On October 18th, Principal Deputy Assistant Attorney General John Cronan delivered a speech in Brazil at an event hosted by a for-profit business that generally charges people to attend (see here for the prior post). On October 25th, Cronan delivered another speech in Washington, D.C. at another event hosted by the same for-profit business.
Why DOJ (and SEC) officials allows themselves to be used in such a way by profit-seeking businesses to drive attendance to their events is beyond me. (See prior posts here and here, among many others, for why the selling of FCPA enforcement attorneys needs to stop).
Ethics aside, in his speech Cronan talked about the DOJ’s priorities with respect to corporate enforcement, what the DOJ expects “from companies who choose to voluntarily self-disclose misconduct and seek to cooperate with law enforcement,” and the DOJ’s “commitment to reaching fair and equitable resolutions, including through the principles reflected in the Criminal Division’s policy with respect to monitors.”
As to the DOJ’s law enforcement priorities, Cronan stated in pertinent part:
“[C]orporate enforcement remains a top priority for the Criminal Division – and that will not change.
The reasons why are plain. Manipulation of our markets threatens the integrity of our financial system. Corporate corruption not only distorts private competition, it also erodes the public trust in our markets and economy. Bribery of government officials hurts not just businesses that play by the rules and their employees, but empowers corrupt government officials to advance their own personal interests at the expense of the interests of their citizens and of the national security and economic interests of other nations.
The Criminal Division’s commitment to corporate enforcement has been on full display with our emphasis on individual accountability. A company only acts through its employees and agents. It therefore makes sense to focus our investigative efforts on the culpable individuals – both to secure appropriate punishment for the bad actors, and to have the greatest impact on preventing and deterring corruption.”
Approximately 80% of corporate FCPA enforcement actions lack any related individual charges of company employees and a very high percentage of individual enforcement actions are “clustered” around just a few core cases (see previous posts here, here, and here).
“A primary goal of the Department in addressing such corporate misconduct is to encourage good corporate behavior, and our commitment to this goal has been reflected in our recent declinations. Ten declination letters issued pursuant to the FCPA Corporate Enforcement Policy and the predecessor Pilot Program are publicly available on the Department of Justice’s website. Each of those declination letters cite as bases for the declination such factors as the company’s voluntary self-disclosure, cooperation with investigations into culpable individuals, enhanced compliance programs and internal controls, and other acts that demonstrated full remediation.”
Time out on so-called declinations. Before drinking the Kool-Aid, perhaps the better question is just what viable criminal charges the DOJ actually declines in many so-called declinations? (See here and here for prior posts). Based on information in the public domain, the answer seems to be a mystery.
“We hope our recent declinations make it plain to companies that it is in their interest to promptly and voluntarily self-disclose, cooperate, and engage in meaningful remedial actions.
The message should be clear: we remain committed to protecting free markets, promoting ethical business practices, and investigating and prosecuting those who engage in corporate corruption, while at the same time reaching fair and appropriate resolutions.”
Next, Cronan stated:
“I want to take a few minutes to discuss what we expect in terms of voluntary self-disclosure and cooperation, because these are questions we are often asked about.
For instance, we are regularly asked, “How quickly does a company need to disclose misconduct to be considered ‘timely’?” Or, “What constitutes full cooperation?” – particularly with respect to the company’s internal investigation. Of course, these are difficult questions to answer in the abstract. Every case is different, and the answers are largely driven by the specific of each case. That said, there are some general principles that I believe can help guide companies and their advisors through the process.
As most of you know, the FCPA Corporate Enforcement Policy contains detailed, multi-factor definitions of what constitutes “voluntary self-disclosure,” “full cooperation,” and “timely and appropriate remediation” under the Policy. I will not reiterate those enumerated factors.
But to state the obvious, in terms of timing, companies should make their initial disclosures sooner rather than later. To qualify for full credit under the FCPA Corporate Enforcement Policy, a company’s disclosure must occur prior to an imminent threat of disclosure or government investigation, and within a reasonably prompt time after becoming aware of the offense.
