On Oct. 2, 2016, the U.S. Department of Justice (DOJ), National Security Division (NSD) published Guidance setting forth its policy of encouraging business organizations to voluntarily self-disclose criminal violations of statutes implementing the U.S. government's export control and sanctions regimes, as administered by the State and Commerce Departments and the Office of Foreign Assets Control, under the Arms Export Control Act (AECA)1 and the International Emergency Economic Powers Act (IEEPA).2 Notably, the Guidance does not reference the Trading With the Enemy Act (TWEA),3 which provides the statutory authority for the U.S. embargo of Cuba; it is unclear whether this omission was intentional or merely an oversight.

According to the NSD, the Guidance seeks to deter individuals and companies from engaging in export control and sanctions violations, encourage companies to implement strong export control and sanctions compliance programs to prevent and detect such violations, and increase the ability of the NSD and U.S. Attorneys' Offices to prosecute individual wrongdoers. The Guidance also aims to provide greater transparency regarding what is required from companies seeking credit for voluntarily self-disclosing potentially criminal conduct, cooperating with an investigation and engaging in proper remediation efforts. It further sets forth certain aggravating factors that can lead to enhanced penalties.

Relevant Definitions

As a threshold matter, the Guidance explains what constitutes a voluntary self-disclosure (VSD), full cooperation, and timely and appropriate remediation.

VSD. In order for a company's disclosure to be deemed voluntary, the company must disclose 1) the conduct "prior to an imminent threat of disclosure or government investigation;"4 2) the conduct to the appropriate regulatory agency "within a reasonably prompt time after becoming aware of the offense," 5 with the burden to demonstrate timeliness on the company; and 3) all relevant facts known to the company, including facts about the individuals involved in any export control or sanctions violation.

Full Cooperation. A company's level of cooperation is assessed on a case-by-case basis. Full cooperation requires, however, certain actions, including the following:

Disclosure of all facts relevant to the wrongdoing at issue;

  • Proactive, rather than reactive, cooperation;
  • Preservation, collection, and disclosure of relevant documents and information;
  • Provision of timely updates regarding the company's internal investigation;
  • De-confliction of an internal investigation with the government investigation, if relevant;
  • Provision of facts relevant to potential criminal conduct by third parties;
  • Making available for interviews relevant company officers and employees;
  • Disclosure of all relevant facts gathered during the company's independent investigation;
  • Disclosure of overseas documents and related information;
  • Unless legally prohibited, facilitation of third party production of documents and witnesses from foreign jurisdictions; and
  • Where requested and appropriate, provision of translations of relevant documents in foreign languages.

Timely and Appropriate Remediation. If a company is eligible for cooperation credit, it may also receive credit for remediation if the company has implemented an effective compliance program,6 appropriately disciplined responsible employees, and set up a system that provides for the possibility of disciplining others and overseeing responsible individuals, and taken additional steps necessary to demonstrate recognition of the seriousness of the corporation's criminal conduct, acceptance of responsibility for it, and implementation of measures to prevent misconduct repetition.

Aggravating Factors

Importantly, the Guidance also sets forth NSD's view of aggravating factors that, if present to a substantial degree, could limit the credit that an organization might otherwise receive after submitting a VSD. Examples of such aggravating factors include the following:

  • Exports of items controlled for nuclear nonproliferation or missile technology reasons to a proliferator country;
  • Exports of items known to be used in the construction of weapons of mass destruction;
  • Exports to a terrorist organization;
  • Exports of military items to a hostile foreign power;
  • Repetition of similar administrative or criminal violations;
  • Knowing involvement of upper management in the criminal conduct; and
  • Significant profits from the criminal conduct compared to lawfully exported products and services.
Potential Credit to a Business Organization

The Guidance explains the possible credit that may be afforded to a business organization that complies with the noted mandates. A VSD, cooperation and appropriate remediation allow a company to be eligible for a significantly reduced penalty, including the possibility of a non-prosecution agreement (NPA), reduced period of supervised compliance, reduced fine and forfeiture and lack of requirement of a monitor. Even if a company does not voluntarily self-disclose a violation but cooperates with the government's investigation and remediates its practices, the company may still be eligible to receive some credit, including a deferred prosecution agreement (DPA), reduced fine and forfeiture and an outside auditor instead of a monitor.

