DOJ’s FCPA Enforcement Plan Highlights the Need for Robust Anti-Corruption Compliance Programs
Introduction
On April 5, 2016, the Fraud Section of the Department of Justice (“DOJ”) issued a new Foreign Corrupt Practices Act (“FCPA”) Enforcement Plan and Guidance (“Enforcement Plan”) that includes a one-year pilot program to formally incentivize corporations to self-disclose potential FCPA issues, fully cooperate with DOJ in the investigation of those issues, and remediate any corruption issues identified in an internal investigation. In particular, the Enforcement Plan details newly articulated benefits available to companies who fulfill specific obligations imposed in the categories of self-disclosure, cooperation, and remediation. The pilot program, which will be reevaluated in one year, is the most significant component of the three-part Enforcement Plan, which also includes previously announced efforts to significantly enhance prosecutorial and law enforcement resources and increase coordination with foreign prosecutors and law enforcement.[1]
In light of these new pronouncements, companies should evaluate whether their compliance programs can meet DOJ’s newly established compliance standards to prevent misconduct in the first instance. In addition, companies should be prepared to evaluate the potential advantages of the pilot program if DOJ initiates an FCPA investigation into potential misconduct by their employees.
Newly Articulated Benefits
The pilot program articulates specific benefits that a company can receive if it meets certain criteria detailed in the Enforcement Plan.[2] DOJ has been criticized in the past for failing to articulate quantifiable benefits that could be received for self-disclosure, cooperation, and remediation. In the Enforcement Plan, DOJ has now announced that a company meeting all the defined requirements of self-disclosure, cooperation, and remediation can receive a significant, specific reduction in monetary penalties, an increased likelihood of a declination, and a decreased likelihood of a government-appointed compliance monitor.
- Reduction of penalties: The Enforcement Plan specifically quantifies the potential reductions in penalties that companies can receive if they meet all the requirements under the pilot program.[3] Companies can receive up to a 50 percent reduction off the low end of the recommended penalty range calculated under the U.S. Sentencing Guidelines[4] if they meet all the requirements of voluntary disclosure, full cooperation, and timely and appropriate remediation. The program, however, also places a ceiling on the cooperation credit for companies that do not voluntarily self-disclose—but otherwise meet all other requirements of cooperation and remediation—by noting that such companies will receive at most a 25 percent reduction off the bottom of the U.S. Sentencing Guidelines fine range.
- Increased likelihood of declination: The Enforcement Plan notes that companies that meet all the requirements of the program will also be considered for a declination of prosecution for all the disclosed criminal offenses. Prosecutors, however, must still take into account the factors outlined in other relevant guidance, including the U.S. Attorneys’ Manual’s Principles of Federal Prosecution of Business Organization, which include the seriousness of the offense, involvement by executive management, significant profit to the company, a history of non-compliance, and prior misconduct.[5]
- Avoidance of compliance monitor: An additional benefit that a company could receive is avoidance of a DOJ-imposed a compliance monitor as part of any negotiated resolution. A compliance monitor is often required by DOJ as part of a criminal resolution to examine the anti-corruption compliance program and internal financial controls of a company to determine whether such controls are sufficient to appropriately prevent and detect improper payments that could be in violation of the FCPA. The monitor, which is paid for by the company but selected by DOJ, will often spend up to three years examining issues within the company and reporting those results to DOJ, before determining whether the company has established sufficient anti-corruption controls.
While DOJ has long touted the benefits of self-disclosure, cooperation, and remediation in published FCPA enforcement actions against companies and in its public speeches, the Enforcement Plan for the first time attempts to quantify the potential benefits for engaging in the corporate behavior that DOJ wants. Some of these past statements include the principles initially articulated in the November 2012 FCPA Resource Guide[6] and the September 2015 Memorandum on Individual Accountability, also known as the “Yates Memo,”[7] describing modifications to the U.S. Attorneys Manual’s Principles of Federal Prosecution of Business Organizations. Importantly, the Enforcement Plan does not merely note the potential benefits but describes the required steps a company must take to earn those benefits from DOJ.
