Rethinking corporate derivative liability

The recent Securities and Futures (Amendment) Act 2009 [1] has sought to introduce a novel method of corporate derivative liability into the local securities regulatory regime. This paper argues that there is an inherent paradox in the legislature’s latest approach towards corporate liability. By attempting to infuse variegated corporate liability doctrines from multiple jurisdictions into the Act, there has been a concomitant lack of focus on the underlying principles and aims of corporate derivative liability for securities fraud. The argument is made that an aggregation-based approach remains highly viable – especially in Singapore’s financial regulatory regime which values robust self governance.


The extent to which corporate criminal liability can be imputed has been an increasingly difficult and common problem for courts worldwide with the burgeoning number and purposes of corporate vehicle usage. [2] The fundamental conceptual problem facing the courts and the legislature in these situations is the enunciation of a coherent connection between the traditional criminal law vis-à-vis complicated corporate structures. In other jurisdictions, there have been significant impetuses in overall adoption of corporate criminal liability constructs as a result of disasters which focused attention on the need for more robust corporation regulation. [3] 

Singapore has chosen a more measured approach in not adopting a comprehensive reform of corporate liability principles, [4] with the exception of the securities regulatory regime under the Securities and Futures Act (“SFA”), where there are significant provisions governing the attribution of liability. The central question then is whether the SFA corporate liability provisions can be effectively and consistently enforced while successfully ensuring an accurate and proportionate interplay between the corporation and its officers. This paper is divided into 5 parts. Part II briefly considers corporate liability’s history in the SFA, while Part III examines the incongruent wording of the new Section 236B. Part IV revisits the much-vilified aggregation theory as an alternative, with Part V concluding in some key observations.

The development of corporate liability in the SFA

The SFA contains a number of provisions imposing criminal liability for various securities frauds, such as insider trading or market manipulation, amongst others. [5] When the SFA was originally passed, the key provision contemplating corporate liability was Section 226. This involved the attribution of knowledge by an officer of the corporation to the company, unless it fulfilled the “Chinese walls” defence. [6] In 2009, the Government tabled an amendment Bill for the SFA, which included a proposed addition of the new Sections 236A to 236D.

The Minster expressed his concern that the current legislation was inadequate, as a company would not be liable if its employees engaged in market misconduct offences. [7] He appears to have been significantly motivated by the Government of Singapore Investment Corporation (“GIC”) saga, where 3 GIC employees were found to have engaged in insider trading. The employees eventually paid civil penalties, [8] but the Monetary Authority of Singapore (“MAS”) found that GIC itself was not liable, explaining that:

[T]he three GIC employees did not have executive capacity functions within GIC… there was not a sufficient basis for attributing liability to GIC given the specific facts... [9] 

The MAS’s appeared to reflect an inexplicable adherence to the heavily criticised narrow attribution method [10] in Tesco v Nattrass. [11] The argument has also been made that the Privy Council’s approach in Meridian Global v Securities Commission [12] should be followed. [13] In Meridian, Lord Hoffman opined that there was no fixed identification theory stipulating whose acts would be that of a corporation’s. Instead, the specific method of attributing liability would be a result of statutory interpretation and the legislative intent in each case. [14] 

Nevertheless, the Meridian decision, although laudable for its attempt to allow more flexible use of statutory interpretation, falls short in solving the perennial problem of an accurate corporate liability doctrine. In allowing the expansive application of the identification principle, it has turned corporate liability into outright vicarious liability, potentially exposing companies to undue prosecution. [15] Moreover, it cannot be gainsaid that the rule of law places due emphasis on the danger of arbitrary law-making. [16] The considerable discretion given to judges in interpreting the legislation effectively strips corporations of any certainty and predictability in their risk of being found liable. [17] 

This would not augur well on Singapore’s standing as a key financial hub – large multi-national companies would be spooked by a ‘sword of Damocles’ looming over their every action. On this note, the legislature has done well in withholding support for the Meridian approach. However, the situation remains somewhat inconsistent in the SFA’s 2009 amendments.

