In recent remarks, Deputy Attorney General Rod Rosenstein announced significant revisions to the Department of Justice’s (DOJ) policies for enforcing the Foreign Corrupt Practices Act. The policy revisions make permanent many of the aspects of the FCPA Pilot Program which began in 2016 and sought encourage voluntary self-disclosures of FCPA violations by formalizing the benefits to corporations for doing so. The recent policy revisions even went a step farther than the Pilot Program, announcing that if company voluntarily discloses FCPA violations, fully cooperates in the government’s investigation, and makes timely and appropriate remediation, there will be a presumption that the DOJ will resolve the company’s case through a declination to prosecute.
This policy revisions reinforce that the DOJ is focused on prosecution culpable individuals. Indeed, Deputy Attorney General Rosenstein noted that “[i]t makes sense to treat corporations differently than individuals, because corporate liability is vicarious; it is only derivative of individual liability.”
While the DOJ appears to have made it even easier for companies to insulate themselves from liability if they turn over the individual bad actors, there are still many difficult decisions to be made by companies contemplating self-disclosure. Each of the requirements for unlocking the benefits of corporate disclosure – voluntary disclosure, full cooperation, and appropriate remediation – have specific criteria and pose nuanced questions for executives and directors to consider.
First, under the revised FCPA enforcement policy, the self-disclosures must be genuinely voluntary (i.e., prior to the “imminent threat” of disclosure or government investigation) and must be made within a “reasonably prompt time” after discovery of the violation. This creates some potential issues for directors and officers who may learn of potential violations and seek to conduct an internal investigation to gather more information. The policy revisions do not further define an “imminent threat” or “reasonably prompt” period, but company must be aware that protected investigations may jeopardize their ability to make an effective voluntary disclosure.
Second, full cooperation may be onerous. Although the policy revisions do not contain an exhaustive list of the types of cooperation that the DOJ will expect, it does instruct that companies should “proactively” disclose all relevant facts and evidence. Accordingly, companies must determine the appropriate scope of their disclosures (and may need to do so even if an internal investigation is not complete because concerns regarding the timeliness of the disclosure have arisen). Moreover, the instruction that the companies take a proactive approach to disclosures appears to add additional pressure on companies to make broad disclosure (but not data dumps which could frustrate DOJ investigations) or risk failing to meet the full cooperation criterion.
Third, remediation efforts must be genuinely aimed at and capable of correcting the source of the violation. The DOJ acknowledges that there will be variances based on the size of the company and the nature of the underlying violation; however, companies should be prepared to commit necessary resources to develop and implement ethics and compliance programs that will demonstrably improve the company’s ability to stop future violations.
Finally, another condition that has been made permanent is the requirement that the company pay all disgorgement, forfeiture, and/or restitution in full. Depending on the amount in question, the ability to pay in full may be a difficult practical issue for a company. Nevertheless, as part of the gateway to non-prosecution, a company must address the issue and develop a strategy for obtaining the necessary funds as it approaches voluntary self-disclosure.
Robust compliance programs remain the critical first step for companies seeking eradicate FCPA violations from their corporate culture. As Deputy Attorney General Rosenstein noted, criminals try to evade law enforcement, but must first evade internal controls and compliance programs, therefore, “[h]onest companies pose a meaningful deterrent to corruption.” Fostering a culture of compliance, dedicating sufficient resources, and ensuring that compliance personnel have access to management and the board were all cited by Deputy Attorney General Rosenstein as hallmarks of effective compliance and should be at the core of any compliance program.