To be clear, this does not mean that a company needs to pick up the phone immediately after receiving a whistleblower complaint. We recognize that it may take a little time for a company to assess the credibility of an allegation before coming forward. But the timeliness requirement also means that a company should not wait until after completing a significant internal investigation before coming forward.
When a company makes a disclosure early in the process, it allows us to take investigative steps that would not be available to us at a later date – including, for example, preserving and obtaining contents from personal email accounts used in the scheme, and engaging in recordings of co-conspirators before they are made aware of the investigation. Early disclosure allows us to de-conflict with the company, which is particularly important if the case overlaps with other ongoing activities underway by the government. Early disclosure also reduces the potential for actions that could thwart our ability to investigate and prosecute culpable individuals – for example, the intentional destruction of evidence by co-conspirators or the routine deletion of materials by companies or service providers. And, for older conduct, early disclosure provides us with the best opportunity to build cases against culpable individuals prior to the expiration of any statute of limitations.
But we also understand that when a company reports wrongdoing at an early stage of the company’s internal investigation, it will not have all the answers and may not yet understand the full scope of the wrongdoing. Investigations take time, and the earlier a company reports misconduct, the less it will have been able to wrap its arms around the allegations. We will not, on the one hand, penalize companies for failing to disclose early enough, and on the other, punish the company for not being able to know all the facts when it does disclose early.
One final point on early disclosure: although it is impossible to say across-the-board what is too early and what is too late, companies should be mindful that the longer they wait, the more likely a whistleblower will come forward, or the Department will otherwise learn about the allegations perhaps from our own investigation – either into that entity or another – or from information shared by foreign authorities. If we discover the misconduct before the company discloses it, it extinguishes a company’s ability to secure all of the benefits that accompany a voluntary self-disclosure.”
My own two cents is that Cronan’s suggestion that “companies should make their initial disclosures sooner rather than later” and “should not wait until after completing a significant internal investigation before coming forward” is absurd.
Granted, unique circumstances may warrant a unique response, but for the reasons highlighted in this article (among other numerous writings on these pages), business organizations should ordinarily not voluntarily disclose conduct implicating the FCPA. If business leadership make the decision to voluntarily disclose, disclosure should only occur after all facts, including mitigating facts, are known.
Regarding cooperation, Cronan stated:
“Once a company decides to cooperate, I would like to point out a few key items that the company should provide to put it in the best position to maximize cooperation credit.
In addition to whatever specific requests our prosecutors may make during the initial conversation of a particular case, a company should be prepared to provide details of what it knows about the wrongdoing so far, and the investigative steps it has taken to date. This includes a clear explanation of who is overseeing and undertaking the investigation. The company should make clear whether the investigation is being conducted by outside counsel, company employees, or other advisors such as an accounting firm – and it should also make clear to whom they report, whether it be the audit committee, management, the general counsel, or someone else. We will also want to know if anyone is walled off from the investigation, and which individuals, if any, are known to be represented by counsel.
During these initial conversations, a company and its advisors should also be prepared to address the nature, scope, and status of the investigation they are undertaking, as well as what investigative steps they plan to undertake, including what countries, locations, and conduct are being looked at. As we have said before, we do not expect companies to “boil the ocean.” It serves neither the company nor the government to blindly engage in a widespread investigation simply for the sake of thoroughness. Rather, we expect companies to think strategically about the alleged misconduct that was uncovered, and tailor the resulting investigation accordingly. If a company cannot provide a rational explanation for the scope of the investigation with respect to the allegations, then there is a good chance that the scope is either too narrow or too broad.
We also expect a company to explain what steps it is taking to preserve and collect potentially relevant evidence, including electronic devices and communications. To the extent a company is encountering problems locating, preserving, or collecting information, those issues should be brought to our attention.
