On September 15, 2022, Deputy Attorney General Lisa Monaco announced changes to how DOJ prioritizes and prosecutes corporate crime.1 These updates reflect the Biden Administration's continued “get tough” approach to white collar crime, encouraging voluntary self-reporting while imposing new obligations on cooperation. The new guidance also addresses how prosecutors should assess prior misconduct, corporate compliance programs, and the need for compliance monitors.
The DAG's recent speech (the “2022 Speech”) and memo (the “2022 Memo”) complement her speech and memo from last October (collectively, the “2021 Memo”), which attracted significant commentary from the defense bar and business community.2 In particular, the latest changes address some of the points previously raised:
Corporate Cooperation and Individual Accountability. In 2021, DOJ reinstated the “Yates Memo” requirement that, in order to qualify for any cooperation credit, companies must disclose all relevant facts regarding all persons involved in corporate misconduct. For cooperating companies, the 2022 Speech and Memo underscore the importance of prioritizing the timely production of such evidence. DOJ wants “[p]rosecutors and corporate counsel alike to feel they are ‘on the clock' to expedite investigations, particularly as to culpable individuals.” DOJ also now will expect prosecutors to bring individual charges before or at the same time as a corporate resolution (or, if not, to present a plan and timeline for resolving cases against individuals within the limitations period).
Prior Misconduct. The 2021 Memo required DOJ prosecutors to consider all prior corporate conduct (criminal, civil, and regulatory), not just similar conduct, in deciding whether to charge a corporation. Following considerable pushback from companies and the defense bar, the 2022 Speech and Memo clarify that not all prior misconduct should receive the same weight. The most important are recent criminal misconduct in the United States and past misconduct involving the same personnel or management (or, as noted in the 2022 Speech, stemming from the “same root causes”). “Dated conduct” typically will merit less consideration. DOJ generally will disfavor NPAs and DPAs for recidivists, though past misconduct by an acquired entity will receive less weight if the acquirer integrated the entity into an effective compliance program and promptly remediated.
Independent Compliance Monitors. Last year, DOJ reversed the Trump Administration's guidance to the extent it suggested that “monitors are disfavored or are the exception.” The 2022 Speech and Memo attempt to address calls by the defense bar to improve transparency and accountability involving monitors. The new guidance instructs prosecutors to document all monitor selections, ensure that the scope of every monitorship is tailored to the misconduct and related compliance deficiencies, and stay involved and “monitor the monitor” to increase the likelihood of success, including by keeping monitors “on budget.”
The 2022 Speech and Memo also provide additional guidance on corporate cooperation and voluntary self-disclosure:
Voluntary Self-Disclosure. Absent aggravating factors, DOJ will not seek guilty pleas from corporations that voluntarily self-disclose, fully cooperate, and timely and appropriately remediate misconduct. Likewise, DOJ will not impose corporate monitors on such companies if they have effective compliance programs that have been implemented and tested at the time of resolution.
Corporate Compliance Programs and Culture. DAG Monaco highlighted factors from prior DOJ guidance that prosecutors should consider in evaluating compliance programs, including how companies measure and identify corporate risk, monitor payment and vendor systems for suspicious transactions, and make disciplinary decisions. The DAG provided further guidance for prosecutors in assessing whether: (i) corporate compensation systems contain clawback or deferred compensation provisions and incentivize “compliance-promoting behavior;” and (ii) the corporation has implemented policies regarding the use of personal devices and third-party messaging applications (a subject DOJ will study further).
Cooperation and Individual Accountability
Despite an overall decline in criminal prosecutions of individuals over the last decade, DAG Monaco emphasized that individual accountability continues to be DOJ's “number one priority” and called for cooperating companies to present evidence of misconduct “more quickly.” In her 2022 Speech, the DAG cautioned companies against delaying disclosure for strategic reasons and warned that such “gamesmanship” will not be tolerated and will result in the reduction or denial of cooperation credit. In this regard, defense counsel may need to guard against the risk that DOJ rushes to judgment, particularly in complex cases.
