Archive for the ‘Enforcement Agency Policy’ Category

Yates On The Yates Memo

Tuesday, November 24th, 2015

YatesAs highlighted in this prior post, in September DOJ Deputy Attorney General Sally Yates delivered this speech and released this memo titled “Individual Accountability for Corporate Wrongdoing” (hereafter the “Yates Memo”).  (See here for the video of the speech).

While many viewed the Yates Memo as articulating new DOJ policy, in many respects it did not.

Last week, Yates delivered this speech that elaborated on certain points in the Yates memo and announced that the Yates Memo has been incorporated into the U.S. Attorney’s Manual (USAM). Some are viewing this as another “new” development, but that too is misguided as the USAM has always been the final resting place for DOJ policy memos such as the previous Holder, Thompson, McNulty and Filip memos.

The remainder of this post excerpts portions of Yates’s speech that are likely to be of most interest to FCPA practitioners.

“A little more than two months ago, we issued a new policy designed to ensure that individual accountability is at the heart of our corporate enforcement strategy.  In announcing the policy, we emphasized the importance of holding accountable the individuals who commit corporate wrongs for reasons that are fairly obvious – crime is crime and lawbreakers must be held responsible regardless of whether they violate the law on the street corner or in the corner office.  We also know that in the white-collar context, one of the most effective ways to ensure this accountability and to deter future misconduct is by pursuing not just corporate entities, but also the individuals through which these corporations act.  And so our policy set forth six ways the Justice Department is changing how it does business to ensure that our attorneys and agents make the best possible cases against those individuals.


[N]ow that a couple of months have passed, I thought it would be helpful to expand a bit on what we are trying to accomplish and how we’re implementing the policy.

Before rolling out the memo in September, a team of senior DOJ attorneys spent months examining the issue – a project that began under former Attorney General Holder and continued under Attorney General Lynch. I’d like to think that the final product reflected the values that were instilled in these senior DOJ attorneys – and instilled in me – during our long careers at the Justice Department. I joined the U.S. Attorney’s office in Atlanta in 1989 and I’ve been with the department ever since. I spent a significant portion of my career handling white-collar prosecutions, as a line Assistant United States Attorney (AUSA), as the supervisor of our white-collar unit, as a U.S. Attorney and now as Deputy Attorney General. I know how challenging these cases can be and I’ve seen how extraordinarily hard our Department of Justice attorneys work to make them happen. That’s part of the reason we decided to adjust our approach. Everyone at the Justice Department wants to hold wrongdoers accountable, all the more so when those wrongdoers use corporations to lie, cheat and steal. But the barriers to a successful white-collar prosecution can be substantial. We needed to clear away some of those barriers and make sure that the department’s own priorities and resources were fully aligned so we could conduct our investigations more effectively and bring the best cases possible.

I’d like to talk a bit about how we’ve implemented the policy into the everyday work of our attorneys.  Today, we’re taking a big step forward on that front by issuing revisions to the United States Attorney’s Manual, or the USAM.

As I’m sure many of you know, the USAM is one of the most important documents within the Justice Department community.  It is a handbook that contains guidance on everything from initiating an investigation to closing a case and it serves as the foundation for many of the key decisions that DOJ attorneys make during their work.  It applies to everyone in the department, regardless of whether they’re an assistant U.S. Attorney out in the field or a trial attorney in Washington.  I know I consulted it regularly during my years as a prosecutor.

We don’t revise the USAM all that often and, when we do, it’s for something important.  We change the USAM when we want to make clear that a particular policy is at the heart of what all Department of Justice attorneys do and when we want to make sure that certain principles are embedded in the culture of our institution.  We also make these revisions as a way of telling the world about our priorities and our values, so that others know what to expect when the Justice Department comes knocking.

The first set of revisions involve the section of the USAM that addresses criminal cases – specifically, corporate criminal cases.  Technically, the chapter is called the “Principles of Federal Prosecution of Business Organizations,” but most of you know it as simply the “Filip factors.”

Today we are updating the Filip factors and the written guidance that accompanies these factors, to highlight some important principles from the September policy.  The revised factors now emphasize the primacy in any corporate case of holding individual wrongdoers accountable and list a variety of steps that prosecutors are expected to take to maximize the opportunity to achieve that goal.  And we are adding language that codifies a number of internal reporting and approval requirements, which are designed to ensure consistency across the Justice Department and allow us to keep track of how these policies are being implemented.

An important component of the individual accountability policy and the new revisions to the factors involves corporate cooperation.  This seems to be the policy shift that has attracted the most attention.  The new rule in the revised factors is exactly how I laid it out two months ago:  if a company wants credit for cooperating – any credit at all – it must provide all non-privileged information about individual wrongdoing.  Companies seeking cooperation credit are expected to do investigations that are timely, appropriately thorough and independent and  report to the government all relevant facts about all individuals involved, no matter where they fall in the corporate hierarchy.

I would note that this concept — that corporate cooperation includes giving all non-privileged information about the conduct of individuals –  is nothing new.  It was in the Filip factors long before this most recent policy shift and it is a point has been repeatedly emphasized by department officials, particularly Leslie Caldwell, our terrific Assistant Attorney General of the Criminal Division.

What is new is the consequence of not doing it.  In the past, cooperation credit was a sliding scale of sorts and companies could still receive at least some credit for cooperation, even if they failed to fully disclose all facts about individuals.  That’s changed now.  As the policy makes clear, providing complete information about individuals’ involvement in wrongdoing is a threshold hurdle that must be crossed before we’ll consider any cooperation credit.

Some have claimed that this new cooperation policy will result in unnecessarily broad, costly and time-consuming internal investigations.  But when we announced the policy, we made clear that we were not intending for companies to embark on a years-long, multimillion dollar investigation every time a company learns of misconduct.  We made clear at the time that we expect investigations to be tailored to the scope of the wrongdoing.  We expect cooperating companies to make their best effort to determine the facts with the goal of identifying the individuals involved.  As we said previously, if there is any question about the scope of what’s required, you should do what many defense attorneys do now – pick up the phone and discuss is with the prosecutor.

Others have opined that a company that does not have access to all the facts will be at a disadvantage, despite their best efforts to do a thorough and timely investigation.  As the corporate entity, the presumption will be that you have access to the evidence.  But if there are instances where you do not, or you are legally prohibited from handing it over, then you need to raise these issues with the prosecutor.

Additionally, there is nothing in the new policy that requires companies to waive attorney-client privilege or in any way rolls back the protections that were built into the prior factors.  The policy specifically provides that it requires only that companies turn over all relevant non-privileged information and our revisions to the USAM – which left the sections on the attorney-client privilege intact – underscore that point.

But let’s be clear about what exactly the attorney-client privilege means.  As we all know, legal advice is privileged.  Facts are not.  If a law firm interviews a corporate employee during an investigation, the notes and memos generated from that interview may be protected, at least in part, by attorney-client privilege or as attorney work product.  The corporation need not produce the protected material in order to receive cooperation credit and prosecutors will not request it.  But to earn cooperation credit, the corporation does need to produce all relevant facts –including the facts learned through those interviews—unless identical information has already been provided.  We will respect the privilege, but we will also expect companies to respect its boundaries and not to wrongly exploit its legitimate purpose by using it to shield non-privileged information from investigators.

