Tainted ties: the structure and dynamics of corruption networks extracted from deferred prosecution agreements

Corruption, bribery, and white-collar crime are inherently relational phenomena as actors involved in them exchange information, resources, and favours. These exchanges give rise to a network in which the actors are embedded. While this has been often emphasized in the literature, there is a lack of studies actually empirically examining the structural properties of corruption networks. We aim to fill this gap with this exploratory study analysing the networks of corporate and public sector bribery. We theoretically ground the network analysis in two compatible criminological frameworks: routine activity theory and analytical criminology. We extract information about relations and interactions among involved actors in three cases from Statements of Facts from Deferred Prosecution Agreements obtained from United Kingdom’s Serious Fraud Office. Our findings indicate that the bribery networks resemble core-periphery structure networks with ties predominantly concentrated between a few very central actors (core), who ad hoc engage with actors from the periphery. Moreover, we also see a strong tendency of actors to repeat interactions within certain dyads. In terms of temporal dynamics, we observe periods of relative inaction alternating with periods of frequent and repeated contacts triggered by the presence of contracts susceptible to corruption. We discuss these findings in terms of their policy implications for designing evidence-based intervention and prevention measures.

Orthodox conceptions of ‘corruption’, as advocated within various institutions and organizations (e.g., UN, World Bank, or Transparency International), usually inhere an abuse of public office or entrusted power for private gain (cf. Heath et al., [26]). These conceptions incorporate qualitatively diverse activities, states of being, conditions and relations, such as bribery and embezzlement together with nepotism and patronage (Campbell and Lord, [10]: 1–2). Furthermore, policy constructions of corruption often do not explicitly foreground the inherently relational or interactional aspects of varied forms of corruption; yet we know these behaviours are built upon human relations and interactions. For instance, in the case of bribery, one or more persons conspire to induce another person for private or organisational advantage; in the case of kickback, a person shares a percentage of a manipulated contract with their collaborator; or, in the case of nepotism, a person in power shares the power with those who are related to them. These relational dynamics have been recognised in the social scientific literature; Deflem, for instance, defines corruption as a ‘colonisation of social relations in which two or more actors undertake an exchange relation by way of a successful transfer of the steering media of money or power, thereby sidestepping the legally prescribed procedure to regulate the relation’ (1995: 243). Similarly, Doig ([17]: 11) argues ‘corruption relates to the abuse or misuse of a “normal” relationship, whether genuine or contrived, by either or both parties’. Recognising the necessity of social relations and human interactions alongside normative perceptions of misuse and abuse, ought to be central to how we make sense of the emergence and functioning of particular manifestations of corruption, and how they are organised over time.

With this in mind, this article analyses the relational aspects of corporate bribery in international commerce, that is, the ways in which key actors implicated in so-called ‘grand corruption’ cases interact. We focus here on corporate bribery specifically, recognising the need for a clear analytical framework. Bribery consists of an inherently illicit transaction (e.g., a specific event or series of events) or relationship (i.e., an on-going state) between at least two willing or consenting actors. In the context of corporate bribery, this usually relates to a business, or an agent/actor representing the business, giving an inducement to, or being solicited to induce from, a public official. The interactions and relations among actors involved in corporate bribery give rise to a network. The structure of this network comprises of positions of individual actors therein and provides channels through which information or resources may flow. Within such a network, actors communicate and collaborate on the organisation of corrupt activities, allowing to coordinate and reach their goals as well as to protect themselves from unwanted scrutiny (cf. Diviák et al., [15], Kertész and Wachs, [28], Lauchs et al., [33], Wachs et al., [55]). Therefore, being able to map and analyse bribery networks is crucial for understanding corruption. Moreover, empirical analysis of corruption networks may be informative for efficient evidence-based strategies in combatting corruption (Kertész and Wachs, [28]). Empirical analysis of corruption networks thus provides a perspective that is unobtainable by more traditional corruption indices or perception-based measures (Luna-Pla and Nicolás-Carlock, [35], Wachs et al., [55]).

Social network analysis (SNA; further see e.g., Borgatti et al., [7], Robins, [45], Scott and Carrington, [46]) is a framework specifically developed for the analysis of networks composed from interactions and relations among a set of actors. In this study, we use SNA to analyse several cases of corporate bribery. To this end, we leverage Statements of Facts from Deferred Prosecution Agreements (DPA) issued by United Kingdom’s Serious Fraud Office^{Footnote 1} to extract relational information about which actors participated in these cases, with whom they did so, and in what time frame. Deferred Prosecution Agreements (DPAs) provide a tool for prosecutors to negotiate a formal, but voluntary, agreement with corporations to bring a conclusion to the corrupt behaviours they have allegedly been implicated in. DPAs achieve this by deferring the prosecution for a certain time period providing particular terms are met e.g. financial penalties, company reform and monitoring, cooperation with individual prosecutions. DPAs are accompanied by the publication of Statements of Facts (SoF), that provide detailed insight into the bribery that has taken place. Using a systematic approach to extracting network information from three Statements of Facts, we constructed network representations of three corruption cases (\(n_{1} = 5\); \(n_{2} = 27\); \(n_{3} = 18\)) containing information about actors’ attributes, and strength and temporal dynamic of their ties. Our study is the first to extract valued and time-stamped network data from Statements of Facts.

This study presents an initial exploratory probe into the structure and dynamics of corruption networks based on the data extracted from DPAs. We thus contribute to the study of bribery and corruption by exploring the benefits as well as limitations of this data source. In substantive terms, we also evidence three core contributions to the literature on transnational corporate corruption: first, that such corruption networks consist of strong core-periphery networks; second, that there is a high level of repeated interactions between core players in these networks; and three, that such networks have periods of (de-)escalation over time as actors mobilise around opportunities.

