The Situation: As a follow-up to the deputy attorney general's September 2022 memorandum, the U.S. Department of Justice ("DOJ" or "Department") announced in March 2023 significant updates to its corporate compliance programs guidance, corporate criminal enforcement policies, and an increase of enforcement resources to address national security concerns.
The Result: With DOJ's policy initiatives in mind, companies should carefully evaluate their compliance policies and procedures, particularly those regarding compensation structures, the use of personal mobile devices and messaging applications, and compliance with export and sanctions laws.
Looking Ahead: The updates to DOJ's compliance guidance send a message that DOJ continues to raise the bar on corporate compliance program standards and will closely evaluate the design and effectiveness of corporate compliance programs when making corporate charging, resolution, and monitorship decisions.
Background
At the American Bar Association's National Institute on White Collar Crime in March 2023, Deputy Attorney General ("DAG") Lisa Monaco and Assistant Attorney General for the Criminal Division ("AAG") Kenneth A. Polite, Jr. announced enhanced DOJ compliance program standards as a follow-up to DAG Monaco's September 2022 Memorandum containing compliance program pronouncements. The updates include a new pilot program to promote corporate compensation incentives and clawbacks. DOJ also updated its standards for appointing corporate monitors and revealed a push to prosecute sanctions evasion and export control violations.
Additional Guidance Regarding Use of Personal Devices and Communications Platforms
The Criminal Division revised the guidance its prosecutors refer to when evaluating the adequacy of a company's compliance program (at both the time of the offense and the time of a charging decision) and when ultimately determining the terms of a corporate resolution.
First, the updated guidance includes more detail regarding how prosecutors will evaluate whether a company has implemented effective policies and procedures governing the use of personal devices and third-party messaging platforms—including ephemeral and encrypted messaging applications (e.g., WhatsApp and WeChat)—to ensure that business-related electronic data and communications are preserved.
According to the updated guidance, these policies should be tailored to the corporation's risk profile, with the goal of making business-related data accessible to the company for preservation. Prosecutors are now directed to consider three specific topic areas related to company-related data and communications: (i) the company's communication channels; (ii) the company's policy environment; and (iii) the company's risk management. In this regard, relevant questions include:
Communication Channels
Policies
Risk Management
This updated guidance clearly reflects DOJ's strong interest in company-related data on personal devices, company-issued devices, and third-party messaging platforms. Indeed, in a speech on March 3, AAG Polite remarked that DOJ would more actively seek data from mobile devices, including data from third-party messaging applications. AAG Polite added that should the Criminal Division become aware during an investigation that a company has not produced relevant communications from mobile devices and third-party messaging applications, prosecutors will ask questions about the failure to produce such communications—which may impact the Criminal Division's charging decision as to the company and its assessment of the company's cooperation.
Additional Guidance Regarding Compensation Incentives, Clawbacks, and Related Criminal Division Pilot Program
The Criminal Division's revised guidance also discusses how prosecutors will assess whether a company's compensation system promotes compliant behavior. DOJ renamed a section of its guidance previously titled "Incentives and Disciplinary Measures" to "Compensation Structures and Consequence Management," and updated the section with several revisions related to: (i) compensation structures; (ii) disciplinary measures; and (iii) incentives. The Department also announced a new pilot program to promote compensation systems and compensation clawbacks. These revisions emphasize how DOJ prosecutors will scrutinize whether a company has adequate "consequence management" procedures to identify, investigate, discipline, and remediate violations of law.
Compensation Structures. The guidance includes new questions on how the Criminal Division will evaluate a company's compensation structures and whether they foster a culture of compliance. This reflects DOJ's emphasis on turning to companies to also punish corporate wrongdoers. Criminal Division prosecutors are now directed to consider the following:
Disciplinary Measures. The guidance includes additional questions indicating how the Criminal Division will evaluate a company's disciplinary program:
Incentives to Promote Compliant Behavior. Finally, the Criminal Division updated how it will evaluate whether a company has effective incentives to promote compliant behavior. Prosecutors' evaluations here will consider, among other things, whether the company has made compliance a means of career advancement, offered opportunities for management to serve as a compliance "champion," or made compliance a significant metric for management bonuses.
