Yet again, see here for a prior post, the Department of Justice recently revised its Foreign Corrupt Practices Act Corporate Enforcement Policy (CEP) – originally released in November 2017. (See here for the current version).
As highlighted below, while two of the three revisions make sense, the revision concerning voluntary disclosure is absurd.
First, the two revisions in the CEP that make sense.
The prior version of the CEP stated under the heading “Full Cooperation in FCPA Matters” as follows:
“Proactive cooperation, rather than reactive; that is, the company must timely disclose all facts that are relevant to the investigation, even when not specifically asked to do so, and where the company is or should be aware of opportunities for the Department to obtain relevant evidence not in the company’s possession and not otherwise known to the Department, it must identify those opportunities to the Department.”
The current version of the CEP states under the same heading:
“Proactive cooperation, rather than reactive; that is, the company must timely disclose all facts that are relevant to the investigation, even when not specifically asked to do so. Additionally, where the company is aware of relevant evidence not in the company’s possession, it must identify that evidence to the Department.”
Removing the “should be aware” standard (akin to a negligence standard) makes sense.
A second revision in the CEP concerns “M&A Due Diligence and Remediation.”
The prior version of the CEP stated:
“The Department recognizes the potential benefits of corporate mergers and acquisitions, particularly when the acquiring entity has a robust compliance program in place and implements that program as quickly as practicable at the merged or acquired entity. Accordingly, where a company undertakes a merger or acquisition, uncovers misconduct through thorough and timely due diligence or, in appropriate instances, through post-acquisition audits or compliance integration efforts, and voluntarily self-discloses the misconduct and otherwise takes action consistent with this Policy (including, among other requirements, the timely implementation of an effective compliance program at the merged or acquired entity), there will be a presumption of a declination in accordance with and subject to the other requirements of this Policy.”
The current version of the CEP states:
“The Department recognizes the potential benefits of corporate mergers and acquisitions, particularly when the acquiring entity has a robust compliance program in place and implements that program as quickly as practicable at the merged or acquired entity. Accordingly, where a company undertakes a merger or acquisition, uncovers misconduct by the merged or acquired entity through thorough and timely due diligence or, in appropriate instances, through post-acquisition audits or compliance integration efforts, and voluntarily self-discloses the misconduct and otherwise takes action consistent with this Policy (including, among other requirements, the timely implementation of an effective compliance program at the merged or acquired entity), there will be a presumption of a declination in accordance with and subject to the other requirements of this Policy.”
This revision to the CEP likewise makes sense.
However, the third revision in the CEP regarding voluntary disclosure is absurd.
Under the heading “Voluntary Self-Disclosure in FCPA Matters,” the prior version of the CEP stated:
“The company discloses all relevant facts known to it, including all relevant facts about all individuals substantially involved in or responsible for the violation of law.”
The current version of the CEP states:
“The company discloses all relevant facts known to it at the time of the disclosure, including as to any individuals substantially involved in or responsible for the misconduct at issue.”
The revision also added the following comment:
“The Department recognizes that a company may not be in a position to know all relevant facts at the time of a voluntary self-disclosure, especially where only preliminary investigative efforts have been possible. In such circumstances, a company should make clear that it is making its disclosure based upon a preliminary investigation or assessment of information, but it should nonetheless provide a fulsome disclosure of the relevant facts known to it at that time.”
For starters, the term “misconduct” is untethered to any standard (at least the term violation of law is tethered to a standard).
More fundamentally, the notion that a business organization should disclose “misconduct” prior to knowing all the relevant facts or after merely a preliminary investigation is just plain absurd.
Pardon me for being “that guy,” but it bears repeating that the DOJ is an adversary for business organizations. Imagine a business organization facing an adversary in other legal actions and the adversary possesses absolute, unreviewable discretion as to how the action will be resolved. It is doubtful that any business organization, and rightly so, would accede to the demands of this adversary. While the DOJ possesses bigger and sharper sticks than most legal adversaries, the fact remains: the DOJ is an adversary to a business organization under FCPA scrutiny and a business organization has no legal or moral obligation to assist the DOJ. This includes voluntary disclosure of actual FCPA violations (something the DOJ has long acknowledged) and this most certainly includes disclosure of “misconduct” prior to knowing all the relevant facts or after merely a preliminary investigation.
Once again, business managers and others making decisions on behalf of an organization need to understand that thoroughly investigating an issue, promptly implementing remedial measures, and effectively revising and enhancing compliance policies and procedures – all internally and without disclosing to the enforcement agencies – is a perfectly acceptable, legitimate, and legal response to FCPA issues in but all the rarest of circumstances.
FCPA Institute - Zoom (May 16-18, 2023)
Elevate your FCPA knowledge and practical skills. Nine hours of integrated and cohesive instruction led by Professor Koehler (an FCPA expert with teaching experience). Learn more, spend less. Professional credential available.
Learn More and Register