Bribery, corruption and white-collar crimes can be seen as socially embedded phenomena (van de Bunt et al., [52]). Specifically, bribery, corruption and white-collar crimes are embedded within legitimate organisational settings (Pinto et al., [41]) and occupational positions (Sutherland, [50]), social relations (Diviák et al., [15]), concealed behind otherwise legitimate business practices (Benson and Simpson, [2]), and reflect patterns of opportunities generated through broader social and economic structures and contexts, and realised by (collaborating) actors with the required skills, knowledge and capacities for doing so (Lord and Levi, [34]). Within this framework, we can see that key to understanding bribery, corruption and white-collar crimes is analysis of the interacting ‘offenders’, victims and guardians in specific contexts, as informed by theories of routine activities, and that these interactions entail organisational structure (e.g., roles, social ties of particular actors) and the need for coordination similarly to other forms of serious and ‘organised crimes’ (von Lampe, [53]), both of which are inherently relational (Campana, [8]). Relations and interactions (i.e., network dynamics) are therefore crucial elements in understanding bribery and corruption. The emphasis on relations and interactions is synergistic with two theoretical strands in criminology, namely routine activities theory and analytical criminology.

Routine activities theory (RAT; Cohen and Felson, [11]), though perhaps better described as a perspective, was originally developed to inform our understanding of predatory crimes such as theft, robbery, or assault. However, more recent developments in RAT have also seen its application to the study of organised and white-collar crime (cf. Felson, [19, 20]). The main proposition of RAT is that crime needs a convergence of a (motivated) offender, a suitable target, and a lack of capable guardian (Cohen and Felson, [11]). In the context of corruption, the offenders are the actors involved in bribery and contract manipulation, the suitable targets are the contracts and deals, and the capable guardian that is lacking may be any combination of transparency to the public, police monitoring, or whistleblowers. The RAT thus focuses not on individual offenders and their profiles but rather on the criminal acts themselves – their structure, conditions, and dynamics by aiming to explain how exactly a crime is committed, by whom, when, and where (Felson and Clarke, [21]). Moreover, RAT proposes that organised or white-collar crimes are not overly hierarchical or sophisticatedly organised, but that the structure is built from patterns of co-offending interactions, which need to be analysed in each case (Felson, [20]; see also Benson et al., [3]). This is in line with the application of SNA in criminal networks, because it is based on the proposition that the structure of crime should not be merely assumed, but rather empirically analysed (cf. Morselli, [38]). From the RAT perspective, drawing upon social ties or forming ties of cooperation between offenders are among the key elements of crime that enables them increase their illicit profits, while assuring secrecy and trust (Felson and Clarke, [21], Kleemans et al., [32]). Bichler and Malm, [4] suggest that the application of SNA is a key extension of RAT given that it is an approach tailored to dealing with interdependence among offenders themselves as well as among offenders, targets, and guardians.

Another theoretical perspective that emphasizes the importance of social relations and interactions among offenders is analytical sociology/criminology, which is a research programme that aims to explain how macro-level phenomena emerge from micro-level mechanisms (cf. Hedström, [27], Manzo, [36], Wikström and Sampson, [57]). Mechanisms here denote constellations of entities and activities that regularly bring about the outcome in question (Hedström, [27], p. 2). Typically in criminological context, the entities are actors and their activities are their actions. A mechanism is then a tendency of actors to (inter)act in a certain way bringing about an outcome. The macro level phenomena may represent distributions, spatial patterns, or any aggregate behaviour. Network research is specifically concerned with relational mechanisms, i.e., tendencies of actors in the network to form ties in specific patterns (Diviák et al., [16]), and their effect on network structures (macro phenomena; Rivera et al., [44]). The key point is that these relational mechanisms may variously reinforce or counteract each other and the emerging network structure may exhibit properties that are not necessarily in line with the intentions of the actors. For instance, a corrupt public official may be inclined to maximise her gains from bribes by offering as much of the contracts for manipulation as possible. Yet, doing so, the network of communication and resource exchange becomes centralised around her, which is both easier to detect as well as to dismantle by the law enforcement, ultimately undermining the initial intention to generate profit. Below, we first formulate our expectations about how the corruption networks are structured (one research question) and subsequently, we formulate what may be some of the relational mechanisms that bring the structure about (three research questions).

The theoretical contribution of SNA, as with any other formal approach (e.g., computational social science) is, that these theoretical assumptions and propositions can be operationalised and in turn empirically tested. Empirical testing subsequently allows to illuminate those aspects of corruption networks, such as their structurally weak spots or key moments in their dynamics, that may be well-suited as targets for intervention and prevention measures.

In line with the above, we first isolate particular mechanisms, informed by prior empirical research into bribery, corruption, and networks, that are thought to be important for the structure of bribery networks. Our research questions are based on prior research in both network analysis and the study of serious and organised crime. We then analyse the manifestations of these mechanisms in three specific cases in order to either corroborate (or not) their existence.

