Recent trends in cybercrime, internal investigations and
consumer credit discrimination have been the focus of New Jersey
prosecutors and federal agencies in New Jersey. In this Alert, we
consider prosecutions by the U.S. Attorney's Office in New
Jersey and regulatory actions that are of note to companies that
are based in New Jersey or are doing business in the state.
Within this issue of the New Jersey Federal Criminal and Regulatory
Alert, we summarize the recent major cybercrime cases being handled
by the U.S. Attorney's Office in New Jersey, which has made
prosecuting cybercrime a top priority. We also focus on an
important mortgage discrimination action brought by the Consumer
Financial Protection Bureau and the Department of Justice's
("DOJ") Civil Rights Division against Hudson City Savings
Bank, and on the subsequent consent order. Finally, we address the
"Yates Memo," which sets forth the DOJ's new national
initiative on individual accountability for corporate misconduct
and the six key steps that will be used to identify and punish
individual wrongdoing within a corporation.
THE "YATES MEMO"
On September 9, 2015, the Department of Justice
("DOJ") issued a memorandum entitled "Individual
Accountability for Corporate Wrongdoing," otherwise known as
the "Yates Memo" because it was authored by Deputy
Attorney General Sally Quillan Yates. The Yates Memo outlines
the DOJ's objective to hold individuals accountable for
corporate misconduct. The memo focuses on six key steps that
will be used to identify and punish individual wrongdoing within a
corporation: (1) the requirement that corporations must provide to
the DOJ all relevant facts relating to the individuals involved in
corporate misconduct in order to receive any cooperation credit;
(2) DOJ criminal and civil corporate investigations need to focus
on individuals from the inception of the investigations; (3) DOJ
criminal and civil attorneys handling corporate investigations
should frequently communicate; (4) except in extraordinary
circumstances, the DOJ will not release individuals from liability
when resolving a matter with a corporation; (5) DOJ attorneys
should not resolve corporate matters without a plan to resolve
related individual cases; and (6) when determining whether or not
to bring suit against an individual, DOJ civil attorneys should do
so based on factors beyond simply an individual's ability to
pay.
In pursuing this effort, the DOJ will be faced with many challenges
due to the complexities of corporate structures. For example,
high-level executives are typically not exposed to the day-to-day
activities where the misconduct occurs. In addition, it may
be difficult to prove that a particular employee possessed the
knowledge and criminal intent necessary to establish guilt beyond a
reasonable doubt.
This new DOJ initiative poses many challenges for
corporations. Although corporations may be eligible for
cooperation credit if they provide "all relevant facts about
the individuals involved in the corporate misconduct," the DOJ
will not award cooperation credit if it determines that the
information provided is not sufficient. If a corporation
decides to be completely transparent in an investigation, it could
put certain employees at risk of criminal or civil liability, which
was not necessarily the case before the Yates Memo was
issued. Corporations should be vigilant about protecting
themselves by communicating the DOJ's new policies to senior
management, and discussing corporate and individual risks.
Corporations should also reevaluate their compliance programs to
make sure they are sufficiently robust given the DOJ's new
initiatives.
On November 16, 2015, in a speech given at the American Bankers
Association and American Bar Association Money Laundering
Enforcement Conference in Washington, Deputy Attorney General Yates
reiterated the parameters of the DOJ's new corporate policy on
individual accountability. Ms. Yates announced that the DOJ
is issuing revisions to the United States Attorney's Manual
("USAM") to align the manual with the Department's
new policy. As revisions to the USAM do not occur often, this
is the DOJ's way of emphasizing it's new priorities and
values. The revisions include updates to the written guidance
on corporate criminal cases, and the requirement that if a
corporation wants cooperation credit, it must provide all
non-privileged information about individual wrongdoing.
Although this concept is not necessarily new to the DOJ's
procedures, the consequences of not cooperating are new. Now,
full cooperation is required in order for the DOJ to even consider
cooperation credit for a company. The DOJ is also confirming
that the attorney-client privilege is protected as to legal advice,
and corporations will not be obligated to produce protected
materials in order to receive cooperation credit. On the
other hand, facts are not privileged and will need to be produced,
including facts learned through employee interviews during an
investigation. Possibly the most notable change to the USAM
is a new section on enforcing claims against individuals in
corporate matters. Ms. Yates concluded by explaining that it
is not the DOJ's objective to recover the largest amount of
money from corporations, but rather, to seek accountability from
those individuals within corporations who violate the law.
TRENDS
Cybercrime - U.S. Attorney's Office Makes Cybercrime a Top Priority
New Jersey U.S. Attorney Paul Fishman has made fighting
cybercrime a top priority for his office, by partnering both with
federal agencies and with the private sector. According to an
August 14, 2015 article in the New Jersey Law Journal
("NJLJ"), starting shortly after Fishman took office in
2009, he began hosting public forums at which members of his office
and federal agents spoke openly about cybercrime and began reaching
out to the private sector. According to the article, outreach
by federal agencies to the private sector "has been crucial
because companies have traditionally been skittish about reporting
cybersecurity breaches for fear of reputational damage and
increased government scrutiny." Prosecutors from the
U.S. Attorney's Office, including members of the Economic
Crimes Unit, have frequently met with and given presentations to
corporate executives in an effort to teach them how the government
can assist their companies in the event of a data breach.
Partnering with other federal law enforcement agencies has enabled
the U.S. Attorney's Office to handle a number of sophisticated,
large-scale cybercrime cases.
The Office's Computer Crimes Unit has substantially increased
in size over the past few years, increasing from two prosecutors in
2008 to eight prosecutors by 2013, and they have worked with
numerous agents in investigating cybercrimes. The Department of
Justice has also encouraged the investigation of cybercrime
cases. Put simply, as the NJLJ article notes, federal law
enforcement agencies "have all began to realize that
cybercrime is a problem that's not going away." And
as a result of data breaches, the public has been clamoring for
more prosecutions.
The U.S. Attorney's Office in New Jersey is now one of the
leaders in the country in cybercrime investigations and
prosecutions, as evidenced by the three recent cybercrime
prosecutions discussed below.
http://www.njlawjournal.com/printerfriendly/id=1202734795739
(Subscription Needed to View Full Article)
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.