Co-operating with the Authorities: The US Perspective

16.1 Introduction

Government investigations of corporations can start quietly or loudly. A subpoena might arrive in the mail; an employee might speak up to a manager; federal agents might raid the offices and seize files, computers and cell phones; or border patrol agents might stop an employee, or a CEO, at the airport. However an investi­gation commences, a critical question at the outset is whether the company should co-operate in a government inquiry, and, if so, how, and to what extent. Like a game of chess, a company’s opening moves can dictate the end game and must be chosen with care. In the best case, investi­gations quickly and cost-effectively point the authorities towards individual wrongdoers, the company’s effort is short-lived, and it incurs no penalty. In the worst case, Pandora’s box is opened.

While the decision to co-operate will turn on the unique factual and legal circumstances faced by a company, this chapter aims to guide the reader through the decision-making process, whether the investigation concerns the Foreign Corrupt Practices Act (FCPA), securities, antitrust or sanctions laws, or the False Claims Act, or other government actions. This chapter discusses how US government authorities define co-operation, identifies the pros and cons of co-operating with the authorities and highlights special considerations in multi-agency and cross-border investigations.

16.2 What is co-operation?

Co-operating with a US government authority generally entails providing all relevant, non-privileged information. This can amount to ensuring that key witnesses are available for interviews by the government, sharing information gleaned from internal interviews of employees, providing relevant documents as well as context and background for those documents, giving factual presentations, and agreeing to take remedial action where appropriate.

16.2.1 Department of Justice’s general approach to co-operation

The Department of Justice (DOJ) issues guidance and policies for prosecutors in its Justice Manual. Its chapter on Principles of Federal Prosecution of Business Organizations sets forth ten factors that prosecutors should consider when investigating, deciding whether to charge and negotiating a plea or other agreement with a company. Among these is consideration for ‘the corporation’s willingness to cooperate, including as to potential wrongdoing by its agents’.^[2] The Justice Manual states that a company is eligible for co-operation credit if it:

identif[ies] all individuals substantially involved in or responsible for the misconduct at issue, regardless of their position, status or seniority, and provide[s] to the Department all relevant facts relating to that misconduct. If a company seeking co-operation credit declines to learn of such facts or to provide the Department with complete factual information about the individuals substantially involved in or responsible for the misconduct, its co-operation will not be considered a mitigating factor under this section.^[3]

In other words, to obtain co-operation credit, a company must provide all non-privileged facts concerning misconduct.^[4] In addition, the company must not intentionally remain ignorant about misconduct and cannot cherry-pick facts to share with the DOJ.^[5]

The DOJ’s current approach to co-operation, as reflected in the Justice Manual, emphasises holding individuals accountable for their misconduct and requires companies to disclose the identities of all individuals involved. The DOJ’s approach to co-operation has evolved over the years, often changing with each new administration, as articulated through a series of DOJ policy speeches. Prior to September 2015, companies might obtain partial co-operation credit without identifying the individual wrongdoers to the DOJ; this might even have been sufficient to avoid charges in some instances.^[6] In September 2015, in the so-called ‘Yates Memorandum’, the DOJ announced that co-operation would require disclosure of all individual misconduct, regardless of the individual’s title or seniority at the company.^[7] In November 2018, the DOJ scaled back this requirement for co-operation credit, announcing a policy revision that required companies to identify only individuals substantially involved in or responsible for misconduct.^[8] Most recently, in October 2021, the DOJ rescinded its prior 2018 guidance, stating that it will ‘no longer be sufficient for companies to limit disclosures to those they assess to be “substantially involved” in the misconduct’.^[9] Instead, the DOJ returned to its guidance under the Yates Memorandum, requiring identification of all individuals involved and all non-privileged information about individual wrongdoing for companies to be eligible for co-operation credit.^[10] The DOJ emphasised in September 2022, however, that the ‘mere disclosure of records . . . is not enough’.^[11] Rather, to receive full co-operation credit, companies must produce all relevant, non-privileged information ‘on a timely basis’. Such information includes relevant work-related communications, including those sent on personal devices and through third-party messaging systems for business purposes.^[12] Moreover, the DOJ expects that companies share ‘particularly relevant information’ ‘promptly’ after its discovery.^[13] The failure to co-operate timely, the DOJ commented, could lead to co-operation credit being reduced or eliminated. This change in guidance makes it more difficult to obtain co-operation credit because companies must provide significant detail about all employees and management involved in the alleged misconduct without delay. The DOJ’s evolving approach continues to reflect the inherent challenges in charging individuals in complex, white-collar investigations, where prosecutors often must sort through and understand ‘complex corporate hierarchies [and] enormous volumes of electronic documents’ while navigating ‘a variety of legal and practical challenges that can limit access to the evidence’ that the DOJ needs to bring charges against individuals, especially when evidence is located outside the United States.^[14]