3.1 Core-periphery structure

Previous research of covert and criminal networks in general (Gimenéz Salinas-Framis, [23], Stevenson and Crossley, [49]) as well as of corruption networks in particular (Diviák et al., [15]) suggests that the structure of corruption networks might resemble a core-periphery structure. Core-periphery structured network consists of two classes of actors – core and periphery, where actors in the core are have a lot of ties and are densely connected to other actors in the core, while actors in periphery are relatively marginal and connected only to the core (Borgatti and Everett, [5]). Core-periphery structure resembles theoretical concepts of patron-client relationships (Diviák et al., [15]), where patrons hold a position of power or access to resources, which they offer to clients in exchange for their loyalty or service (Heath et al., [26]). From a network perspective, patrons form the core and clients form the periphery of the network. Such a structure may have several advantages for fraud, corruption, and white-collar criminal activities. First, it allows the core actors to collaborate, control, and support other core actors with the dense interconnections among them. Second, it allows to reach out to peripheral actors for an ad hoc involvement, so that they are not involved for unnecessarily long periods, which could potentially weaken the security of the network (e.g., by exposure or defection; Diviák, [14]). Therefore, our first research question:

RQ1: Do the networks in our study exhibit core-periphery structure?

3.2 Dissortativity

In collaboration networks, it is considered beneficial to have access to complementary skills, knowledge, or resources (Rivera et al., [44]). This complementarity would be manifested in the network by actors collaborating (having ties) predominantly with those, that are dissimilar to themselves on some salient attribute. This is referred to as dissortative mixing or heterophily (Rivera et al., [44]) and it is the inverse of assortative mixing or homophily, which denotes the tendency to interact with similar others (McPherson et al., [37]). In corruption networks, we would expect dissortativity to occur as it allows actors to reach out to different companies or sectors (from public to private and vice versa) and thus to traverse the social settings which the actors are primarily embedded in. This outreach then opens up opportunities for favour exchange, bribery, or contract manipulation, as it is necessary to issue contract or public procurement bids in order to corrupt them. Hence, our second research question:

RQ2: Do the networks in our study exhibit dissortative mixing among actors?

3.3 Repeated interactions

As there is no official lawful way of assuring trust and compliance in illicit interactions, interpersonal trust, defined simply as the expectation of not defecting from cooperation by the other party, may be an important factor enabling cooperation between criminal or potentially criminal actors (Campana and Varese, [9], Gambetta, [22], von Lampe and Ole Johansen, [54]). Repeating interactions in a given dyad (a pair of actors) over time fosters the strength of the relation between the two actors (Rivera et al., [44]), which may accumulate into high number of interactions in certain dyads relative to others. This accumulation may serve as a way of assuring trust and compliance, because defecting from a cooperation that is backed up by past interactions may be costly as actors have already invested their time and effort into them and potentially risky, as both parties posses the knowledge of the other one being involved in illegal behaviour (cf. Heath et al., [26]). Moreover, within uncertain or outright risky interactions, repeated interaction may function as a way to control, encourage, or coordinate with the other actor. The argument for the prevalence of repeated interactions is also in line with RAT, as patterns of offending relate to routinised patterns of social interaction. These routinised social interactions stem from regular business interactions wherein actors collaborate on a day-to-day basis both within their firms as well as with their customers or contractors in other companies or government agencies (cf. Felson, [19, 20]). Hence, our third research question:

RQ3: Do the networks in our study exhibit accumulation of interactions in certain dyads?

3.4 Temporal escalation

We refer to temporal escalation as the alternation between periods (e.g., weeks or months) of frequent and rapid activity followed by periods of relative inactivity by the actors in the network. Temporal escalation results in concentration of interactions in certain periods which can be seen as spikes of activity in the timeline of the given case. Based on RAT, we would expect such a dynamic in corruption networks, because the activity may reflect the structure of opportunities (Kleemans et al., [32]) in which a suitable target (contract) becomes susceptible to bribery or manipulation. For instance, when there is a new contract that is susceptible to manipulation or fraud, it may prompt the actors in the network to start communicating and subsequently cooperating on the manipulation. These periods of activity may be then be followed by periods of low frequencies of communication or collaboration, in which actors may be motivated to remain concealed or to not risk being detected by not raising suspicion (cf. Diviák, [14], Morselli, [38]). Thus, our fourth research question:

RQ4: Do the networks in our study exhibit temporal escalation over time?

Our analysis is based on data derived from Statements of Facts (SoF) produced as part of Deferred Prosecution Agreements (DPA) with corporations implication in transnational corporate bribery. A DPA is a discretionary tool available for use by certain prosecutors in England and Wales that enables a formal but voluntary agreement to be negotiated between the prosecutor, and a corporation, with judicial approval, in order to defer a criminal prosecution for alleged criminal conduct in exchange for the fulfilment of certain terms (see King and Lord, [31]). In the case of corporate bribery in international commerce, the relevant prosecutor is the Serious Fraud Office, and to date, nine DPAs have been negotiated with corporations implicated in foreign bribery or accounting fraud. Once a DPA has been negotiated, approved and made public, the Agreement is accompanied with a SoF that provides a detailed account of the criminal behaviours of the case, including the persons involved, natural and legal, and the nature of their relations, the ‘offending locations’, and agreed information as to when the criminal acts took place and how. Whilst recognising that these documents are negotiated and agreed statements between the prosecutor and the corporation, and that they do not require an admission of guilt on behalf of the corporation, they do represent reasonably accurate depictions of the bribery that took place and the associated dynamics. In this paper we analyse three cases of transnational corporate bribery: Güralp; Sarclad; and, Standard Bank. SoF can be accessed via the website of the Serious Fraud Office and are available to the public for download. The publication of these documents also represents a major shift in SFO policy towards creating more transparency around the underlying decision making process to negotiate sanctions with corporations.

