DOJ's New FCPA Enforcement Policy Continues its "Carrot-and-Stick" Approach

The Situation: Companies that learn of Foreign Corrupt Practices Act ("FCPA") violations by employees or agents are faced with significant uncertainty as to whether the benefits and risks of self-disclosing the conduct to the Department of Justice ("DOJ") outweigh the benefits and risks of not doing so.

The Development: On November 29, 2017, Deputy Attorney General Rod Rosenstein announced a new FCPA corporate enforcement policy that further clarifies DOJ's "carrot-and-stick" approach to enforcing the FCPA against companies. The new policy supersedes DOJ's FCPA pilot program ("Pilot Program”), adopting significant parts of that program, but also adopting new incentives to encourage companies to self-disclose FCPA violations. Most significantly, the new enforcement policy creates a presumption that DOJ will decline to take any enforcement action against companies if they: (i) voluntarily self-disclose criminal conduct to DOJ; (ii) fully cooperate with DOJ's investigation; and (iii) take timely and appropriate remediation steps.

The new policy notes that the presumption may be overcome only if there are aggravating circumstances related to the nature and seriousness of the offense, or if the company is a repeat offender. When DOJ determines that the nature and seriousness of the criminal conduct overcome the presumption for a company that otherwise meets the criteria for a declination, DOJ will recommend a 50 percent reduction off the low end of the applicable Sentencing Guideline's fine range. As a general matter, DOJ will not require a corporate monitor in such cases. Companies will still be required to relinquish any profits derived from the criminal conduct to qualify for the benefits under the new enforcement policy. In addition, any declinations under the policy will be made public.

Looking Ahead: The new enforcement policy provides a significant incentive for corporations to consider when deciding whether to self-disclose conduct that may violate the FCPA, particularly when the conduct was not pervasive, did not involve executive management, and did not result in significant profit to the company. While the policy also provides an incentive for self-disclosure in cases involving more serious corrupt conduct, companies that learn of such conduct face much of the same uncertainty as they did prior to the adoption of the new policy when deciding whether or not to self-disclose FCPA violations to DOJ.

The New FCPA Enforcement Policy

During a speech at an industry conference on November 29, 2017, Deputy Attorney General Rod Rosenstein announced revisions to the United States Attorney's Manual that implement a new FCPA corporate enforcement policy. Deputy Attorney General Rosenstein stated that the new enforcement policy "provides guidance and greater certainty for companies struggling with the question of whether to make voluntary disclosures of wrongdoing."[1] The new policy "is aimed at providing additional benefits to companies based on their corporate behavior once they learn of misconduct."[2]

To this end, the new policy creates a presumption that DOJ will decline to take any enforcement action against companies that: (i) voluntarily self-disclose FCPA violations to DOJ; (ii) fully cooperate with DOJ's investigation; and (iii) take timely and appropriate remediation steps. In addition, to qualify for the benefits of the new policy, a company will be required to pay all disgorgement, forfeiture, and/or restitution resulting from the misconduct at issue.[3] In practice, this is typically the amount of any ill-gotten gain or profit the company derived from the criminal conduct. Companies that satisfy the criteria described above can generally avoid having to retain an independent corporate monitor.

The presumption of a declination can be rebutted by "aggravating circumstances," which include: (i) the involvement by executive management in the misconduct; (ii) a significant profit to the company from the misconduct; (iii) pervasiveness of the misconduct within the company; and (iv) criminal recidivism.

In cases where DOJ determines that the nature or pervasiveness of the criminal conduct rebuts the presumption of a declination, DOJ will accord or recommend a 50 percent reduction off the low end of the Sentencing Guidelines fine range in any enforcement action.[4] Repeat offenders are carved out of this policy and may not qualify for any credit. The new policy is effective immediately and applies to pending DOJ FCPA investigations and all new FCPA matters.

Self-Disclosure, Full Cooperation, and Timely Remediation

To qualify as "voluntary self-disclosure" under the new policy, the disclosure to DOJ must occur before an imminent threat of disclosure or government investigation, and within a reasonably prompt time after the company becomes aware of the offense.[5] The burden is on the company to demonstrate timeliness. In addition, the company must disclose "all relevant facts known to it, including all relevant facts about all individuals involved in the violation of law."[6]     

The new policy includes a detailed description of what the government considers "full cooperation." Among other things, the government expects companies to: (i) cooperate proactively and disclose all relevant facts and evidence to the government on a timely basis, even when not specifically asked to do so by the government; (ii) provide all relevant facts gathered during a company's independent investigation; (iii) attribute facts to specific sources; (iv) preserve, collect, and disclose relevant documents to the government, including documents located overseas; (v) refrain from interviewing witnesses, including a company's own employees, if requested to do so by the government; (vi) make employees and officers available to the government to interview; and (vii) facilitate the production of third-party witnesses and documents.[7] This list is illustrative and is by no means exhaustive.

The new policy also describes what will be required for a company to receive credit for timely and appropriate remediation. Among other things, the government expects that a company will engage in a root-cause analysis of the underlying criminal conduct and take steps to address such causes, implement an effective compliance and ethics program, discipline employees who participated in the conduct or who failed in their oversight and supervision, retain business records in an appropriate way, and take additional steps commensurate with the conduct identified.[8]

Companies that do not self-disclose FCPA violations but otherwise fully cooperate with DOJ's investigation and engage in timely and appropriate remediation qualify for up to a 25 percent reduction off the low end of the Sentencing Guidelines range in any enforcement action.