Some have theorized that our new policy will have a chilling effect on employees’ willingness to cooperate in their companies’ internal investigations, thus limiting our ability to find out what really happened.  I will acknowledge that our focus on culpable individuals may make some employees nervous.  Some may have reason to be nervous.  But to the extent that there’s a tension between the interests of the company and the interests of individuals in an internal investigation, that dynamic is nothing new.  This tension is reflected in the admonition that corporate counsel give employees that they represent the company not the employee and that the company may provide to the government any information that the employee provides.  So these new cooperation rules simply emphasize — for the benefit of companies and prosecutors – the importance of identifying individual wrongdoers in any corporate case.

Understand that we’re not asking companies to pin a scarlet letter on their employees or provide us with prosecutable cases against them in order to get the benefits of cooperation.  Cooperation does not require a company to characterize anyone as “culpable.”  Cooperation does require that a company provide us with all facts about the all individuals involved.

Two last points on the subject of cooperation.  First, timing, as always, is of the essence.  A company should come in as early as it possibly can, even if it doesn’t quite have all the facts yet. The new USAM language makes plain that a company won’t be disqualified from receiving cooperation credit simply because it didn’t have all the facts lined up on the first day it began talking with us.  Rather, under those circumstances, we expect that cooperating companies will simply continue to turn over the information to the prosecutor as they receive it.

Second, one of the changes made to the USAM today separates what used to be a single factor that covered both a corporation’s voluntary disclosure and its willingness to cooperate into two separate factors – one focused solely on the company’s timely and voluntary disclosure and the second on its cooperation.   We made this change to emphasize that while the concepts of voluntary disclosure and cooperation are related, they are distinct factors to be given separate consideration in charging decisions.  In recognition of the significant value early reporting holds for us, prompt voluntary disclosure by a company will be treated as an independent factor weighing in the company’s favor.


We make all of these changes recognizing challenges that they may present.  Some have speculated that the new policy may mean that fewer companies cooperate with the government because of some perception that the new standard is too difficult to meet.  I suppose that may happen, but I’m not convinced.  I have a hard time imagining that it will truly be in a company’s best interest to forego the substantial benefits accorded for cooperation solely to avoid having to provide all the facts about individual conduct.  That would seem to be a particularly difficult call for the board of directors of a publicly traded company given the fiduciary duty to the shareholders.  But if fewer companies cooperate and our corporate settlements are reduced, we’re okay with that.   I will repeat a point I made when we announced this policy:  our mission is not to recover the largest amount of money from the greatest number of corporations; our job is to seek accountability from those who break our laws and victimize our citizens.

Here in the audience, we have more than lawyers and bankers; we also have one of the most important constituencies in our efforts to combat corporate misconduct:  compliance professionals.  You are a crucial partner in the fight against white-collar crime.  At DOJ, we don’t want to go after the corporate wrongdoers simply as an end unto itself; we want to decrease the amount of corporate wrongdoing that happens in the first place.  We want to restore and help protect the corporate culture of responsibility. That’s only possible with strong compliance programs—and with rigorous internal controls that help companies self-assess and self-correct.  It is in our mutual interest to ensure that we root out misconduct, promote fairness and demonstrate that no one is above the law.

At the Justice Department, our ability to do our jobs effectively depends on the public’s confidence in the institutions we represent.  The public must believe what I have always known to be true; that we will aggressively pursue wrongdoing in all its forms, no matter who the wrongdoer may be.  That means that we must continue to demonstrate that our criminal justice system operates fairly and applies equally and is designed not only to punish misconduct but also to try to stop it from happening again.”

Little New Information Of Significance In SEC Director Ceresney’s FCPA Speech

Thursday, November 19th, 2015

CeresneyYesterday’s post highlighted Assistant Attorney General Leslie Caldwell’s recent speech before a Foreign Corrupt Practices Act audience.

Today’s post provides equal time to Andrew Ceresney’s (Director of the SEC’s Enforcement Division) FCPA speech to the same audience.

To those well-versed on prior SEC FCPA policy speeches, there was little new information of significance in Ceresney’s speech (and you can assess this for yourself by visiting this subject matter tag which highlights every SEC FCPA policy speech in the public domain over the last several years). Indeed, significant portions of Ceresney’s speech were near carbon copies of prior speeches he delivered at the same event one year ago and two years ago (see here and here for prior posts).

[From a LinkedIn comment: "I agree with your assessment of Director Ceresney's speech. In fact the majority of the attendees who were present during the luncheon speech felt the same way. And judging from his presentation, he was hardly enthused about the speech. Basically, it was just read off paper word for word not even looking up. But you also have to put his speech in the proper context. It was something designed to take up the slack time between the main meal and waiting for the dessert to come out."]

The only new item in Ceresney’s speech was the following statement: “the Enforcement Division has determined that going forward, a company must self-report misconduct in order to be eligible for the Division to recommend a DPA or NPA to the Commission in an FCPA case.”

As a practical matter, this statement is not very significant as the SEC has only used NPAs or DPAs three time since the SEC authorized their use in 2010. Moreover, the SEC has handled voluntary disclosure in the FCPA context in several different ways.  In certain instances, civil complaints are filed in connection with voluntary disclosures; in other instances, administrative cease and desist orders are used in connection with voluntary disclosures; and in other instances  - as noted by Ceresney – NPAs and DPAs are used in connection with voluntary disclosures.

Prior to excerpting Ceresney’s speech, a few observations about the individual prosecution and BHP Billiton portions of the speech.

Individual Proseuctions

Ceresney stated:

“Outside the FCPA context in particular, over the last five years, 80% of the SEC’s enforcement actions (excluding follow-on administrative proceedings and delinquent filings) have involved charges against individuals.  This focus on individuals also applies to FCPA cases.”

Ceresney did not provide statistics for individual prosecutions in connection with corporate SEC enforcement actions so I will. As noted in prior posts here and here, since 2008 83% of SEC corporate FCPA enforcement actions have not resulted in any SEC charges against company employees.

No doubt in recognition of these FCPA specific statistics, Ceresney attempted to articulate why FCPA enforcement actions against individuals “present formidable challenges.” However, most of the factors listed are also present in corporate FCPA enforcement actions. There is however a key difference.  In the FCPA’s history, it is not believed that the SEC has ever had to prove a case against an issuer whereas individuals are more likely to, and have, put the SEC’s to burden of proof and the SEC has never satisfied its ultimate burden of proof against an individual when this happens.

BNY Mellon / Anything of Value

Similar to his speech last year at the same event, Ceresney devoted a material portion of his remarks to an FCPA element that is seldom the focus of much discussion:  anything of value.   In the words of Ceresney “enforcing the FCPA to its fullest extent.”

Ceresney provided a list of questions regarding less tangible things of value that will be of value to compliance practitioners.

In connection with this portion of his speech, Ceresney defended the SEC’s enforcement action against BNY Mellon which focused on the company’s internship practices. He called criticism of the enforcement action “unfounded.”

However, Ceresney failed to address many of the other criticisms of the enforcement action not necessarily connected to the anything of value element such as corrupt intent, obtain or retain business, and other statutory issues. (See here).

The remainder of this post excerpts Ceresney’s speech.

“Pursuing violations of the FCPA remains a critical part of the SEC’s enforcement efforts.  The SEC has taken a lead role in combatting corruption worldwide, enforcing the FCPA vigorously against issuers and individuals within its jurisdiction and working with foreign partners to enhance their anticorruption efforts.