In order to construct a network from the unstandardized SoF, we used the framework for extraction and coding of relational information for criminal networks developed by Diviák, [13]. Specifically, we extracted the information about three key elements of networks from the sources as follows. Firstly, to define the nodes in our networks, we extracted every person mentioned in a given SoF as being involved in a given case. Secondly, we extracted all the mentions of relations and interactions among these persons to ascertain ties. In all the three cases, vast majority (Güralp – 89%, Sarclad – 100%, Standard Bank – 91%) of the ties represent some form of communication either in person (e.g., meetings) or via phone or e-mail. The remainder of ties represents occasional personal or pre-existing ties (e.g., kinship or previous co-membership of organizations). Thirdly, as actor attributes, i.e., variables describing individual actors, we coded their affiliation to companies or to sectors. In the Sarclad case, employees or representatives of 11 companies in total were involved with most of the companies represented by a single or a pair of actors. To permit the analyses described below, we distinguish between Sarclad and non-Sarclad employees in this case. In the Güralp case, the actors were distinguished into private or public sector with analogous reasoning. As for the Standard Bank case, it was also possible to distinguish actors on those from private and those in public sectors. However, some actors were involved in both and thus instead of one variable, we created two variables for each sector in order to be able to analyse dissortativity on both. The fourth aspect we attempted to extract from the data was the time stamp for each interaction. In the Güralp case, this was impossible for majority of the interactions and thus it was not possible to analyse temporal escalation in this case. In the Sarclad case, all the interactions were located in time with granularity at the level of single days, which allowed us to construct a detailed timeline, while in the Standard Bank case, this granularity was mostly on the level of individual months. This still enabled a construction of a timeline, but not as detailed as in the Sarclad case.

All the above-mentioned information was aggregated into two datasets for each case. The first dataset is a nodelist that contains the information about individual actors and their attributes, while the second dataset is an edgelist containing the information about each tie, namely the two actors involved, its direction and time-stamp. The extraction and coding has been done by two independent coders for each case. Reliability of the coding has been subsequently assessed in 2 steps: 1) assessing the amount of actors and their attributes each case; 2) assessing the amount of interactions and their time-stamp in each case. In the first step, each coder extracted an actor set from the given Statement of Facts. Establishing the node set was straightforward in the smallest case (Güralp), as both coders identified the same set of five actors, whereas in the two remaining cases, each coder found one actor not identified by the other coder. Subsequently, all actors that were extracted by either coder were included in the final representation. In the second step, coders coded the actors’ attributes and ties. The coders were instructed to record all the mentions of interactions or relations among the established set of actors into an edgelist, allowing us to construct a network based on each coder’s coding. The reliability of coding ties was subsequently assessed by calculating graph correlations between the resulting network representations with following results suggesting very high coding reliability: Güralp = 0.99; Sarclad = 0.97; Standard Bank = 0.94. The final network for analysis was then constructed from the union of the two networks created by each coder. The reliability of coding attributes was assessed by calculating the proportion of actors’ attributes coded the same way by both coders, as all the attributes are categorical. The results were as follows: Güralp: private/public sector = 100%; Sarclad: Sarclad employee or not = 100%; Standard Bank: private sector = 100%, public sector = 89.5%. Overall, the results of the reliability check indicate high reliability of the coding in terms of the ties and as well as high reliability in coding actor attributes with only minor cases of disagreement between the coders on the coding of attributes in the Standard Bank case. In this cases, the final coding has been made on the basis of mutual agreement between us and the coders. Details on data extraction and coding can be found in Diviák & Lord (under review).

4.1 Güralp Systems Ltd. (GSL)^{Footnote 2}

GSL, incorporated in 1987, is a UK company that designs and manufactures seismological instruments, with 90–95% of its sales overseas. Between 2003 and 2015, GSL made payments of approximately £640,000 to a South Korean public official named Dr Chi, a senior official at the Korean Institute of Geoscience and Mineral Resources, in order to induce or reward Dr Chi for exploiting his position to influence the awards of contracts to GSL. This bribery scheme resulted in profit of over £2m for GSL. Key to the organisation and coordination of this scheme were three other actors, Dr Cansun Güralp, Natalie Pearce, and Andrew Bell. GSL the company, along with Dr Güralp, Pearce and Bell, were alleged to have commissioned offences of ‘conspiracy to make corrupt payments’ (implying pre-planned, coordinated and collaborative criminal activities). In addition, GSL the company was also indicted for a ‘failure to prevent bribery’. GSL, the company, entered into a DPA in 2019 with the SFO, but the three individuals were acquitted at trial.

4.2 Sarclad Ltd. (Sarclad)^{Footnote 3}

Sarclad is UK company incorporated in 2000 that designs and manufactures technology for the metal industry, selling products internationally. Between 2004 and 2012, Sarclad the company, and associated employees and agents, systematically paid bribes to win contracts overseas, generating profit of £6.5m. Sarclad used a network of intermediary agents working in foreign countries to offer or place bribes on its behalf to public officials thought to have influence and control over the awarding of contracts. Of the implicated contracts, 17 involved a single agent (Dr Guang Jiang) operating through a company called Castmasters, seeking contracts in China. Six other agents were involved in the remaining contracts. Essentially, Sarclad entered into agreements with these agents that stipulated remuneration on the basis of commission expressed as a percentage of the contract value secured. Sarclad the company was charged with ‘conspiracy to corrupt’ and ‘failure to prevent bribery’, entering into a DPA for these charges in 2016. Three Sarclad individuals were charged with ‘conspiracy to bribe’ in relation to 27 overseas contracts: Michael Sorby, Adrian Leek and David Justice. All three individuals were acquitted at trial.