Another key piece of information that a company can provide is the list of individuals who have already been interviewed, those who may be interviewed in the future, and those who have already been told about the allegations, including third parties. This allows the government to understand who is already aware of the investigation, and who may soon become aware of it. It also gives the government an opportunity to de-conflict with respect to its own investigation to ensure that the company’s internal investigation does not undercut or impede the government’s investigation. Similarly, we expect that companies and their counsel will be cognizant and cautious of the materials they show to employees. In particular, we expect that a company will not expose an individual to any documents that individual may not have seen before, thereby potentially tainting that individual’s knowledge.
But the most important thing that a company can provide is a regular and consistent flow of information. This flow of information may take different forms, but it must happen. Department prosecutors may very well want to set a schedule for regular updates and document productions, but a significant aspect of cooperation is maintaining an open line of communication. If a company unearths a significant fact and is not scheduled to meet with our prosecutors for several weeks, we want you to pick up the phone and let us know what you found, not sit on the information and wait until the next scheduled meeting. By engaging with our prosecutors early and often, our investigation will proceed more smoothly and, hopefully, more quickly than it would otherwise. Our goal, after all, is to move our investigations and resolve cases as quickly as reasonably and responsibly possible – a goal that I think everyone in this room would share.”
Here is a thought for the DOJ.
If it expects a company to do all of the above-things, a company should expect that FCPA scrutiny not last (as its currently does) on average approximately 4.5 years.
Remember when the DOJ stated in 2005:
“Simply put, speed matters in corporate fraud investigations. The days of five-year investigations, of agreement after agreement tolling the statute of limitations – while ill-gotten gains are frittered away and investor confidence sinks – are increasingly a thing of the past.”
Remember when the DOJ stated in early 2017 its intention for FCPA investigations “to be measured in months, not years.”
“Finally, we expect a company to tell us if there is something it cannot tell us. We realize there may be issues with privilege, data privacy, blocking statutes, and the like, but if there is potentially relevant information that the company is choosing not to provide to us for whatever reason, we want to know it. Simply because a company does not provide this information to us does not mean that the company will be docked cooperation credit, but a company risks losing cooperation credit if it does not tell us that this information exists.”
Regarding “fair and equitable outcomes,” Cronan stated:
“Pursuing fair and equitable outcomes also entails working toward a resolution that avoids punishment that exceeds what is necessary to rectify the harm and deter future violations, particularly when a company faces a combination of criminal penalties along with civil or foreign penalties. In the Criminal Division, we have been long committed to reaching such coordinated resolutions with domestic and foreign authorities where appropriate. And in May of this year, Deputy Attorney General Rod Rosenstein announced a Department-wide policy, which reaffirmed that commitment.
Taking into account enforcement actions by other domestic or foreign agencies can take several forms in our resolutions. Most obviously, it could entail crediting a criminal penalty against penalties owed to other domestic or foreign authorities for the same misconduct. It could entail considering the fact that a company is subject to a foreign investigation, which was a factor we recently considered in declining to prosecute a U.K. company called Gurlap Systems for FCPA violations. Or, it could entail taking into account the fact that an overseas company would be subject to ongoing monitoring by its government, which was a factor we considered in the Société Générale and Petrobras cases in determining that monitors were not warranted.
Our commitment to appropriately resolving matters was further demonstrated about two weeks ago, when Assistant Attorney General Brian Benczkowski issued a memorandum to Criminal Division personnel announcing a Division-wide policy concerning monitorships.
The memorandum supplements and clarifies the guidance contained in a March 2008 memorandum on corporate monitors authored by then-Acting Deputy Attorney General Craig Morford, which is applicable across the Department. I will not mention all the details of the new memorandum, which is available on the Fraud Section website, but there are a few points I want to highlight.
The new Criminal Division policy emphasizes that the imposition of a monitor is never meant to be punitive; the purpose of a monitor is to help ensure that the past misconduct does not reoccur in the future. When appropriate, a monitor can serve important benefits to the corporation, including its employees and shareholders, and to the public, by reducing the risk of misconduct going forward. The policy further recognizes – consistent with past practices – that a monitor will not be necessary in many corporate criminal resolutions, and the scope of any monitorship should be tailored to address the specific issues and concerns that gave rise to the need for the monitor.