The Division of Enforcement – including its specialized FCPA Unit, as well as other members of the staff – continues to be very active holding wrongdoers accountable for FCPA violations.  The Commission’s enforcement efforts over the last ten years, along with those of our partners at the DOJ and FBI, have resulted in a sea change in enhancing the focus on FCPA compliance issues.


I thought I would spend some time this afternoon discussing a few issues that are important to the SEC’s FCPA program: self-reporting and cooperation; holding individuals accountable for FCPA violations; cooperation with foreign regulators; and ongoing efforts to ensure that the FCPA is enforced to its fullest extent.

The Importance of Self-Reporting and Cooperation

I want to start with the importance of self-reporting and cooperation in FCPA cases.  The Commission launched its formal cooperation program a little more than five years ago, and as I have explained in other contexts, it has been a great success overall.  Even before that formal cooperation program was implemented, the SEC was rewarding cooperation in FCPA matters, and it has continued to do so under the more formal program.  In the last fiscal year alone, the Commission gave significant credit for cooperation in more than half a dozen cases.  These included the settlement with Layne Christensen, which included a significantly reduced penalty of 10% of the disgorgement amount; a settlement with PBSJ, where we entered into a deferred prosecution agreement and the penalty was a small fraction of disgorgement; and a settlement with Goodyear, which was the first case where the Commission agreed not seek any penalty in recognition of the company’s significant cooperation.  These cases should send the message loud and clear that the SEC will reward self-reporting and cooperation with significant benefits.  Companies should understand that the benefits of cooperating with the SEC are significant and tangible.

Let me spend a moment on self-reporting because that is an issue that has attracted lots of attention in recent years.  Self-reporting is critical to the success of SEC’s cooperation program.  Self-reporting allows the Enforcement staff to discover misconduct more quickly and reliably than otherwise would be possible.  In certain cases, particularly when misconduct occurs overseas, companies may be in a better position to quickly investigate misconduct and the information provided by companies as part of their self-reporting often gives a significant head start on our investigations.

Self-reporting also is a valuable tool for parties who want to maximize the benefits available for cooperation.  As the cases I just mentioned make clear, there are significant benefits available to companies who self-report violations and cooperate fully with our investigations.  Benefits range from reduced charges and penalties, to deferred prosecution or non-prosecution agreements – known as DPAs or NPAs – in instances of outstanding cooperation, or in certain instances when the violations are minimal, no charges.

However, beyond these benefits, which are the carrot, there is also a stick that should further incentivize self-reporting.  Companies that make a decision not to self-report misconduct take the chance that the Enforcement Division will learn of this misconduct through other means.  The SEC’s whistleblower program has created real incentives for people to report wrongdoing to us.  If the Enforcement Division finds the violations through its own investigation or from a whistleblower, the consequences to the company will likely be worse and the opportunity to earn additional cooperation credit may well be lost.  As I’ve said before, when discussing our cooperation program in general and specifically in the FCPA context, companies are gambling if they fail to self-report FCPA misconduct to us.

Given the importance of self-reporting to our FCPA investigations, the Enforcement Division continues to looks for ways to encourage self-reporting of violations through our cooperation program.  Towards that end, the Enforcement Division has determined that going forward, a company must self-report misconduct in order to be eligible for the Division to recommend a DPA or NPA to the Commission in an FCPA case.  I am hopeful that this condition on the decision to recommend a DPA or NPA will further incentivize firms to promptly report FCPA misconduct to the SEC and further emphasize the benefits that come with self-reporting and cooperation.

It is important to note here that while the Division will require a company to self-report in order to be eligible for a DPA or NPA, self-reporting alone is not enough.  Determinations of how much credit to give an entity for cooperation, including whether to take the extraordinary step of entering into a DPA or NPA, are made by evaluating the broad factors set out by the Commission in the Seaboard report. In addition to self-reporting, these factors include a corporation’s self-policing, remediation, and cooperation. While DPAs and NPAs are valuable tools, they reflect a significant level of cooperation and have been a relatively limited part of Commission enforcement practice.  I think this is appropriate and should continue to be the case.  But the Division will not even consider this step if a company fails to self-report.

Requiring a company to self-report potential FCPA violations in order to be eligible for a DPA or NPA is consistent with the SEC’s practice since the introduction of our formal cooperation program in 2010.  In each FCPA case where the SEC entered into a DPA or NPA, the company involved self-reported the violations, and then provided significant cooperation throughout the investigation.

The most recent example is the DPA the Commission entered into with PBSJ Corporation earlier this year.  In that case, the Commission charged a former officer of the Florida engineering and construction firm with violating the FCPA by offering and authorizing bribes and employment to foreign officials to secure Qatari government contracts. The Commission determined that a DPA with the company was appropriate.  PBSJ self-reported the violations to the SEC, took immediate steps to end the misconduct, and fully cooperated with the investigation, including voluntarily making foreign witnesses available for interviews and providing factual chronologies, timelines, internal summaries, and full forensic images to the SEC.  Under the DPA, PBSJ agreed to pay more than $3 million in disgorgement and prejudgment interest and a penalty of $375,000 – approximately 10% of the disgorgement level – and to comply with certain undertakings.

Similarly, in 2013 the Commission entered into its first ever FCPA NPA with Ralph Lauren Corporation in connection with bribes paid by a subsidiary to government officials in Argentina.  In determining to enter a NPA with the company, the Commission recognized the company’s prompt self-reporting of the violation – within two weeks of discovering the illegal payments – and its extraordinary cooperation with the SEC’s investigation, which included voluntarily and expeditiously producing relevant documents, providing translations of foreign-language documents, providing witness interview summaries from its internal investigation, making overseas witnesses available, and bringing witnesses to the U.S.  The Commission also took into account significant remedial measures undertaken by Ralph Lauren.  Under the NPA, the company paid more than $700,000 in disgorgement and pre-judgment interest.

Finally, self-reporting was a key consideration leading to the DPA with Tenaris, S.A., in 2011, which was the SEC’s first DPA since the introduction of the cooperation program.  The agreement with Tenaris involved allegations that the global manufacturer of steel pipe products made almost $5 million on contracts obtained through bribes of Uzbekistan government officials during a bidding process to supply pipelines for transporting oil and natural gas. The Commission determined that a DPA with Tenaris was appropriate.  The company immediately reported the violations to the SEC, conducted a thorough internal investigation, fully cooperated with the investigation, and implemented significant remediation efforts.  Under the DPA, Tenaris paid $5.4 million in disgorgement and prejudgment interest and agreed to enhance its compliance practices.  Tenaris paid no penalty.

I hope that by highlighting the benefits of cooperation and detailing the efforts companies took to self-report and cooperate, the Enforcement Division can help provide a blueprint for companies regarding what kind of cooperation and remediation efforts are required to maximize the benefits of the SEC’s cooperation program.

Focus on Individual Liability

The next area I want to talk about today is our focus on individual liability.  Holding individuals accountable for their wrongdoing is critical to effective deterrence and, therefore, the Division considers individual liability in every case.  Outside the FCPA context in particular, over the last five years, 80% of the SEC’s enforcement actions (excluding follow-on administrative proceedings and delinquent filings) have involved charges against individuals.  This focus on individuals also applies to FCPA cases.  When we are able to recommend a case against individuals for FCPA violations, we do so.

