Update on Corporate Deferred Prosecution and Non-Prosecution Agreements

The following post comes to us from Joseph Warin, partner and chair of the litigation department at the Washington D.C. office of Gibson, Dunn & Crutcher, and is based on a Gibson Dunn memorandum by Mr. Warin and Jeremy Joseph. The full memo, including footnotes and appendix, is available here.

Deferred Prosecution Agreements (“DPAs”) and Non-Prosecution Agreements (“NPAs”) (collectively, “agreements”) in recent years have become a primary tool of the U.S. Department of Justice (“DOJ”) for resolving allegations of corporate criminal wrongdoing. Since 2000, DOJ entities have entered into 230 reported agreements with corporate entities, extracting a total of $31.6 billion in fines, penalties, forfeitures, and related civil settlements. The U.S. Securities and Exchange Commission (“SEC”), which announced the adoption of DPAs and NPAs as part of its Cooperation Initiative in January 2010, has since entered into three NPAs without monetary penalties and one DPA, which included disgorgement. With these agreements, companies obtain finality and closure and agree not to commit further legal violations and to undertake specific cooperation and compliance obligations in exchange for DOJ or the SEC agreeing to forgo enforcement action. In the DOJ context, the two agreement types differ in one material respect: for DPAs, DOJ files a criminal information in federal court, while NPAs generally are not filed in court.

During the last 12 years, DOJ and the SEC have employed DPAs and NPAs in some of the most high-profile cases and continue to turn to them in cases where they believe criminal conduct may have occurred but for a variety of reasons, including a company’s extensive cooperation, internal management shakeups, or the grave risk of collateral consequences to the corporate entity, a conviction through a guilty plea would not be equitable. In the final analysis, DOJ’s increasing reliance on DPAs and NPAs demonstrates its recognition that they are precision instruments to resolve allegations of corporate wrongdoing. The SEC, which recently embraced DPAs and NPAs, and the United Kingdom, which appears to be in the process of doing so, recognize that these agreements can be fine-tuned to help reward cooperation and mitigate collateral consequences.

This client alert, the eighth as part of our series of bi-annual updates on DPAs and NPAs (available here), (1) examines trends in the agreements announced to date in 2012, (2) discusses the benefits of agreements in guiding the development of compliance best practices in various industries and other noteworthy implications of these agreements, (3) focuses on the use of traditional and “side letter agreement” NPAs in the context of health care settlements, and (4) concludes with a look overseas to the United Kingdom, which is considering adopting DPAs in an effort to more effectively address white collar crime. As in prior years, Appendix A contains a list of all of the agreements struck to date in 2012 as well as some additional agreements signed in 2011 but not widely available until this year.

DPAs and NPAs to Date in 2012

In the first half of 2012, DOJ entered 21 agreements in total: 12 DPAs and 9 NPAs. These figures are on pace to surpass its record, set in 2010 when DOJ entered 39 total agreements (and the SEC entered the 40th), and DOJ has already entered more agreements than it did in 2008 and 2009. Chart 1 below demonstrates DOJ and the SEC’s increasing use of agreements to resolve allegations of corporate criminal wrongdoing.

Chart 1

As discussed further below, after entering into one agreement in 2010 and three in 2011, the SEC has not entered into any agreements with corporations to date in 2012.

As depicted in Chart 2, the total monetary settlement amounts (consisting of criminal and civil fines, penalties, forfeiture, and civil settlements negotiated in coordination with DOJ and/or SEC resolutions) continue to climb. Monetary settlement amounts to date total more than $4.6 billion–nearly equal to the full-year totals from 2010 and approaching the highest grossing year on record, 2006, when DOJ’s 24 agreements netted nearly $5.9 billion in recoveries. In 2006, DOJ settlements included two NPAs worth more than $1.1 billion and five agreements worth more than $400 million. The current pace suggests that 2012 will likely surpass 2006 and set a new record by the year’s end.