4.3 Standard Bank Plc (Standard Bank)^{Footnote 4}

Standard Bank entered into a DPA with the Serious Fraud Office in 2015 after being indicted for ‘failing to prevent bribery’. This was the Serious Fraud Office’s first DPA, and also the first use of the corporate offence of ‘failure to prevent bribery’ in the Bribery Act 2010. The DPA related to a US$6m payment by Standard Bank’s sister company, Stanbic Bank Tanzania in 2013 to a local partner in Tanzania, Enterprise Growth Market Advisors (EGMA). The payment was alleged to have intended to induce several members of the Government of Tanzania, who were directly connected with EGMA, to give preferential treatment to Stanbic Tanzania and Standard Bank’s proposal for a US$600m private placement to be carried out on behalf of the Government of Tanzania. This proposal was in order to fund Tanzania’s ‘Five Year Development Plan’ that would see the creation of key infrastructure projects, and that in turn generated transaction fees of US$8.4m that were shared by Stanbic Tanzania and Standard Bank. In essence, the corrupt payment consisted of a 1% increase to the initial fee of 1.4% of gross proceeds raised set by Standard Bank and Stanbic Tanzania, that was then diverted to EGMA. The key issue was that Standard Bank’s internal systems and procedures were inadequate for preventing such bribery. 19 actors from Standard Bank, Stanbic Tanzania and the Government of Tanzania were implicated.

In SNA, a network is defined as a set of nodes and ties among them (cf. Borgatti et al., [7], Prell, [42], Wasserman and Faust, [56]). In all our cases, the nodes represent actors mentioned as participating in the SoF. Actors can also be characterized with attributes. In our cases, we were able to extract information about whether actors work in public or private sector and for which organization. Ties represent interactions and relations among actors in each case. The content of ties and the precision of the information varies across the different SoF, but in general the ties represent form of communication (calls, e-mails, meetings) or transactions (payments). This makes the ties in all our cases weighted, where the weight of a tie refers to the frequency of interactions between the given pair of actors. In the cases, where it was possible, we also distinguished the direction of ties, i.e., from whom to whom a given tie goes.

A degree of a node is the number of ties adjacent to it, with weighted degree accounting for the weight of each tie. We used degree and weighted degree to assess the centrality of the nodes in our networks. Additionally, average degree and its standard deviation can be used to characterize the structure of the network as a whole, as average weighted degree refers to the average amount of interactions per actor, while its standard deviation refers to the dispersion of interactions across the actors (Snijders, [47]). Thus, the higher the average degree is, the more the network is connected, while the higher its standard deviation, the more the ties are concentrated around specific actors. In the case of directed networks (the Standard Bank case), where it is possible to distinguish incoming and outgoing ties, the degree can be analogously distinguished into indegree and outdegree. Finally, the networks were visualised using sociograms. The two larger networks were visualised using Fruchterman-Rheingold algorithm which places the most central nodes in the middle of the visualisation, while trying to cross the lines or nodes as little as possible and to place connected nodes close to one another. The Güralp network was visualised by laying the nodes out on a hypothetical ellipse, as Fruchterman-Rheingold algorithm did not yield a clear visualisation of this network.

In order to answer the RQ1 about core-periphery structures, we used the continuous core-periphery routine implemented in UCINET software package (Borgatti et al., [6]) to fit an ideal core-periphery model to our cases. This procedure first tries to iteratively find what would be the most optimal partition of nodes in a network into core and periphery and subsequently calculates a correlation of such partition with the ideal core-periphery structure as a measure of goodness of fit (Borgatti and Everett, [5]). The higher the correlation of the empirical partition with the ideal core-periphery structure is, the more does the network in question resemble a core-periphery structure.

In order to answer the RQ2 about dissortative mixing, we used the igraph package (Csardi and Nepusz, [12]) in R (R Core Team, [43]) to calculate the assortativity index for nominal attributes (Newman, [39]). This index takes a nominal attribute of nodes (in our cases the firms or sectors each actors works for/in) and quantifies to what extent do the nodes have the tendency to have to others with the same value on the attribute, i.e. working for the same firm or in the same sector. Positive values of this index indicate assortative tendencies, that is tendencies to have ties to similar others, while negative values indicate the opposite dissortative tendencies.

The answer to RQ3, pertaining to the repetition of ties and their accumulation in certain dyads, was obtained by calculating the Gini index. Gini index (Handcock and Morris, [25]) quantifies the inequality of distribution of a given variable among a set of observations. It ranges from 0 to 1, where 0 indicates perfect equality and 1 indicates absolute inequality (a total concentration of the variable in one observation). In our case, the variable of interest is the amount of interactions at the level of a connected dyad, i.e., a pair of actors with a tie between them. To calculate this measure, we used the R package reldist (Handcock, [24]).

The last research question, RQ4 related to temporal escalation, was answered by first extracting the information about when each interaction happened. The SoFs we used as a data source were not entirely consistent across the cases for doing so in a unified manner. In the Guralp case, this was impossible as most of the interactions were not dated at all or were only vaguely dated by referring to a year. In the Sarclad case, the SFO tracked all the communication among the implicated actors with granularity for single days and thus a very precise timeline could have been constructed, while in the Standard Bank case, the interactions were mostly dated to a specific month. To uncover whether there are abrupt changes in the timeline of the cases, we conducted change point analysis. Change point analysis (further see Killick et al., [30]) is set of techniques for identifying the amount and location of changes in time series data. Specifically here, we used the binary segmentation technique implemented in the changepoint R package (Killick and Eckley, [29]). This technique attempts to split a time series into segments by dividing the series in two segment and subsequently trying to divide each of those two segments into two segments and so forth until no changepoints are identified. Presence of changepoints in our data indicates temporal escalation.

