does that figure into your book?
Morvillo: Cooperation plays a big role in global investigations (as well as domestic investigations), so it’s critically important for counsel to understand the regimes on both sides of the Atlantic. The Yates Memo, as you know, is a relatively new policy from the DOJ, though it's essentially a restatement of what the department's actual expectations have been all along. It links obtaining cooperation credit with providing the government with all relevant information relating to the involvement of individual employees in the conduct under investigation.
To put it in context, cooperation is not for the faint of heart, whether you're an individual or a corporation. The government is entitled to expect full and unfettered cooperation in exchange for a discount, whether that discount manifests itself in terms of fines, actual prosecution or jail time. With the Yates Memo, the DOJ is really just setting the record straight as to what it takes to get that cooperation credit. I think it has long been the case that, where corporations are attempting to cooperate and obtain cooperation credit from the DOJ, evidence that implicates employees, including senior executives, uncovered during the course the company's internal investigation needs to be disclosed to the DOJ, regardless of the Yates Memo. Lawyers and corporations engaged in a cooperation dance with the DOJ who selectively disclose inculpatory information could be accused of misleading the government. That said, the Yates Memo may change how you conduct an investigation and whether you even want to try to get cooperation credit in the first place, given your understanding of the DOJ's priorities. But it's not a game-changer at the end of the day. Individuals are already expected to cooperate fully, and there's no reason why that shouldn't apply to corporations as well.
There is no corresponding Yates Memo in the United Kingdom. But there is a relatively new statutory regime in England for deferred prosecution agreements, which sets forth the requirements to be met before qualifying for a DPA. Built into that legislation is the requirement of "full cooperation," though just what that means in actual practice remains an open question. What is expected in the UK – and this is different from the U.S. – is an expectation among UK regulators that a company will not invoke privilege if it expects to see the full benefits of cooperation and, ultimately, obtain a DPA. Still, I don't think UK regulators are looking to eviscerate privilege, but they do want to ensure that corporations don't stand behind privilege as a basis to withhold relevant and responsive information that is required to get to the bottom of an investigation.
Privilege in Europe has been a subject of great interest to general counsel on this side of the Atlantic, because the understanding of attorney-client privilege as it relates to in-house lawyers in Europe is very different than the understanding and expectations of general counsel here.
Morvillo: Privilege is covered in the book quite extensively. It's an area fraught with peril, depending on which jurisdictions are involved in a cross-border investigation. Many countries have unique privilege laws, some of which, for example, don't apply to in-house lawyers, who are perceived to be operating in a business capacity. At the other end of the spectrum, the United States has very vigorous privilege laws. In fact, DOJ policy expressly precludes prosecutors from asking a corporation to waive the attorney-client privilege in order to obtain cooperation credit.
In the United Kingdom, there have been two recent decisions of great significance, and frankly concern, to corporations and outside counsel. The decisions – the Royal Bank of Scotland (RBS) decision and the Eurasian Natural Resources Corp. (ENRC) decision on litigation – relate, respectively, to what is covered both by the legal advice privilege, which corresponds to the U.S. attorney-client privilege, and the litigation privilege, which is the analogue to the U.S. work-product doctrine. The decisions are not completely contiguous in terms of what they cover, but they have together significantly restricted the breadth of the application of both privileges in ways that raise very serious concerns for lawyers on both sides of the Atlantic, and particularly those handling global investigations.
As a result, now under UK law, memoranda of interviews of employees by corporate counsel , which traditionally have been viewed as privileged, may no longer be privileged in the UK because the definition of who is the client has been significantly narrowed by the RBS decision. Likewise, the ENRC decision on litigation privilege can be interpreted to mean that interviews conducted of employees or witnesses in connection with an internal or government investigation are not within the scope of that privilege because litigation can only be "readily contemplated" with a regulator if the client is, in fact, guilty. Thus, fact gathering to defend or respond to an investigation is arguably no longer protected. These decisions create a huge difference between U.S. and UK privilege laws. In situations where regulators on both sides of the Atlantic are investigating the same conduct, the usual approach to witness interviews and fact-gathering is, frankly, under siege, with no clear answers as to how to protect yourself in the United Kingdom. Also in the wake of these decisions, the SFO has reportedly started asking corporations to provide information that everyone previously thought was well within the zone of privilege. It's a tumultuous time, to say the least. We will be covering this topic in the context of these new decisions in the next edition of our book. Stay tuned.
Another big issue, of course, is privacy. There are so many differences between the jurisdictions, and then you've got the General Data Protection Regulation, which is about to roll out. Did that figure largely in your book?
Morvillo: Yes. Data protection is covered in multiple regards. Anytime you turn information over to a regulator – whether it's in the United States, the United Kingdom, France or Germany – a different set of regimes, laws and ordinances will apply. While the U.S. data protection regime is not especially vigorous, there are significant statutory schemes in the United Kingdom and other countries, including in particular France, which has both a blocking statute and a data privacy statute. I've handled multiple cases in which the DOJ's expectations as to production have directly conflicted with the data privacy regulations in other countries. In these situations, data located in another country that is very relevant to a proceeding in the United States may be beyond the reach of both the DOJ and the defense – for example, because of the way the blocking statutes and the data privacy laws interact in that particular country.
Typically there's an exception in the data privacy rules for requests from law enforcement. For instance, if there is a subpoena in connection with a U.S. investigation for information from a UK company, which must comply with its own data privacy laws, the solution is to get the local regulator to obtain that information via formal political channels. This would free up the company to provide the information without running afoul of the UK regulations. That's the process in most countries. But the DOJ doesn't always want to go through the local regulator, because it can be very time-consuming and inefficient. This puts counsel representing companies and executives in a bit of a bind, trying to comply with data privacy and blocking statutes which seek to protect the privacy rights of the employees and third parties in those countries while making every effort to satisfy the DOJ and be cooperative.
Finally, let's talk about the second edition. When is it coming out, and what are you doing to update?
Morvillo: We're hoping to launch in the fall. The last version was released this past winter, but for a variety of reasons we'd like to move up the annual timetable to September or October. We are in the throes of editing updates to the chapters, which is a less time-intensive project than getting the original chapters written. We are focusing on, among other things, new case law, policies and statistics. For some chapters, this process will involve tweaking around the edges, whereas for others, like the UK privilege chapter, significant decisions (as we have already discussed) will need to be incorporated. The second edition will also include an index, which is a huge step forward and a very welcome development. Given the inevitable overlap between some of the chapters and the need to cross-reference throughout the book, having an index is going to be an invaluable addition. There is also a second part of the book that surveys the relevant laws and practice across 10 different countries. We will be adding several additional jurisdictions to Part II of the book as well.
Published July 13, 2017.