Chart 2

Since approximately 2009, the key driver of these substantial settlement amounts is prosecution of pharmaceutical companies under the Food, Drug and Cosmetic Act (“FDCA”) for so-called off-label marketing–promotion of drugs approved by the U.S. Food and Drug Administration, but for unapproved uses–as well as improper manufacturing and reporting practices. So far this year, one $3 billion blockbuster settlement with pharmaceutical giant GlaxoSmithKline plc (“GSK”) using a type of NPA called a “side letter agreement” dramatically increased the mid-year figures. The use of DPAs, traditional NPAs, and “side letter agreement” NPAs in the context of health care settlements is discussed in greater detail below. Since 2001, the federal government has obtained more than $11.2 billion in settlements using these settlement tools under the FDCA from pharmaceutical companies, medical device companies, pharmacies, and other companies, including Google. The pace of recovery in recent years has quickened, reflecting a priority of the Obama Administration to fight health care fraud under the False Claims Act and the FDCA as part of a joint task force involving DOJ and the U.S. Department of Health and Human Services. Beyond the GSK case, fraud, FCPA, and trade sanctions related settlements were the other key drivers behind the rising amount of monetary recoveries to date this year.

Table 1: 2012 DPAs/NPAs by Allegation (through July 10, 2012)
Primary Legal Allegation Number
Fraud 6
Immigration 4
Trade-related 3
Commercial Bribery 1
Food, Drug, & Cosmetic Act 1
Insider Trading 1

The 21 corporate agreements inked this year, displayed in the table above, generally reflect a familiar distribution of legal allegations and DOJ entities. Fraud and FCPA agreements are the most common subjects for NPAs and DPAs this year as well as over time. Since 2000, approximately 33% of DOJ’s agreements have primarily addressed fraud claims, approximately 26% of its agreements have covered FCPA claims, and approximately 12% of its agreements have addressed FDCA or Anti-Kickback Act violations.

A resurgent area of settlement agreements is immigration, with DOJ entities entering four such agreements this year. Of those, the U.S. Attorney’s Office (“USAO”) for the Southern District of Texas has entered three–all related to immigration. DOJ’s immigration-related agreements tend to be settlements with small businesses, sometimes even sole proprietorships, reflecting the versatility of DPAs and NPAs in resolving a range of criminal allegations.

Table 2: 2012 DPAs/NPAs by Primary Regulator (through July 10, 2012)
Primary Regulator Number
DOJ Fraud Section 6
USAO Southern District of New York 4
USAO Southern District of Texas 3
DOJ National Security Division 2
USAO Eastern District of New York 2
USAO District of Maryland 1
USAO District of Massachusetts 1
USAO District of New Hampshire 1
USAO Southern District of Mississippi 1

After the DOJ Fraud Section, which has entered 71 DPAs and NPAs since 2000, the USAO for the Southern District of New York is the second-most prolific user of such agreements, with 28 since 2000. This pattern is repeated in the 2012 agreements (Table 2). The USAO for the District of Massachusetts ranks third since 2000, with 18 total agreements. Overall, 49 DOJ entities plus the SEC have entered at least one DPA or NPA. A noteworthy omission from the 2012 list is any agreement by the SEC. After rolling out its new Cooperation Initiative in 2010, which includes DPAs and NPAs for individuals and corporations, the Commission has only entered into four such agreements–and none this year. This is somewhat surprising given the rising number of enforcement actions in recent years and reports that the SEC’s Division of Enforcement is on pace to file the most settlements this year since 2005.

The versatility of NPAs (and DPAs) has also been demonstrated recently as prosecutors use them to resolve new kinds of allegations. Last year, for example, we identified the first programmatic use of NPAs by DOJ’s Antitrust Division to resolve a series of investigations into municipal bond bid rigging. In January 2012, for the first time ever, the USAO for the Southern District of New York entered an NPA to resolve allegations of insider trading against a hedge fund, Diamondback Capital Management, after two of the fund’s employees were previously charged with insider trading. Federal prosecutors from the USAO for the Southern District of New York, the epicenter of insider trading prosecutions, explained that the NPA was based on the fund’s extensive cooperation with that Office’s investigation, the fund’s voluntary implementation of remedial compliance measures, and evidence from the fund’s internal investigation that the alleged misconduct was unknown to the fund’s co-founders and did not extend beyond the two employees charged. Press reports indicate that the internal investigation was extensive, involving an outside law firm that combed through “millions of emails and instant messages, analyzed thousands of trades, and made eight presentations to federal authorities regarding their findings between December 2010 and January 2012.”

