More Polite Talk About Self-Disclosure and Declinations

Assistant Attorney General Kenneth Polite clarified the Department's new  Corporate Enforcement Policy at the Global Investigations Review DC Spring Conference, Washington, DC, March 23.   Remarks Edited and condensed   [original]

In the past few weeks and months, the Criminal Division has made many announcements in the area of corporate enforcement and white-collar crime.

But even though much has been published recently, do not mistake any one policy or revision as marking a sea change in how the department tackles white collar crime. Don’t fall victim to recency bias. A new announcement does not mean that we have only begun to focus on an issue, or that our prosecutors will place undue attention upon it at the expense of other considerations.

Take, for instance, the revisions to the Criminal Division’s Corporate Enforcement Policy that I announced at Georgetown in January. Since that announcement, many have focused on the policy’s provisions regarding “immediate” voluntary self-disclosure and “extraordinary” cooperation and remediation. Do not lose sight of the CEP’s larger context.

Since 2017, the then-FCPA CEP – which was extended to the rest of the division in 2018 – has provided that, absent aggravating factors, if a company voluntarily self-discloses misconduct, fully cooperates with our investigation, and timely and appropriately remediates, it can earn a presumption of a declination.

But recall that “voluntary self-disclosure” is also defined to require, among other things, disclosure “within a reasonably prompt time after becoming aware of the misconduct.”

The new CEP released in January does not disturb this well-trodden path to a declination. Instead, our revisions provide an additional avenue toward a declination for companies that voluntarily self-disclose, cooperate, and remediate but have aggravating factors and would otherwise be ineligible for a presumption of declination.

It is only in that context – where a company has aggravating factors yet seeks a declination – that it must demonstrate “immediate” voluntary self-disclosure, “extraordinary” cooperation and remediation, and a fully functioning compliance program at the time of the misconduct and the disclosure.

The much focused-upon terms in the revised CEP like “immediate” and “extraordinary,” apply only when there are aggravating factors. Absent such circumstances, if companies voluntarily self-disclose, fully cooperate with our investigations, and timely and fully remediate, they can rely on a presumption of a declination. This has been, and remains, the case.

To be sure, the revised CEP specifies a new path for a declination where there are aggravating factors. As I mentioned, this may occur where the company immediately self-discloses misconduct, provides extraordinary cooperation and remediation, and has an effective compliance program in place at the time of the misconduct and the time of the disclosure.

Even so, we recognize that under the revised CEP, one may ask what exactly constitutes “immediate,” or what precisely is “extraordinary”? Of course, we can never articulate, in advance, what exactly will or will not satisfy these provisions. Every case is different, and our prosecutors need flexibility and discretion to apply their judgment in the myriad scenarios that may be presented. The best way to understand these terms is to see how they are applied in future cases.

But we understand that companies may wish for more to guide their decision-making now. A company with aggravating factors that is contemplating self-disclosure may want to know what exactly it needs to do to receive a declination under the revised CEP.

That is why, when I announced the revisions in January, I noted that to receive credit for extraordinary cooperation, companies must go above and beyond the criteria for full cooperation set out in our policies – not just run of the mill, or even gold-standard cooperation, but truly extraordinary. And I noted some concepts – immediacy, consistency, degree, and impact – that will help to inform our approach to assessing what is “extraordinary.”

Last December’s FCPA resolution with ABB is illustrative. To be sure, the company was offered a DPA, not a declination, and therefore the CEP’s requirements for “extraordinary” cooperation and remediation would not strictly apply.

But the company’s extensive efforts to cooperate with our investigation shed light on what can constitute “extraordinary.” Among other things, the company voluntarily made foreign-based employees available for interviews in the United States and produced relevant documents located outside the U.S. in ways that did not implicate foreign data privacy laws. And to help our prosecutors assess that voluminous evidence, the company collected, analyzed, and organized the information, including by translating certain documents.

