Some more carrots, and definitely more sticks: DOJ corporate criminal enforcement

December 2022  |  SPECIAL REPORT: WHITE-COLLAR CRIME

Financier Worldwide Magazine

December 2022 Issue

On 15 September 2022, Lisa Monaco, deputy attorney general of the US Department of Justice (DOJ), released a memorandum announcing certain changes to DOJ policies regarding corporate criminal enforcement. While many of the foundational principles remain similar to prior guidance announced in 2021, the memo imposes several new and specific prerequisites for companies seeking cooperation credit in criminal matters.

Cooperation credit can significantly decrease the amount of the fine (or the nature of other penalties) in a corporate criminal matter and, in the best of cases, allow a company to obtain a declination to prosecute. Unfortunately, a number of the new criteria that the memo articulates are likely going to make it more challenging for companies to become eligible for full cooperation credit.

Key takeaways from the memo, and some important considerations for corporations in light of them, are outlined below.

Continued emphasis on individual accountability

Holding individuals accountable for corporate misconduct has long been a clear DOJ priority. In a September 2022 speech, Monaco went so far as to say that “the Department’s number one priority is individual accountability”. Demonstrating this point, the earlier version of the memo released in 2021 stated that companies must “identify all individuals involved in or responsible” for the misconduct and provide all non-privileged information regarding their misconduct in order to receive any consideration for cooperation.

The September 2022 memo goes a step further. To be eligible for cooperation credit, companies must now disclose to prosecutors all non-privileged information that may be helpful for holding culpable individuals liable “swiftly and without delay” to be eligible for cooperation credit – and prioritise the production of such information over others. In other words, organisations must ensure that their internal investigation is appropriately identifying the individual perpetrators, as well as potentially relevant evidence regarding their culpability, and that such information is produced to the government as a priority.

The memo notes that companies seeking cooperation credit bear the burden of ensuring that such documents are produced to the prosecutors in a timely manner. This requirement seeks to deter “gamesmanship with disclosures and productions”, in addition to preventing loss of important evidence or time under the statute of limitations. This obligation, however, may pose serious challenges even to many organisations acting in good faith to cooperate.

As a practical matter, an ongoing investigation often only reveals one piece of the puzzle at a time. As a result, it can be difficult to determine which pieces of information are relevant to individual culpability or should be prioritised in document productions – particularly until the investigation reaches the point at which relatively firm judgments about conduct and individual culpability can be reached, which often requires the triangulation of multiple strands of evidence.

More importantly, disclosure of certain information the DOJ may find to be relevant and important may result in waivers of attorney-client privilege or attorney work product protection. Although the memo mandates companies to provide only non-privileged information, in reality it is often difficult to draw a clear distinction between privileged and non-privileged information for any investigation conducted by counsel under privilege. This is especially true when sharing information obtained through employee interviews, where the provision of information from the employee to the investigating lawyer is privileged, but the underlying facts may not be. Appropriately disaggregating underlying fact from the privileged communication in which the fact is conveyed may prove challenging, especially when the full factual predicate remains inchoate, and the interviewee is a target or subject of the investigation.

Particularly considering the recent court decisions that held that companies broadly waived privilege by disclosing certain information obtained through privileged investigations, it is critical for organisations to conduct a careful legal analysis of what can be produced to the government. They should also keep in mind that waiving attorney-client privilege in a governmental investigation will typically waive privilege in other contexts, allowing discovery by parties in other legal proceedings, such as related civil suits.

Consideration of historical or other misconduct

The memo also instructs federal prosecutors to consider a corporation’s past misconduct, suggesting that a history of criminal, civil and regulatory misconduct, both domestically and internationally, will likely have a negative impact on a company’s criminal resolution. There are a number of factors to be considered, including how recent the prior misconduct is, whether it was or would constitute a violation of US federal law, and whether it took place under the same company management as the current misconduct.

Interestingly, the memo instructs federal prosecutors to consider a company’s criminal resolutions within 10 years (and civil or regulatory resolutions within five years) of the current matter to assess whether the company is a repeat offender. But basing the threshold on the date of the resolution, rather than the underlying conduct, could effectively penalise companies for the government’s decision to conduct a lengthy investigation or bring charges later than it could have, especially considering that complex government investigations can span across several years. It could also mean that cooperating companies that aggressively contest charging decisions, thereby delaying the date of resolution, could be disadvantaged in a subsequent enforcement action.

