DOJ’s Revised Corporate Enforcement Policy Expands on Previous Factors: History of Misconduct; Voluntary Self-Disclosure; and Compliance Monitors (Part III of IV)
The Lisa Monaco Memo is a new and important restatement of the Justice Department’s approach to corporate crime. It is a worthy read and it sets out a number of new requirements and procedures for DOJ prosecutors investigating corporate crime.
In this posting, we return to review a few remaining important issues.
Evaluating a Corporation’s History of Misconduct — DOJ’s original announcement in October 2021 concerning consideration of prior corporate misconduct in resolving criminal investigations was questioned by a number of practitioners. The revised statement refines DOJ’s approach to this issue by providing guidance on weights to be awarded to various types of prior misconduct.
DOJ intends to examine and weigh a corporation’s history of past misconduct, including prior criminal, civil and regulatory resolutions (both domestically and internationally). DOJ acknowledged that not all past instances of prior misconduct are equally relevant or probative. Prosecutors will now be required to consider the “form of the resolution and the associated sanctions or penalties,” as well as the time between the misconduct, the prior resolution and the conduct underlying the prior resolution.
To guide prosecutors’ review, the Monaco memo directs that the greatest weight should be assigned to recent U.S. criminal resolutions and to prior misconduct involving the same personnel or management. More specifically, DOJ noted that conduct that occurred more than ten years before the conduct under investigation, and civil or regulatory resolutions finalized more than five years before the conduct under investigation, should be accorded less weight since it is likely remote to evaluation of a company’s compliance culture.
In this respect, prosecutors are instructed to review the facts and circumstances underlying a corporation’s prior resolution, including any factual admissions, the seriousness and pervasiveness of the misconduct, the participation of common owners and managers, and the similarity to the conduct under current investigation. If the company is under probation or supervision, or monitorship when the misconduct occurs, this factor should be considered.
DOJ also suggested that relevant consideration include whether the company is heavily-regulated and should restrict any company-to-company comparison to those that are equally regulated in the same industry. Prior misconduct committed by an acquired entity should not be considered so long as the acquired entity has been integrated into an effective, well-designed compliance program, and the acquiring company addressed the root cause of the prior misconduct.
Aside from common personnel between current and past instances of misconduct, DOJ will consider whether the misconduct instances share the same root causes. As part of this review, prosecutors are directed to review remediation efforts, including employee discipline, compensation clawbacks, restitution, management restructuring and compliance program upgrades.
Voluntary Self-Disclosure by Corporations — The Monaco Memo reinforced the benefits of voluntary self-disclosure of facts not known publicly or otherwise known to DOJ. To ensure that the corporation receives significant benefits for such disclosures, the Monaco Memo directed all components that do not have existing voluntary self-disclosure policies to draft and publicly disclose its policy. Any such policy should outline what constitutes a voluntary, self-disclosure, and the specific benefits the company will receive for such a disclosure.
Independent Compliance Monitors — The Monaco Memo reiterated that it will not apply any presumption — in favor of, or opposed to — assignment of an independent compliance monitor as part of a corporate resolution.
In a significant step, the Monaco Memo sets out the factors to be considered when evaluating whether to assign a monitor, including:
- whether the company voluntarily disclosed the misconduct to DOJ;
- whether, at the time of resolution and after a thorough risk assessment, the company has implemented an effective compliance program;
- whether, at the time of the resolution, the company has adequately tested its compliance program and internal controls to demonstrate they would likely detect and prevent similar misconduct in the future;
- whether the underlying conduct was long-lasting or pervasive across the business or was approved, facilitated or ignored by senior management, executives or directors (including because of corporate culture that tolerated risky behavior or did not encourage discussion and reporting of possible risks and concerns);
- whether the conduct involved the exploitation of an inadequate compliance program or internal controls;
- whether the conduct involved active participation of compliance personnel or the failure of compliance personnel to escalate or respond to red flags;
- whether the company took adequate investigative or remedial measures to address the conduct, including, where appropriate, termination of business relationships and practices that contributed to the criminal conduct, and discipline or termination of personnel involved, including supervisory, management or oversight responsibilities;
- whether, at the time of the resolution, the company’s risk profile has substantially changed;
- whether the company faces any unique risks or compliance challenges; and
- whether and to what extent the company is subject to oversight from industry regulators or any other monitor (foreign or domestic).