A Critical Analysis of the DOJ’s New Policy on Corporate Criminal Enforcement

J.W. Verret is an Associate Professor at George Mason Law School and is Counsel at Lawrence Law LLC.

The Department of Justice has once again issued a rewrite of its policy memo on corporate criminal enforcement and settlement. For the last twenty years it has become a right of passage for every new Deputy Attorney General to provide their own tweaks to the prior Deputy AG’s memo on corporate settlements.

And just as the seasons regularly follow each other, these tweaks are inevitably followed by law firm legal memos that read the tea leaves in the latest memo to provide an update for corporate clients. This essay is partly such a tea leaf reading exercise, but it also partly offers a critical analysis of some unfair expectations contained in the new guidelines.

When considering when and how to charge the collective associations, interests and contracts that corporations represent, a host of policy questions always arise. These questions have been at the heart of debates over corporate criminal investigations since the dawn of DOJ’s focus in this era just after the Watergate hearings exposed bribery and fraud in US public companies.

Questions like: How can the DOJ be so certain in its assertion in the new memo that corporate prosecutions are more rare lately because of insufficient resources for the Department, versus because companies are doing a better job of self-policing? How pervasive does criminal activity within a company need to be, and how high up does it need to go, before it is appropriate to hold the company liable rather than a group of individuals? How can prosecutors ensure they do not destroy the share value of innocent, and perhaps wronged, shareholders when taking action against the company, since shareholders ultimately pay the cost of investigations and prosecutorial actions against the company?

And as the laundry list of items required to obtain credit in corporate criminal settlement negotiations increases with every revision of the memo, in the shadow of the DOJ’s indictment power that can decimate a public company before adjudication, the DOJ’s extrajudicial exercise of power in these memos is never subject to judicial review for constitutionality.

DOJ Wants More Sacrificial Lamb Individual Defendants, And Wants To Identify Them Before An Investigation Determines Whether A Law Was Violated In The First Place

If there is one theme that pervades the new memo, it is a renewed focus on prosecuting individual officers and directors. This is good news for critics of the DOJ’s approach to collective scienter in charging companies. It also may lead however to inappropriate pressure on firms to offer up someone as a sacrificial lamb, even though their guilt may be in doubt, to save the rest of the company and its executives. And that newly cogent conflict of interest suggests that officers and directors even tangentially involved in an investigation should seek individual counsel earlier in the process.

The DOJ’s emphasis on speed in disclosing relevant information about culpability, particularly about individual culpability, builds on guidance last year in which the DOJ indicated that corporate resolutions would require full disclosure of all non-privileged information pertaining to potential individual culpability.

The memo also indicates that the DOJ will now expect quicker self-disclosure by companies with a particular emphasis on quicker self disclosure about information speaking to individual liability. It isn’t clear what the DOJ means with this emphasis, as all evidence of culpability within a corporation will involve some individual or group of individuals. It’s not clear that information touching on individual liability is genuinely a separate category of information.

The memo referenced that prosecutors feel pressured by the statute of limitations on criminal prosecutions and this memo aims to incentivize defense counsel to internalize that pressure. The memo warns that any unreasonable delay in the production of relevant documents and information can substantially cut down on cooperation credit.

The DOJ’s emphasis on rapid disclosure in order to receive full cooperation credit creates a new hurdle for company defense and investigative counsel. If companies feel pressure to disclose information or documents before their own internal investigations have concluded they run the risk of calling prosecutors attention to conduct that is ultimately determined to be non-culpable.

The DOJ’s new memo does not clarify whether or not a delay in sharing information is justified if it is delayed because the company is simply early in its investigation and is not yet able to determine that anything illegal has actually taken place. The company may instead be awaiting the outcome of an internal or external corporate investigation to make that determination and thereby determine that sharing information with the government would be appropriate.

This will be especially problematic for cases where the Department of Justice may end up using the information they receive to subsequently press a novel legal theory in a prosecution. The DOJ has a record of pressing the boundaries of law with respect to the honest services fraud statute, for example, in cases that have been struck down by the United States Supreme Court.

The renewed emphasis on individual charging changes the dynamics among a group of individuals who may be both potentially liable and at the same time be the final decision makers on whether or not information will be shared with the federal government.

