• DOJ Announces Changes to FCPA Corporate Enforcement Policy
  • December 6, 2017 | Author: Ronald W. Zdrojeski
  • Law Firm: Eversheds Sutherland (US) LLP - Atlanta Office
  • On November 29, 2017, the US Department of Justice (DOJ) issued a revised Foreign Corrupt Practices Act (FCPA) Corporate Enforcement Policy and sweetened the deal for companies that self-report instances of foreign bribery. While the DOJ’s carrot to induce self-reporting had previously promised reduced penalties, the policy announced on November 29 provides that, subject to certain “aggravating circumstances,” a company will receive no penalty at all in instances where it self-reports misconduct in an FCPA matter.

    Deputy Attorney General Rod Rosenstein announced the revised FCPA Corporate Enforcement Policy at the 34th International Conference on the FCPA held in Oxon Hill, Maryland.

    In relevant part, the revised policy states as follows:

    When a company has voluntarily self-disclosed misconduct in an FCPA matter, fully cooperated, and timely and appropriately remediated, all in accordance with the standards set forth below, there will be a presumption that the company will receive a declination absent aggravating circumstances involving the seriousness of the offense or the nature of the offender.

    The change in the policy makes permanent the reduced penalties for self-reporting that were introduced as part of the Obama-era Pilot Program for FCPA enforcement. During his remarks, Deputy Attorney General Rosenstein noted that, “in the year and a half that the Pilot Program was in effect the FCPA Unit received 30 voluntary disclosures, compared to 18 during the previous 18-month period.”1

    While it will be several months before the impact of this shift in policy can be truly evaluated, companies that operate globally should consider the following:

    1. What are aggravating circumstances?

    A company will only receive the full benefit of the announced policy—a declination—in those cases where there are no “aggravating circumstances.” The policy lays out some examples of aggravating circumstances that may warrant criminal resolution, but notes this is a non-exhaustive list: (1) involvement by executive management of the company in misconduct; (2) a significant profit to the company from the misconduct; (3) pervasiveness of the misconduct within the company; and (4) criminal recidivism.

    In those instances where a company does voluntarily disclose wrongdoing and satisfies all other requirements, but cannot qualify for declination because of aggravating factors, the policy provides that the DOJ will recommend a 50% reduction off the low end of the fine ranges provided by the Sentencing Guideline.

    2. When should companies self-report?

    The DOJ expects—and the FCPA Corporate Enforcement Policy requires—timely action. The policy states that to be credited with voluntary self-disclosure in FCPA matters, a company must self-report “within a reasonably prompt time after becoming aware of the offense,” and the burden is on “the company to demonstrate timeliness.” Often companies face the decision of whether to self-report before a full investigation has occurred, meaning that a company may or may not know whether there are “aggravating circumstances” that would disqualify it from receiving a declination at the point when it must decide to self-report.

    3. What does it mean to have an “effective compliance program?”

    In several places, the policy discusses the importance of having an effective compliance program in place. For example, for a company to receive full credit for timely and appropriate remediation in FCPA matters, it must have in place an “effective compliance and ethics program.” Similarly, if criminal resolution is warranted, a company that has an effective compliance program, and has otherwise fully cooperated, self-reported and remediated, will not likely require the appointment of a monitor.

    The policy again provides the following, non-exhaustive list of what may be considered in evaluating effective compliance programs:

    • The company’s culture of compliance, including awareness among employees that any criminal conduct, including the conduct underlying the investigation, will not be tolerated;
    • The resources the company has dedicated to compliance;
    • The quality and experience of the personnel involved in compliance, so that they can understand and identify the transactions and activities that pose a potential risk;
    • The authority and independence of the compliance function and the availability of compliance expertise to the board;
    • The effectiveness of the company’s risk assessment and the manner in which the company’s compliance program has been tailored based on that risk assessment;
    • The compensation and promotion of the personnel involved in compliance, in view of their role, responsibilities, performance and other appropriate factors;
    • The auditing of the compliance program to assure its effectiveness; and
    • The reporting structure of any compliance personnel employed or contracted by the company.

    Although the prospect of a declination is encouraging for companies that would consider self-reporting, the issues of cooperation, what constitutes an effective compliance program, and whether aggravating circumstances are involved are subjective determinations. Ultimately, the government will still hold the power in deciding what credit should be given in any particular case.

    1 Rod Rosenstein, Deputy Attorney General , Remarks at the 34th International Conference on the Foreign Corrupt Practices Act (Nov. 29, 2017) (available at https://www.justice.gov/opa/speech/deputy-attorney-general-rosenstein-delivers-remarks-34th-international-conference-foreign)