Requirements for Credit Under the Pilot Program
Background
In order to qualify for the benefits described above, a company must demonstrate to the FCPA Unit of the Fraud Section that it has fulfilled DOJ’s stated requirements in three categories: (1) voluntary disclosure, (2) full cooperation, and (3) timely and appropriate remediation. As the Enforcement Plan outlining the pilot program makes clear, DOJ has previously provided guidance over whether and what type of resolution is appropriate based on those three factors.[8] As demonstrated in public settlements,[9] DOJ’s Fraud Section generally has provided credit to corporations that meet these requirements by recommending a less severe form of resolution[10] or penalties below the low end of the Sentencing Guidelines recommended fine range.
However, the scope of any potential reduction of the monetary penalty had not previously been set forth in a publicly available framework. Consequently, companies had been faced with uncertainty about what specific steps they could take to obtain such credit and the concrete benefits corporations would receive for self-disclosure and cooperation in FCPA matters. The pilot program takes significant strides towards increasing transparency on the critical issues of how companies qualify for voluntary disclosure, cooperation, and timely and appropriate remediation.
Definition of Voluntary Disclosure
While DOJ has long lauded the potential benefits of voluntary disclosure, the Enforcement Plan provides some clarity about the steps companies must take to qualify as having made a “voluntary disclosure.” In evaluating whether a company qualifies for self-disclosure credit under the pilot program, the Fraud Section will make a careful assessment of the circumstances of disclosure, including determining whether the disclosure is truly “voluntary” or whether it was required by law, agreement, or contract.[11]
The Enforcement Plan notes that the self-disclosure must meet the requirements described in the U.S. Sentencing Guidelines, including self-reporting “prior to an imminent threat of disclosure or government investigation.”[12] DOJ has often encountered situations in which companies claim that they were “voluntarily disclosing” when, in fact, they were reporting to DOJ only after a newspaper had made inquiries into the potential matter, a foreign government had recently raided a foreign subsidiary’s office, or because the company knew that a whistleblower was about to notify the government.
Finally, the Enforcement Plan emphasizes the focus on individual prosecutions articulated in the Yates Memo, noting that credit for self-disclosure requires a company to disclose “all relevant facts known to it, including all relevant facts about the individuals involved in any FCPA violation.”[13] Companies evaluating self-disclosure must recognize that in order to qualify for any benefit, they must make full disclosure of all facts, which means that they must have the compliance infrastructure in place to identify them.
What is “Full Cooperation”
Companies have often struggled to interpret DOJ’s definition of “full cooperation” when determining what they can do to receive credit. The Enforcement Plan details eleven requirements that companies must meet in order to be credited with full cooperation under the pilot program, and thus become eligible for the program’s stated benefits. These requirements do not suggest a marked shift from the factors DOJ has previously relied upon in evaluating cooperation. However, they highlight DOJ’s trend, articulated in the Yates Memo, of gathering evidence in order to prosecute culpable individuals.[14] The requirements include:
- disclosure on a timely basis of all relevant facts, including all facts related to involvement in the criminal activity by the corporation’s officers, employees, or agents;
- proactive, rather than reactive, disclosure of relevant information;
- preservation, collection, and disclosure of relevant documents and their provenance;
- provision of timely updates;
- where requested, de-confliction of an internal investigation with a government investigation;
- provision of all facts relevant to conduct by all third parties;
- making available for interviews company officers and employees, including overseas employees and former officers and employees;
- disclosure of all facts identified as part of an internal investigation, including the attribution of the facts to specific sources;
- disclosure of documents located outside of U.S. jurisdiction, and information about how they were found;
- facilitation of third-party production of documents when not legally prohibited; and
- provision of translated documents, as appropriate.[15]
The Enforcement Plan describes compliance with the Yates Memo requirements as a prerequisite for receiving cooperation credit, while also preserving prosecutorial discretion for FCPA Unit prosecutors, stating that the Fraud Section will “assess the scope, quantity, quality, and timing of cooperation based on the circumstances of each case when assessing how to evaluate a company’s cooperation.”[16] Consequently, the Fraud Section makes clear that there is no “partial cooperation.” In order to receive any credit for cooperation, a company must be committed to completing all aspects of what DOJ considers to be cooperation, as described above. Accordingly, companies looking to take advantage of the Enforcement Plan’s benefits must ensure that they have the appropriate compliance infrastructure to be capable of fully cooperating. Without the elements of an effective FCPA compliance program, as articulated in the FCPA Resource Guide, it is unlikely that a company will be able to provide cooperation to DOJ in a timely and cost-efficient manner.