The Value of Corporate DPAs and NPAs

More often than not, the narrative surrounding DPAs and NPAs is negative, with commentators often criticizing the perceived lack of transparency and absence of individual criminal sanctions. Contrary to the popular misconception, DOJ enters into DPAs and NPAs relatively infrequently compared with the number of corporate plea agreements it enters annually. In 2011, for example, DOJ and the SEC entered into plea agreements three times more often than DPAs or NPAs. Companies have long advocated for DPAs and NPAs in many circumstances because of their flexibility, versatility, and greater guarantees of certainty and finality over plea agreements or contested litigation. For similar reasons, as discussed below, the United Kingdom’s Ministry of Justice is seeking to adopt a modified DPA “to ensure that a higher proportion of economic crime is identified, investigated and dealt with.” To be sure, DPAs and NPAs carry a number of costs and burdens of their own, as described in a prior alert, including, among others, compliance undertakings and continuing cooperation obligations.

DPAs and NPAs Blunt Collateral Consequences to Corporations

In our view, a focus on the collateral consequences of a corporate guilty plea helps to explain under what circumstances prosecutors will turn to DPAs or NPAs to resolve allegations of wrongdoing. The U.S. Attorney’s Manual explains that collateral consequences are permissible when the scope of the misconduct is sustained or widespread, or where shareholders may have benefited from the misconduct, albeit unknowingly. On the other hand, DPAs or NPAs are appropriate when a guilty plea could result in severe collateral consequences to innocent third parties and delay prompt restitution for victims. Collateral consequences vary depending on the business: for government contractors and health care providers, debarment from federal grants and contracts, mandatory debarment in the European Union following a conviction for corruption, or debarment/cross-debarment from international development bank projects could represent a death knell to a business; for banks and financial institutions, an institution’s state and federal charters and licenses could be compromised; for firms in service industries, reputational harm could threaten the viability of a company. A guilty plea also may trigger financial consequences such as credit downgrades or the breaching of loan covenants. In turn, the collateral consequences risk harming shareholders, employees, and other corporate stakeholders. The recent NPA with Imperial Holdings, Inc. makes this point expressly, explaining that the USAO for the District of New Hampshire entered into the agreement based, in part, on the “negative impact and collateral consequences that charging the Company would have on the Company’s employees and shareholders and other business activities that are not part of the USAO’s investigation.”

The Role of Corporate Compliance Programs in DPAs and NPAs

Another benefit of DPAs and NPAs is to incentivize and guide ethical conduct within corporations. The government frequently uses DPAs and NPAs as tools to help establish new best practices for corporate compliance programs in a number of diverse industries and legal areas. Through these agreements, DOJ and other federal agencies enter into a dialogue with the entities they are tasked with regulating to promote new best practices. Such agreements enable prosecutors and other government regulators, both U.S. and foreign, to craft detailed, if not sometimes draconian, compliance measures for one company in a given industry, which can then serve as a benchmarking signal to other companies. Of the many potential examples, one is the June 2012 settlement between major global financial services provider Barclays Bank and DOJ’s Fraud Section, the U.S. Commodity Futures Trading Commission (“CFTC”), and the U.K.’s Financial Services Authority, for alleged manipulation of certain benchmark interest rates. As a condition of the NPA, Barclays agreed to implement extensive reforms required by the CFTC to ensure that its interest-rate setting submissions are transaction-focused, based upon a rigorous and honest assessment of information, and not influenced by conflicts of interest.

