The Justice Department is wedded to its FCPA Corporate Enforcement Policy (excuse me for the use of “wedded,” we recently celebrated our son’s wedding). Nonetheless, DOJ has to adjust its Policy in response to experience and feedback. That is a good thing and one that helps to ensure that the Policy is predictable and consistent in its application.
I am convinced that the FCPA Corporate Enforcement Policy is settling into an effective statement and balancing of competing interests. It has been a fairly straightforward process over the last ten to fifteen years for the Justice Department to arrive at its current state.
My conclusions rests on several important indicators – the Policy was “expanded” to cover merger and acquisition situations, and has been cited as guidance for resolution of other corporate enforcement actions involving offenses outside the FCPA realm. So, for now, the FCPA policy guides criminal investigation and enforcement for money laundering, criminal sanctions and export control violations, corporate fraud and other criminal offenses within DOJ’s purview.
In a recent announcement, on March 8, 2019, DOJ announced several revisions to its Policy. The revisions include a number of changes – the most significant is the relaxation of its prohibition on ephemeral messaging systems. The revised Policy also clarifies DOJ’s handling of de-confliction and reinforces its earlier pronouncement that the Policy applies to companies involved in merger and acquisition transactions.
The FCPA Corporate Enforcement Policy, which was adopted in November 2017, and is set out in the Justice Manual, the internal document that sets forth policies and procedures applicable to federal prosecutions. The Policy provides companies with a presumption that it was receive a declination if the company voluntarily self-discloses, fully cooperates and timely and appropriately remediates (assuming that no aggravating factors are present, e.g. recidivist, senior official involvement).
As part of the required remediation, companies had to prohibit employees from “using software that generates but does not appropriately retain business records or communications.” In response to the burdensome nature of this requirement, DOJ prosecutors heard concerns about the application of this restriction. As a result, DOJ revised its Policy to require companies to “implement appropriate guidance and controls on the use of personal communications and ephemeral messaging platforms that undermine the company y’s ability to appropriately retain business records or communications or otherwise comply with the company’s document retention policies or legal obligations.”
DOJ’s original Policy prohibition ignored the real-world application of ephemeral messaging systems, such as WhatsApp, which are routinely used by business employees. The prohibition was unrealistic given the business reality of current communications systems. The new Policy provides greater flexibility to companies to account for their respective document retention policy and legal requirements.
DOJ also modified its requirement that a company seeking to fully cooperate must ensure that it de-conflicts any plan to interview or investigate persons with the Justice Department so that it does not conflict with or harm the Justice Department’s investigative actions. DOJ clarified that the “de-confliction” requirement had limited scope and was not intended to inject DOJ oversight or direction of a company’s internal investigation.
The revised Policy also incorporated prior announcements by DOJ that companies involved in merger and acquisition due diligence or post-acquisition integration efforts can avail themselves of the Policy in the event that they uncover misconduct. In other words, a company that discovers foreign bribery during the pre-closing due diligence or post-acquisition audit, can earn a declination if it voluntarily discloses the conduct, fully cooperates and implements a robust anti-corruption compliance program in the acquired company. DOJ emphasized that it wants to encourage companies with strong corporate cultures of compliance to move forward with an acquisition of a company that may have legacy FCPA compliance issues.