Timely and Appropriate Remediation
Finally, the Enforcement Plan provides guidance regarding the Department’s expectations under the pilot program for timely and appropriate remediation, which is essentially an articulation of the principles of an effective compliance program. The plan notes that credit for remediation is conditioned, first, upon a company receiving cooperation credit, as described above.
Second, the company must demonstrate, to DOJ’s satisfaction, that it has met the remediation goals, which appear to focus less on principles and more on ensuring the proper functioning of the mechanics of a company’s compliance program, including:[17]
- a culture of compliance;
- sufficient resources dedicated to the compliance function;
- the quality and experience of compliance personnel;
- the independence of the compliance function;
- whether a company’s compliance program has adequately assessed its risks and tailored its program accordingly;
- the stature of compliance personnel within a company;
- the auditing of the compliance program to assure its effectiveness; and
- any additional steps that demonstrate recognition of the seriousness of the company’s misconduct, acceptance of responsibility, and the implementation of measures to reduce the risks of repetition.
Third, the Enforcement Plan requires appropriate discipline of employees, including those identified as responsible for the misconduct.
Finally, the Enforcement Plan recognizes that whether an organization is deserving of remediation credit will be “highly case specific,” and that the criteria necessary for an effective compliance program will be periodically updated and may vary based on the size and resources of the organization.[18]
Insights for Companies on How to Respond to the Enforcement Plan and Pilot Program
While the basic elements of the Enforcement Plan’s pilot program are fairly straightforward, companies must consider how this guidance should affect their behavior going forward—both when they have a potential issue arise, but also before they discover a problem. Companies must consider the significant differences between DOJ’s past policy and the current pilot program, including the remaining ambiguities about its implementation, before deciding how best to protect themselves from a potential FCPA prosecution. As described below, the most significant takeaway is that companies must invest more in their compliance programs before a problem arises.
Significant Differences between Prior Practice and New Policy
The one-year pilot program does not fundamentally change the DOJ’s previous efforts[19] to promote corporate self-disclosure and cooperation in FCPA enforcement actions. The difference now, however, is that corporate defendants finally have a specific framework to use in determining the requirements for obtaining credit for such self-disclosures, the type of cooperation that they must provide, and the maximum benefits that they can receive. In that regard, the program ultimately appears designed to encourage self-disclosures and corporate cooperation. However, companies have reason to be cautious.
In particular, companies must still examine the potential benefits and drawbacks of this new pilot program, and whether, ultimately, the newly articulated benefits of self-disclosure are sufficient to outweigh the potential additional costs in legal and accounting fees, financial penalties, management resources, and reputational risks associated with an investigation by DOJ that would not arise in a purely internal investigation. On the other hand, companies must understand the heightened risks associated with a potential violation that is ultimately discovered by the government and the potentially greater sanction for having not self-disclosed.[20]
The pilot program does not eliminate the need for such cost-benefit analysis but provides additional transparency regarding DOJ’s mathematical computations. In particular, the 50 percent reduction in penalty could provide an incentive for some companies to attempt to meet all the requirements of the pilot program. However, the fact that companies may still receive a 25 percent reduction in penalty without self-disclosure may cause others to determine that it is not in their best interest to self-disclose. Companies appear likely to receive almost as much credit if they do not self-disclose but undertake a thorough internal investigation, conduct full and timely remediation, and fully cooperate when the DOJ otherwise identifies the misconduct.[21] Therefore, the greatest differences may arise when DOJ considers whether a declination is appropriate or whether to impose a monitor. However, DOJ has not yet provided public information regarding what factors underlie those calculations, and, in the interest of preserving prosecutorial discretion, may decline to ever do so.