The muddled ‘melting pot’ of Section 236B

The crucial section involving corporate criminal liability is Section 236B. It imputes the offence of a company’s employee or officer to the corporation if it were committed:

With the consent or connivance of the corporation

For the benefit of the corporation.

Section 236B (8) further provides that the means by which “consent or connivance” of the corporation may be established include:

the corporation’s board of directors intentionally, knowingly or recklessly carried out the relevant conduct, or expressly, tacitly or impliedly authorised or permitted the contravention

a high managerial agent of the corporation intentionally, knowingly or recklessly engaged in the relevant conduct, or expressly, tacitly or impliedly authorised or permitted the contravention

a corporate culture existed within the corporation that directed or encouraged non-compliance with the relevant provision

The wording of Section 236B is mostly identical to, [18] and has been adapted from Division 12.3 of the Australian Criminal Code Act 1995 (“CCA”). [19] This comes as no surprise, given that the majority of SFA provisions have been adapted from the Australian Corporations Act 2001. [20] The CCA was the result of Australia’s desire to develop a model of corporate liability which as closely as possible mirrored individual criminal responsibility on a corporation. [21] Despite the CCA being “arguably the most sophisticated model of corporate criminal liability in the world”, [22] it is telling that only the Australian Capital Territory has continued in enacting legislation based on the provisions in the CCA. Consequently, there has been no reported judicial consideration of Division 12.3.

Conflicting modes of attribution of liability

As a result of Section 236B (8)(a) and (8)(b), liability along the lines of the old identification doctrine remains legislatively provided for. The corporation is foisted with liability where the criminal conduct has been performed by more senior officers of the company. The practical consequence then is a ‘driftnet’ approach, where a corporation can be liable in both situations where the company itself has a corporate culture of encouraging the criminal act, or where the company has instituted robust procedures but has a misbehaving senior officer.

This may be favourable to the prosecution, but it creates an inconsistency in the legislative intent behind corporate liability. Where an attempt has to be made at elucidating Parliament’s true intention in Section 236B, one finds the provision in a quagmire. Section 236B (8)(c) asserts that the company’s liability is located in its culture and practices, while (8)(a) and (8)(b) directly contradict this by providing that liability ensues even if the corporation had a robust level of compliant and law-abiding cultures. Companies will be left wondering how best to align their policies to steer clear of any mischief that the section could encompass. [23] 

The retention of the identification doctrine also brings with it the unwelcome plethora of problems that have plagued Commonwealth courts since Tesco. Section 236B (9) provides a definition of a “high managerial agent” as “an employee, agent or office of the corporation with duties of such responsibility that his conduct may fairly be assessed to represent the corporation’s policy”. This definition provides an exercise in futility for the courts in assessing who can be considered a “high managerial agent”. Is his responsibility to be assessed on how much authority he had at work in general, or is it to be taken as “management and control in relation to the act or omission in point”? [24] Professor Tjio has rightly pointed out that the new provision introduces a degree of circularity, as:

With these new provisions, we still have to identify a second officer within the corporation, perhaps on some kind of agency or “directing mind and will” basis, that consented, connived in or was negligent in the first officer’s wrongdoing. [25] 

Section 236B (8)(b) is also more than likely to introduce further ambivalence into the actual mode of liability desired. If the “high managerial agent” of the corporation is also the individual who has been convicted of the offence, the subsection effectively functions as a vicarious liability conduit. This attribution method, known as respondeat superior, is widely used in the United States. [26] However, this has been criticised as vacillating – for imputing corporate fault on a purely derivative approach while failing to secure a conviction in cases where no individual has been found liable. [27] 

In an inexplicable manoeuvre, the local draftsmen removed a provision from the Australian CCA, [28] which provides for a defence of due diligence to a “high managerial agent’s” conduct. This is a crucial exception as it “allows the corporation to show that the offence occurred because of the acts of an individual and despite effective measures being in place.” [29] Consequently, there are effectively 3 vastly different corporate liability doctrines in the new amendments – identification, vicarious liability, and corporate culture.