Locus of Filing VSD; Expansion to CES

The Guidance makes clear that it does not change the regulatory agency to which a VSD should be filed, or the respective agencies' procedures for submitting VSDs. Business entities should continue to submit VSDs to the Department of State, Directorate of Defense Trade Controls (DDTC) for violations of the International Traffic in Arms Regulations (ITAR);7 to the Department of Commerce, Bureau of Industry Security (BIS) for violations of the Export Administration Regulations (EAR);8 and to the Department of the Treasury, Office of Foreign Assets Control (OFAC) for violations of U.S. sanctions regulations.9 However, the Guidance expands the agencies to which a VSD should be filed, to include the Counterintelligence and Export Control Section (CES) of the NSD, if the VSD covers potentially willful (i.e., criminal) violations.

Sample Scenarios

The Guidance provides sample scenarios that demonstrate its application to real-world situations.

  • In Example 1, a company attempts to ship ITAR-controlled items to an embargoed country. In this instance, the company conduct is serious, the gain to the company is great and cooperation is minimal. The company would likely be required to enter a guilty plea and accept a monitor (or, at a minimum, an outside auditor). Reduction in financial penalty would not be significant.
  • Example 2 builds on Example 1, escalating the seriousness of the crime a step further by indicating that the acts of a foreign subsidiary of a U.S. company create a threat to U.S. national security. In such an instance, while the foreign subsidiary would likely be required to plead guilty, serve a full term of supervision, forfeit its profits and pay a substantial fine, the U.S. parent corporation, which is cooperative in the government's investigation, would likely be offered an NPA, supervision and a reduced fine.
  • In Example 3, upon discovering wrongdoing by its subsidiary, the European parent corporation files a VSD, fires responsible employees, disciplines other negligent employees, revamps its compliance program, cooperates with the government's investigation and makes employees available for interviews. In this scenario, the European parent corporation would likely face an NPA, a period of supervision and a reduced monetary payment. A monitor or auditor would be unlikely.
  • Example 4 assumes the facts of Example 3 but extends the violations in volume and over a period of several years. Here, prosecutors would likely require the company to enter into a DPA, but the company would receive a reduced fine and period of supervision, and would not likely be subject to a monitor or auditor.
Recommendations

The prevailing practice until now has been to disclose export control and sanctions violations to the relevant government agency(ies), with the knowledge that such agency(ies) could refer the matter to the DOJ if they deemed it appropriate. However, this Guidance now encourages companies to submit a VSD to CES when they become aware that a violation may have been willful. Companies should, therefore, update their export compliance procedures to comply with this changing guidance and ensure that, upon discovering potentially willful violations of U.S. export control and sanctions laws and regulations, they receive maximum mitigation and credit from all relevant agencies, henceforth to specifically include the CES.

In addition to the above, the Guidance highlights the importance of prompt and complete disclosure, comprehensive internal investigation, accurate assessment of failures, and strong remedial action commitment and follow-through. In some instances, there may actually be a mandatory duty to disclose to regulators,10 and companies must be aware of, and in compliance with, such requirements. Any disclosure should be considered very carefully and thoroughly, with the advice of experienced counsel.

Footnotes

1. 22. U.S.C. § 2751, et seq. (1976). The Arms Export Control Act provides the authority to control the export of defense articles and services.

2. 50 U.S.C. §§ 1701-06 (1977). The IEEPA authorizes the president to declare a national emergency and impose economic sanctions in cases of “unusual and extraordinary threats” to the United States.

3. 50 U.S.C. App. §§ 1-44 (1917).

4. U.S.S.G. § 8C2.5(g)(1).

5. Id.

6. An effective compliance program should include: the establishment of a culture of compliance; dedication of sufficient resources; assurance that compliance personnel have the necessary qualifications and experience; institution of an independent compliance function; performance of effective risk assessments; implementation of a technology control plan and required regular training of employees; appropriate compensation and promotion of compliance personnel; auditing of the compliance program; and a reporting structure that facilitates the identification of compliance problems to senior officials and maximizes prompt and complete remediation.

7. 22 C.F.R. §§ 120-130.

8. 15 C.F.R. §§ 730-774.

9. 31 C.F.R. §§ 501-598.

10. For example, Section 126.1(e) of the ITAR requires that “[a]ny person who knows or has reason to know of ... a proposed or actual sale” of ITAR-controlled defense articles, defense services or technical data to an ITAR-proscribed country (e.g., China) “must immediately inform” DDTC.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.