Despite the Enforcement Plan’s effort to create additional transparency around corporate FCPA penalties, DOJ still maintains significant prosecutorial discretion over a number of factors critical for companies to understand when considering the impact of the Enforcement Plan. Negotiations surrounding FCPA matters involve numerous determinations regarding the scope of misconduct (e.g., number of countries involved), appropriate type of resolution,[22] and whether to impose a monitor, as well as how to calculate the penalty.[23] Accordingly, notwithstanding the pilot program, companies will still face significant uncertainty as to the final outcome of a future investigation because DOJ maintains the ability to make decisions that can significantly impact financial penalties in FCPA enforcement actions.[24] In our view, DOJ could do much more to enhance the success of the pilot program if it can publicly demonstrate that companies who meet the requirements of self-disclosure, full cooperation, and timely remediation get the reductions promised or, even better, a declination for the disclosed misconduct.[25]
Recommendations for Companies in Light of the Pilot Program
The Enforcement Plan’s requirements for companies participating in the pilot program can also be viewed as further guidance with respect to the Department’s expectations for the best practices for a company to conduct an internal investigation or create an effective compliance program. In particular, a company that has not identified specific FCPA issues should still consider whether its compliance program and other policies are up to the standards that DOJ has established as a precondition to receive the benefits of the program. We outline below considerations for each of the three categories of requirements under the program.
Voluntary Disclosure
While the decision of whether to voluntarily disclose known misconduct to DOJ is complicated, companies who want to control that decision must know the information before DOJ does. Consequently, companies must establish a strong compliance program that will identify potential misconduct and give them the opportunity to make the decision of whether to voluntarily disclose. The program must also provide sufficient information about the potential misconduct to thoroughly analyze whether a voluntary disclosure is the best strategy.
Of particular importance, companies must establish a properly functioning monitoring and auditing system to identify and prevent as much misconduct as possible. Given the challenges of some markets, it may be impossible to prevent all misconduct. According, companies must quickly identify any misconduct that has occurred so that it can be stopped. Swiftly zeroing in on small issues before they spiral out of control will allow a company’s anti-corruption procedures and financial controls to be modified to prevent future misconduct.
In addition, the pilot program’s requirement that a company promptly “disclose all relevant facts known to it” requires that the company have the ability to quickly gather information known throughout the organization. Companies often struggle to gather facts that are not centralized in a compliance department and are instead distributed among subsidiaries around the world, often with different reporting lines and accounting systems. For example, FCPA issues identified in financial audits must be quickly brought to the attention of the compliance team to investigate and resolve. Similarly, when an issue is identified in a single region or subsidiary, the compliance team should be informed so that it can determine whether it is an isolated incident or a recurring, widespread problem. Failure to do so could prevent a company from adequately disclosing all relevant facts because they are buried in another part of the organization.
Finally, companies must establish a proper reporting mechanism that quickly responds to employees raising potential FCPA concerns. If a company wants to be able to control the decision over whether to make a voluntary disclosure, the company must have identified and investigated those issues before they become public. Having an effective hotline and an efficient internal investigative protocol allow a company to maintain control of issues before disgruntled employees take those issues outside of the company and perhaps to DOJ.
While the manner in which to handle a voluntary disclosure to government regulators is appropriately outside the scope of any company’s compliance program, the compliance program is critical to determining whether a company is capable of making a voluntary disclosure in the first place. If companies want to be able to take advantage of the pilot program, they must first invest in building an effective compliance program and appropriate whistleblower response system.
Cooperation
While a company may not voluntarily disclose, once discovered, most companies that find themselves before DOJ fully cooperate in order to get the maximum credit.[26] The pilot program effectively outlines what DOJ considers to be “full cooperation” and builds upon the standards that the FCPA Unit has established over the past decade.
DOJ has high expectations of what qualifies as cooperation, and many companies may not have a sufficiently effective compliance infrastructure to be able to provide it. Companies should ensure that they have evaluated their internal policies and procedures so that they can quickly respond. For instance, company IT policies relating to data preservation and privacy can greatly facilitate a company’s efforts to preserve and review data, as well as to make disclosures of that data to DOJ in a cost-efficient manner. Additionally, a carefully maintained database of employment agreements, including severance agreements with departing employees, can facilitate efforts to interview current and former employees. Finally, company policies governing agreements with third parties, including, for example, requirements that certain agreements with third parties contain anti-corruption certifications and audit clauses, may impact the company’s ability to facilitate the production of documents or witnesses from third parties.