Compensation Incentives and Clawbacks Pilot Program. In connection with these updates, the DOJ Criminal Division unveiled a new Pilot Program Regarding Compensation Incentives and Clawbacks ("Pilot Program"). The Pilot Program has two parts:
DAG Monaco noted that this part of the Pilot Program has been used recently, referring to a plea agreement that a Danish global financial institution entered into in December 2022, relating to inadequate money laundering controls. As part of the plea agreement, the bank agreed to revise its performance review and bonus system to include criteria related to compliance. Going forward, a bank executive who achieves a failing score in compliance will be ineligible for any bonus that year.
The Pilot Program becomes effective March 15, 2023, and will be in effect for three years.
Revised Criteria for the Selection of Corporate Compliance Monitors
The AAG issued a revised memorandum on the selection of monitors in Criminal Division matters. The revised memorandum clarifies four policy positions: (i) monitor selections are and will be made in keeping with the Department's commitment to diversity, equity, and inclusion; (ii) prosecutors should not apply presumptions for or against monitors; (iii) the requirements for monitors apply to a monitor's entire team in addition to the lead monitor; and (iv) the cooling off period for monitors is now not less than three years, rather than two years, from the date of monitorship termination.
Recent statistics bear out DOJ's commitment to diversity, equity, and inclusion in monitor selections. Five out of seven DOJ corporate monitors selected during the Biden administration are diverse (four are women and the fifth is a non-white man). In comparison, for example, between 2004 and 2018, six out of 45 corporate monitors were diverse (three women and three non-white male attorneys). For more background on this topic, please review Jones Day's September 2021 White Paper on Diversity in Monitorship Selection.
When considering whether to impose a monitor, the Criminal Division is still directed to do so where there is a demonstrated need or benefit from a monitorship. This includes situations where the corporation's compliance program and controls are untested, ineffective, inadequately resourced, or not fully implemented at the time of a resolution. On the other hand, a monitor may not be necessary if a company's compliance program and controls are "tested, effective, adequately resourced, and fully implemented at the time of a resolution."
More DOJ Resources to Prosecute Exports and Sanctions Violations
As part of DOJ's recognition of the increasing intersection between national security concerns and corporate crime, the DAG announced a plan to significantly restructure and devote more resources to the Department's National Security Division ("NSD"). The NSD is responsible for investigating, prosecuting, and supervising the general enforcement of federal criminal laws related to counterintelligence and counterterrorism. The NSD's purview includes, among other things, criminal enforcement of U.S. economic sanctions and export control laws and regulations that are respectively administered by agencies within the Treasury and Commerce Departments, which have significantly expanded in recent years to address evolving and complex national security concerns posed by foreign adversaries. The Biden Administration has prioritized using these authorities to hinder Russia's war efforts against Ukraine and to restrict Chinese access to U.S. advanced technologies.
The Department's plan will reportedly consist of adding more than 25 prosecutors to focus on enforcement efforts concerning sanctions evasion, export control violations, and similar crimes. These prosecutors will be housed within NSD under the DOJ's forthcoming appointment of its first-ever Chief Counsel for Corporate Enforcement. With this new restructuring of resources and personnel, the NSD is expected to work with private industry to investigate sanctions and export control evasion. Highlighting the importance of this "surge of resources," and with a nod to DOJ's long-standing prioritization of Foreign Corrupt Practices Act ("FCPA") enforcement, the DAG stated: "As I've said before, sanctions are the new FCPA."
The announcement reflects a concerted effort to increase collaboration and coordination among federal agencies and with the private sector to bolster enforcement efforts. Last month, DOJ announced that the NSD would be partnering with the Commerce Department to form a "Disruptive Technology Strike Force" in an effort to prevent countries such as China and Russia from obtaining sensitive data and technologies. In addition to increasing enforcement of U.S. export controls, the Task Force will aim to develop and strengthen partnerships between prosecutors, the intelligence community, and the private sector.
The NSD has also started to issue joint advisories and compliance publications with the sanctions and export controls regulators within the U.S. Commerce and Treasury departments to inform the business community about DOJ's expectations as to national security compliance. One such publication is the March 2, 2023, Tri-Seal Compliance Note, which focuses on efforts to prevent the use of third-party intermediaries to evade Russia-related sanctions and export controls. The publication admonishes the private sector to remain vigilant in identifying, preventing, and disclosing transactions that may have been used or were intended to circumvent applicable sanctions; provides a list of common red flags or scenarios that companies should consider when evaluating whether a transaction may implicate U.S. sanctions or export controls; and underscores the U.S. government's use of civil and criminal authorities to identify and redress violations.
Four Key Takeaways