What does this mean in practice for a company under investigation? The DOJ wants to learn information such as: how and when the alleged misconduct occurred; who promoted or approved it; who was responsible for committing it;^[15] and all individuals involved in setting a company on a course of criminal conduct, regardless of their position, status or seniority.^[16] To provide this, company counsel may relay facts to the DOJ by producing relevant documents, allowing the DOJ to interview employees (including acquiescing to ‘deconfliction’ requests from the DOJ that the government interview employees before company counsel does so), proffering information obtained from an internal investigation or analysing voluminous or complex documents. To obtain full credit, the DOJ will consider the timeliness of the disclosures, whether the company undertook a proactive approach to co-operating, and the thoroughness of the company’s investigation.^[17] The DOJ does not expect companies to undertake a ‘years-long, multimillion dollar investigation every time a company learns of misconduct’; rather, companies are expected ‘to carry out a thorough investigation tailored to the scope of the wrongdoing’.^[18] The DOJ, consistent with indications from Attorney General Merrick Garland, said that its ‘first priority in corporate criminal matters [is] to prosecute the individuals who commit and profit from corporate malfeasance’.^[19] In practice, companies seeking co-operation therefore need not ‘have all the facts lined up on the first day’ they talk to the DOJ, but they should turn over relevant information to the DOJ on a rolling basis as they receive it.^[20]

To ensure that the company’s disclosures to the DOJ are extensive and that its internal investigation is thorough, and to fulfil the DOJ’s own obligation to make just decisions based on the fullest possible set of facts, the DOJ usually undertakes its own parallel investigation. Accordingly, the Justice Manual instructs prosecutors to:

proactively investigat[e] individuals at every step of the process – before, during, and after any corporate co-operation. Department attorneys should vigorously review any information provided by companies and compare it to the results of their own investigation, in order to best ensure that the information provided is indeed complete and does not seek to minimize, exaggerate, or otherwise misrepresent the behaviour or role of any individual or group of individuals.^[21]

Counsel may encounter situations where it is unclear whether misconduct has actually occurred, because the corporate client either does not have access to the relevant information or, even with full access, cannot discern whether there is malfeasance. In this regard, the DOJ has emphasised that it ‘just want[s] the facts’ – it does not expect counsel for the company ‘to make a legal conclusion about whether an employee is culpable, civilly or criminally’.^[22]

In other cases, a company may find that relevant documents in a foreign location cannot be produced to US authorities because of foreign data privacy, bank secrecy or other blocking laws. The Justice Manual recognises that such situations may occur and acknowledges that a company may still be eligible for co-operation credit, though the company will bear the burden of explaining why co-operation credit is still justified despite the restrictions faced by the company in gathering or disclosing certain facts.^[23] In September 2022, the DOJ indicated that co-operating companies must also identify ‘reasonable alternatives’ to providing the requested facts and evidence if foreign laws prevent disclosure.^[24] Conversely, the DOJ noted that using foreign laws to shield against the detection and investigation of misconduct may lead to an adverse inference being drawn against the company.^[25]