All of these actions (and many more) can make a review more effective and cost-efficient in identifying relevant facts either for an internal review or when cooperating with DOJ.
Remediation
The pilot program’s third factor of remediation provides insight into the compliance infrastructure that a company should establish when FCPA problems occur. DOJ considers remediation when determining the nature of the enforcement action (including whether even to bring a charge) and whether a resolution requires additional compliance obligations, including whether to impose a compliance monitor. Consequently, companies wishing to obtain a DOJ declination or avoid a monitor should carefully examine DOJ’s statements regarding compliance both in the Enforcement Plan and in previous guidance, such as the FCPA Resource Guide.
The Enforcement Plan notes that in determining whether a company meets these remediation requirements, DOJ will assess several factors, including the culture of compliance, dedicated compliance resources, their independence and stature—including “how a company’s compliance personnel are compensated and promoted compared to other employees.”[27] Companies should expect DOJ to carefully evaluate the resources devoted to compliance, and even go so far as to compare the salaries of the compliance personnel with the compensation of those engaged in the alleged misconduct. Compliance personnel who have struggled to have their messages heard by business leaders should applaud these additional DOJ pronouncements regarding the importance of building an effective compliance structure.
The Enforcement Plan further notes that DOJ will also evaluate: “Any additional steps that demonstrate recognition of the seriousness of the corporation’s misconduct, acceptance of responsibility for it, and the implementation of measures to reduce the risk of repetition of such misconduct, including measures to identify future risks.”[28] DOJ has previously explained those factors in the FCPA Resource Guide, describing the 10 Hallmarks of an Effective Compliance Program.[29] Further insight into DOJ’s perspective can be gleaned from a review of past resolutions, especially the attachments to the resolutions describing the basic elements of a compliance program or the enhanced compliance obligations in certain resolutions. Companies must ensure that their compliance programs can meet DOJ’s expectations.
Impact on Foreign Corporations
DOJ’s new guidance will be relevant to foreign corporations, as well. Those competing with U.S. companies must be mindful that their U.S.-based competitors will adjust their compliance programs to take into account the guidance in the Enforcement Plan, thus setting a new benchmark in terms of international best practices. This may be particularly relevant with regard to, for example, the independence and influence of the company’s compliance function and personnel, which are often not afforded the same attention in African, Asian, Central and Southern European, and Southern American companies as they are in U.S.-based companies.
In addition, the Enforcement Plan exacerbates the ever-present concerns about the application of different legal standards. The incentive to self-disclose in the U.S. may be at odds with the absence of any similar advantage in the company’s home-country. Moreover, some of the articulated requirements of cooperation, such as disclosure of third parties’ conduct or making employees available for interviews, may conflict with local data privacy or employment laws.
Thus, non-U.S. corporations should also reevaluate their compliance infrastructure, and should consider how to best address legal differences that may arise if an investigation uncovers conduct that the company may want to consider disclosing under the pilot program.
Conclusion
The Enforcement Plan provides some welcome guidance for companies navigating decisions of self-disclosure and cooperation in connection with potential FCPA violations. Such companies now have further information to more accurately calculate the potential benefits to such decisions, and the 50 percent reduction in potential penalties provided for by the pilot program creates a significant incentive for disclosure.
However, in practical terms, the effects of the program on changing corporate behavior are far from certain. As noted, DOJ has long touted the benefits to corporations of self-disclosure, cooperation, and remediation, and those benefits have often been reflected in more favorable settlements with companies that meet such requirements. The requirements listed in the pilot program are extensive, and without specific prior instances of companies receiving full credit for meeting those requirements, companies otherwise inclined not to disclose FCPA violations may find a 50 percent reduction in potential penalty insufficient, or insufficiently certain, to justify the risks associated with self-disclosure—especially when they can receive almost as much if they cooperate after DOJ begins its own investigation. Similarly, the parameters of what constitutes “full cooperation” have not changed dramatically since the FCPA Resource Guide and the Yates Memo. Consequently, the Enforcement Plan is unlikely to significantly change the calculus of companies evaluating whether to voluntarily disclose or how to cooperate.
