Last week, on March 2, 2023, Deputy Attorney General Lisa Monaco ("DAG Monaco") delivered remarks announcing significant updates to DOJ's corporate compliance program, including: (i) implementation of consistent voluntary self-disclosure policies across all DOJ divisions and U.S. Attorneys' Offices; (ii) a new pilot program on compensation incentives and clawbacks; and (iii) significant resource allocation to address corporate violations of sanctions and export controls. DAG Monaco asserted that these changes are intended to incentivize companies to do more to prevent or deter criminal wrongdoing before it happens, or to address it head-on by holding those culpable directly accountable.

Building upon DAG Monaco's remarks, on March 3, 2023, Assistant Attorney General Kenneth A. Polite, Jr. ("AAG Polite") announced several other policy changes with respect to corporate criminal enforcement at DOJ, including: (iv) further revisions to the Evaluation of Corporate Compliance Programs guidance, specifically a company's policies related to messaging applications; and (v) a new memorandum on the selection of monitors in Criminal Division matters. AAG Polite echoed DAG Monaco's assertion that these reforms are intended to promote ethical corporate citizenship by ensuring that a company's good behavior unlocks tangible benefits, while the failure to live up to legal obligations will be met with severe consequences.

Summary & Takeaways of New Corporate Criminal Compliance Policies

(i) Voluntary Self-Disclosure Programs

DAG Monaco announced that every U.S. Attorney's Office, and every DOJ division that prosecutes corporate crime, now has in place a voluntary self-disclosure program based on a common principle: "[A]bsent aggravating factors, no department component will seek a guilty plea where a company has voluntarily self-disclosed, cooperated and remediated the misconduct." Each division has tailored its policy to serve its specific mission; for example, aggravating factors can differ from the National Security Division to the Environment and Natural Resources Division.

Key Takeaway: While DOJ's goal is to incentivize companies to quickly discover and report corporate wrong-doing to DOJ, as previously discussed, whether the "carrots" that DOJ offers will apply to a particular disclosure require a more nuanced analysis. Where there is a pre-existing obligation to disclose or an imminent threat of government investigation, DOJ may find that the disclosure was not voluntary. Still, companies investigating potential criminal conduct should be keenly aware of the applicable self-disclosure policies and take steps early to preserve the option in an effort to avoid a guilty plea.

(ii) Compensation and Clawback Pilot Program

DAG Monaco also announced the launch of a Pilot Program on Compensation Incentives and Clawbacks. Under this program, DOJ's Criminal Division will now require all companies that enter into criminal resolutions to develop compliance-promoting criteria within its compensation and bonus system and report to the Division annually about such implementation during the term of the resolution. This may include prohibiting bonuses for employees who do not meet compliance performance requirements and incentivizing (through bonuses or compensation) employees who demonstrate a commitment to compliance processes.

Furthermore, the Criminal Division will decrease the fines imposed on companies that seek to claw back compensation from "culpable employees" as well as those who had supervisory authority over such employees and knew of, or were willfully blind to, the misconduct. At the outset of a criminal resolution, the resolving company will pay the applicable fine, minus a temporary credit equal to the amount of compensation the company is attempting to claw back. If the company succeeds in recouping that compensation, it retains that amount and pays no further fine – i.e., the financial benefit is double the amount clawed back. And, those companies that pursue clawbacks in good faith, but are unsuccessful, are still eligible to receive a fine-reduction of up to 25% of the amount of compensation the company attempted to claw back. Such reductions are to be made at the discretion of the prosecutors, and may be warranted where, for example, a company incurred significant litigation costs for shareholders. The Pilot Program is a three-year initiative applicable to all corporate matters handled by the Criminal Division and is effective March 15, 2023.

Key Takeaway: While only a pilot program, companies should consider revising their compliance programs to make clear that compensation, including bonuses, may be subject to clawback if criminal conduct is later uncovered. Having such a policy in place may give companies the flexibility should they need to use it and may help demonstrate a more robust compliance program to DOJ. However, in deciding whether to claw back compensation, companies need to weigh the potential costs of pursuing such recovery, analyze individual employment/compensation agreements, and consider the culpability of each individual employee.

(iii) Resource Allocation to National Security Division

Finally, DAG Monaco announced significant restructuring and resource commitments within DOJ's National Security Division to address the "intersection of corporate crime and national security." Specifically, DOJ plans to add at least 25 new prosecutors who will investigate and prosecute sanctions evasion, export control violations, and similar crimes. In addition, DOJ will be making a substantial investment in a specialized banking unit in the Criminal Division's Money Laundering and Asset Recovery Section. The National Security Division will also begin issuing joint advisories with the Commerce and Treasury Departments detailing enforcement trends and expectations regarding national security-related compliance.