Likewise, the DOJ recognises that work communications are increasingly occurring outside a company’s systems: instead, personal devices and third-party messaging services are increasingly being used for business purposes. To ensure that this trove of evidence is preserved, the DOJ has made clear that a company’s ability to preserve and produce relevant work-related communications, whether on its systems or otherwise, is an ‘important factor’ in assessing its co-operation.^[26]

The DOJ has emphasised that co-operation does not require a company to waive the attorney–client privilege or the attorney work-product protection.^[27] While a company may decide to waive these privileges and protections when it suits its interests to do so, prosecutors may not request such a waiver.^[28]

16.2.2 Other Department of Justice policies regarding co-operation

In September 2022, the Deputy Attorney General directed all DOJ components that prosecute corporate crimes and have not yet done so to issue their own co-operation guidelines. The Deputy Attorney General further instructed that the guidelines must adopt several principles of voluntary self-disclosure, as discussed below.^[29] Several components of the DOJ have already issued guidelines regarding the FCPA, antitrust law, the False Claims Act and export controls and sanctions, which also are discussed below.

16.2.2.1 The DOJ’s overarching principles

In September 2022, the DOJ directed each component that prosecutes corporate crime to put in place a formal, written policy on corporate co-operation based on the following principles regarding voluntary self-disclosure:^[30]

• First, absent aggravating factors such as deeply pervasive misconduct, the DOJ component must not seek a guilty plea where a company has: (1) voluntarily self-disclosed; (2) fully co-operated; and (3) timely and appropriately remediated the criminal conduct.^[31] Each component has been directed to provide additional guidance on aggravating factors as part of its policy.^[32]
• Second, the DOJ specified that components should generally not require the imposition of a monitor, so long as the co-operating company: (1) voluntarily self-disclosed the relevant conduct; and (2) at the time of the resolution, demonstrated that it has implemented and tested an effective compliance program.^[33]

16.2.2.2 The FCPA Pilot Program and Corporate Enforcement Policy

In April 2016, the DOJ announced a pilot programme for FCPA cases with the goal of motivating ‘companies to voluntarily self-disclose FCPA-related misconduct, fully cooperate with the [DOJ Criminal Division’s] Fraud Section, and, where appropriate, remediate flaws in their controls and compliance programs’.^[34] The Pilot Program, which was initially meant to last one year, became a permanent DOJ programme in November 2017.^[35] Known as the FCPA Corporate Enforcement Policy, it is designed to encourage companies to self-report any potential FCPA violations and promote increased co-operation with the DOJ.^[36]

To be eligible for the full benefits of the FCPA Corporate Enforcement Policy, companies must: (1) voluntarily self-report all facts within a reasonably prompt time, (2) offer full co-operation and (3) undertake remedial measures in a timely fashion.^[37] In addition, the company must disgorge all profits related to the misconduct.^[38] If a company complies with these requirements, the DOJ will apply a presumption that the matter will be resolved through a declination.^[39] If aggravating circumstances lead the DOJ to determine that declination is not appropriate, the DOJ will nonetheless recommend a 50 per cent reduction off the low end of the US Sentencing Guidelines’ fine range for the offence and will generally not require appointment of a monitor.^[40] As of September 2022, the DOJ has issued 15 declination letters under the FCPA Corporate Enforcement Policy.^[41]

16.2.2.3 The antitrust leniency programme

The DOJ Antitrust Division has a corporate leniency programme granting leniency to the first company that (1) self-discloses conduct related to unlawful anti-competitive conspiracies and (2) co-operates with the DOJ’s ensuing investigation.^[42] A company that has been granted leniency is only liable for the actual damages in related follow-on litigation, rather than treble damages.^[43] Additionally, a company given leniency is not liable for the damages caused by other members of the conspiracy, which a conspirator typically would be responsible for under a theory of joint-and-several liability in antitrust conspiracy cases.^[44]

The Antitrust Division expects companies that receive leniency to provide ‘truthful, continuing, and complete cooperation’, which includes ‘conducting a timely and thorough internal investigation, providing detailed proffers of the reported conduct, producing documents no matter where they are located, and making cooperative witnesses available for interviews’.^[45] In 2022 the Antitrust Division revised its programme to require promptness in self-reporting of wrongful conduct and undertaking remedial measures.^[46]

