DOJ Announces New Policy about “Piling On” and Discusses the Role of Compliance in Corporate Enforcement
Government Enforcement Update
In a pair of recent speeches, Deputy Attorney General Rod Rosenstein announced a new Department of Justice (DOJ) policy aimed at encouraging coordination among DOJ and other enforcement agencies and avoiding “unfair duplicative penalties” or “piling on.” Rosenstein also discussed a new DOJ working group designed to further this policy and the role compliance programs play in corporate enforcement.
New Policy to Prevent "Piling On"
In his first speech in New York on May 9, 2018, Rosenstein outlined the new DOJ policy, which, is broadly applicable to corporate crimes and mirrors a previously announced policy that specifically governed Foreign Corrupt Practice Act matters. Describing the premise for the new policy, Rosenstein noted that companies in highly regulated industries are often accountable to multiple government agencies and, as a result, potential repeated penalties. Such piling on risks “going beyond what is necessary to rectify the harm and deter future violations” and can deprive a company of “the benefits of certainty and finality ordinarily available through a full and final settlement.”
Four policy features
The new policy has four features:
- First, “the federal government’s criminal enforcement authority should not be used against a company for purposes unrelated to the investigation and prosecution of potential crime.” For example, criminal investigation cannot be used to persuade a company to pay a bigger settlement in a civil case.
- Second, when resolving a corporate case based on the same conduct, DOJ lawyers from different components should coordinate financial fines, forfeitures, and other penalties to avoid disproportionate punishment.
- Third, DOJ lawyers should similarly coordinate, where applicable and possible, with other “federal, state, local, or foreign enforcement authorities seeking to resolve a case with a company for the same misconduct.”
- Fourth, the policy sets forth certain factors that DOJ lawyers may evaluate in determining whether “multiple penalties serve the interest of justice in a particular case.” Such factors include “the egregiousness of the wrongdoing; statutory mandates regarding penalties; the risk of delay in finalizing a resolution; and the timeliness of a companies’ disclosures and cooperation with the Department.”
Rosenstein also stated, however, that cooperation with other agencies or governments was not a substitute for cooperating with DOJ and that DOJ would take a dim view of companies that made inadequate disclosures to get lenient penalties from other agencies.
New working group
In addition to announcing the new enforcement policy, Rosenstein also announced a new Working Group on Corporate Enforcement and Accountability within DOJ. This working group is intended to “promote consistency” and will make “internal recommendations about white collar crime, corporate compliance, and related issues.”
The Role of Compliance Programs
In the second speech in Washington, DC on May 21, 2018, Rosenstein raised the new policy again, as he spoke to conference of compliance and risk professionals generally about the role of compliance. Invoking Dr. Seuss, Shakespeare, and Justice Scalia, Rosenstein emphasized the importance of compliance and, in particular, lawyers to companies’ success. Compliance “should not be treated as separate and distinct from other business goals,” and a culture of compliance “must be fully integrated into corporate culture.” As for lawyers, Rosenstein noted that they sometimes “elicit ill will” in companies because they tend to “nitpick.” But because “the law demands precision and requires close reading,” lawyers and others in compliance roles are critical. “Obsessing over details is our job.”
Rosenstein compared the corporations’ growing compliance functions with the evolution of DOJ’s own internal watchdogs, tracing the history of the Department from a single part-time Attorney General in 1789 to an agency with over 115,000 employees today. Over that time, DOJ added its own Office of Professional Responsibility in 1975, an internal Office of Inspector General in 1989, and a Professional Responsibility Officer and, later, Advisory Office in the 1990s.
Two key questions about a company’s compliance function
Turning to practical advice for companies under investigation, Rosenstein noted that there are two principal questions DOJ asks:
- What was the state of the compliance program at the time of the improper conduct?; and
- What is the current state of the compliance function, after remediation to address any lessons learned?
With regard to the first question, it “focuses on whether there was an adequate compliance function.” In particular, Rosenstein highlighted the concern over “paper programs”—that is, compliance plans that exist in form but not substance—an issue originally incorporated into DOJ’s internal guidelines on corporate enforcement (the Principles of Federal Prosecution of Business Organizations) in 2008.
Rosenstein compared a good compliance program to preventative medicine. In doing so, however, he acknowledged compliance is “not a one-size-fits-all proposition” and must reflect a company’s particular risk profile. Further, even the best compliance program may not stop all problems, just as even the best preventative medicine will not prevent all illness. Those situations implicate the second question, which looks to whether, after a lapse, the company analyzed the issue and took remedial measures.
Intersection with enforcement
Emphasizing that DOJ uses an “individualized determination” to assess a company’s compliance program, Rosenstein segued to the new enforcement policy to prevent piling on, which he characterized as “designed to ensure fairness and consistency in our corporate resolutions.” After a brief description of the policy, Rosenstein stated that “a company with a robust compliance program can prevent misconduct,” which frees investigators and attorneys to focus on “terrorists, drug traffickers, transnational cyber criminals” and other traditional criminal elements.
As with any new internal policy, the practical effect will depend on how it is applied. The mere creation of the policy is certainly positive news for the corporate world, particularly those companies in highly regulated industries. Like other recent DOJ policy announcements—e.g., the Brand and Granston memos in the False Claims Act area—the corporate enforcement policy gives defense lawyers another tool to use when negotiating with DOJ.
Despite those positives, it is not clear that the new policy is really all that new. As Rosenstein himself noted, prohibiting threats of criminal prosecution to extract a larger civil settlement is not a change in policy, and it should be viewed as a basic principle of fairness and ethical lawyering. Likewise, coordination among different enforcement and prosecutorial agencies is regularly, if sometimes imperfectly, done now and should be a baseline expectation of government agencies. In similar fashion, the recent remarks about the importance of compliance programs will sound familiar to company counsel, business executives, and compliance professionals.
But such quibbles aside, the new policy and the new working group are welcome developments, as is the recognition that compliance functions must be viewed individually and in context of a company’s size and risk profile. In particular, DOJ’s explicit acknowledgement that piling on is not appropriate is encouraging. A policy aimed at preventing it, even if derivative of some existing policies, is a positive sign to businesses attempting to resolve enforcement matters with the federal government.