The most valuable part of the Enforcement Plan is the insight it provides into what matters most to the FCPA Unit when considering remediation—a strong, effective compliance department. Consequently, companies should use this announcement to ensure that their compliance function is strong, including taking the following three actions:
- Empower the company’s compliance function so that it is well-staffed, appropriately compensated, and has sufficient clout within the organization to accomplish its critical function of preventing misconduct and detecting improper behavior;
- Evaluate the effectiveness of the company’s anti-corruption compliance program by conducting a thorough anti-corruption risk assessment, including analyzing the strength of the financial controls and information systems, risks from major government touch-points, and the implementation of FCPA training and awareness among key stakeholders; and
- Ensure the proper functioning of the anti-corruption program by closing any remaining gaps in the compliance infrastructure, building off of the 10 Hallmarks of Effective Compliance Programs previously identified in the DOJ FCPA Resource Guide and in published FCPA enforcement actions.
While the Enforcement Plan’s pilot program is unlikely to significantly change the calculus of companies considering self-disclosure or cooperation with DOJ, the continued emphasis on the establishment of strong compliance programs should encourage companies to reevaluate their current compliance infrastructure and ensure that they are doing all they can to prevent a major DOJ FCPA investigation or, at least, be well-prepared to respond when the next FCPA crisis occurs.
[1] Specifically, DOJ announced that it is adding ten additional prosecutors to the FCPA unit, a 50 percent increase, and that the FBI has established three new squads dedicated to FCPA investigations and prosecutions. In addition, DOJ stated once again that it is “strengthening its coordination with foreign counterparts” by sharing leads with foreign enforcement authorities and sharing documents and witness information.
[2] The Fraud Section’s Foreign Corrupt Practices Act Enforcement Plan and Guidance, 3 (April 5, 2016) [hereinafter “Enforcement Plan”], available at https://www.justice.gov/opa/blog/criminal-division-launches-new-fcpa-pilot-program.
[3] Enforcement Plan, pp. 8-9.
[4] U.S. Sentencing Guidelines Manual §8C1.1 (2015).
[5] The U.S. Attorneys’ Manual provides that when determining whether to bring charges, prosecutors should consider the following ten factors:
- the nature and seriousness of the offense, including the risk of harm to the public, and applicable policies and priorities, if any, governing the prosecution of corporations for particular categories of crime (see USAM 9-28.400);
- the pervasiveness of wrongdoing within the corporation, including the complicity in, or the condoning of, the wrongdoing by corporate management (see USAM 9-28.500);
- the corporation’s history of similar misconduct, including prior criminal, civil, and regulatory enforcement actions against it (see USAM 9-28.600);
- the corporation’s willingness to cooperate in the investigation of its agents (see USAM 9-28.700);
- the existence and effectiveness of the corporation’s pre-existing compliance program (see USAM 9-28.800);
- the corporation’s timely and voluntary disclosure of wrongdoing (see USAM 9-28.900);
- the corporation’s remedial actions, including any efforts to implement an effective corporate compliance program or to improve an existing one, to replace responsible management, to discipline or terminate wrongdoers, to pay restitution, and to cooperate with the relevant government agencies (see USAM 9-28.1000);
- collateral consequences, including whether there is disproportionate harm to shareholders, pension holders, employees, and others not proven personally culpable, as well as impact on the public arising from the prosecution (see USAM 9-28.1100);
- the adequacy of remedies such as civil or regulatory enforcement actions (see USAM 9-28.1200); and
- the adequacy of the prosecution of individuals responsible for the corporation’s malfeasance (see USAM 9-28.1300).
U.S. Attorneys’ Manual, Section 9-28.300
[6] A Resource Guide on the U.S. Foreign Corrupt Practices Act, (2012) (“FCPA Guide”), available at http://www.justice.gov/criminal/fraud/fcpa/guide.pdf. Published jointly by DOJ and SEC in 2012, the Resource Guide was designed to, for the first time, provide detailed information about the government’s enforcement priorities. It addressed not only the statutory requirements and prohibitions of the FCPA but also the government’s position as to the meaning of those requirements, and provided hypotheticals intended to provide guidance on common or difficult legal issues.