In addition, prosecutors are expected to bring individual actions prior to or at the same time as corporate resolutions (and, where the corporate resolution comes first, to provide an investigative plan outlining the timeline for remaining work related to all potentially culpable individuals). Corporate prosecutions are typically easier to resolve than individual actions, at least when individuals contest guilt, which may complicate timing. We will continue to monitor whether this individuals-first sequencing and placing the burden of identifying all potentially culpable individuals on the cooperating company result in more individual prosecutions.
Prior Misconduct
The 2021 Memo required prosecutors to consider all prior misconduct of a corporation, but did not address “how prosecutors should address factors such as the passage of time . . . or other distinguishing factors particular to companies in assessing ‘all prior misconduct.'”3 The 2022 Memo provides further guidance on this topic.
The 2022 Memo provides that, in assessing prior misconduct, “prosecutors should assign the greatest significance to U.S. criminal resolutions and to prior misconduct involving the same personnel and management” and that “dated conduct” should receive less weight. “Dated conduct” is defined as conduct addressed in a criminal resolution more than ten years before the conduct now being investigated or more than five years before for a civil or regulatory resolution.
The 2022 Memo also instructs prosecutors to contextualize prior misconduct within the company's industry, recognizing that some corporations operate in highly regulated industries and are likely to have more interactions with regulators. This guidance will be particularly welcomed by financial institutions and healthcare or pharmaceutical companies that may find themselves in the crosshairs of multiple regulators. And, not surprisingly, the 2022 Speech emphasized that DOJ leadership will scrutinize prosecutors' offers of NPAs or DPAs to repeat offenders (or, as the DAG called them, “frequent fliers”).
Prior misconduct by an acquired entity will receive less weight so long as the acquiring corporation “promptly and properly” addressed the compliance issues post-acquisition. While this underscores the importance of compliance due diligence and integration, it is unclear why DOJ would count an acquired entity's historic misconduct as a strike against an acquirer that took all the pre- and post-acquisition steps DOJ is seeking.
Independent Compliance Monitors
The 2021 Memo reversed the Trump Administration's rule that monitorships should be imposed only in exceptional circumstances.4 In doing so, it did not address many of the concerns regarding the reasoning behind the selective imposition of a monitor in certain cases, the transparency of the process, or the burden a monitor could impose. The 2022 Memo addresses many of those issues.
The 2022 Memo lists ten non-exclusive factors for prosecutors to consider in appointing monitors. These include whether the company voluntarily self-disclosed and whether the underlying conduct revealed weaknesses in the compliance program. Because a federal criminal investigation often spurs companies to reassess their compliance programs, prosecutors are instructed to look at the state of a compliance program both at the time of the offense and the time of the charging decision.
The 2022 Memo also sets forth rules designed to improve transparency around selecting monitors and instructs prosecutors to engage in continued review of monitorships. This should not only relate to instances where a monitor reports being denied access to information, but also “the reasonableness of the monitor's review, including, where appropriate, issues relating to the cost of the monitor's work.”
Voluntary Self-Disclosure
DAG Monaco pointed to the success of the Criminal Division's voluntary disclosure program for FCPA violations and the Antitrust Division's Leniency Program, among others. She then announced the expansion of these programs across DOJ by requiring adherence to certain “core principles” of voluntary self-disclosure. Most significantly, absent aggravating factors such as threats to national security or “deeply pervasive” wrongdoing, DOJ will not seek a guilty plea from companies that voluntarily self-report, fully cooperate, and timely and appropriately remediate.
Nor will DOJ impose a monitor on companies that voluntarily self-disclose and demonstrate the implementation of an effective compliance program at the time of the resolution. The requirement that companies demonstrate such effectiveness through testing places a premium on moving quickly to implement enhancements, allowing enough time for them to become operative and be tested before a resolution.
Prosecutors are instructed to credit voluntary self-disclosures. But, underscoring a theme from the 2021 Memo, DAG Monaco noted that DOJ generally disfavors multiple NPAs or DPAs for repeat offenders. Before extending an offer that would result in such a resolution, prosecutors must obtain approval from the responsible U.S. Attorney or Assistant Attorney General and provide advance notice to the DAG's office.