Far from the world of global interest rates, since 2005, DOJ’s Fraud Section routinely has included an evolving list of FCPA corporate compliance obligations as an appendix to its FCPA DPAs and NPAs. In its January 2005 DPA with Monsanto Company, DOJ enumerated twelve essential elements of a corporate compliance program. Over time, the language and number of compliance requirements has changed to emphasize particular areas of focus by DOJ, and to reflect DOJ’s evolving view of what are best practices for FCPA compliance. In August 2010, DOJ entered into an NPA with Alliance One International Inc., which included thirteen substantially reformulated compliance requirements, which since have become the new norm for FCPA settlements. In March 2012, the DOJ Fraud Section again augmented its FCPA compliance guidance in its DPA with BizJet International Sales and Support, Inc. As part of the terms of the BizJet DPA, DOJ added two more requirements for a corporate compliance program, for a total of fifteen, addressing best practices for FCPA compliance following mergers and acquisition (“M&A”) activity. The first requires the company to:

[D]evelop and implement policies and procedures for mergers and acquisitions requiring that BizJet conduct appropriate risk-based due diligence on potential new business entities, including appropriate FCPA and anti-corruption due diligence by legal, accounting, and compliance personnel. If BizJet discovers any corrupt payments or inadequate internal controls as part of its due diligence of newly acquired entities or entities merged with BizJet, it shall report such conduct to [DOJ] . . . .

The second requires the company to:

[E]nsure that BizJet’s policies and procedures regarding the anticorruption laws apply as quickly as is practicable to newly acquired businesses or entities merged with BizJet and will promptly: (a) [t]rain directors, officers, employees, agents, consultants, representatives, distributors, joint venture partners, and relevant employees thereof, who present corruption risk to BizJet, on the anti-corruption laws and BizJet’s policies and procedures regarding anticorruption laws[; and] (b) [c]onduct an FCPA-specific audit of all newly acquired or merged businesses as quickly as practicable.

These provisions amend and build on prior DOJ guidance and represent the DOJ’s latest thinking regarding FCPA compliance following M&A activity.

Settlement agreements also frequently provide specific guidance regarding internal reporting structures for key compliance personnel, particularly the Chief Compliance Officer (“CCO”). DOJ’s Fraud Section regards CCOs who have a direct reporting line to a company’s Board of Directors as a hallmark of an effective compliance program and has indicated that such a structure may influence the DOJ’s decision not to prosecute FCPA cases. In a recent DPA, DOJ explained that the CCO “shall have direct reporting obligations to independent monitoring bodies, including internal audit, [the company’s] Board of Directors, or any appropriate committee of the Board of Directors, and shall have an adequate level of autonomy from management . . . .” In Corporate Integrity Agreements (“CIAs”), which are components of nearly every health care settlement, the Office of the Inspector General of the Department of Health and Human Services (“OIG-HHS”) has approved reporting structures where the CCO reports directly to the Board or reports directly to the CEO with periodic, dotted-line reports to the board. OIG-HHS has made it clear, however, that the CCO “shall not be or be subordinate to [a company’s] General Counsel or the Chief Financial Officer.”

The debate of whether and in what circumstances an effective compliance program impacts prosecutorial and regulatory sanctions is ever present within corporations. In May 2012, the Federal Sentencing Guidelines for the Organization Advisory Group, a body comprised of a cross-section of stakeholders, issued a report stating that few corporations received credit in DPAs and NPAs for their strong ethics and compliance programs. The Group wrote, “There is little hard evidence that organizations are receiving the promised consideration [from DOJ] for their compliance programs and prosecutors rarely point to compliance/ethics programs when publicly discussing case resolutions.” The report recognizes that DOJ’s Criminal Division has offered little guidance on how a prosecutor should actually assess such a program and, counterproductively, DOJ’s Antitrust Division has stated that it is not bound by DOJ policy to give any credit for a company’s existing compliance program.

Empirical Data Demonstrates Benefits of Corporate NPAs

In response to the various criticisms of DPAs and NPAs, rare empirical data from a recent case demonstrates what prosecutors, regulators, corporate stakeholders, and compliance professionals have long believed–remedial improvements to compliance programs result in actual improvements on the ground and provide long-term benefits.