The policy also provides additional guidance for prosecutors when assessing the need for a monitor. In considering the potential benefits for the corporation and the public, Criminal Division prosecutors should assess: (a) whether the underlying misconduct involved the manipulation of corporate books and records or the exploitation of inadequate internal controls and compliance programs; (b) the pervasiveness of the misconduct and the involvement of senior management; (c) whether the corporation has made significant improvements to its corporate compliance program and internal controls; and (d) whether remedial improvements have been tested to demonstrate they would prevent or detect similar misconduct in the future. Criminal Division prosecutors also should consider whether the misconduct took place under different corporate leadership or in a compliance environment that no longer exists, and whether the changes in leadership and the corporate culture adequately safeguard against a recurrence of the misconduct.
Further, when weighing the benefits and costs of a monitorship, Criminal Division prosecutors should consider the projected monetary burden on the business, as well as whether the proposed scope of the monitorship is appropriately tailored to avoid unnecessary burdens to a company’s operations.
Assistant Attorney General Benczkowski also announced measures to ensure that our prosecutors have the proper foundation to assess these considerations, and to evaluate a company’s compliance program. This will be accomplished in two ways.
First, we will be looking to hire not just attorneys with experience as prosecutors and in the courtroom, but attorneys who have experience in compliance matters. Second, we will be instituting targeted compliance training for all Criminal Division components and prosecutors who are involved in corporate enforcement actions.
These measures will ensure that our prosecutors who are engaged in corporate enforcement are equipped to understand and properly evaluate a company’s compliance program, both at the time of the misconduct and at the time of the resolution. While we already have many attorneys who are well versed in compliance issues, we want to deepen our bench, not just for today, but for many years to come.
The Assistant Attorney General’s memorandum also addresses the monitor selection process. The make-up of the Criminal Division’s Standing Committee for monitor selection has been altered slightly. Going forward, the Fraud Section Chief will no longer serve on the Standing Committee for non-Fraud Section monitorships. Instead, the Chief of the Section which is prosecuting the case will serve on the Committee. This is a logical change. While the majority of our corporate monitor cases involve the Fraud Section, other Sections, such as MLARS, also handle cases involving monitors.
Additionally, the Criminal Division policy addresses potential monitor conflicts. As has been the general practice for the past few years, each monitor candidate must provide a written certification stating that he or she has notified of the monitorship nomination any clients that the attorney represents in matters involving the Criminal Division Section, or any other Department component, handling the monitor selection process, and also confirming that the candidate has obtained a waiver from those clients or has withdrawn as counsel in the other matters.
Once a monitor candidate has been identified by the Standing Committee, the Committee recommendation will be reviewed and considered by the Assistant Attorney General, and then subject to final approval by the Office of the Deputy Attorney General. After a candidate has been accepted, the attorneys handling the matter will notify the company, which will then notify the monitor candidates of the decision.
We believe that this Criminal Division policy will provide greater clarity and guidance, not just for our prosecutors, but also for companies involved in enforcement actions and the public we serve.”
In closing, Cronan stated:
“As corporate crimes continue to grow in complexity, effective enforcement requires strong relationships among enforcement authorities, at home and abroad, and law-abiding businesses. The Criminal Division is committed to reinforcing its relationships with good corporate citizens.
That is why we are working toward greater transparency in our enforcement principles and rewarding companies who try in good faith to detect and deter crime, by developing corporate compliance programs that help to prevent problems in the first instance, and reporting and assisting in investigations when misconduct occurs.
Most American companies are serious about engaging in lawful business practices, and are committed to doing the right thing. Those companies need and deserve support from the Department to help protect them and the public from corrupt employees and agents who seek to break the law.”
The above is, once again (see here for a prior post), a nice articulation of the policy rational for an FCPA compliance defense.
Strategies For Minimizing Risk Under The FCPA
A compliance guide with issue-spotting scenarios, skills exercises and model answers. "This book is a prime example of why corporate compliance professionals and practitioners alike continue to listen to Professor Koehler."