The potential conflict of interest created by this policy makes it advisable for directors and officers within the periphery of an investigation to obtain individual counsel earlier in an investigation. Obtaining individual counsel early means officers and directors still have the opportunity to have their expenses advanced by the company to their legal counsel before subsequent legal determinations are made that might stop advancement and indemnification of legal expenses by the company.

Firms may also need to reconsider whether to increase the ceilings of their D&O coverage to ensure that the cost of individual counsel for all affected parties will be appropriately advanced and indemnified during the investigation.

Did Big Brother Help Draft The New DOJ Memo?: DOJ Encourages A Corporate Surveillance Regime

The DOJ will also focus on the use of personal cell phones and personal encrypted communications for corporate business. The DOJ will consider whether or not companies have sufficiently strict internal controls on the use of personal devices for company communications by company employees. This reflects the frustration prosecutors have experienced in trying to obtain records of these communications.

The Mueller report for example referenced how the Department of Justice was unable to obtain encrypted communications sent over encrypted IPhone apps like Signal and WhatsApp by a number of targets of their investigation. The SEC has also similarly targeted banks because traders utilized personal encrypted communications apps to talk about company activity.

If IT personnel running company servers observe the use of personal devices, as in the case of a personal email cc’d on company exchanges, then companies may be able to discipline those communications. The larger reality is however that if individuals decide to use personal encrypted and self deleting web applications like Signal or WhatsApp there will be little that companies can do to surveil that practice or stop it.

It is also not clear this new approach is justifiable in the first place. Prosecutors in the internet and email era have become accustomed to the convenience of readily available written emails on centralized and discoverable servers that document the day-to-day decisions and communications of senior executives.

The availability of encrypted communications like Signal that can self-delete and thereby become immune from traditional discovery practices in legal investigations has been understandably a deep frustration for prosecutors. It’s not nevertheless clear the DOJ’s new approach, which urges companies into a surveillance regime of employee communications, is reasonable or for that matter consistent with principles of privacy and warrant-based seizure underlying the Fourth amendment.

The DOJ’s policy memorandum also indicates companies are expected to disclose information despite that it may be covered by international data privacy laws that limit the company’s ability to share the information with the DOJ. The memo hints that companies are expected to find some way around those data privacy protections and ultimately disclose information to the DOJ in order to obtain full cooperation credit.

The language contained in this memo merely invites subsequent disagreement and uncertainty over whether claims of data privacy protection from companies are legitimately made, and seems to pressure companies to violate or subvert the data privacy laws of other countries in order to make it easier for the DOJ to obtain information.

The DOJ would prefer that all company communications are recorded and preserved. Doubtless the DOJ would prefer that all personal company conversations at lunches or around the water cooler between individuals were also recorded and memorialized, but such a mandated invasion of privacy would not be tolerated even within the DOJ’s aggressive use of this corporate enforcement memo.

Once you accept that a mandate to record all conversations between executives would be out of bounds, you accept that company communications between executives about company business has some element of an expectation of privacy. This assumption then leads to questions about whether the expectations that text messages and emails must all be immutably recorded is at all appropriate. It seems that the DOJ is attempting to achieve a corporate surveillance goal by way of this memo that the government could never get away with via litigation in court, though regulation or even through legislation.

It is also useful to consider that utilizing encrypted communications in everyday business life is not only permitted, it is at times expressly required by the federal government. Various laws require the use of the HTTPS encrypted protocol in Internet communications that include information about minors.

It is an incredible abuse of power in the memo to assert that companies must forever prohibit the use of encrypted communications about company business, particularly in an era in which encrypted communications can provide more data security from hacking than emails on central servers or even the federal government itself can provide with respect to private or personally identifiable information.

More Clawbacks, But Nebulously Defined. Clawback What, When, and Why?

The new memo also highlights a new focus on clawbacks in executive compensation. Publicly traded companies are already required to claw back executive compensation in the event of financial fraud, so it’s not clear how the new policy adds something new to corporate compliance. Will companies now be required to claw back executive compensation for executives who were not a party to a settlement with the DOJ, and who may feel the company’s settlement with the DOJ was not appropriate because they believe both they and the company were innocent of wrongdoing?

