United States: December 2015 - New Jersey Federal Criminal And Regulatory Alert

Recent trends in cybercrime, internal investigations and consumer credit discrimination have been the focus of New Jersey prosecutors and federal agencies in New Jersey. In this Alert, we consider prosecutions by the U.S. Attorney's Office in New Jersey and regulatory actions that are of note to companies that are based in New Jersey or are doing business in the state.

Within this issue of the New Jersey Federal Criminal and Regulatory Alert, we summarize the recent major cybercrime cases being handled by the U.S. Attorney's Office in New Jersey, which has made prosecuting cybercrime a top priority. We also focus on an important mortgage discrimination action brought by the Consumer Financial Protection Bureau and the Department of Justice's ("DOJ") Civil Rights Division against Hudson City Savings Bank, and on the subsequent consent order. Finally, we address the "Yates Memo," which sets forth the DOJ's new national initiative on individual accountability for corporate misconduct and the six key steps that will be used to identify and punish individual wrongdoing within a corporation.

THE "YATES MEMO"

On September 9, 2015, the Department of Justice ("DOJ") issued a memorandum entitled "Individual Accountability for Corporate Wrongdoing," otherwise known as the "Yates Memo" because it was authored by Deputy Attorney General Sally Quillan Yates.  The Yates Memo outlines the DOJ's objective to hold individuals accountable for corporate misconduct.  The memo focuses on six key steps that will be used to identify and punish individual wrongdoing within a corporation: (1) the requirement that corporations must provide to the DOJ all relevant facts relating to the individuals involved in corporate misconduct in order to receive any cooperation credit; (2) DOJ criminal and civil corporate investigations need to focus on individuals from the inception of the investigations; (3) DOJ criminal and civil attorneys handling corporate investigations should frequently communicate; (4) except in extraordinary circumstances, the DOJ will not release individuals from liability when resolving a matter with a corporation; (5) DOJ attorneys should not resolve corporate matters without a plan to resolve related individual cases; and (6) when determining whether or not to bring suit against an individual, DOJ civil attorneys should do so based on factors beyond simply an individual's ability to pay.

In pursuing this effort, the DOJ will be faced with many challenges due to the complexities of corporate structures.  For example, high-level executives are typically not exposed to the day-to-day activities where the misconduct occurs.  In addition, it may be difficult to prove that a particular employee possessed the knowledge and criminal intent necessary to establish guilt beyond a reasonable doubt.

This new DOJ initiative poses many challenges for corporations.  Although corporations may be eligible for cooperation credit if they provide "all relevant facts about the individuals involved in the corporate misconduct," the DOJ will not award cooperation credit if it determines that the information provided is not sufficient.  If a corporation decides to be completely transparent in an investigation, it could put certain employees at risk of criminal or civil liability, which was not necessarily the case before the Yates Memo was issued.  Corporations should be vigilant about protecting themselves by communicating the DOJ's new policies to senior management, and discussing corporate and individual risks.  Corporations should also reevaluate their compliance programs to make sure they are sufficiently robust given the DOJ's new initiatives.

On November 16, 2015, in a speech given at the American Bankers Association and American Bar Association Money Laundering Enforcement Conference in Washington, Deputy Attorney General Yates reiterated the parameters of the DOJ's new corporate policy on individual accountability.  Ms. Yates announced that the DOJ is issuing revisions to the United States Attorney's Manual ("USAM") to align the manual with the Department's new policy.  As revisions to the USAM do not occur often, this is the DOJ's way of emphasizing it's new priorities and values.  The revisions include updates to the written guidance on corporate criminal cases, and the requirement that if a corporation wants cooperation credit, it must provide all non-privileged information about individual wrongdoing.  Although this concept is not necessarily new to the DOJ's procedures, the consequences of not cooperating are new.  Now, full cooperation is required in order for the DOJ to even consider cooperation credit for a company.  The DOJ is also confirming that the attorney-client privilege is protected as to legal advice, and corporations will not be obligated to produce protected materials in order to receive cooperation credit.  On the other hand, facts are not privileged and will need to be produced, including facts learned through employee interviews during an investigation.  Possibly the most notable change to the USAM is a new section on enforcing claims against individuals in corporate matters.  Ms. Yates concluded by explaining that it is not the DOJ's objective to recover the largest amount of money from corporations, but rather, to seek accountability from those individuals within corporations who violate the law.

TRENDS

Cybercrime - U.S. Attorney's Office Makes Cybercrime a Top Priority

New Jersey U.S. Attorney Paul Fishman has made fighting cybercrime a top priority for his office, by partnering both with federal agencies and with the private sector.  According to an August 14, 2015 article in the New Jersey Law Journal ("NJLJ"), starting shortly after Fishman took office in 2009, he began hosting public forums at which members of his office and federal agents spoke openly about cybercrime and began reaching out to the private sector.  According to the article, outreach by federal agencies to the private sector "has been crucial because companies have traditionally been skittish about reporting cybersecurity breaches for fear of reputational damage and increased government scrutiny."  Prosecutors from the U.S. Attorney's Office, including members of the Economic Crimes Unit, have frequently met with and given presentations to corporate executives in an effort to teach them how the government can assist their companies in the event of a data breach. Partnering with other federal law enforcement agencies has enabled the U.S. Attorney's Office to handle a number of sophisticated, large-scale cybercrime cases.

The Office's Computer Crimes Unit has substantially increased in size over the past few years, increasing from two prosecutors in 2008 to eight prosecutors by 2013, and they have worked with numerous agents in investigating cybercrimes. The Department of Justice has also encouraged the investigation of cybercrime cases.  Put simply, as the NJLJ article notes, federal law enforcement agencies "have all began to realize that cybercrime is a problem that's not going away."  And as a result of data breaches, the public has been clamoring for more prosecutions.

The U.S. Attorney's Office in New Jersey is now one of the leaders in the country in cybercrime investigations and prosecutions, as evidenced by the three recent cybercrime prosecutions discussed below.

http://www.njlawjournal.com/printerfriendly/id=1202734795739 (Subscription Needed to View Full Article)

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.