UK Serious Fraud Office Issues New Guidance on Corporate Self-Reporting and DPAs

Client Alert  |  April 30, 2025

The Guidance reflects a clear intent on the SFO’s part to tighten enforcement strategy, clarify procedural expectations, and encourage early and responsible engagement from corporates facing potential criminal exposure.

On 24 April 2025, the UK Serious Fraud Office (the SFO) issued new guidance (the Guidance) concerning the self-reporting of suspected offending, expectations around cooperation and the negotiation of Deferred Prosecution Agreements (DPAs).

The Guidance removes ambiguity in some key areas, introduces defined timelines for engagement and reinforces the SFO’s commitment to using DPAs as an enforcement tool where conditions are met. It also, however, leaves a number of open questions, particularly in relation to the timing of self-reports and judicial oversight.

Summary of the Guidance

1. DPAs

The Guidance now explicitly states that corporates which self-report and provide full cooperation will be invited to enter into DPA negotiations.[1] This represents a firm commitment by the SFO, removing the previous uncertainty around the benefits of early disclosure. The Guidance is a strong signal that timely transparency will be met with prosecutorial engagement.

It is important to note, however, that while the SFO may offer to negotiate a DPA, any such agreement must ultimately be approved by a judge. This judicial safeguard remains unchanged and is not explicitly addressed in the Guidance.

2. Self-Reporting: Timing

The Guidance stops short of attempting to define precise thresholds for when corporates should self-report. It states that a report is expected once “direct evidence” of offending emerges.[2] Yet the SFO offers no clarification of what constitutes such evidence. This leaves scope for continued uncertainty, particularly where preliminary findings of any internal investigation of potential misconduct may be incomplete, contested or circumstantial, such as where the availability of relevant defences has not yet been assessed. Corporates must therefore continue to exercise judgment in assessing whether internal red flags rise to a level warranting disclosure.

3. Defined Timelines for SFO Engagement

The Guidance provides clarity on the SFO’s process and timelines around self-reporting. This offers welcome predictability for corporates and reduces uncertainty at a time when corporates may also be facing complex issues and engagement with other internal and external stakeholders.[3]

  • A response will be issued by the SFO’s Intelligence Division within 48 business hours of a self-report made by the company.
  • A decision on whether to open an investigation will follow within six months.
  • DPA negotiations, if appropriate, should conclude within six months of the formal invitation to negotiate.

4. Cooperation: Expectations and Exemplary Conduct

The SFO emphasises that having self-reported and being cooperative are not one and the same.[4] The Guidance provides some non-exhaustive examples of cooperative conduct covering these areas:[5]

  • Preservation of evidence: Promptly and proactively preserving all digital and hard copy materials that may be relevant to the investigation.
  • Document identification and disclosure: Identifying and providing relevant documentation, including details of document custodians, material locations, overseas documents within the organisation’s control, potentially relevant third-party materials, and translations of foreign language documents.
  • Factual presentation: Setting out the facts concerning the suspected criminal conduct, including identification of all individuals involved, both internal and external to the organisation.
  • Internal investigation protocols: Where an internal investigation is undertaken, engaging with the SFO at an early stage regarding its scope, notifying the SFO in advance of any proposed steps (particularly interviews), providing regular updates and findings, and disclosing non-privileged interview records.
  • Transparency: Refraining from interviewing employees where requested, and promptly notifying the SFO of any interest or involvement from other regulatory bodies, law enforcement agencies or prosecuting authorities.

The Guidance addresses the issue of legally privileged material, which has been the subject of previous litigation. It states that corporates are not required, as a pre-condition of being considered to be cooperative, to waive legal professional privilege over material. However, it also states that doing so will be a significant cooperative act and weigh strongly in favour of being considered cooperative.[6] The issue of waiver of privilege is fraught with legal risk, and is one to be considered in the context of the implications of such waiver in all relevant jurisdictions where the company may face disputes.

Crucially, the SFO preserves the route to a DPA even where no self-report is made, provided the company subsequently engages in “exemplary cooperation”.[7] This is a high threshold, effectively requiring that the organisation involve the SFO in the internal investigation process from a very early stage and that the organisation fulfil at least all the cooperation steps set out in the Guidance.[8] This may provide a valuable (albeit potentially narrow) second chance for organisations that may have delayed disclosure to achieve a non-prosecution outcome, provided their subsequent conduct meets the requisite standard once the SFO is engaged.