Of particular interest to FCPA practitioners is the status of “declinations with disgorgement,” which were established as part of the Fraud Section's 2016 pilot program and rolled into the FCPA Corporate Enforcement Policy.5 DOJ has used this resolution format only once since President Biden's inauguration in 2021.6 Although the DAG refers to companies receiving “declinations and non-prosecution agreements with no significant criminal penalties” in her 2022 Speech, neither the speech nor 2022 Memo provides any insight into whether DOJ “declinations with disgorgement” remains a viable path to resolution. Such a resolution certainly provides a greater potential incentive to self-report than avoiding a guilty plea.
Corporate Compliance Programs and Cooperation Factors
The 2021 Memo stressed the importance of corporate compliance programs and the possible impact of the existence (or lack) of a program on charging decisions. The 2022 Speech and Memo repeat those themes and highlight areas of particular interest:
Compensation Structures that Promote Compliance. Prosecutors should consider whether, in addition to rewarding ethical behavior, a corporation's compensation systems incorporate procedures for retroactive discipline “against current or former employees, executives, or directors whose direct or supervisory actions or omissions contributed to criminal conduct.” These include clawback measures or partial escrowing of compensation. Such systems already exist for senior executives in some corporations, but other corporations may want to consider adopting similar measures.7
Use of Personal Devices and Third-Party Applications. Prosecutors should consider whether companies have implemented policies regarding the preservation of business records, especially with respect to employees' use of personal devices and third-party messaging applications, including ephemeral and encrypted messaging apps.8 The 2022 Memo provides “a general rule” that robust compliance programs should feature effective and enforced policies governing the use of personal devices and messaging platforms, as well as clear employee training on such policies. Outside of the financial services industry, many companies do not have policies that meet these standards. The 2022 Memo instructs the Criminal Division to “study best practices” in this area and incorporate them into future guidance. Any guidance from DOJ on this topic will be welcomed because effective policing of third-party platforms has been particularly difficult for companies operating in foreign jurisdictions where apps like WeChat and WhatsApp—rather than email—are a common medium for business communication.
Ongoing payment monitoring and data analytics. Among other compliance factors reiterated from prior DOJ guidance, the 2022 Memo notes that prosecutors should consider companies' monitoring of “payment and vendor systems for suspicious transactions” when assessing compliance programs. This is consistent with DOJ's 2020 updates to its Evaluation of Corporate Compliance Programs guidelines,9 which called on prosecutors to assess whether compliance personnel have “sufficient direct or indirect access to relevant sources of [company] data” to effectively monitor compliance and whether the evolution of a company's compliance program is “based upon continuous access to operational data and information across functions.”10 DOJ continues to encourage companies to leverage data for the benefit of their compliance programs and is building its own capabilities and expertise in the space.11
Without further explanation, the 2022 Memo notes that prosecutors should consider whether “a corporation uses or has used non-disclosure or non-disparagement provisions in compensation agreements, severance agreements, or other financial arrangements so as to inhibit the public disclosure of criminal misconduct by a corporation or its employees.” Further clarification of this guidance would be useful. While corporations cannot and generally do not prohibit employees from reporting potential criminal behavior to DOJ or other regulatory authorities, different considerations arise from efforts to limit employees from publicly sharing such information with competitors or the press.12
The 2022 Memo also addresses complications presented by privacy laws, blocking statutes, and other restrictions imposed by foreign law that can affect access to and production of relevant information. Prosecutors are instructed to provide cooperation credit to corporations that navigate these laws to make information available and conversely may draw adverse inferences as to cooperation if companies improperly seek to use such laws to prevent detection and investigation by U.S. authorities.
DOJ's latest guidance on corporate criminal enforcement provides some helpful transparency and much-needed elaboration about considerations prosecutors should weigh. These clarifications, particularly regarding prior misconduct and monitorships, likely will alleviate at least some concerns raised by the defense bar following the 2021 Memo.
Only time will tell to what extent the 2022 Speech and Memo produce DOJ's desired effects, including around self-reporting, corporate resolutions, and individual prosecutions. On balance, DOJ's approach still appears to contain more sticks than carrots. This includes ever-increasing expectations about what constitutes cooperation and an effective compliance program. The promised additional guidance concerning compensation arrangements and messaging platforms will be particularly important. Companies and their counsel undoubtedly should study carefully the implications of the 2022 Speech and Memo while awaiting the next installment.