While only the first company to self-report and co-operate can receive leniency, subsequent co-operators may still be rewarded for their efforts. The Antitrust Division recently clarified that the extent of any fine reduction does not merely reflect the timing of co-operation, but will also reflect the ‘nature, extent, and value of that cooperation to the investigation’.^[47] Nevertheless, the Division maintains that ‘the earlier the cooperation is provided, the more valuable it usually is in assisting the [D]ivision’s efforts’.^[48] If a company’s co-operation is insufficient, the Division ‘will not hesitate’ to withhold a fine reduction and may even increase the fine.^[49]

Traditionally, the Antitrust Division did not use DPAs to resolve criminal antitrust matters since, under the leniency programme, companies that were the first to self-report and co-operate could be fully insulated from prosecution.^[50] However, in 2019, it announced that DPAs could be an option for companies that did not obtain leniency but had an effective compliance programme.^[51] Despite this development, the Antitrust Division continues to expect that companies will seek leniency as the benefits under the leniency programme are more generous than those associated with a DPA.^[52]

16.2.2.4 The False Claims Act

In May 2019, for the first time, the DOJ issued guidelines for awarding entities with co-operation credit in False Claims Act (FCA) cases.^[53] The FCA, frequently used in healthcare litigation, imposes civil liability on entities that defraud government programmes.^[54] While the new federal guidance does not present any radically new considerations, it does provide helpful standards and brings FCA cases in line with existing DOJ practices in other types of investigations.^[55]

The federal guidance contemplates three main factors that the DOJ will consider in determining eligibility for and the extent of co-operation credit in FCA matters. First, the DOJ weighs whether eligibility should be available for voluntary self-disclosure by entities that discover conduct that violates the FCA.^[56] Notably, co-operation credit is not limited to entities that self-disclose before an investigation commences. Rather, if ‘[d]uring the course of an internal investigation into the government’s concerns . . . entities . . . discover additional misconduct going beyond the scope of the known concerns, . . . the voluntary self-disclosure of such additional misconduct will qualify the entity for credit’.^[57] Second, the DOJ considers whether the entity has provided assistance to an ongoing government investigation, including, but not limited to, identifying employees or individuals responsible for the misconduct, accepting responsibility for the misconduct, making employees available for depositions and interviews, and preserving and collecting relevant information and data in excess of what is required by law.^[58] Finally, the DOJ considers the extent to which entities have undertaken remedial measures in response to an FCA violation.^[59]

In January 2020, the DOJ announced a new reform to the policy. To complement the existing incentives to voluntarily disclose and co-operate, the Department will now also consider the ‘nature and effectiveness of a company’s compliance system’ in determining whether prosecution under the FCA is the appropriate remedy.^[60] This reform in part reflects that a key element of the FCA is the scienter requirement ‘and a robust compliance program executed in good faith could demonstrate the lack of scienter’.^[61] The DOJ also emphasised that ‘good corporate citizens that effectively police themselves should not be subjected to unnecessary enforcement costs’.^[62]

To this end, the DOJ has continued to draw attention to steps companies can take to establish effective compliance systems. For example, in September 2022, it highlighted how compensation systems can be used to incentivise compliance, including through rewarding employees who promote an ethical corporate culture and clawing back compensation from employees who engage in misconduct.^[63]

16.2.2.5 Export control and sanctions enforcement policy

In December 2019, the National Security Division (NSD) of the DOJ announced a revised self-disclosure programme to address potential criminal violations of expert control and sanctions laws.^[64] The policy was modelled on the FCPA Corporate Enforcement Policy and closely tracks the Justice Manual guidance on voluntary self-disclosures.^[65]

The revised policy^[66] provides increased clarity and certainty regarding the benefits of making a voluntary self-disclosure. It provides that ‘there is a presumption that the company will receive a non-prosecution agreement and will not pay a fine, absent aggravating factors’ when it (1) voluntarily self-discloses violations to NSD, (2) fully co-operates and (3) timely and appropriately remediates. Aggravating factors include, for example, violations involving the exportation of items that are particularly sensitive or to higher-risk end users, repeated violations, involvement of senior management in the violations and deriving significant profit from the violations. However, if a company voluntarily self-disclosed, fully co-operated, and timely and appropriately remediated, even with the existence of aggravating factors, the policy recommends a 50 per cent reduction in fine and no appointment of a compliance monitor.