6.1 Güralp

The Güralp case (Table 1) is the smallest network in our study as it comprises only five actors. The average weighted degree is 19.2 in this network indicating that actors had on average nineteen interactions with each other, although this number varies highly with standard deviation of 18.2. This suggest presence of some highly central actors and as it can be seen from Fig. 1, Dr Chi is such a central actor around whom most of the ties in the network revolve. The interactions are spread across 2.4 other actors on average, indicated by average binary degree, with standard deviation of 1.14 suggesting some dispersion in this regard as well.

Güralp case network. Thickness of ties represents their strength (frequency of interactions). Black nodes = private sector

Full size image

As for our research questions, RQ1 relates to the resemblance of core-periphery structure in our networks. The extent to which an empirical network resembles an ideal core-periphery structure is capture by a correlation of its permuted matrix with its idealized counterpart. In this case, the correlation equals 1.0 which can be interpreted as the empirical network being perfectly core-periphery structured. It is important to note though, that this finding may be in a function of the small amount of actors in this network, as the core consist of only one actor (Dr Chi). As for RQ2 about dissortativity, the actors in this case could be meaningfully categorized into private and public sector, for which we calculated the assortativity index. Its value of −0.33 suggests that actors display the tendencies to interact with those who are not from the same sector and thus that their ties are moderately dissortative, although this results may be affected by the small amount of actors in the network overall. Regarding RQ3 about the tendency of actors to repeat interactions, the value of Gini index is 0.52 suggesting a slight concentration of interactions within specific connected dyads. The last research question about temporal escalation was not possible to be addressed in the Güralp case, because the information contained in the SoF did not allow us to clearly locate most of the interactions in at least specific months. To summarize, the network in Güralp case exhibits a clear core-periphery structure, and there is evidence for the mechanism of repeated interactions and for dissortative tendencies of actor in the networks.

6.2 Sarclad

The Sarclad network (Table 2), depicted in Fig. 2, comprises of 27 actors and its specific feature is that the SoF was detailed enough to allow us to distinguish the direction of each tie, making the network directed unlike the two other cases. The average indegree and outdegree are the same – 8.07, indicating a bit above eight interactions per actor. The incoming degrees are more concentrated than the outgoing ones as the standard deviation of 17.59 (16.2 for the outdegrees) suggests, but both are very high compared to the averages, which means that the network overall is strongly centralized, which is again clearly visible in the sociogram (Fig. 2). The most prominent actors in this case were in descending order Leek, Justice, Jiang, and Sorby. On average, actors interact ties from 2.3 others, with considerable variance in both incoming and outgoing interactions.

Sarclad case network. Thickness of ties represents their strength (frequency of interactions). Black nodes = Sarclad

Full size image

In terms of core-periphery structure (RQ1), the correlation of the empirical network with an idealized one is 0.78, suggesting a strong correspondence of the network with a core-periphery structure. The dissortativity related to RQ2 was calculated on the attribute denoting whether the actor works for Sarclad or not, because the employees of Sarclad were manipulating the contracts with other actors from multitude of other companies depending on the particular contract at hand. The assortativity index is −0.08 suggesting dissortative tendencies, but only very weak ones at that. The value of the Gini index is extremely high at 0.96, which substantiates the mechanism of repeated interactions postulated in RQ3 as there are some dyads within which the interactions tend to disproportionately accumulate. Lastly, Fig. 3 depicts the number of interactions per month in the case and together with changepoint analysis provides the answer to RQ4 about temporal escalation. Figure 3 displays multiple spikes in the number of interactions in certain months followed by periods of relative inactivity in the timeline of the Sarclad case. Additionally, changepoint analysis detected 11 changepoints, i.e., in this case months in which the number of interactions changed significantly in comparison to prior months. This indicates evidence of temporal escalation. In summary, the Sarclad case network exhibits a clear core-periphery structure and there is evidence on the operation of the mechanisms of repeated interactions and temporal escalation.

Sarclad case – number of interaction over time (months)

Full size image

6.3 Standard Bank

The last case we analysed is the Standard Bank network, decribed in Table 3 and shown in Fig. 4. There are 18 actors involved in this case. The specific feature of the Standard Bank case is that some actors were involved in both private and public organisations (mostly in Tanzanian government) simultaneously. Such an overlap presents a potential for conflict of interest and risk for corrupt activities in itself, but it also may predispose actors with these overlapping affiliations into specific network positions. This pertains to two actors here, Harry Kitilya and Dr Fratern Mboya, who did not have high number of direct interactions, but they were positioned on a relatively high amount of paths between ither actors, suggesting their potential to function as brokers or intermediaries. Other than that, this network is structurally similar to the two cases presented above: there is again a remarkable concentration of ties around the central actors (Shose Sinare, Bashir Awale, Standard Bank Secondee J) with on average 10 interactions per actor with a standard deviation of almost 15. Actors on average interacted with close to four others, but this number varies to some extent as in the preceding cases (SD = 4.04).