As with cooperation, “extraordinary” remediation must go beyond the policy’s criteria. There are often many fact-specific ways companies can remediate.

The most effective remediation, however, includes conducting root cause analyses and taking action to prevent the misconduct from occurring, even in the face of substantial cost or pressure from the business.

This can require significant structural changes to a company to ensure compliance and legal personnel have adequate access to corporate decisionmakers and receive necessary information from the business.  A company’s remediation can also hold wrongdoers accountable, whether through termination, suspension, or recoupment of compensation.

Therefore, regardless of the specific acts taken, when assessing whether remediation has been “extraordinary,” we will consider if the action has been comprehensive, tailored to the causes of the misconduct under investigation as well as other potential wrongdoing, and able to prevent it from recurring. For that is our ultimate aim: to incentivize companies to invest heavily in designing and implementing effective compliance programs that can deter, prevent, and, if necessary, detect criminal conduct.

Indeed, remediation can take such different forms that, when evaluating corporate compliance programs, there is no one-size-fits-all approach. We have consistently decided not to offer prescriptive guidance but instead, through our Evaluation of Corporate Compliance Programs (ECCP), established criteria and questions that our prosecutors can ask when assessing these programs.

As I’m sure you know, we recently unveiled new revisions to our ECCP concerning a company’s approach to compensation structures as well as the use of personal devices and various communications platforms and messaging applications, including those offering ephemeral messaging.

But these revisions concern just two of the many aspects of a compliance program. Compensation systems and the use of messaging applications may be more relevant for some companies than others depending on the organization’s risk profile, geographic footprint, industry, and the like. While they are undoubtedly important, do not ascribe them undue weight. Do not forget all the other aspects that make an effective compliance program. The ECCP, by design, does not elevate any one aspect of compliance above any other.

I said in my remarks in Miami that during an investigation, prosecutors will not simply accept a company’s inability to produce messages from third-party applications without adequate explanation. That is because we have seen how criminals often use these communication platforms – which have become a staple in modern life – and therefore can be crucial evidence of criminality.

We have long realized the need for companies to develop policies concerning these messaging applications and, where appropriate, retrieve and then produce such communications. The ECCP simply provides additional detail and criteria for our prosecutors to use when evaluating a compliance program’s approach to these messaging applications.

The same is true for compensative incentives and clawbacks. In the Safran case from last December, the company voluntarily self-disclosed that it had discovered during post-acquisition due diligence that two subsidiaries paid bribes to a Chinese government official to obtain certain train lavatory contracts. In issuing a CEP declination, we specifically cited as an example of full remediation the company’s withholding of deferred compensation from a former employee involved in the misconduct.

Similarly, in the corporate resolutions with Danske Bank, Western Union, and MoneyGram, the agreements required the companies to implement certain compliance-related criteria into their executive review and bonus systems.

Of course, our recently announced Pilot Program is new. Over the next three years, we will require companies that enter into criminal resolutions to implement compliance-related criteria in their compensation systems and will offer fine reductions to companies that seek in good faith to clawback compensation from appropriate individuals.

Through all of this work, one thing is clear. The Criminal Division has been the preeminent leader not only in corporate enforcement, but also in crafting white-collar policy for prosecutors. For years, our prosecutors have considered how we can best achieve our mission and put those ideas into practice. We have used these experiences to determine how we can encourage good corporate citizenship, incentivize the investment in robust compliance programs, and further our primary goal of individual accountability.

Maybe it is the company that, even though it has a history of misconduct, decides to self-disclose new wrongdoing to achieve a potential declination. Perhaps it is the Chief Compliance Officer who convinces the CEO to invest in additional personnel to adequately respond to internal reports of wrongdoing. Or maybe it is the executive who sees our recent insider trading case and decides to think twice before hitting “Sell.”

The point is that through our words and actions, we can effectuate change. Change rooted in transparent, effective, and predicable government action, which serves to benefit us all.