An imprecise nature of ‘corporate culture’

Section 236B (9) defines corporate culture as “an attitude, policy, rule, course of conduct or practice existing within the body corporate generally or in the part of the body corporate in which the relevant activities takes place”. This mode of corporate liability is predicated on the notion of organizational fault, which in contrast with the usual derivative method of liability focuses on a realist model of the corporation as a legal entity with “its own distinctive goals, its own distinctive culture, and its own distinctive personality”. [30] 

This approach views a company as not just an accumulation of individuals, [31] but consisting of:

[N]ot only individuals but also institutionalised relationships among individuals. The resulting entities involve more than the sum of the individual parts. They shape the outlook and channel the conduct of their members in ways that may not be chosen or even understood by any of the individuals concerned. [32] 

The legislature might defend the corporate culture provision on the basis that corporations can be viewed as moral agents, since substantial decisions and policy directions are dependent on the company’s hierarchical structure. Nevertheless, it is irrefutable that a company’s acts are always the result of human actions – even if there are complex and obfuscated company procedures. [33] Parliament may have been influenced by an MAS statement which predicted a change in the finance industry, where there would be increased emphasis on “creating a corporate culture that asks what is 'right', not just what is 'legal'”. [34] Jurisprudentially however, it remains inappropriate to artificially craft a distinct moral agent out of a human-based construct.

The lengthy definition does little in clarifying what will be relevant. The former Chief Justice of Australia expressed apprehension at the vagueness of corporate culture as a method of finding corporate criminal liability. [35] Although corporate culture is a novel attempt at introducing corporate liability, the ultimate complexity of proving that a certain corporate culture existed at the time of the offence may stifle prosecutions. Criminal liability requires proof beyond reasonable doubt, and this may be a difficult hurdle to surmount at trial.

Furthermore, corporate culture in the amendments has an Achilles’ heel – the requirement that an individual is first found guilty of the exact same offence. This is inherently paradoxical as the corporate culture provision in the SFA’s context is meant to catch situations in which the employee’s environment – perhaps on implied threat of dismissal or other sanctions – pressures him into engaging in securities fraud such as market rigging or manipulation to artificially inflate his company’s share price. [36] Where a particularly deviant workgroup within the company has persistently engaged in unethical activity, it may not be possible to ascertain the exact individual within the team who was responsible for each particular illegal action. The company – and the individuals responsible for the unscrupulous environment – then remain scot-free. This is clearly an unacceptable result. In this regard, the frequently rejected aggregation theory may offer a glimmer of hope.

Revisiting the aggregation theory

Corporate criminal liability, even in the SFA amendments, has been fixated on transposing complete individual liability onto the company. Without an identifiable individual, the notion of corporate liability is moot at best – this is a major weakness in the various attribution methods considered. In contrast, the aggregation theory is based on the view that a company can be at fault where liability is collectively established on the acts of several persons. [37] 

Aggregation has been frequently rejected by the Commonwealth courts for unfairly implicating and inconveniencing individuals who are not culpable in their own right [38] and for imputing blameworthiness when subjectively there has been insufficient fault – as each cumulative act amongst the various individuals does not of itself meet the level required under criminal law. [39] Simply, these objections fail to adequately consider that corporate criminal liability cannot be viewed as an extension of conventional criminal law principles due to the innate differences in concepts. Lord Hoffman has expressed support for an application of Hart’s theory – that the law in this situation is primarily achieved through enunciating the relevant rule which most effectively achieves corporate criminal liability, and it would be irrelevant to theorise about the nature of the corporation. [40] 

