DOJ Announces New Policies on Corporate Criminal Enforcement

On September 15, Deputy Attorney General (DAG) of the US Department of Justice (DOJ), Lisa O. Monaco, issued a memorandum and delivered remarks that signaled significant changes to the DOJ’s approach to corporate criminal enforcement. These changes are designed, in DAG Monaco’s words, to promote “individual accountability and corporate responsibility.”

The new guidance impacts how DOJ evaluates: 1) a company’s cooperation, including voluntary self-disclosures, 2) a company’s compliance program, including employee compensation, 3) company policies on the use of personal devices and third-party messaging applications, and 4) a company’s history of misconduct. Additionally, the new guidance increases and accelerates DOJ’s efforts to prosecute culpable individuals.

Stricter Requirements for Timely Disclosures

The memorandum reiterates DOJ’s longstanding policy of requiring companies to disclose all relevant, non-privileged facts about individual misconduct in order to obtain “any cooperation credit.” Now, DAG Monaco has imposed a time limit for doing so. Companies will only receive credit for disclosure if they do so timely—i.e., sufficiently early in the investigation so as to provide maximum assistance to the prosecution. Although the phrase “sufficiently early” is not defined, the memorandum directs prosecutors to consider whether the conduct “came to light” as a result of the company’s disclosure. The use of this terminology suggests that companies who assist—perhaps substantially—in an investigation that DOJ has already begun may not be credited for their cooperation. Going forward, companies should focus their document review and early investigation on assessing individual culpability in order to obtain the benefit of any disclosure.

On the flip side, DOJ prosecutors are encouraged to complete investigations concerning culpable individuals prior to or simultaneously with the entry of the corporate resolution. In the past, DOJ prosecutors often resolved corporate cases before turning their focus to prosecuting culpable individuals. Now, DOJ is expected to focus on the culpable individuals from the outset of the investigation.

Voluntary Disclosure Program Expansion

DAG Monaco expanded DOJ’s longstanding policy of rewarding companies that cooperate with the government and make voluntary disclosures, announcing that, for the first time in DOJ history, every division that prosecutes corporate crime would be required to have a formal and documented policy that outlines the clear benefits of voluntary self-disclosure. The Memorandum cites the Antitrust Division’s Corporate Leniency Program (in place since 1993), the Criminal Division’s disclosure program for FCPA violations (in place since 2016), the National Security Division’s Export Control and Sanctions Enforcement Policy (in place since 2019), and the Environment & Natural Resources Division’s Factors in Decisions on Criminal Prosecutions (in place since 1991) as examples to build upon. Other DOJ components will, therefore, likely look to these programs for guidance in creating their own policies.

Although each DOJ component is free to develop its own policy, DAG Monaco laid out two principles that would apply to all self-disclosure programs: (1) absent aggravating factors, a company would not be required to plead guilty for conduct it voluntarily self-discloses and (2) an independent compliance monitor would not be required for a company that voluntarily self-discloses and demonstrates that it has an effective compliance program. These presumptions in favor of declination and against imposition of a corporate monitor are already applied to FCPA matters through the Justice Manual.

The new guidance moves beyond the Justice Manual’s requirements when discussing companies’ obligations to produce documents held outside the United States. While the Justice Manual states that companies have the burden of proving that data privacy, blocking statutes or other foreign regulations prohibit disclosure of such materials, the new memorandum goes further, noting that

. . . where a corporation actively seeks to capitalize on data privacy and similar statutes to shield misconduct inappropriately from detection and investigation by US law enforcement, an adverse inference as to the corporation’s cooperation may be applicable if such a corporation subsequently fails to produce foreign evidence.

Emphasis on Compliance in Employee Compensation

DAG Monaco set forth additional factors for prosecutors to consider when evaluating corporate compliance programs. She noted that many companies are now reflecting their corporate values in their compensation systems. For example, some companies deter misconduct by employing claw-back provisions, while others may seek to incentivize good conduct by rewarding compliance-promoting behavior. Accordingly, DAG Monaco instructed prosecutors that they should examine whether a company’s compensation system rewards compliance and/or imposes sanctions on those contributing to misconduct. This approach is consistent with DOJ’s increasing focus on individual accountability and encourages companies to build their own measures to hold employees accountable for misconduct.

Increased Focus on Personal Devices and Third-Party Messaging Applications

DAG Monaco also issued guidance regarding companies’ policies on personal devices and the use of third-party messaging applications. For instance, when considering whether corporations should receive credit for cooperation, prosecutors should consider whether the government received data and communications from personal devices and third-party messaging applications used for business purposes. As DOJ policy in this field is emerging and changing, DAG Monaco stated that DOJ would continue to study best practices for personal devices and third-party messaging, and it plans to release updated findings in the next edition of its Evaluation of Corporate Compliance Programs. Companies should evaluate existing policies or implement new policies regarding the use of personal devices and third-party applications, particularly ephemeral messaging applications, for business communications. This is of particular importance for companies operating in markets where third-party and ephemeral messaging applications are particularly widespread, such as China and Japan.

Importance of Continuous Improvement of Compliance Systems

DOJ continues to emphasize the importance of a robust compliance program in minimizing enforcement action. Accordingly, DOJ requires prosecutors to assess the adequacy and effectiveness of corporate compliance programs both at the time of the offense and at the time of DOJ’s charging decision. From a practical standpoint, companies should therefore work to improve and tighten their compliance programs before and during an investigation, rather than waiting until after the investigation.

New Guidance on Evaluating History of Misconduct

Building on her 2021 October memorandum and speech that signaled a more aggressive DOJ posture against corporate crime, DAG Monaco noted that between 10% and 20% of large corporate criminal resolutions involved repeat offenders. Accordingly, when considering how to resolve future matters, DOJ now will consider a company’s full record of past misconduct, including prior criminal, civil, and regulatory resolutions, both domestic and foreign.

DAG Monaco clarified that prosecutors should assign the greatest weight to recent US criminal resolutions, especially if the misconduct occurred with the same personnel or management. On the other hand, criminal misconduct that occurred more than ten years ago or civil/regulatory resolutions that occurred more than five years ago should be given less weight. Finally, DAG Monaco stressed that DOJ would disfavor multiple, successive non-prosecution agreements or deferred prosecution agreements with the same company.

Conclusion

The recent changes to DOJ’s enforcement approach raise the bar for companies and individuals alike. DOJ has now placed the burden on companies not only to prevent misconduct, but to institute measures to detect, report, and punish culpable employees. In other words, more than ever before, compliance programs and personnel are expected to closely monitor corporate activity and bring to light any suspected misconduct. Company employees suspected of misconduct should expect to be the focus of DOJ prosecutors from the very beginning of the investigation.

© Arnold & Porter Kaye Scholer LLP 2022 All Rights Reserved. This Advisory is intended to be a general summary of the law and does not constitute legal advice. You should consult with counsel to determine applicable legal requirements in a specific fact situation.