5. Uncooperative Conduct

By contrast, the Guidance also helpfully clarifies what the SFO considers uncooperative conduct. This includes:[9]

  • Forum shopping: Unreasonably reporting offending to another jurisdiction for strategic reasons.
  • Exploiting legal disparities: Using differences between international law enforcement agencies or legal systems.
  • Lack of Transparency: Concealing individual involvement or the full extent of misconduct.
  • Delay tactics: Tactically delaying providing information or material.
  • Obstructive disclosure: Submitting excessive or unnecessarily voluminous material to hamper the SFO’s investigation.

The SFO emphasises that the nature and extent of the organisation’s cooperation is one of many factors which it will take into consideration when determining an appropriate resolution alongside those detailed in the Code for Crown Prosecutors, the Corporate Prosecutions Guidance and the DPA Code.[10]

Some Observations

1. Alignment with Legislative Developments

The Guidance is timely given the imminent introduction of the failure to prevent fraud offence under the Economic Crime and Corporate Transparency Act 2023 (discussed in more detail in our client alert of November 2024). This new offence seeks to make companies criminally liable where a specified fraud offence is committed by a person associated with the company (such as an employee or agent) with the intention of benefitting, for example, the company or its clients. The Guidance appears to reinforce the SFO’s public message that enforcement of this new offence is imminent.

2. Clarity and Certainty

For in-house counsel and compliance professionals, some of the most valuable aspects of the Guidance are its clarity on cooperation and the incentives for early engagement. The defined timelines will help organisations manage expectations and resources more effectively, notwithstanding some measure of lack of definition around “direct evidence”.

3. Global Enforcement Outlook

The publication of the Guidance is particularly noteworthy in the light of recent developments in the US. In February 2025, President Trump signed an executive order suspending enforcement of the Foreign Corrupt Practices Act for 180 days, citing the need to reduce compliance burdens on American businesses. As discussed in our client alert of February 2025, this move represents a shift from the long-held view that international anti-corruption efforts benefit US businesses by creating a level playing field and strengthening the rule of law.

Against this backdrop, the UK appears to be reaffirming its commitment to corporate accountability, particularly in the light of the new International Anti-Corruption Taskforce established by the UK, France and Switzerland in March 2025, which signals a heightened focus on coordinated cross-border enforcement. The SFO’s structured approach may seek to drive more self-reports from corporates that operate across jurisdictions.

A new openness at the SFO?

The Guidance provides welcome clarity on the circumstances in which a corporate may be invited to negotiate a DPA and outlines concrete expectations for cooperation. It removes some ambiguity and reinforces the message that the SFO wants corporates to act early and transparently when faced with suspected offending.

At a recent GIR Live event, SFO Director Nick Ephgrave reinforced this message, emphasising that companies should feel able to rely on the assurances offered in the Guidance: “No ifs, no buts, no maybes, it’s as good a guarantee as you can get; if you come and work with us, we will work with you.” In a more colourful aside, he likened his approach to Margaret Thatcher’s relationship with the leader of the former Soviet Union, adding: “That’s how I like to do business … I’d like you to look at me as the Mikhail Gorbachev of the SFO.” While the Guidance may be more in the nature of glasnost than any major perestroika, it is encouraging that the Director of the SFO is describing himself explicitly and publicly as “a man [companies] can do business with”.[11]

[1] Paragraph 2 of the Guidance.

[2] Paragraph 7 of the Guidance.

[3] Paragraphs 15-17 of the Guidance.

[4] Paragraph 19 of the Guidance.

[5] Paragraph 22 of the Guidance.

[6] Paragraphs 20 and 22 of the Guidance.

[7] Paragraph 19 of the Guidance.

[8] At paragraph 22 of the Guidance, the SFO states: “Corporates which take all these steps are likely to be assessed as providing exemplary co-operation.”

[9] Paragraph 23 of the Guidance.

[10] Paragraph 24 of the Guidance.

[11] See https://globalinvestigationsreview.com/article/look-me-the-mikhail-gorbachev-of-the-sfo-nick-ephgrave.

The following Gibson Dunn lawyers prepared this update: Allan Neil, Patrick Doris, Marija Bračković, and Victor Tong.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. If you wish to discuss any of the matters set out above, please contact the Gibson Dunn lawyer with whom you usually work, any leader or member of Gibson Dunn’s White Collar Defense and Investigations practice group, or the authors:

Allan Neil – London (+44 20 7071 4296, [email protected])
Patrick Doris – London (+44 20 7071 4276, [email protected])
Marija Bračković – London (+44 20 7071 4143 [email protected])
Victor Tong – London (+44 20 7071 4054, [email protected])

© 2025 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.