However, it is also true that FCPA cases often present formidable challenges to establishing individual liability.  In most FCPA cases, the individuals most directly involved in the wrongdoing are foreign nationals who live outside the United States.  As a result, it is often difficult to establish personal jurisdiction over potential wrongdoers, particularly if they are employees of the foreign subsidiary rather than the parent issuer.  In addition, most of the witnesses and documents are located overseas, which presents evidentiary challenges.  The cases are very time-consuming and resource-intensive to litigate, and if the wrongdoer is a foreign national with no assets or ties to the U.S., recoveries may be limited.  Finally, given the evidentiary challenges and complexity of FCPA investigations, the statute of limitations also complicates these cases.  The statute of limitations applicable to Commission actions is not tolled when foreign evidence requests are outstanding.

However, where the Division’s investigations find sufficient evidence to bring charges and establish personal jurisdiction, the Commission brings those cases.  Over twenty percent of the SEC’s FCPA cases this past year were brought against individuals, sometimes in conjunction with a case against the issuer, and sometimes before or after the issuer case was brought.  In the PBSJ case I discussed earlier, while the Commission entered into a DPA with the company, it charged the former PBSJ officer who orchestrated the scheme with violating the anti-bribery provisions of the FCPA.  As set out in the SEC’s order, the officer offered to funnel funds to a local company owned and controlled by a foreign official in order to secure two multi-million Qatari government contracts for PBSJ and also offered employment to a second foreign official in return for assistance as the bribery scheme began to unravel. The officer agreed to settle the charges and pay a significant penalty.

In August, the Commission brought charges against a former executive at a worldwide software manufacturer for violating the FCPA by bribing Panamanian government officials through an intermediary to procure software license sales.  As set out in the SEC’s order, the executive orchestrated a scheme to pay bribes to one government official and promised to pay two others in order to obtain four contracts to sell software to the Panamanian government.  The executive, who lives in Miami, agreed to settle the charges and disgorge all of his ill-gotten gains.

And earlier this fiscal year, the SEC charged two former employees in the Dubai office of a U.S.-based defense contractor with violating the FCPA by providing government officials in Saudi Arabia with improper benefits to help secure business for the company.  The individual employees settled the charges and each agreed to pay a significant penalty.

The Commission is committed to holding individuals accountable and I expect you will continue to see more FCPA cases against individuals.

Effective Coordination with International Regulators and Law Enforcement

One of the reasons we’ve been able to achieve such success in our FCPA cases over the past few years – both against companies and individuals – is the Division’s effective coordination with international regulators and law enforcement.  In today’s globalized marketplace, the SEC’s ability to protect investors and maintain fair and efficient markets is often dependent on Enforcement’s ability to investigate misconduct that takes place, at least in part, abroad.  This is especially true with FCPA investigations, which routinely rely on evidence obtained from foreign jurisdictions, and often are conducted in parallel with foreign governments.

Over the past five years, the Enforcement Division has experienced a transformation in the ability to get meaningful and timely assistance from international partners.  Enforcement has greatly expanded its efforts to obtain evidence of potential wrongdoing from around the globe with the assistance of the SEC’s Office of International Affairs and continues to strengthen our partnerships with other countries.  There has also been an important trend of significant growth in focus and legislation on corruption issues worldwide over the last few years.  The result has been a tremendous increase in cooperation from other governments and better access to evidence in foreign countries.

This increased coordination helps the SEC successfully conclude significant enforcement actions.  For example, assistance from foreign authorities was critical to the Commission’s recent case against Hitachi.  The investigation was greatly assisted by the African Development Bank and the South African Financial Services Board.  And the resulting case charged Hitachi with violating the FCPA by inaccurately recording improper payments to a front company for the African National Congress – the ruling party in South Africa – in connection with contracts to build two power plants.  The company agreed to settle the charges and pay a $19 million penalty for its FCPA violations.

In April of this year, the SEC also charged FLIR Systems, Inc. for violating the FCPA by financing what an employee termed a “world tour” of personal travel for government officials in the Middle East who played key roles in decisions to purchase products from FLIR. The Commission’s order found that FLIR earned more than $7 million in profits from sales influenced by the improper travel and gifts.  We received valuable assistance in our investigation from the United Arab Emirates Securities and Commodities Authority.  To settle the matter, FLIR agreed to pay more than $9.5 million in disgorgement and penalties and report its FCPA compliance efforts to the agency for the next two years.  In the BHP Billiton matter I mentioned earlier, the Division received assistance from the Australian Federal Police.

These are just three recent examples of the Division’s success in working with the international community to receive documents and other types of foreign assistance.  I fully expect the pace and extent of foreign agencies’ cooperation in the FCPA space to grow over the coming years as the Division continues to forge new relationships abroad and strengthen those we already have.

Enforcing the FCPA Statute to its Fullest Extent

Finally, I thought I would say a few words about the Commission’s efforts to enforce the FCPA to the fullest extent of the statute.  As this audience surely knows, the statute precludes the payment or provision of “anything of value” to a foreign official in order to induce that official to take official action or obtain an improper advantage for the purpose of obtaining or retaining business.

And of course “anything” of value is, on its face, a broad term.  Obviously, cash payments count.  Similarly, tangible gifts to foreign officials undoubtedly qualify as things of value.  But the Commission has also successfully brought FCPA cases where other, less traditional, items of value have been given in order to influence foreign officials.  For example, last year, I discussed a series of cases in which the Commission brought bribery charges against companies that made contributions to charities that were affiliated with foreign government officials, provided no-show jobs to the spouse of a foreign official, or paid for the honeymoon of a foreign official’s daughter, all to induce those officials to direct business to the companies.  Each of these benefits qualifies as something of value under the FCPA statute.

The SEC’s recent case against BNY Mellon, its first FCPA case against a financial institution, also illustrates this approach.  The Commission’s case charged that the firm violated the FCPA by providing valuable student internships to family members of foreign government officials affiliated with a Middle Eastern sovereign wealth fund.

Some have expressed concern about these cases, arguing that it is difficult to draw a clear line between what constitutes a violation and what does not, in cases involving less traditional items of value.  In my view, these concerns are unfounded.  The line between what is acceptable and what constitutes a violation of the law is in the same place it always has been:  when something of value – which can include a gift, donation, favor, or hiring decision – is given or taken with intent to influence the foreign official in his or her official actions or obtain an improper advantage.  While this analysis is dependent on the facts and circumstances of each particular case, it is the same analysis companies routinely conduct when considering how their employees interact with government officials in the course of business. The relevant questions include:

  • Was the gift, donation, favor, or hiring asked for by the foreign official?
  • Did the company official believe that the gift, donation, favor, or hiring would advance their business interests and help them obtain particular business, or at least obtain an improper advantage with the foreign official?
  • Was the gift, donation, favor, or hiring consistent with company policy and practice?
  • Were the company’s normal procedures followed in connection with the gift, donation, favor, or hiring?
  • Would the gift, donation, favor, or hiring have been made if there were no potential business benefit?

In the BNY Mellon case for example, the Commission’s order described the following facts.  The sovereign wealth fund officials explicitly and repeatedly requested the internships and the BNY Mellon employees viewed providing the internships as important to keeping the sovereign wealth fund’s business and potentially obtaining new business.  Indeed, one BNY Mellon employee stated that failure to provide the internships would “potentially jeopardize our mandate” with the sovereign fund and another stated that providing the internship was “the only way” to increase BNY Mellon’s share of business from the sovereign funds’ European office. In addition, the bank did not evaluate or hire the officials’ relatives through its internship program, which had stringent standards, including a minimum grade point average, relevant prior work experience, and multiple rounds of interviews.  In fact, the family members hired did not meet the basic entrance standards for any established BNY Mellon internship program, did not have the requisite academic or professional credentials, and were not even required to interview before being offered the positions.