Australia has adopted the aggregation theory in determining liability for negligence offences – even if no one individual was negligent, it can be ascribed “if the body corporate’s conduct is negligent when viewed as a whole”. [41] In Singapore, the SFA has already incorporated a varied aggregation approach for the attribution of knowledge to a corporation. [42] Clearly, the theory is not new to the SFA. It has been said that aggregation is feasible only where the element in question, being negligence or knowledge, involves objective standards which does not need a subjective inquiry process. [43] 

This inaccurately portrays a subjective inquiry as being overly difficult. The prudent alternative here would be to reconsider how consent or connivance of the corporation is found in Section 236B. Canada’s Criminal Code amendment on criminal negligence was passed in 2003 and has had the benefit of learning from the shortcomings of Australia’s corporate culture provision. [44] The Canadian government found that:

Corporate culture is at this moment an untested basis for criminal liability. The Government is conscious of the need for clarity in the law and considers that 'corporate culture' is too vague to constitute the necessary corporate mens rea. [45] 

The original Section 22.2 of the Code deals with the actus reus and mens rea that can be found from a corporation. The actus reus is satisfied if a representative of the company – defined very broadly – or the conduct of 2 or more representatives in sum makes them a party to the offence. The company’s mens rea is fulfilled if a “senior officer” responsible for the representative’s actions “departs markedly” from the standard of care that could reasonably be expected to prevent the representative from being a party to the offence.

Although the Code deals with negligence, the fault element of Section 236B is that of consent or connivance, and it can be adapted, e.g. – if the “senior officer” had, through his actions, expressly or impliedly authorised or influenced the representative in being a party to the offence, the company then becomes liable. This solution is attractive in removing the somewhat tenuous notion of culture, while acknowledging that such “culture” issues are ultimately the product of decisions made by individuals in a company..

Companies are currently “strongly incentivized” [46] to adopt information barriers under the “Chinese walls” defence, and a similar outcome is likely under this suggested variant. Gobert and Punch have expressed support for the idea that companies bear responsibility because they failed to “put in place protective mechanisms that would have prevented harm from occurring”. [47] This retains the practical advantage of the SFA’s CCA-influenced amendments – to demonstrate in-place and effective anti-fraud systems [48] – while avoiding the earlier discussed problems associated with the CCA’s corporate culture provisions.

Furthermore, substantial motivation behind the SFA amendments appears to be a knee-jerk reaction by Parliament to the potential black-hole in the MAS-GIC saga. Corporate criminal liability is not the appropriate channel to ventilate such concerns – the danger in the GIC case primarily concerned the disgorgement of benefits. The lucid observation has been made that a separate rule should be enacted to compel corporations to disgorge ill-gotten gains – regardless of any successful corporate liability prosecution. [49] 

Nevertheless, the notion of corporate culture is not completely irrelevant – one must not throw out the baby with the bathwater. Instead of toiling with nebulous definitions of corporate culture regarding mens rea, a more general but prudent approach could consider a number of key factors in the magnitude of a corporation’s punishment. The United States has comprehensive sentencing guidelines dealing with corporate culture. [50] Factors considered include whether an effective ethics system was available, and the hierarchy of the individuals concerned who have been complicit in allowing the poor environment to fester. The Singapore courts would benefit from a similar consideration, as this promotes flexibility in considering varying levels of culpability of corporate actors.


The 2009 SFA amendments have sought to introduce a comprehensive regime change on corporate criminal liability. However, this paper has argued that the methods by which consent or connivance of the corporation can be shown remain inconsistent and somewhat ineffective in practical situations. Unless corporate culture is as “flawed and alarming” as that of the defendant company in Vita Health, [51] putting the responsibility on the prosecution to prove corporate culture as a fault element may be difficult, and fail to capture liability where no individual can be found guilty of the offence. Conversely, an aggregation method modelled after the Canadian criminal code offers certainty in the law, with companies being encouraged to ensure the relevant officers are acting properly in providing a conducive and law-abiding environment for all other employees.

Request the removal of this law essay