[7] The Memorandum on Individual Accountability for Corporate Wrongdoing was signed in September 2015 by Deputy Attorney General Sally Yates. The so-called “Yates Memo” emphasized DOJ’s renewed focus on prosecuting individuals and highlighted the benefits that would be provided to corporations that voluntarily disclose corporate wrongdoing, specifically including individual misconduct. The Yates Memo was premised on the government’s belief that the best way to deter corporate misconduct is by holding individuals accountable. The Yates Memo was formally incorporated into the U.S. Attorneys Manual, with modifications of several sections of USAM Section 9-28.000. For more about the Yates Memorandum, see previous Paul Hastings client alerts. William Sullivan, John Durrant, and Jenifer Doan, The Yates Memorandum: increasing the Perils of Parallel Proceedings (October 28, 2015), available at http://www.paulhastings.com/publications-items/details/?id=7d8ee769-2334-6428-811c-ff00004cbded; Maria E. Douvas, John P. Nowak, Sachin S. Bansal and Alex Ehmke, The Yates Memo: Six Months Later (March 9, 2016), available at http://www.paulhastings.com/publications-items/details/?id=a7b1e869-2334-6428-811c-ff00004cbded.
[8] See Enforcement Plan, p. 3. For example, the U.S. Attorneys’ Manual’s Principles of Federal Prosecution of Business Organizations have long provided guidance to prosecutors regarding whether a criminal enforcement action against a corporation is appropriate, and the form that any such action should take. Section 9-28.000 lists the factors that prosecutors should consider when determining whether to bring charges. See supra, note 5. Further, the U.S. Sentencing Guidelines provide credit for corporations that voluntarily disclose criminal conduct, fully cooperate, and accept responsibility for the conduct. U.S. Sentencing Guidelines Manual §8C2.5(g)(1)-(3).
[9] DOJ provides a list of all available FCPA related enforcement actions on the Fraud Section website, see https://www.justice.gov/criminal-fraud/related-enforcement-actions.
[10] DOJ generally requires corporate defendants determined to have engaged in the most egregious conduct to enter a guilty plea to a criminal charge. DOJ makes that determination based on a host of factors, including the amount of improper payments, the level of knowledge and participation of senior executives in the conduct, the effectiveness (or lack thereof) of the company’s existing compliance program, and the level of cooperation with the government. DOJ generally uses Deferred Prosecution Agreements (“DPAs”) in FCPA enforcement actions where the conduct at issue is less egregious, or where the company’s cooperation has been exemplary. DPAs in the FCPA context are agreements by which DOJ agrees to defer prosecution of the defendant for a pre-determined period of time in exchange for the defendant agreeing to fulfill certain requirements, which usually include compliance-related enhancements. Under the U.S. Sentencing Guidelines, if the defendant meets the requirements of the DPA, at the end of the predetermined period of time the prosecution will not count toward the defendant’s criminal history in any case in the future. A Non-Prosecution Agreement (“NPA”) is similar but does not involve actual charges being filed, and, under the terms of the agreement, a prosecution does not take place in the event that the defendant does not meet the requirements of the agreement. (In practice, however, there is nothing to prevent a prosecutor from using her discretion to subsequently file such charges if a corporate defendant failed to meet requirements set forth in an NPA.)
[11] Enforcement Plan, p. 4.
[12] Enforcement Plan, p. 4, citing U.S.S.G. § 8C2.5(g)(1).
[13] Enforcement Plan, p. 4.
[14] The Enforcement Plan specifically references the Yates Memo in noting that “full cooperation” requires disclosing all facts related to involvement in the criminal activity by the corporation’s officers, employees, or agents. Enforcement Plan, p. 5.
[15] Enforcement Plan, pp. 5-6.
[16] Enforcement Plan, p. 6.
[17] Enforcement Plan, pp. 7-8.
[18] Paul Hastings has previously prepared and will be preparing additional client alerts on these issues identified above, including the aspects of an effective compliance program and the importance of conducting effective risk assessments.
[19] Those efforts are attributable in part to the nature of FCPA investigations, which often involve documents and witnesses that are overseas and are often beyond the reach of U.S. authorities, or at least difficult and time consuming to retrieve through Mutual Legal Assistance Treaties, agreements between governments that allow for cross-border exchange of information in criminal matters.