In April 2010, an explosion in the Upper Big Branch Mine in West Virginia killed 29 miners. It was the worst coal mining disaster in the United States in 40 years. In June 2011, Alpha Natural Resources (“Alpha”) purchased the mine from its prior owner and, in December 2011, entered into an NPA with DOJ and the Mine Safety and Health Administration to resolve corporate successor liability for the mine disaster. Alpha agreed to pay $210 million and implement numerous remedial safety measures. In June 2012, Alpha submitted a periodic self-report as required under the terms of the NPA. In the six months following its settlement, Alpha’s accident rate reportedly had declined by one-third and its injury rate had decreased by one-quarter. The company reported that it had hired a new director of regulatory compliance and was conducting safety training, performing remedial maintenance on the acquired mines, and installing new safety equipment.

Health Care Settlements

In our 2011 Year-End Update, we noted a trend in recent years of high-value settlements, often in the District of Massachusetts, by pharmaceutical and medical device companies in which corporate parents obtain a “side letter agreement” NPA as part of a global resolution involving a guilty plea from a subsidiary. Indeed, on July 2, 2012, GSK plc entered into a “side letter agreement” NPA as part of a global resolution involving a payment of $3 billion and a guilty plea by its related entity, GSK LLC. The disproportionate frequency with which these cases appear in the District of Massachusetts is a product of a particular focus by that USAO on health care fraud cases; the office created a dedicated Health Care Fraud unit, and has demonstrated a willingness to commit extensive resources to investigating and prosecuting those cases. That Office has settled 18 such cases involving “side letter agreement” NPAs since 2000, resulting in total penalties of more than $10.3 billion. This trend of health care enforcement actions coupled with False Claims Act “relator” actions continues unabated, as noted in Gibson Dunn’s 2012 Mid-Year False Claims Act Update, to be released on July 12, 2012.

The “side letter agreement” NPAs themselves are a byproduct of the governing law in these cases. The prosecutions are typically brought under the FDCA, a statute that is unusual in that it provides for strict criminal misdemeanor liability without any required showing of knowledge or intent. At the same time, the government frequently takes the position that a parent company is vicariously liable for the conduct of its subsidiaries. In light of the enormous potential collateral consequences of a conviction–most notably, the threat of exclusion from participation in a number of state and federal health care programs–responsible businesses must insist on some protection for a parent company as part of a global resolution. These global resolutions typically involve a subsidiary taking a criminal plea, a settlement of a civil False Claims Act complaint, entry into a CIA, and a “side letter agreement” NPA with the parent company. The “side letter agreement” NPA provides the parent the necessary protection and the CIA provides a basis for OIG-HHS to waive its permissive authority to exclude the company from participating in federal health care programs.

Traditional DPAs and NPAs are rare, but not unheard of, in the FDCA context; only a handful of FDCA investigations have been resolved through a traditional DPA or NPA. And since these cases generally involve both a U.S. Attorney’s Office and the Consumer Protection Branch (formerly the Office of Consumer Litigation) of DOJ’s Civil Division, each respective component’s level of actual participation varies widely from case to case.

  • In 2006, Intermune, Inc. entered into a DPA in the Northern District of California to resolve allegations of off-label promotion. Unlike most prosecutions under the FDCA, no entity entered a guilty plea. The USAO for that district credited Intermune’s internal investigation, which preceded the government’s investigation, the company’s “extensive” and “significant” cooperation, the company’s new management team and their “numerous and comprehensive compliance changes,” and the company’s numerous “helpful” presentations to the government.
  • In 2009, The Spectranetics Corporation entered into an NPA with the USAO for the District of Colorado to resolve allegations including illegal imports, clinical trial violations, and off-label promotion. The company was credited with extensive remediation to its compliance program, including: (1) responsive personnel actions; (2) disclosing its own research and scientific information relating to the above described incidents that was helpful to the investigation by these Offices; (3) providing additional specific company-wide formal training on FDA compliance procedures; (4) issuing further FDA compliance guidelines to all of its officers or employees; (5) continuing to retain and consult with counsel familiar with FDA laws and regulations; (6) improving its FDA compliance hotline complaint process, and providing additional training to compliance personnel on procedures for investigating complaints; (7) creating a corporate compliance charter and compliance auditing system; and (8) appointing a CCO. The USAO also noted that the company’s internal investigation concluded that the alleged wrongdoing was limited to certain officers and employees.
  •  The most recent traditional NPA in the FDCA context was Google’s 2011 NPA in the District of Rhode Island, which included a forfeiture of $500 million, one of the largest in U.S. history, but no guilty plea. We view that case, which we discussed in our 2011 Year-End Update, as sui generis because it involved a novel application of the statute to a company that was not itself engaged in either manufacturing or distributing medical products, but rather allowed its online search engine to facilitate advertisements by Canadian pharmacies.