Under these circumstances, I would suggest that there was ample basis for viewing the internships as something of value to the foreign officials who requested them for their relatives, and for concluding that they were given in an attempt to influence the foreign officials in connection with the performance of their official duties or to obtain an improper advantage from the foreign officials.

As I’ve said before, bribes come in many shapes and sizes.  And in my view, the FCPA is properly read to cover providing valuable favors to a foreign official, as well as providing cash, tangible gifts, travel or entertainment.


To sum up, the Enforcement Division is committed to aggressively pursuing violations of the FCPA by entities and individuals.  We will continue to use our cooperation program and to coordinate with international regulators and law enforcement to do so more effectively.  It is my hope that we can continue to build on the solid foundation we have created for FCPA compliance in the coming years.”

Little New Information In Assistant AG Caldwell’s FCPA Speech

Wednesday, November 18th, 2015

caldwellYesterday, Assistant Attorney General Leslie Caldwell delivered this speech before a Foreign Corrupt Practices Act audience.

To those well-versed on prior DOJ FCPA policy speeches, there was little new in Caldwell’s speech (and you can assess this for yourself by visiting this subject matter tag which highlights every DOJ FCPA policy speech in the public domain over the last several years).

The only “new” item in Caldwell’s speech was her announcement that the DOJ is ”preparing to add 10 new prosecutors to the Fraud Section’s FCPA Unit, increasing its size by 50 percent.” But here again, for years the DOJ and/or FBI have been trumpeting the ever increasing persons in their respective FCPA units.

Prior to excerpting, Caldwell’s speech, a few observations about the voluntary disclosure and “secret” FCPA enforcement aspects of Caldwell’s speech.

Voluntary Disclosure

Caldwell stated yesterday:

“[The DOJ] is not reliant on corporate self-reporting in the FCPA or any other context—indeed, the majority of our FCPA cases are investigated and prosecuted without a voluntary disclosure …”.

As noted in this December 2014, the DOJ previously said that it does not track voluntary disclosure statistics. However, as noted in the post, FCPA Professor does based on information in the DOJ’s own resolution documents.  The statistics (current as of the date in the post) were as follows.

  • Since 2011, there have been 31 core corporate DOJ FCPA enforcement actions.  17 of the enforcement actions (55%) have been based on voluntary disclosures per the DOJ’s own resolution documents.  This 55% figure actually under-represents the impact of voluntary disclosures on the DOJ’s FCPA enforcement program because several other FCPA enforcement actions (for instance against Smith & Nephew and Biomet) are generally viewed as “fruits” of a prior voluntary disclosure (Johnson & Johnson). Moreover, the Bilfinger enforcement action was the direct result of the prior Willbros enforcement action (an enforcement action based on a voluntary disclosure).

“Secret” FCPA Enforcment

For years, there have been whispers in the FCPA space about “secret” FCPA enforcement actions.  As noted in this prior post, the 2012 FCPA Guidance seemed to confirm such whispers as the Guidance stated:

  • “Historically, DOJ had, on occasion, agreed to DPAs with companies that were not filed with the court.  That is no longer the practice of DOJ.”
  • The Guidance also suggested that the DOJ has used non-prosecution agreements in individual FCPA-related case (e.g., “If an individual complies with the terms of his or her NPA, namely, truthful and complete cooperation and continued law-abiding conduct, DOJ will not pursue criminal charges.”  The Guidance also states that “in circumstances where an NPA is with a company for FCPA-related offenses, it is made available to the public through DOJ’s website.” (emphasis added).  This statement suggests that when an NPA is with an individual for FCPA-related offenses, the agreement is not made public.

In yesterday’s speech, Caldwell stated:

“We usually publicly announce corporate resolutions and pleas, and make the documents available on our website.” (emphasis added).

This statement only deepens the mystery surrounding apparent “secret” FCPA enforcement and the irony is that Caldwell’s statement was made in the same speech in which she stated “greater transparency benefits everyone.”

The remainder of this post excerpts Caldwell’s speech.

“I appreciate the opportunity to talk with you today about the Justice Department’s (DOJ) increasing attention to the investigation and prosecution of international corruption under the FCPA.

In 1977, when Congress enacted the FCPA, it called the “payment of bribes to influence the acts or decisions of foreign officials…unethical [and] counter to the moral experience and values of the American public.”  In the investigations leading to the act’s passage, Congress uncovered more than $300 million—or nearly $1.2 billion in 2015 dollars—in bribes paid by American companies to foreign officials.

Unfortunately, in the intervening 38 years, corruption has not disappeared.  In fact, as globalization increases, there is some evidence that corruption has as well.  The FCPA has, however, helped bring to justice some of the largest-scale perpetrators of economic corruption, and in 2014, companies paid more than $1.5 billion in corporate FCPA penalties to DOJ alone.  And that does not include payments made to other U.S. and foreign entities.  Clearly, our work to uphold the “moral experience and values of the American public” remains unfinished.

As you may know, that work is led by a team of federal prosecutors in the Criminal Division’s Fraud Section.  They are joined in this fight against international corruption by their colleagues in the Asset Forfeiture and Money Laundering Section—known as AFMLS—which pursues prosecutions against institutions and individuals engaged in money laundering, Bank Secrecy Act violations and sanctions violations.

AFMLS attorneys also seek the forfeiture of proceeds of high-level foreign corruption through the relatively new Kleptocracy Asset Recovery Initiative.  The two units complement each other in their efforts to hold both bribe payers and bribe takers accountable for their criminal conduct.

I would like to talk with you today about our ongoing efforts to enhance the Criminal Division’s ability to root out and prosecute corruption, and also to provide increased transparency about the division’s decision-making.

During this past year, we increased our FCPA resources, including by adding three new fully-operational squads to the FBI’s International Corruption Unit that are focusing on FCPA and Kleptocracy matters.  We are also preparing to add 10 new prosecutors to the Fraud Section’s FCPA Unit, increasing its size by 50 percent.  These new squads and prosecutors will make a substantial difference to our ability to bring high-impact cases and greatly enhance the department’s ability to root out significant economic corruption.

In addition to increased resources directed to FCPA cases, one of my priorities in the Criminal Division has been to increase transparency regarding charging decisions in corporate prosecutions.

Greater transparency benefits everyone.  The Criminal Division stands to benefit from being more transparent because it will lead to more illegal activity being uncovered and prosecuted.  This is in part because if companies know the consideration they are likely to receive from self-reporting or cooperating in the government’s investigation, we believe they will be more likely to come in early, disclose wrongdoing and cooperate.

On the flip side, companies can also better evaluate the consequences they might face if they do not merit that consideration.  In both ways, transparency helps achieve the deterrent purpose of the FCPA because comparatively opaque or unreasoned enforcement action can make it more difficult for companies to make their own rational decisions about how to react when they learn of a bribe.

Transparency also helps to reduce any perceived disparity, in that companies can compare themselves to other similarly-situated companies engaged in similar misconduct.  There are often limits to how much we can disclose about our investigations and prosecutions—particularly for investigations in which no charges are brought—but we are trying to be more clear about our expectations in corporate investigations and the bases for our corporate pleas and resolutions.