Standard Bank case network. Thickness of ties represents their strength (frequency of interactions). Blue nodes = private sector, circles = public sector

Full size image

The similarities to the two other cases are also apparent while addressing our research questions. The Standard Bank network is also strongly core-periphery structured with the correlation of the network to its idealized counterpart being 0.83. Since the affiliation to public or private sector is not mutually exclusive, it was possible to calculate the assortativity on both sectors. However, actors display no clear tendencies for dissortativity or assortativity with both indices being quite low (0.05 for private sector and 0.12 for public sector). There are some dyads gathering disproportionate amount of interactions with the Gini index value of 0.88 indicating extremely inequal distribution of interactions among dyads in the network and thus providing some evidence for the tendency of actors to repeatedly interact with the same others. The timeline plot (Fig. 5) shows a bit different pattern to the Sarclad case in that instead of the alteration between periods of frequent interaction and no interaction, there is a period of build-up followed by a steep increase of interactions mid-2012. Furthermore, changepoint analysis detected four changepoints in the dynamics of the Standard Bank case that correspond to the rapid increase in interactions in mid-2012. We deem this to be a sign of temporal escalation as well, but instead of perpetual abuse of numerous contracts and opportunities, the temporal escalation in this case revolved around one large contract. Considering all the results together, the Standard Bank network is core-periphery structured, with the mechanisms of repeated interactions and temporal escalation being active, but with no strong displays of dissortativity.

Standard Bank case – number of interaction over time (months)

Full size image

Taken together, our findings show remarkable similarities across the three studied cases. In terms of the structure, all three networks bear a strong resemblance to a core-periphery structure. This is in line with both previous research (Diviák et al., [15]) and theoretical notions of patron-client relations (Heath et al., [26]). In terms of the underlying mechanisms, we find evidence for the repetition of interactions in all three cases. This aligns with extant literature that attributes the repetition of interactions to the need for coordination and for assuring trust (Heath et al., [26], Rivera et al., [44]) and to their embeddedness in routinized patterns of day-to-day interactions (Felson, [19, 20]). Furthermore, in the two cases where it was possible (Sarclad and Standard Bank) we also found evidence of temporal escalation of interactions, albeit both cases exhibiting different patterns of it. Lastly, actors in none of the cases display any tendencies towards dissortativity nor assortativity with exception of moderate dissortativity in the Güralp case. The difference between temporal escalation in the Sarclad case (multiple periods of high activity followed by periods of inactivity) and in the Standard Bank case (a long period of inactivity building up to a steep increase in activity in one specific period) can be explained by different structure of opportunities (Benson and Simpson, [2]), which consisted of multiple contracts with several different companies in the Sarclad case, while it revolved around one major contract in the Standard Bank case. This explanation by different structure of opportunities again aligns with the tenets of RAT, because the opportunities arise within the regular operations of the incriminated companies and their mode of business operation (Felson and Clarke, [21]). The lack of dissortativity in the two larger cases, and assortativity for that matter, can be attributed to the fact that actors need to reach out to those in different sectors or companies, but they also need to cooperate and communicate with those from their own company or sector. This is connected to the core-periphery structure – the ties between the core actors are predominantly to similar others, while the ties between core and periphery usually connect different actors. Thus, the interactions are split between similar and different actors in terms of their company or sector affiliation, yielding no strong signs of either dissortativity or assortativity as a result.

In the spirit of the application potential of both SNA (Valente, [51]) and RAT (Felson, [19], Kleemans et al., [32]), our findings may be further examined in order to formulate evidence-based intervention or prevention measures and policies. The finding that the networks are strongly core-periphery structured yields itself to an intervention strategy targeting the most central actors. It is true that by definition, core-periphery networks are centralized and thus their structural weakness are the central actors. However, it is important to note that in a core-periphery network, the core actors are structurally equivalent, i.e. they interact with others in similar structural positions. This translates into replaceability of actors in the core in terms of their positions. Interventions aiming at removing actors from the network (e.g., by an arrest) should thus either target the whole core or additionally consider also the attributes and skills of the targeted individuals that may be more difficult to replace.

Another potential for intervention or prevention measures lies in the network dynamics. As we have shown above, there is apparent temporal escalation in the frequency of interactions which can be linked to important opportunities and exposition of suitable targets, namely signing or brokering of new contracts. Assuring transparency or monitoring at these points may be an efficient prevention tool, because the communication among actors involved in the illicit exchanges and interactions usually bears clear signs of some intent to bribe, manipulate or otherwise corrupt a given contract (e.g., using language about “percentages”, “bonuses” or “commissions”). On a similar note, conflict of interests, such as in the Standard Bank case, has been long recognized as a risk and a potential vantage point for corrupt activities. While network perspective is not necessary to identify conflict of interests, it is useful in elucidating how this conflict of interests translates into specific network positions such as being brokers or intermediaries in this case, which make the two actors in conflict of interest advantageously positioned in terms of flow of resources and information. However, all the intervention and prevention measures we have discussed here should be carefully examined in both academic research as well as with regard to a specific case prior to their actual application. As with any interventions that impact social reality, the danger of triggering negative unintended consequences, such as strengthening the cohesion of the network or increasing the sophistication of offenders in response to a disruption attempt, is real and may seriously undermine the initial efforts. In order to devise informed, efficient, and safe intervention and prevention measures, these should be grounded in serious corroborated scientific research. The findings presented here are so far exploratory and constitute a first peek into the structure and dynamics of corruption networks constructed from DPAs. These findings should be corroborated on more networks and on networks from different data sources. DPAs, and analogous non-trial resolutions, are now being used in many jurisdictions (e.g., USA). For instance, a recent OECD report indicated that in relation to foreign bribery cases, 78% were dealt with through such legal tools (OECD, [40]). Although transparency of documentation varies, these non-trial resolutions represent potential data source to which our or similar approach could be applied.