Footnotes
1. U.S. Dep't of Justice, “Deputy Attorney General Lisa O. Monaco Delivers Remarks on Corporate Criminal Enforcement” (Sept. 15, 2022), https://www.justice.gov/opa/speech/deputy-attorney-general-lisa-o-monacodelivers-remarks-corporate-criminal-enforcement; Memo from the Deputy Attorney General (Lisa O. Monaco), “Further Revisions to Corporate Criminal Enforcement Policies Follow Discussions with Corporate Crime Advisory Group” (Sept. 15, 2022), https://www.justice.gov/dag/page/file/1535286/download.
2. See, e.g., Debevoise In Depth, “DOJ Revises Corporate Criminal Enforcement Policies” (Nov. 1, 2021), https://www.debevoise.com/insights/publications/2021/11/doj-revises-corporate-criminal-enforcement.
3. Id.
4. Memo from Brian A. Benczkowski, Assistant Attorney General, “Selection of Monitors in Criminal Division Matters” (Oct. 11, 2018), https://www.justice.gov/opa/speech/file/1100531/download.
5. See U.S. Dep't of Justice, “Deputy Attorney General Rosenstein Delivers Remarks at the 34th International Conference on the Foreign Corrupt Practices Act” (Nov. 29, 2017), https://www.justice.gov/opa/speech/deputyattorney-general-rosenstein-delivers-remarks-34th-international-conference-foreign; U.S. Dep't of Justice, “The Fraud Section's Foreign Corrupt Practices Act Enforcement Plan and Guidance” (Apr. 5, 2016), https://www.justice.gov/archives/opa/blog-entry/file/838386/download.
6. See In re Jardine Lloyd Thompson Group Holdings Ltd. (Mar. 22, 2022), https://www.justice.gov/criminalfraud/corporate-enforcement-policy/declinations.
7. Earlier this year, the SEC reopened the comment period to implement Dodd-Frank clawback rules proposed in 2015, signaling that final rules will soon follow. After the final rules are issued and securities exchanges adopt listing standards, public companies will be required either to amend existing clawback policies or adopt new policies in compliance with the exchanges' listing standards. Debevoise Update, “SEC Reminds Public Company Executives That Clawbacks Are a Priority” (Jun. 17, 2022), https://www.debevoise.com/insights/publications/2022/06/sec-reminds-public-company-executives-that.
8. The continued emphasis on recordkeeping obligations tied to third-party messaging platforms fits within a larger trend that saw J.P. Morgan pay $200 million to resolve related SEC and CFTC charges at the end of 2021. See, e.g., In re: J.P. Morgan Securities LLC, Securities Exchange Act. Release No. 93807 (Dec. 17, 2021), https://www.sec.gov/litigation/admin/2021/34-93807.pdf.
9. U.S. Dep't of Justice, Criminal Division, “Evaluation of Corporate Compliance Programs” (2020), available at https://www.justice.gov/criminal-fraud/page/file/937501/download.
10. Debevoise Update, “DOJ Updates Guidance on Corporate Compliance Programs,” (June 8, 2020), https://www.debevoise.com/insights/publications/2020/06/doj-updates-guidance-on-corporate-compliance.
11. See, e.g., Dylan Tokar, “Justice Department Recruits AB InBev Data Expert to White-Collar Crime Force,” Wall Street Journal (Sept. 8, 2022), https://www.wsj.com/articles/justice-department-recruits-ab-inbev-data-expertto-white-collar-crime-force-11662659234.
12. More narrowly, recent enforcement activity reflects how the SEC may enforce Rule 21F-17(a), which prohibits actions to impede communications with SEC staff about possible securities law violations, including when companies require employees to sign confidentiality agreements prohibiting disclosure of financial or business information to third parties, if there is no written exemption for disclosure to the SEC. But, in contrast to the 2022 Memo, the focus appears to be on disclosure to the Commission itself, not the general public. See In re The Brink's Company, Securities Exchange Act Release No. 95138 (June 22, 2022), https://www.sec.gov/litigation/admin/2022/34-95138.pdf.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