Let me provide some examples to illustrate this point.

Just a few months ago, the former co-CEO of PetroTiger pleaded guilty to conspiring to violate the FCPA.  He joined his fellow co-CEO and the company’s former general counsel in being convicted of bribery and fraud charges after a DOJ investigation that revealed a scheme to secure a $39 million oil-services contract for PetroTiger through bribery of Colombian officials.  This was serious misconduct that went to the very top of the company, and in a typical case, criminal charges for the company may well also have been appropriate.

We learned about this misconduct through voluntary disclosure by PetroTiger, however.  And after that self-disclosure, the company fully cooperated with the department’s investigation of the misconduct and of the individuals responsible for it.  As you likely know, the department ultimately declined to prosecute the company, or to seek any NPA (non-prosecution agreement) or DPA (deferred prosecution agreement) with it, even though we clearly could have done so.

By contrast, in December of last year—about a month after I last addressed this conference—Alstom S.A., the French power company, pleaded guilty to violating the FCPA.  In fact, Alstom was sentenced just last week.  Alstom admitted to its criminal conduct and agreed to pay a penalty of more than $772 million, the largest foreign bribery resolution with the Justice Department ever.  In addition, Alstom’s Swiss subsidiary pleaded guilty to conspiracy to violate the anti-bribery provisions of the FCPA.  Two U.S.-based subsidiaries also admitted to conspiring to violate the FCPA and entered into deferred prosecution agreements.  The investigation resulted in criminal charges against five individuals, including four corporate executives, in connection with the bribery scheme.  To date, four of those individuals have pleaded guilty.

Given the significant scope of the misconduct in that case—including the involvement of corporate executives—it is fair to say that the factors we look at in these cases weighed in favor of some kind of criminal disposition.  And it would also be fair to point out that what was missing in those factors was any strong argument, of the type that PetroTiger was able to make, for prosecutorial consideration for Alstom’s own efforts to mitigate the misconduct.  Rather, unlike PetroTiger, Alstom did not voluntarily disclose the misconduct and refused to cooperate with our investigation until years later, after we had already charged company executives.

When we talk about this kind of credit for mitigation in FCPA corruption cases, we cannot talk simply about “cooperation.”  Cooperation is only one element of mitigation.  In our view, a company that wishes to be eligible for the maximum mitigation credit in an FCPA case must do three things: (1) voluntarily self-disclose, (2) fully cooperate and (3) timely and appropriately remediate.

When a company voluntarily self-discloses, fully cooperates and remediates, it is eligible for a full range of consideration with respect to both charging and penalty determinations.

Of course, in some cases the scope or seriousness of the criminal activity or the company’s history will mandate a criminal resolution, but in those cases it will be even more important for the company to present the strongest possible mitigation.  And companies that fail to self-disclose but nonetheless cooperate and remediate will receive some credit.  But that credit for cooperation and remediation will be measurably less than it would have been had the company also self-reported.

Let me walk through now in more detail the elements of those three factors.

First, as I have said before, companies for the most part have no obligation to self-disclose criminal wrongdoing to the Justice Department.  That has not changed.  And we are not reliant on corporate self-reporting in the FCPA or any other context—indeed, the majority of our FCPA cases are investigated and prosecuted without a voluntary disclosure and sometimes, as in the Alstom case, without corporate cooperation.

As time passes and the world continues to shrink, we have more and more sources of information about FCPA violations, ranging from whistleblowers, to foreign law enforcement, to competitors, to current and former employees, the foreign media, and others.   So if you discover an FCPA violation that you opt not to self-report, you are taking a very real risk that we will one day find out, or that we already know, and you will not be eligible for the full range of potential mitigation credit.

That said, we recognize that companies often are reluctant to self-report FCPA violations, especially when they believe that we may not otherwise learn of the misconduct.  And we also recognize that FCPA investigations present challenges for us that make them different in some important ways from other types of white collar crime.

By their nature, overseas bribery schemes can be especially difficult to detect, investigate and prosecute.  Individuals who violate the FCPA and relevant evidence often are located overseas—sometimes in jurisdictions with which we have limited relationships.  FCPA violations often involve one or more third parties, such as resellers or agents, also located overseas.  Money often moves through multiple offshore accounts, usually in the names of shell corporations.  The transactions almost always are concealed in some fashion from the company’s books and records.  And the company often is much better-positioned than the Justice Department to get to the bottom of things in an efficient and timely fashion.

For these reasons, voluntary self-disclosure in the FCPA context does have particular value to the department.   Because of that, we want to encourage self-disclosure by making clear that, when combined with cooperation and remediation, voluntary disclosure does provide a tangible benefit.

What do I mean by voluntary self-disclosure?  I mean that within a reasonably prompt time after becoming aware of an FCPA violation, the company discloses the relevant facts known to it, including all relevant facts about the individuals involved in the conduct.

To qualify, this disclosure must occur before an investigation—including a regulatory investigation by an agency such as the SEC—is underway or imminent.  And disclosures that the company is already required to make by law, agreement or contract do not qualify.

Second, in line with the focus on individual accountability for corporate criminal conduct announced earlier this year by Deputy Attorney General Sally Yates, companies seeking credit must affirmatively work to identify and discover relevant information about the individuals involved through independent, thorough investigations.

Companies cannot just disclose facts relating to general corporate misconduct and withhold facts about the individuals involved.  And internal investigations cannot end with a conclusion of corporate liability, while stopping short of identifying those who committed the underlying conduct.

In addition to identifying the individuals involved, full cooperation includes providing timely updates on the status of the internal investigation, making officers and employees available for interviews—to the extent that is within the company’s control—and proactive document production, especially for evidence located in foreign countries.

Some have expressed concern that we now expect companies to conduct more extensive—and expensive—investigations to obtain credit for cooperating.  That is not the case.  As I have said before, we are not asking companies to boil the ocean.

As always, we continue to expect investigations to be thorough and tailored to scope of the wrongdoing, and to identify the wrongdoing and the wrongdoers.  We expect cooperating companies to make their best effort to uncover the facts with the goal of identifying the individuals involved.  To the extent companies and their counsel are unclear about what this means, we remain willing to maintain an open dialogue about our interests and our concerns, which should help save companies from aimless and expensive investigations.

A company that does not have access to all the facts, despite its best efforts to do a thorough and timely investigation, will not be at a disadvantage.  Our presumption is that the corporate entity will have access to the evidence, but if there are instances where you do not, or you are legally prohibited from handing it over, then, again, you need to explain that to us.  And know that we will test the accuracy of your assertions.

We, of course, recognize that we sometimes can obtain evidence that a company cannot.  We often can obtain from third parties evidence that is not available to the company.  Also, we know that a company may not be able to interview former employees who refuse to cooperate in a company investigation.  Those same employees may provide information to us, whether voluntarily or through compulsory process.  Likewise, there are times when, for strategic reasons, we may ask that the company stand down from pursuing a particular line of inquiry.  In these circumstances, the company of course will not be penalized for failing to identify facts subsequently discovered by government investigators.

Finally, remediation includes the company’s overall compliance program as well as its disciplinary efforts related to the specific wrongdoing at issue.  For example, we will consider whether and how the company has disciplined the employees involved in the misconduct.  We will also examine the company’s culture of compliance including an awareness among employees that any criminal conduct, including the conduct underlying the investigation, will not be tolerated.