If executive compensation clawbacks become triggered by subjective assessments of compliance violations, rather than more objective decisions regarding financial statement restatements, it may create counterproductive uncertainty for executive compensation design and for consistent application of law.

The DOJ asserts in the memo that compensation systems should be designed to discourage employees to “avoid legal gray areas”. This amounts to an incredible assertion that company executives should not merely follow the law but it should further avoid activity that is not clearly prohibited by law. And that companies should set compensation policies such that activity not clearly prohibited by law can result in a clawback of executive compensation. This would appear to be true even in circumstances where the lack of clarity in what is prohibited by law may result from strategic ambiguity on the part of the Department of Justice or federal regulators.

These gray areas in the law may result from failure by the DOJ or federal regulators to provide necessary guidance about the contours of the law or may arise from legal positions or aggressive interpretations taken by those agencies that may be at risk of being overturned by a court if subject to judicial review, yet are unlikely to face judicial review given the nature of corporate settlement negotiations with the DOJ.

It is not clear how an executive compensation agreement could be designed to comply with this requirement to “avoid grey areas” and still comply with basic principles of contract law.

Miscellaneous Changes to DOJ Policy on Prior Infractions, Foreign Enforcement, and Subsidiaries

In the memo the DOJ promised to take a welcome nuanced view in how it weighs prior criminal and civil records for a company. On the one hand, multiple deferred or non-prosecution agreements with the same company over a 10-year period are going to be off the table going forward, which is a reasonable position. On the other hand companies with a good compliance record and robust compliance programs will see prior criminal violations that are 10 years old or older accorded less weight in final charging decisions. These are fairly reasonable yardsticks for weighing prior company history in criminal enforcement. Similarly civil or regulatory infractions older than five years will be given less weight as well.

The memo provides that DOJ prosecutors may delay domestic prosecutions where foreign prosecutors are expected to credibly bring their own actions, but only in the event the DOJ prosecutors have determined those foreign prosecutions will be effective. It remains unclear which foreign jurisdictions are generally deemed to be effective and there are likely particular issues within the context of Foreign Corrupt Practices Act prosecutions that may need to be further clarified by the DOJ.

The new guidance emphasizes that a record of prior criminal infractions by a subsidiary recently acquired by a defendant should not be given significant weight against their resolution provided that the newly acquired subsidiary has been integrated into a well functioning compliance program at the acquiring parent company. This suggests that the level of attention to compliance integration in mergers and acquisitions as well as the level of diligence conducted in initial acquisitions will only further increase in the wake of this new guidance.

The DOJ specifically referenced their FCPA corporate enforcement policy as one example of an existing DOJ policy that rewards and encourages early and voluntary reporting. And yet the FCPA policy has been criticized for giving insufficient additional credit for voluntary reporting. That FCA policy may need to be revisited if the new policy on voluntary reporting is to be effectively implemented.

A Reasonable New Approach to Corporate Monitorships

The DOJ memo also made a number of changes to monitorship practices. The DOJ emphasized that prosecutors should be doing more to oversee monitorships and that monitors would be expected to remain “on budget.” The DOJ continues to strongly emphasize voluntary disclosure and indicates that in the event of voluntary self disclosure independent monitors will not be required if a robust compliance program remains in place.

The DOJ’s new policy on monitor selection requires both that monitors should be selected by an independent committee and further that monitors should be selected in a manner mindful of the DOJ’s policies and commitment with respect to diversity and inclusion.

The selection committee for monitors will be required to include an ethics officer on the committee to ensure that conflicts of interest do not pervade the selection process. This was a concern with respect to selection of monitors in the past and has been closely explored in a GAO report on the issue.

The new guidance also requires a clear work plan for the work of the corporate monitor to ensure agreement between the company, the monitor and the Justice Department with respect to the scope of review. The prosecutor overseeing the monitorship is required to conduct regular communications with the monitor. The memo further creates a ten factor test for monitorship selection.

The new guidance generously notes that prosecutors can determine it is appropriate to cut short the term of a monitorship because the remediation process is happening faster than was initially expected or alternatively prosecutors can determine that a monitorship is taking longer than expected and therefore requires amendments to the scope of the monitor.

Both comments and trackbacks are currently closed.