Speaking of data sources, the Statements of Facts from DPAs that we used here turned out to be a fruitful source of relational information, especially given that they are publicly available. We were able to extract information about actors, their ties, their attributes, and the overall dynamics and context in our cases (Diviák, [13]). Yet, it is important to note that the DPAs are not primarily produced for scientific inquiry – they serve their own legal purposes. Thus, the information of scientific interest may not be present or may not be recorded in a standardized way researchers are used from usual data sources such as questionnaires. For instance, while all the Statements of Facts mention the temporal dynamics of the cases in some way, the precision of this information varies substantially across the cases: in the Sarclad case, it was possible to localize the ties within specific days, whereas the Güralp case mentions the temporal dynamics so vaguely it was impossible to construct any reasonable timeline for this network.

In general, data availability and validity present the largest limitation of any research on covert or criminal networks including the present study (Diviák, [13], Faust and Tita, [18]). While our data extraction and coding displays high reliability, we must admit that the data source we used may bear biases affecting its validity. One such bias may stem from the omission of actors or ties from the Statements of Facts and as a result, their omission from the network representation. Due to the negotiated nature of DPAs and the amount of scrutiny going into generating each Statement of Facts, it is not likely that any structurally important actor would be omitted, although omission of more peripheral actors cannot be ruled out, albeit with little consequences for the overall results (cf. Faust and Tita, [18]). One may also argue that our cases are subject to selection bias – all the analysed covert and criminal networks could after all be considered failed in that they had been eventually uncovered, which may in turn be systematically related to their structural properties (Morselli, [38]). It is difficult to refute this argument, as it is impossible to compare our results to networks that have not been observed. However, this issue highlights the importance of considering network dynamics, because success or failure are not fixed states, but a network may be considered successful at certain periods (reaching its collective goal and remaining concealed), while it may be viewed as failed in others (Diviák, [13]). These structural correlates of success or failure may be illuminated by future research.

Despite there are clear advantages of having access to empirical data and being able to provide evidence-based insights, the application of SNA should not be merely data-driven. As with any method, using it without theoretical guidance runs the risks of generating spurious results or overinterpreting findings. For this reason, we anchored our analysis and the network approach in two compatible criminological perspectives – RAT and analytical criminology. We subsequently derived research questions from these two frameworks and previous research on criminal networks. Future research should aim for building a systematic theory that would delineate all the important aspects of corruption and white-collar crime networks and explain how they are linked to the network structure, dynamics, and their outcomes. This does not exclude other theories or frameworks from being employed, but building on the blueprint of RAT and analytical criminology offers a benefit in their mechanism-based explanations which focus on explaining how these crimes are committed, which can in turn be empirically tested and used for formulation of interventions.

Another advantage of RAT and analytical criminology is their synergy with methodological tools that also synergize with SNA. On the one hand, statistical models for network data (cf. Snijders, [48]) provide an opportunity to go beyond descriptive SNA to specifically model the effect of given relational mechanisms on the network structure, therefore greatly aligning with analytical criminology (Diviák et al., [16]). While most of such models are currently limited to binary network data, precluding their immediate application the data in the networks studied here, the fast development of these methodological tools may soon equip the researchers in this area with models appropriate for weighted and dynamic data. On the other hand, script analysis (Bellotti et al., [1]) is greatly synergistic with both RAT and SNA, as they both are concerned with the criminal process and the sequence of events, resources, and actors that produce them (Felson and Clarke, [21]). Such focus may also enrich SNA in further disentangling not only the structure of interactions, but also the structure of opportunities and logistics of particular cases of serious and organised crime (Bellotti et al., [1]).

In conclusion, our study demonstrates the utility of applying SNA to corruption networks constructed from the openly available data from DPAs. Despite varying amount of involved actors and time span, the SNA results reveal remarkable similarities across the three cases in core-periphery structures, temporal escalation, repeated interactions, and the lack of dissortativity. SNA is a framework that allows to further refute or corroborate these findings in future research and therefore to meaningfully accumulate findings in this area. Moreover, these accumulated findings may in turn lend themselves toward formulation and implementation of evidence-based strategies to combat corruption and white-collar crime.

The datasets used and/or analysed during the current study are available from the corresponding author on reasonable request.

1. The SFO is part of the UK criminal justice system covering England, Wales and Northern Ireland, but not Scotland, the Isle of Man or the Channel Islands.

2. https://www.sfo.gov.uk/cases/guralp-systems-ltd/

3. https://www.sfo.gov.uk/cases/sarclad-ltd/

4. https://www.sfo.gov.uk/cases/standard-bank-plc/

DPA:

deferred prosecution agreement

RAT:

routine activity theory

RQ:

research question

SNA:

social network analysis

SoF:

statement of facts

The authors are grateful to the members of the RESQUANT group at the department of criminology, University of Manchester, for their feedback on the earlier version of this study.

Data collection for this study was supported by Manchester Statistical Society grant Conspiracy to Corrupt: Extraction and Analysis of Bribery Network Data from Deferred Prosecution Agreements awarded to Tomáš Diviák.

Authors and Affiliations

1. Department of Criminology and Mitchell Centre for Social Network Analysis, University of Manchester, Manchester, United Kingdom

   Tomáš Diviák

2. Department of Criminology, University of Manchester, Manchester, United Kingdom

   Nicholas Lord

Contributions

TD worked on data collection and carried out data analysis, wrote major parts of theory, methods, results, and discussion sections. NL worked on data collection and coding and contributed to theory and method section. All authors read and approved the final manuscript.

Corresponding author

Correspondence to Tomáš Diviák.

Competing interests

The authors declare that they have no competing interests.

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.

Reprints and permissions