A well-designed and fully-implemented compliance program is key.  Such a program should have sufficient resources relative to the company’s size to effectively train employees on their legal obligations and to uncover misconduct in its earliest stages.  Compliance personnel should be sufficiently independent so that they are free to report misconduct even when committed by high-ranking officials.

Because this area is nuanced, the Fraud Section has recently retained an experienced compliance counsel to help assess these programs.  She has many years of experience in the private sector assisting global companies in different industries build and strengthen compliance controls.  We look forward to her insights on issues such as whether the compliance program truly is thoughtfully designed and sufficiently resourced to address the company’s compliance risks and whether proposed remedial measures are realistic and sufficient.  She also will be interacting with the compliance community to seek input about ways we can work together to advance our mutual interest in strong corporate compliance programs.

Let me reiterate: there is no requirement that a company self-disclose, fully cooperate or remediate FCPA offenses, and failure to do those things, or to do them to the standards I have described here, in and of itself, does not mean that charges will be filed against a company any more than it would with respect to an individual.  But when it comes to serious, readily-provable offenses, companies seeking a more lenient disposition on the basis that they took steps to mitigate the offense after it was discovered are on notice of what the Criminal Division looks for when we consider these mitigating factors.

Just as we expect transparency from companies seeking prosecutorial consideration for mitigating an FCPA offense, we are doing our best to act in kind.  We recognize that information about the bases for our corporate guilty pleas and resolutions is an important reference point for companies that are evaluating whether to self-disclose a violation or cooperate.

In each of our corporate resolutions—be it a guilty plea, NPA or DPA—we aim to provide a detailed explanation of the key factors that led to our decision.  These include a detailed recitation of the misconduct, as publicly admitted by the company and the corporation’s cooperation—if any—and remedial measures.  We usually publicly announce corporate resolutions and pleas, and make the documents available on our website.

We know that the overwhelming majority of companies try to do the right thing the overwhelming majority of the time.  And we applaud the efforts of corporate counsel and executives alike in establishing and enforcing FCPA compliance programs to prevent violations.  I think we can all agree that the FCPA’s ultimate goal – like that of the other criminal statutes we enforce on a daily basis – is not the prosecution and punishment of individuals and companies engaged in bribery as a business practice but rather an end to corruption before it begins.  I would much prefer to report lower figures in terms of FCPA prosecutions and penalties in future years if it meant less corruption were occurring.

By increasing the size of our FCPA force and by incentivizing early reporting and thorough compliance programs through increased transparency, we are making progress towards that goal.  With the help of companies and their counsel, we can get there sooner.  To that end, we look forward to continuing the dialogue of which this conference is a part.”

Change Ahead At The DOJ?

Thursday, November 12th, 2015

ChangeIn prior years, November has witnessed FCPA policy announcements from the DOJ.

For instance, as highlighted here, in November 2012 the DOJ (and SEC) released the FCPA Guidance. As highlighted here, in November 2010, then Assistant Attorney General Lanny Breuer announced “we are in a new era of FCPA enforcement and we are here to stay.”

According to this Washington Post article, the DOJ may soon release information in ”an effort to increase the incentive for companies to be forthcoming about wrongdoing by their officials and give the business community clearer guidance on penalties under the Foreign Corrupt Practices Act.”

Given the frequency in which media reporting on FCPA issues is wrong, incomplete, or out of context, the prudent course (which will be adopted here) is not to react to the media reporting, but to reserve judgment until the DOJ actually releases information.

At present however, the Washington Post reports:

“[C]oncerns within the Justice Department that the prospective change is too lenient on firms that have violated the law have led senior officials in the criminal division to delay its issuance, according to U.S. officials who spoke on the condition of anonymity to describe internal discussions.

“It’s not a bad thing to provide companies with more transparency” on department policy, but the draft policy “lets them off the hook too easily,” said one person familiar with the matter.

The proposed policy strongly recommends that prosecutors should decline to bring charges against a company that voluntarily discloses violations of the FCPA and cooperates with the government in its investigation — including by furnishing information on employees who may have violated the law.

The Justice Department declined to comment.

Under review is the extent to which companies should be excused even for egregious misconduct because they have voluntarily disclosed it, cooperated with the investigation and taken remedial steps.


The proposal contemplates that the decision not to prosecute could be accompanied by a fine in the form of forfeiture of company profits. But in general the goal is to enhance the incentive for companies to cooperate by providing more certainty that doing so would not result in a stiff penalty or a criminal charge. Also, there would be no statement of facts that lays out the company’s misbehavior as there is now with many resolutions of FCPA investigations.


The department in general is seeking to boost its ability to battle foreign bribery. Earlier this year, the FBI announced that, in partnership with the Justice Department’s fraud section, it established three international corruption squads, in New York City, Los Angeles and Washington.

And to complement that move, the fraud section will soon add 10 prosecutors to the FCPA unit — increasing the number of line attorneys by more than half.

Nonetheless, there are companies that now weigh the odds of getting caught if they do not come forward with knowledge of a crime. They think “why not just wait to see whether law enforcement — whether here in the U.S. or overseas — discovers the wrongdoing?” said Andrew Weissmann, chief of the fraud section, in a speech in May. “Why not stay mum and see if it gets discovered and then, if necessary, cooperate to mitigate the damage?”


But some skeptics within the department argue that while giving companies clearer guidance is a good thing, the practical effect of the proposed policy change would be that a greater number of cases that should be pursued would be dropped.

The number of “declinations” — decisions not to prosecute — would rise. “It means that self-reporting and cooperation would be a ticket out of criminal liability for a company, even if the reported misconduct is serious and substantial,” said a second individual familiar with the draft policy.

On the flip side, the individual said, if a company does not self-disclose and a violation is discovered, it is much more likely to get charged. “It’s almost like an amnesty program,” he said. “But if you don’t take advantage of the self-reporting, it ups the stakes for companies who choose to keep quiet.”

Enforcement Officials Speak On Compliance And Individual Accountability

Thursday, November 5th, 2015

SoapboxThis post summarizes two recent speeches by DOJ/SEC enforcement officials that touched upon topics relevant to Foreign Corrupt Practices Act enforcement.

In the first speech, Assistant Attorney General Leslie Caldwell, speaking at a financial industry event, focused her comments on compliance and the DOJ’s new compliance attorney position.

In the second speech, SEC Chair Mary Jo White talked about SEC enforcement strategies.

Caldwell’s Speech

As indicated above, Caldwell focused her comments on compliance and the DOJ’s new compliance attorney position.  For prior posts on these topics, see here and here including why the DOJ should be in favor of a compliance defense.  See also “Revisiting a Foreign Corrupt Practices Act Compliance Defense.”

Caldwell stated in pertinent part:

Internal Compliance Officers Perform a Critical Function

[Compliance officers] are often the first line of defense against [legal violations]  Prosecutors cannot be everywhere, and by the time the Criminal Division gets involved, it’s usually too late to stop criminal activity.  Well before a grand jury subpoena is served or a witness is interviewed, compliance officers like you can and do step in and stop issues from becoming problems down the road.

As much as full-throated compliance programs are essential to preventing fraud and corruption, the quality and effectiveness of a compliance program is also an important factor that prosecutors consider in determining whether to bring charges against a business entity that has engaged in some form of criminal conduct.