The New Policy and SEC Enforcement

The new enforcement policy applies only to DOJ. The Securities and Exchange Commission ("SEC"), which has civil regulatory enforcement authority for the FCPA over "issuers" (i.e., public companies) and their directors, officers, employees, and agents, is not bound by DOJ's new enforcement policy.

The SEC retains the right to pursue parallel regulatory enforcement actions in cases where DOJ declines to take an enforcement action. However, in two recent past instances when DOJ resolved matters through declination letters to issuers, the SEC resolved its parallel regulatory investigations through non-prosecution agreements that required the issuers to pay disgorgement, plus prejudgment interest, but not separate civil fines.[9] In one instance, SEC brought an administrative enforcement proceeding that required an issuer to pay disgorgement and a civil penalty after DOJ declined to bring an enforcement action.[10] DOJ credited these payments to the SEC in DOJ's analysis in support of resolving the matters through declination letters.[11] This past practice provides some insight—but no assurance—into how the SEC will handle parallel regulatory investigations of issuers that DOJ declines to prosecute under the new enforcement policy.

The New Policy vs. the Pilot Program

The new enforcement policy supersedes the DOJ Fraud Section's FCPA Pilot Program, which has been in effect since April 5, 2016. The Pilot Program was enacted to increase transparency in DOJ's exercise of its prosecutorial discretion in FCPA cases, in order to encourage companies to self-report violations.[12]

The new enforcement policy adopts much of the substance of the Pilot Program, including the criteria of self-disclosure, full cooperation, and remediation. The new policy, however, differs in significant ways from the Pilot Program, as highlighted in the chart below.  

Five Key Takeaways

1. FCPA investigations and prosecutions remain a priority for DOJ.
2. A company's decision whether or not to self-disclose potential FCPA violations to DOJ is multi-factored and consequential.
3. Companies that learn of potential FCPA violations by company officers, employees, or agents have a limited time in which to make an informed decision whether or not to self-disclose to DOJ to maximize credit.
4. Companies that self-disclose isolated instances of FCPA violations to DOJ that do not involve senior management or result in a significant profit to the company are likely to be able to resolve these matters with DOJ through public declination letters with disgorgement of any ill-gotten gains.
5. For more serious FCPA violations, there remains a substantial amount of uncertainty whether the benefits and risks of self-disclosing the conduct to DOJ outweigh the benefits and risks of not doing so.

Lawyer Contacts

For further information, please contact your principal Firm representative or one of the lawyers listed below. General email messages may be sent using our "Contact Us" form, which can be found at www.jonesday.com/contactus/.

Authors

James P. Loonam
New York
+1.212.326.3808
jloonam@jonesday.com

Theodore T. Chung
Chicago
+1.312.269.4234
ttchung@jonesday.com

Karen P. Hewitt
San Diego
+1.858.314.1119
kphewitt@jonesday.com

Henry Klehm III
New York
+1.212.326.3706
hklehm@jonesday.com

Hank Bond Walther
Washington
+1.202.879.3432
hwalther@jonesday.com

Additional Contacts

Richard H. Deane Jr.
Atlanta
+1.404.581.8502
rhdeane@jonesday.com

James C. Dunlop
Chicago / São Paulo
+1.312.269.4069 / +55.11.3018.3915
jcdunlop@jonesday.com

Jamila M. Hall
Atlanta
+1.404.581.8465
jhall@jonesday.com

Adam Hollingsworth
Cleveland
+1.216.586.7235
ahollingsworth@jonesday.com

Andrew M. Luger
Minneapolis
+1.612.217.8862
aluger@jonesday.com

Peter J. Mazza
San Diego
+1.858.314.1159
pmazza@jonesday.com

Daniel E. Reidy
Chicago
+1.312.269.4140
dereidy@jonesday.com

Peter J. Romatowski
Washington
+1.202.879.7625
pjromatowski@jonesday.com

Joshua S. Roseman
Dallas
+1.214.969.4898
jsroseman@jonesday.com

Eric Snyder
São Paulo / Washington
+1.202.879.3912
esnyder@jonesday.com

Stephen G. Sozio
Cleveland
+1.216.586.7201
sgsozio@jonesday.com

Neal J. Stephens
Silicon Valley
+1.650.687.4135
nstephens@jonesday.com

Jason S. Varnado
Houston
+1.832.239.3694
jvarnado@jonesday.com

James R. Wooley
Cleveland
+1.216.586.7345
jrwooley@jonesday.com

Jones Day publications should not be construed as legal advice on any specific facts or circumstances. The contents are intended for general information purposes only and may not be quoted or referred to in any other publication or proceeding without the prior written consent of the Firm, to be given or withheld at our discretion. To request reprint permission for any of our publications, please use our "Contact Us" form, which can be found on our website at www.jonesday.com. The mailing of this publication is not intended to create, and receipt of it does not constitute, an attorney-client relationship. The views set forth herein are the personal views of the authors and do not necessarily reflect those of the Firm.