To restate the obvious – DOJ has prioritized prosecution of national security crimes. For the business world, every company touches the international economy. Even a domestic company might sell products or services outside the United States, or such companies depend on foreign products or services in their supply chain. It is rare indeed to find a company that is not dependent on one way or another on the international economy.
In a recent speech, Principal Deputy Attorney General Marshall Miller pointed out the growing intersection of corporate crime and national security. This is an important trend. According to Miller, since October 2022, two-thirds of the Justice Department’s major criminal cases have implicated national security arising from sanctions violations to terrorism crimes and money laundering. These crimes have involved corporate defendants in a cross-section of industries, including construction, finance, agriculture and telecommunications.
DOJ’s vantage point includes the fight against corruption. As you may recall, the Biden Administration elevated the battle against corruption as a national security interest. Given DOJ’s emphasis on terrorism and cybersecurity, FCPA enforcement is a critical tool in its promotion of democracy and the health of foreign government institutions.
In response to Russia’s invasion of Ukraine, the line between national security and corporate crime has moved significantly toward a broad intersection of interests. Sanctions and export controls are a critical tool in the support of Ukraine against the Russian military. Companies need to recognize that this fact alone mandates a rededication to trade compliance. Even in the face of these DOJ pronouncements, and aggressive enforcement predictions and actions, many companies continue to relegate trade compliance to a second-class status. It is time for this neglect in the corporate governance world to change.
As examples of this new enforcement reality, DOJ cited last year’s prosecution of LaFarge, a global construction company and largest supplier of cement, for funding of terrorist groups, such as ISIS, in the quest of profits. With the knowledge and blessing of senior leadership, LaFarge paid millions of dollars to terrorist groups. In the end, LaFarge acknowledged its responsibility for such terrible financing activities and paid a fine of $750 million.
Continuing in this fashion, DOJ recently announced its settlement with British American Tobacco for circumventing North Korean trade sanctions in a blatant scheme designed to disguise BAT’s continuing interest in earning profits from illegal sales of cigarettes to North Korea. BAT’s financial pursuits directly funded North Korea’s weapons of mass destruction program. BAT paid a massive penalty of $629 million.
PDAG Miller cited another example of intersection in North Korea’s hiring of remote IT workers. Recently, DOJ prosecuted a North Korean official and several China-based crypto launderers for their participation in a cyber, sanctions circumvention scheme, to benefit North Korea’s WMD program. North Korea’s latest scheme involved the hiring thousands of skilled remote IT workers using fake or stolen identities, obtaining telework employment around the world, and then laundering their salary payments for the North Korean government. In some cases, the IT workers embedded vulnerabilities into companies for future exploitation by North Korean hackers.
In reaction to this new landscape of evolving threats and corporate risks, DOJ warned companies to take affirmative steps to improve their compliance programs beyond the implementation of sanctions-screening software and focusing on a few sanctioned countries. As PDAG Miller specifically stated, “ a new level of diligence and attention is required.”
To this end, DOJ has noted the importance of “investing significant additional compliance resources in [preventing national security and criminal misconduct] is common sense.” Global companies have to reassess attendant threats and corporate risks because the nature and extent of these risks is currently evolving.
The broad definition of “national security” extends to other industries, especially those related to Russia’s war effort, and North Korea’s WMD program. So far, we have seen such implications in the cigarette, cement and information technology industries. As PDAG Miller stated, “any company whose operations touch parts of the world controlled by autocracies, the message is simple: national security laws must rise to the top of your compliance risk chart.”
