United States | DOJ Issues Revised Guidance on Key Corporate Compliance Requirements
On October 28, 2021, following her speech at the American Bar Association’s National White Collar Crime Institute, Deputy Attorney General Lisa Monaco issued a memorandum regarding “initial reviews” of Department of Justice (DOJ) corporate crime enforcement policies (Corporate Crime Advisory Group and initial reviews of corporate crime enforcement policies). The memo is the first in what will likely be a series of changes to the
Biden administration’s approach to white-collar law enforcement, including investigations under the Foreign Corrupt Practices Act ( FCPA).
The memorandum announces changes, effective immediately for future and pending cases, in three areas:
` Consideration of a company’s full history of previous misconduct in
making decisions about charges and dispositions of investigations.
` Requirements for companies under investigation to resubmit “all relevant facts relating to
the persons responsible for the misconduct” in order to obtain full credit for their cooperation (emphasis added).
` Guidance on the use of corporate oversight by the DOJ.
The memorandum also announces the formation of a “Corporate Crimes Advisory Group” within the Justice Department, with a “broad mandate” to update the Department’s approach to various issues. The group will examine “the credit given for cooperation, corporate recidivism, and the factors that influence the determination of whether a corporate case should be resolved through a deferred prosecution agreement (DPA), a non-prosecution agreement (NPA), or a plea agreement”, among other issues. The memo further states that
the group will “solicit input from the business community, academia and the defense attorneys association” when considering updates to policies and practices, such as the use of new technology.
Consideration of the Totality of Previously Engaged Misconduct With language dating back to 2008, the current Justice Manual states that “prosecutors may consider a corporation’s history of similar conduct” when making decisions about indictments and final decisions (emphasis added). ).
The new memorandum states that “prosecutors are now directed to consider all [prior] facts of corporate misconduct” in making these determinations. Prosecutors need to take a “holistic approach,” as Deputy Attorney General Monaco stated in her speech: A prosecutor in the FCPA unit needs to have a broad, cross-department view of misconduct: Has it entered into Does this company conflict with the Division of Tax Administration, the Division of Environment and Natural Resources, the money laundering sections, the United States Attorney’s Offices, etc.? He or she must also weigh what happened outside the department: whether this company was prosecuted by another country or state, or whether this company has a history of conflicts with regulators.
Part of the DOJ’s justification for this approach is that “[a] corporation’s history of misconduct…can be indicative of whether the company lacks the appropriate corporate culture and internal controls to deter criminal activity, and to determine whether any proposed remediation or enforcement program, if implemented, will be successful.” Deputy Attorney General Monaco cited Justice Department statistics showing that between 10 and 20 percent of recent relevant corporate resolutions were signed by companies that had previously resolved other matters with the Justice Department. These statements are the most recent indication of the DOJ’s point of view, which has evolved over time, that a company’s culture is critical to crime deterrence and law enforcement; This is a viewpoint shared by many compliance professionals.
The inclusion of “criminal, civil or enforcement actions” abroad against the company or any of its affiliates could have a significant impact. In theory at least, this language substantially expands the universe of the “record” of a company’s behavior under consideration to include actions taken by foreign governments in connection with laws of a different nature than those of the United States or under legal systems that do not grant same due process or other considerations to the companies that are the object of said actions.
It remains to be seen how these assessments of the totality of misconduct will work in real cases, but they certainly deserve close scrutiny. Even recent cases, such as Credit Suisse’s deferred prosecution agreement (DPA) and related provisions, might have been viewed differently had this policy been fully implemented. In addition to an FCPA-related non-prosecution agreement (NPA) in 2018, Credit Suisse also made a large settlement with the DOJ in 2016 related to “
false and irresponsible representations about mortgage-backed securities.” In late 2020, Swiss authorities filed criminal charges against the bank for failing to prevent money laundering in Bulgaria-related transactions.
In her speech, the Deputy Attorney General, Monaco, stated that the Department of Justice will take a deeper look at the issue of corporate recidivism, including companies with repeated violations or provisions in different parts of the Department. She hinted that some repeat offenders may not be eligible for certain types of “pretrial stays” (such as DPAs and NPAs) in the future. She noted that the current focus on DPA and NPA compliance is also part of this evaluation.
Provision of all relevant information about the individuals to obtain credit for the cooperation
Over the past several weeks, several Justice Department officials, including Attorney General Merrick Garland, have emphasized that they are refocusing on prosecuting individual wrongdoers as a “top priority.” Deputy Attorney General Monaco also emphasized this, and the new memo states that “one of the most effective ways to combat corporate misconduct is to hold accountable the people who committed the crime.”
The memorandum reaffirms the requirement of the 2015 “Yates Memorandum” which states that, “in order to qualify for any credit for cooperation, corporations must provide the Department with all relevant facts relating to [all] persons responsible for the misconduct” ( emphasis added). The previous administration relaxed this requirement somewhat: the current language of the Justice Manual (dating from November 2018) focuses on information related to “all persons substantially involved in” possible wrongful acts (emphasis added). The new
memorandum states that companies must provide such information on “individuals inside and outside the company.”
Reimposing this requirement is likely to significantly increase the financial costs of cooperation for companies under investigation, by exposing a large amount of non-privileged information to potential disclosure, analysis and review. This requirement is also likely to further increase raised challenges already faced by the companies under investigation, for example, those related to national security and data privacy laws in place in other countries. Providing information related to “individuals peripherally involved in the misconduct” to the DOJ will increase the potential exposure of companies to data privacy claims or other issues from a larger universe of individuals,
The shift to supervision
The new memorandum revises or replaces parts of the 2018 “Beczkowski Memorandum,” which set a higher standard for the imposition of corporate supervision than had been used in the past (providing, for example, that “the imposition of corporate supervision will not be necessary in many corporate criminal resolutions”). In her speech, the Deputy Attorney General, Monaco, stated: With regard to previous Department of Justice guidelines suggesting that oversights were unfavorable or the exception, I am rescinding those guidelines. Instead, she made it clear that the department is free to require the imposition of independent oversight whenever it is appropriate to do so to inform our prosecutors if a company is meeting its compliance and disclosure obligations under a DPA or NPA.
The new memo states that monitors should be used in cases of “demonstrated need” and where there will be “a clear benefit.” Such a need might exist when a company’s program or related controls are “deficient” or “untested, ineffective, inadequately resourced, or not fully implemented at the time of a resolution.” If the opposite is true – the program is “vetted, effective, adequately resourced, and fully implemented at the time of a resolution – surveillance may not be necessary.” The new memo also emphasizes that any oversight must be “properly tailored,” which is generally consistent with the policy the DOJ has embraced over time.
The Deputy Attorney General, Monaco, stated in her speech that the Corporate Crime Advisory Group will continue to examine other aspects of corporate supervision, for example “how we select corporate supervisors, including standardizing our selection process across divisions and Offices”. While this policy revision likely heralds more controls in future cases, it does not change the fact that the best protection a company can have against the imposition of oversight is to have a fully implemented, rigorously monitored, risk-based compliance program. and regularly reviewed, as well as related controls, as well as a supportive corporate culture and ethical management.