On a more positive note, the memo suggests that companies that have “turned a corner” from the prior misconduct will likely be able to offset the negative impact of prior misconduct. Similarly, the memo notes that prior misconduct by an acquired entity would receive less weight if the acquiring party has an effective compliance programme which it has deployed at the acquired entity.

A robust compliance programme not only prevents corporate misconduct but can also have a direct and significant impact on the resolution of enforcement actions. Corporations, particularly those with prior criminal resolutions or other enforcement history, should ensure that their compliance programmes are effective, and that they are able to articulate the progress made since any historical misconduct.

Added challenge for multinational corporations

After the discovery of corporate misconduct, a company’s primary means of mitigating the criminal exposure are cooperation with the government and remediation of the underlying violations. For full and effective cooperation, the DOJ expects, among other things, timely preservation, collection and disclosure of relevant documents, including those within the US and overseas.

Particularly for multinational corporations, it can be challenging to navigate the web of data privacy laws, blocking statutes and other legal requirements in different jurisdictions. Many jurisdictions’ data protection laws require advance approval, notice or assessment before any data can be collected or transferred outside the country. In addition, certain jurisdictions, including China, France and Switzerland, have enacted ‘blocking statutes’ prohibiting, among other things, cross-border transfers of data for production to a foreign government without review and approval by the host jurisdiction.

While acknowledging this reality, the memo makes it clear that companies now “bear the burden of establishing the existence of any restriction…and identifying reasonable alternatives to provide the requested facts and evidence”. Companies are expected to “work diligently to identify all available legal bases to preserve, collect, and produce such documents…expeditiously” in order to receive cooperation credit. In practice, this burden shifting means that companies will have to work diligently to identify ways to comply with both the US and foreign legal regimes, as well as ensure that any limitations due to non-US law are justifiable and articulable.

Given the complexity of legal issues related to cross-border data transfers, companies with operations overseas should immediately start to identify the steps necessary for cross-border data transfers, such as data transfer impact assessments, notice to custodians, or data transfer agreements, as soon as they become aware of a government investigation.

Executive compensation clawback

Noting that “it all comes back to corporate culture,” Monaco emphasised that prosecutors evaluating the strength of a compliance programme will now consider whether the company has clawback provisions or other ways to hold culpable employees financially accountable, and whether the company has actually taken steps to employ measures with regard to the individuals who engaged in misconduct.

Clawing back compensation already paid out will pose significant legal and practical enforcement difficulties for employers. Certain jurisdictions, such as California and Singapore, prohibit employers from repossessing any incentives already paid, which includes bonuses and incentive compensation. Many other jurisdictions, such as France and China, only permit employers to claw back bonuses already paid if there are clear legal bases to do so, which can be difficult to prove. Even in jurisdictions that leave the enforceability of clawback provisions open to contractual interpretation or the nature of the bonus at issue (for example, whether it is discretionary), enforcing clawback provisions will result in employment disputes in many cases.

According to the memo, the DOJ will provide further guidance on how to reward corporations that develop and apply compensation clawback policies, including how to shift the burden of corporate financial penalties on to the responsible individuals rather than shareholders, before the end of 2022. Whether the DOJ will be able to propose practical and workable approaches remains to be seen.

Conclusion

The DOJ has undoubtedly raised the bar for corporate cooperation and its expectations for corporate compliance programmes. The memo makes it clear that the carrots will be harder to get, and the sticks will be aplenty. Now more than ever, it is critical that companies minimise their corporate criminal risks by maintaining a strong compliance programme, which both prevents and detects misconduct, in the first instance, and helps achieve a more favourable outcome should an organisation find itself in the crosshairs of a government investigation.

 

Michael Diamant is a partner and Nicole Lee is an associate at Gibson, Dunn & Crutcher LLP. Mr Diamant can be contacted on +1 (202) 887 3604 or by email: mdiamant@gibsondunn.com. Ms Lee can be contacted on +1 (202) 887 3717 or by email: nlee@gibsondunn.com.

© Financier Worldwide

BY

Michael Diamant and Nicole Lee

Gibson, Dunn & Crutcher LLP

©2001-2024 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.