In this after the fact review, the department looks closely at whether compliance programs are simply “paper programs,” or whether the institution and its culture actually support compliance.  We look at pre-existing programs, as well as what remedial measures a company took after discovering misconduct – including efforts to implement or improve a compliance program.

Criminal Division’s Compliance Counsel

Over the past twenty years or so, the very notion of “compliance” has been evolving rapidly.  Most companies, and maybe especially in the financial sector, have placed more and more emphasis on building strong compliance structures.  Programs have become more sophisticated and more industry and company-specific.

Companies increasingly have tailored compliance programs that make sense not just for their industries but also for their business lines, their risk factors, their geographic regions and the nature of their work force, to name a few.

Unfortunately, a surprising number of companies still lack rigorous compliance programs.  And even more companies have what appear to be good structures on paper, but fail in practice to devote adequate resources and management attention to compliance.

Still other companies fail to consider obvious risks, even in important parts of their businesses.  [...]

To be sure, it’s important for institutions to be mindful of regulatory priorities and guidance in devising and carrying out a tailored, risk-based compliance program.  But a narrow, cramped view of compliance – that it requires only adherence to specific regulations – ultimately will inure to the company’s detriment.  [...]

I believe that the Criminal Division has gotten much better at evaluating compliance programs over the years.  We understand that there is no “one size fits all” compliance program.  We understand that there are vast differences in the quality and effectiveness of programs, even among similar companies.   We have gotten better at suggesting tailored reforms to compliance programs when we resolve a corporate matter.

But we are prosecutors, not compliance professionals.  So, as you may be aware from press coverage, the Criminal Division has hired a compliance counsel to work in the Fraud Section.  While it’s too early to talk about specifics – her first day in the office is tomorrow – I can tell you generally what we’re thinking about.

We want to get the benefit of the expertise of someone with significant high-level compliance experience across a variety of industries, which this person has.  Our goal is to have someone who can provide what I’ll call a “reality check.”

First, the compliance counsel will help us assess a company’s program, as well as test the validity of its claims about its program, such as whether the compliance program truly is thoughtfully designed and sufficiently resourced to address the company’s compliance risks, or essentially window dressing.

Second, she will help guide Fraud Section prosecutors when they are seeking remedial compliance measures as part of a resolution with a company, whether by prosecution or otherwise.  We don’t want to impose unrealistic, unnecessary or unduly burdensome requirements on companies.  At the same time, we want to make sure that appropriate compliance enhancements are included when they are needed.

We understand that no compliance program is foolproof.  We also appreciate that the challenges of implementing an effective compliance program are compounded by the ever-increasing cross-border nature of business and of criminal activity.

Many [companies] operate all over the world.  They are creating products and delivering services not only here in the United States but overseas and are operating across many different legal regimes and cultures.

For this reason, we have chosen a compliance counsel who has the experience and expertise to examine a compliance program on a more global and a more granular level.

I want to correct one impression that has been expressed elsewhere.  Some have suggested that our retention of a compliance counsel is an indication that the department is moving toward recognizing or instituting a “compliance defense.”  That is not the case.

Rather, the Criminal Division will continue to review companies’ compliance programs as one of the many factors to be considered when deciding whether to criminally charge a company or how to resolve criminal charges.  Our hiring of a compliance counsel should be an indication to companies about just how seriously we take compliance.

Hallmarks of an Effective Compliance Program

You’re likely wondering what metrics this compliance counsel will use to assess a particular program.  And I’ll talk about that in a moment, but first I want to put your mind at ease about something.

The vast majority of compliance violations do not result in criminal prosecution.  Rather, the Criminal Division pursues charges when the offending conduct is intentional and particularly egregious or pervasive.

We’re not interested in prosecuting mistakes or accidents, or bad business judgments.  And we are not looking to prosecute compliance professionals.  To the contrary, we view you as the good guys and as our allies.  And we want to make sure that when we review a pre-existing compliance program, or suggest remedial measures, that we get it right.

So, what will the compliance counsel do?  She will help us evaluate each compliance program on a case-by-case basis – just as the department always has – but with a more expert eye, and she will work with our prosecutors to assess:

  • Does the institution ensure that its directors and senior managers provide strong, explicit and visible support for its corporate compliance policies?
  • Do the people who are responsible for compliance have stature within the company?  Do compliance teams get adequate funding and access to necessary resources?  Of course, we won’t expect that a smaller company has the same compliance resources as a Fortune-50 company.
  • Are the institution’s compliance policies clear and in writing?  Are they easily understood by employees?  Are the policies translated into languages spoken by the company’s employees?
  • Does the institution ensure that its compliance policies are effectively communicated to all employees?  Are its written policies easy for employees to find?  Do employees have repeated training, which should include direction regarding what to do or with whom to consult when issues arise?
  • Does the institution review its policies and practices to keep them up to date with evolving risks and circumstances?  This is especially important if a U.S.-based entity acquires or merges with another business, especially a foreign one.
  • Are there mechanisms to enforce compliance policies?  Those include both incentivizing good compliance and disciplining violations.  Is discipline even handed?  The department does not look favorably on situations in which low-level employees who may have engaged in misconduct are terminated, but the more senior people who either directed or deliberately turned a blind eye to the conduct suffer no consequences.  Such action sends the wrong message – to other employees, to the market and to the government – about the institution’s commitment to compliance.
  • Does the institution sensitize third parties like vendors, agents or consultants to the company’s expectation that its partners are also serious about compliance?  This means more than including boilerplate language in a contract.  It means taking action – including termination of a business relationship – if a partner demonstrates a lack of respect for laws and policies.  And that attitude toward partner compliance must exist regardless of geographic location.


These are just some of the elements of a strong compliance program.  When the Criminal Division evaluates a company’s compliance policy during an investigation, we look not only at how the policy reads on paper, but also at the messages conveyed to employees, including through in-person meetings, emails, telephone calls and compensation.  We look at whether, as a whole, a company tolerated compliance failures year after year because the alternative would have meant a reduction in revenues or profits.”

White’s Speech

Regarding individual prosecutions, White stated:

“Any discussion of strong enforcement tools must include a discussion of our priority of pursuing individuals.  Personal accountability, of course, is a basic tenet of law enforcement.  And individual accountability, particularly at the most senior levels, is a core part of our enforcement program because firms can only act through their people and it is people to whom we are trying to send our strong message of deterrence.  While some cases, because of the available evidence or charges, are appropriate to bring only against companies, we must always look to identify and charge those people who are responsible for their company’s wrongdoing.  In Fiscal Year 2015, about two-thirds of our substantive actions included charges against individuals.

Redress for wrongdoing can never be seen merely as a cost of doing business made good by cutting a corporate check.  When people fear for their own reputations, careers, or pocketbooks, they are more likely to stay in line.  So when investigating misconduct, our staff first looks at the individual conduct and works out to the entity, rather than starting with the entity as a whole and working in.

And when we do bring charges against individuals, we consider, in addition to tough charges and penalties, our remedies to prevent future wrongs as well.  One of our most potent tools is an order imposing a bar on an individual – a bar from, for example, working in the securities industry or serving on the board of a public company.  Such an order can reduce the likelihood that the defendant can defraud and victimize the public again.”

As detailed in this post, approximately 80% of corporate SEC FCPA enforcement actions since 2008 have not resulted in any related enforcement action against a company employee.