Alex Cotoia, Regulatory Manager at The Volkov Law Group, rejoins us for a post providing additional color into U.S. Deputy Attorney General Lisa Monaco’s recent announcement on changes to DOJ policies. Alex can be reached at [email protected].

On October 28, 2021, U.S. Deputy Attorney General Lisa O. Monaco—a veteran of government service in previous Administrations and a champion of corporate accountability—announced several significant changes to current Department of Justice (“DOJ”) policies.  As Mike summarized recently, these changes have broad repercussions for the compliance functions of all organizations.

In brief introductory remarks to the American Bar Association’s (“ABA’s”) 36^th National Institute on White Collar Crime, Monaco noted that she had spent some time “considering the current enforcement landscape” since her return to the DOJ in April 2021. Among other things, she concluded that corporate crime and actions that compromise the national security interests of the United States increasingly intersect—as in the case of cyberattacks initiated by foreign aggressors that exploit IT vulnerabilities to access and/or manipulate information, and the case of companies that flagrantly violate U.S. economic sanctions and export control regulations. Although Monaco noted that these changes were largely of “degree and not of kind,” she reiterated the DOJ’s commitment to vigorously “enforce the criminal laws that govern corporations, executives, officers, and others, in order to protect jobs, guard savings and maintain [the public’s] collective faith” in a well-regulated price-directed free market economy.

Of relevance to compliance professionals in particular are the three (3) main policy changes that Monaco announced in relation to: (1) individual (not just institutional) accountability for corporate misconduct; (2) issuance of new guidance that considerably expands prosecutorial discretion by allowing DOJ personnel to consider all prior misconduct by an organizational offender; and (3) a commitment to the more regular utilization of corporate monitors “whenever it is appropriate to do so.” 

With respect to individual accountability, Monaco insisted that DOJ policy under Attorney General Merrick Garland starts with the individuals ultimately responsible for the underlying criminal act. While stressing that cases against corporate executives can often be difficult to prosecute, Monaco nonetheless reiterated—echoing the Principles of Federal Prosecution—that the fear of losing should not dissuade prosecutors from holding culpable executives and senior officials responsible for their criminal acts. Therefore, the DOJ has restored prior guidance (rescinded in more recent years) requiring all organizations wishing to qualify for cooperation credit to disclose the full “cast of characters” involved in the underlying scheme and produce all relevant non-privileged material with respect to those individuals. As Monaco emphasized, the obligation to produce this information is no longer confined to individuals deemed to have been “substantially involved” in the misconduct. Such a limitation, Monaco noted, not only ignores the fact that individuals ‘peripherally’ involved in misconduct can have valuable information for federal agents and prosecutors but affords companies “too much discretion in deciding who should and should not be disclosed to the government.” As such, organizations must now identify all individuals—irrespective of position, status, or seniority—that are involved in the suspected misconduct.

Second, Monaco announced a seismic shift in DOJ policy that now requires prosecutors to consider the full panoply of historical misconduct associated with a recidivist offender. As an illustration of this point, Monaco noted, for instance, that in considering whether an organization violated the FCPA, a prosecutor should also explore the organization’s previous enforcement history. As Monaco hypothetically iterated, this would include considering whether the same organization has run afoul of federal tax laws, environmental and natural resources regulations, money laundering prohibitions, and other federal laws and regulations. While previously, consideration of prior misconduct by organizations was limited to the immediate area of concern, the DOJ will now consider the full criminal, civil, and regulatory record of the organization in deciding what resolution is most appropriate for the criminal conduct at issue. At its core, the new DOJ policy seeks to “harmonize” the treatment of individuals and organizations under federal law. More significantly, however, the policy underscores the need for organizations to take all of their compliance obligations seriously.

Monaco further heralded a reversal of the implicit policy of the DOJ that purportedly disfavored the use of corporate monitors in resolving criminal actions against organizations. Under new DOJ leadership, independent corporate monitors—selected on an objective basis yet to be established by the DOJ—will be utilized more routinely as a safeguard to ensure that the riskiest offenders are “living up to [their] compliance and disclosure obligations” under either a Deferred Prosecution Agreement (“DPA”) or a Non-Prosecution Agreement (“NPA”). In a similar vein, Monaco noted that the DOJ would aggressively pursue organizations that avail themselves of the leniency afforded by pre-trial diversion, only to continue committing crimes. As such, Monaco stated that the DOJ would aggressively pursue such companies with “serious consequences” imposed for violating a DPA or NPA’s explicit terms. As an example, Monaco pointed to two (2) recent breach notifications issued by the DOJ to multinational corporations who violated the terms of their respective agreements with the DOJ.

Monaco’s announcement is unsurprising given her previous experience as both a federal prosecutor and extensive involvement in the private sector. As we predicted in a podcast around the time Garland and Merrick assumed their positions, corporations could expect an increase in federal enforcement efforts aligned with the Biden Administration’s goal of ferreting out bribery and corruption on an international scale.

The bottom line is that the halcyon days of lax enforcement by the DOJ and other key federal regulators have come to a swift conclusion. As compliance professionals have reiterated for years now, compliance is considered an integral business function of an organization that warrants significant attention, appropriate resources, and autonomy to detect and deter potential violations of the law. Organizations of all shapes and sizes operating in every sector of the economy should avail themselves of the DOJ’s latest announcement by re-examining their risk assessments, internal controls, policies and procedures, and perhaps most importantly, organizational cultures.