Key Takeaway: While the global response to Russia's invasion of Ukraine raised the awareness of sanctions and export control risk to companies, with this latest announcement, DOJ is making clear that national security, with its headline generating cases and high-stakes punishments, will be a priority for corporate enforcement for years to come. For any company that operates internationally, compliance programs should include specific provisions and controls that address the complex and technical rules regarding sanctions and export controls, similar to policies addressing the Foreign Corrupt Practices Act ("FCPA"). Compliance risk does not stop at the company itself: sanctions and export control compliance and due diligence must be built into contracts with agents, and into deals for mergers and acquisitions. As DAG Monaco pronounced: "What was once a technical area of concern for select businesses should now be at the top of every company's risk compliance chart . . . . in today's world, sanctions are the new FCPA."

(iv) Corporate Compliance Guidance Revisions

In his keynote address the next day, AAG Polite announced significant revisions to the Evaluation of Corporate Compliance Program guidance, which federal prosecutors use to determine whether and to what extent a corporation's compliance program was effective at the time of an offense and when negotiating a resolution. The substantive changes to the guidance cover two areas. First, the guidance updates how prosecutors should analyze "consequence management," or incentives and disincentives for compliance. The revised guidance now details the compensation and clawback considerations discussed above and instructs prosecutors to consider whether financial incentives (including promotions, bonuses, commissions) encourage ethical and compliant business practices. Companies are now more encouraged to have clear and transparent discipline measures that are communicated to employees, both generally and as they are applied to instances of misconduct.

The second set of substantive changes relates to the use of messaging applications or communication channels that generate ephemeral data, which is, by design, only stored temporarily. Under the revised guidance, DOJ will consider whether a company's policies governing acceptable technology use and data retention and management are reasonable and tailored to the company's risk profile and business needs to ensure that business-related data—wherever located and in whatever form—can be preserved and accessed when necessary. DOJ will consider whether and how a company has enforced these policies and what steps the company takes to manage security and control over the use of ephemeral communication channels. AAG Polite offered a clear warning to companies that allow the use of these messaging applications: "A company's answers – or lack of answers – may very well affect the offer it receives to resolve criminal liability."

Key Takeaway: Most companies have policies governing document and data retention, acceptable technology use, and the use of personal devices for business-related communications. DOJ's announcement should serve as a reminder to integrate those policies with a company's overall compliance program, as well. These policies should be revisited and updated regularly and reinforced with employees. Companies also need to take reasonable steps to monitor and enforce these policies, including by periodically checking whether business-related communications are being maintained as directed.

(v) Selection of Monitors in Criminal Division Matters

Finally, AAG Polite announced that DOJ has issued a revised memorandum on the selection of monitors in Criminal Division matters. DOJ increasingly includes requirements for corporate monitors as a component of negotiated criminal resolutions, who independently assess and scrutinize future compliance efforts within the company. AAG Polite focused on one of the memorandum's provisions, which makes explicit that any submission of a monitor candidate by the company and selection of a monitor candidate by the Criminal Division should be consistent with DOJ's commitment to diversity, equity, and inclusion.

The updated memorandum offers four clarifications. First, it makes explicit that prosecutors should not apply presumptions for or against monitors and should consider a set of non-exhaustive factors when assessing the need for a monitor. Second, it clarifies that many of the requirements for monitors apply to the entire monitor team, not just the titular monitors. Third, it requires monitor selections to be consistent with DOJ's commitment to diversity, equity, and inclusion. And fourth, it changes the "cooling off" period for monitors – i.e., how soon after concluding a monitorship a person can be engaged by the company for new work – to not less than three years (rather than two years) from the date of the termination of the monitorship.

Key Takeaway: Through the issuance of revised monitorship guidance, DOJ is once again making clear that it views independent monitors as a useful component of plea agreements, deferred prosecution agreements, or non-prosecution agreements. DOJ values monitors to assess a company's compliance with any criminal resolution, to ensure a higher standard of compliance is met long-term, and to reduce the risk of recidivism of criminal behavior. Companies seeking resolutions with the DOJ may be able to leverage monitors to their benefit, especially if their compliance program has been otherwise ineffective or deficient.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.