[20] As detailed in the Enforcement Plan, the increased prosecutorial and FBI resources devoted to FCPA enforcement, combined with greater cooperation with foreign law enforcement is likely going to substantially increase the likelihood that a problem will be identified by DOJ without a voluntary disclosure. Whether that increase will be enough to change a company’s calculus will depend on a number of factors, including the industry, geographic location, use of potentially problematic third parties and nature of competitors.
[21] For example, consider a situation in which a company was facing a potential penalty of $20 million under the recommended sentencing guidelines. If the company voluntarily disclosed, the penalty could be as low as $10 million. If the company did not voluntary disclose but cooperated fully after DOJ began an investigation, the company could receive a penalty as low as $15 million. Many companies would be skeptical that the uncertainty of appearing before DOJ, with the resulting use of management resources and negative public attention, would be worth the potential benefit of saving $5 million, particularly given the possibility that the DOJ may never ultimately investigate the issue.
[22] The Fraud Section has historically exercised significant discretion in determining the type of FCPA enforcement action to offer corporate defendant, ranging from a guilty plea for the most severe conduct to an NPA for the least severe, with a DPA serving as an intermediate sanction. Although the Enforcement Plan highlights that companies, in certain circumstances, may receive declinations for their cooperation, the plan does not otherwise address whether it may impact the Department’s decision to bring a lesser type of enforcement action for those companies that qualify.
[23] In particular, the values that are used in determining the initial calculation under the Sentencing Guidelines, as well as even the specific crime itself, are often the subject of intense negotiations between corporate defendants and DOJ, and those negotiations can significantly impact the final penalty amount. For example, sometimes negotiations over the scope of the conduct included in the Guidelines calculation are far more impactful to the bottom line than the dollar values associated with whatever conduct is ultimately included.
[24] Given the discretionary determinations involved in the calculation of a U.S.S.G. recommended penalty, a potential $20 million penalty could easily be increased to $40 million. Thus, any reduction from self-disclosure could be quickly eliminated based on determinations by DOJ.
[25] Given the timing of the pilot program and the length of a typical FCPA investigation, it may be most effective to do so with matters that were disclosed prior to the announcement of the pilot program on April 5, 2016. DOJ officials, however, stated in a conference call with reporters announcing the program that DOJ is still undecided with respect to such cases. Ed Beeson, Justice Dept. Launches FCPA Cooperation Initiative, Law360 (April 6, 2016), http://www.law360.com/whitecollar/articles/780486?nl_pk=5589b93d-e297-46c2-a855-589368a839b2&utm_source=newsletter&utm_medium=email&utm_campaign=whitecollar.
[26] In certain circumstances, especially when DOJ’s jurisdiction is in doubt, it may not be in the company’s interests to provide maximum cooperation as described in the Enforcement Plan.
[27] Enforcement Plan, p. 7.
[28] Enforcement Plan, p. 8.
[29] FCPA Resource Guide, pp. 57-63.
About the Authors
Nathaniel Edmonds is a partner in the Litigation Department of Paul Hastings based in the firm’s Washington, D.C. office. As a former Assistant Chief of the Foreign Corrupt Practices Act (FCPA) Unit of the Fraud Section in the Criminal Division of the Department of Justice (DOJ), Mr. Edmonds assisted in the supervision of all FCPA cases in the United States and oversaw the investigation and prosecution of companies, business executives, and others for making improper payments to foreign officials in international business transactions.
Morgan Heavener is of counsel in the Litigation Department of Paul Hastings. His practice focuses largely on matters relating to international anticorruption laws, including the U.S. Foreign Corrupt Practices Act.Heavener has extensive experience conducting corruption-related internal and government-initiated investigations around the world, including representing clients in enforcement actions brought by the U.S. Department of Justice (DOJ), the U.S. Securities and Exchange Commission (SEC), and multilateral development banks.
Ian Herbert is an associate in the Paul Hastings Litigation practice and is based in the firm’s Washington, D.C. office. His practice focuses on international commercial litigation and arbitration and investigations related to the Foreign Corrupt Practices Act. Herbert received his J.D. from New York University. He received a B.A. from the University of Michigan in 2005.