The upshot of the Intermune DPA and Spectranetics NPA is that agreements without guilty pleas are possible in the health care context for companies that can earn them through substantial remediation and cooperation.

United Kingdom Advances Adoption of DPAs

Our 2011 Year-End Update discussed the possibility that the United Kingdom may adopt DPAs or some equivalent tool to resolve allegations of corporate criminal wrongdoing short of conviction. In contrast to the U.S. system, plea bargaining has been used rarely in the United Kingdom due to strong judicial resistance and a lack of legislative authority to do so. In March 2010, following one of the first global settlements among U.S. prosecutors and the U.K. Serious Fraud Office (“SFO”) for foreign bribery and trade sanctions violations, the presiding judge in the U.K. explained that such plea bargains were improper under U.K. law and that “no such arrangement should be made again.”

On May 17, 2012, the U.K. Ministry of Justice (“MOJ”) released a “consultation” paper on the U.K. version of DPAs and opened a consultation period concerning the country’s adoption of DPAs. Commentators view the U.K. DPA as a vehicle to allow the SFO to increase its enforcement of the Bribery Act. In announcing the consultation process, MOJ officials, including the Solicitor General, wrote that its “ambition [in proposing DPAs] is to ensure that a higher proportion of economic crime is identified, investigated, and dealt with. DPAs are a tool that seeks to achieve these goals whilst being transparent, clear, and consistent.” The consultation explains that DPAs provide needed “flexibility” to secure appropriate penalties for economic crimes like fraud, bribery, corruption and money laundering while at the same time “achieving better outcomes for victims.” These goals mirror the policies behind DPAs and NPAs in the United States, as discussed above.

Under the U.K. consultation, like in the U.S. system, initial discretion would remain with the prosecutors to determine whether a DPA is appropriate given a variety of factors, including the nature and seriousness of the offense, the level of intent, whether any obstruction or concealment occurred, whether the conduct was widespread within the organization or condoned by senior management, any harm to third parties, the collateral consequences associated with prosecution, the corporation’s remediation and cooperation to date, and evidence of recidivism. Once possible criminal charges have been identified, however, the consultation envisions prosecutors, the corporation, and a judge working collaboratively to craft an agreement that is both “in the interests of justice” as well as “fair, reasonable, and proportionate.” Consistent with U.K. law, the final content of any DPA, as well as its ultimate approval, would lie with the presiding judge. In stark contrast to the manner in which breach is determined under U.S. DPAs–solely by the prosecutors at their discretion–breach under the U.K. model would be determined only by a judge using the test for criminal conviction, i.e., evidence providing beyond a reasonable doubt that a breach had occurred.

Although the current consultation period will remain open until August 9, 2012, it is likely that DPAs will become a viable settlement option even for conduct that occurred prior to the opening of the consultation period. In other words, DPAs may very soon be a settlement vehicle in the United Kingdom.


Midway through the year, every indication suggests that 2012 will be a record year both in terms of the number of agreements concluded and total monetary recoveries. Prosecutors and corporations alike continue to look to DPAs and NPAs as a primary vehicle to resolve allegations of corporate criminal wrongdoing without the attendant collateral consequences of a plea agreement and conviction.

Both comments and trackbacks are currently closed.