In 2021, the DOJ entered into its first resolution under this voluntary self-disclosure programme with SAP SE.^[67] Owing to SAP’s voluntary disclosure, extensive co-operation and strong remediation, the DOJ entered into a non-prosecution agreement (NPA) with SAP to settle violations of export control and sanctions laws involving the unauthorised export of software and services to Iran.^[68] SAP SE also agreed to pay US$8 million in penalties.^[69]

16.2.3 Approaches to co-operation by other federal agencies

Other US enforcement agencies take similar approaches to rewarding company co-operation. Two examples of such agency processes – the US Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) – are described below.

The SEC’s approach to co-operation was first described in a report of investigation and statement regarding the public company Seaboard.^[70] This report, which became known as the ‘Seaboard Report’, concluded that charges against Seaboard were not warranted based on the consideration of four broad factors: (1) self-policing by the company prior to the discovery of the misconduct; (2) self-reporting the misconduct to the SEC, including investigating the misconduct; (3) remediation of the misconduct; and (4) co-operation with the SEC.^[71] The benefits of co-operating with the SEC could range from the SEC ‘declining an enforcement action, to narrowing charges, limiting sanctions, or including mitigating or similar language in charging documents’.^[72] Entry into a deferred or non-prosecution agreement may also be an option depending on the level of co-operation from the company.^[73] For instance, in each FCPA case where the SEC entered into a deferred or non-prosecution agreement, the company self-reported the violations and provided significant co-operation throughout the investigation.^[74] Similar to the DOJ’s current approach, which SEC Chair Gary Gensler has stated is ‘broadly consistent’ with his view of how to handle corporate offenders, the SEC expects a co-operating company to provide ‘the Commission staff with all information relevant to the underlying violations and the company’s remedial efforts’.^[75]

The CFTC, which regulates US derivatives markets, also offers co-operation credit. While the CFTC has had a long-standing policy of offering co-operation credit, in 2017 it issued advisories that further incentivised ‘individuals and companies to cooperate fully and truthfully in CFTC investigations and enforcement actions’.^[76] Similar to the approaches adopted by the DOJ and SEC, the CFTC will, in its discretion, consider the following broad factors in determining whether to grant co-operation credit: (1) ‘the value of the co-operation’ to the instant investigation and enforcement action; (2) ‘the value of the co-operation to the [CFTC’s] broader law enforcement interests’; (3) ‘the culpability of the company or individual and other relevant factors’; and (4) ‘uncooperative conduct that offsets or limits credit that the company or individual would otherwise receive’.^[77] The CFTC’s advisories emphasise that co-operation credit will be given to co-operation that is ‘sincere’, ‘robust’ and ‘indicative of a willingness to accept responsibility for the misconduct’.^[78] The benefits of co-operating with the CFTC range from the agency taking no enforcement action to imposing reduced charges against the co-operating company.^[79] Furthermore, in March 2019 and October 2020, the CFTC announced new guidance on self-reporting and co-operation to build on the existing foundation of co-operation to further incentivise ‘individuals and companies to self-report misconduct, cooperate fully in CFTC investigations and enforcement actions, and appropriately remediate to ensure the wrongdoing does not happen again’.^[80]

The CFTC guidance lists dozens of specific and concrete factors that the agency will consider when assessing whether to grant co-operation credit.^[81] Company counsel may find it beneficial to refer to these factors when determining the company’s course of action at various points in time, such as when learning about misconduct, investigating misconduct, self-disclosing misconduct to government authorities and co-operating with government authorities. For example, the advisory concerning co-operation by companies includes a section concerning the ‘quality’ of the company’s co-operation, which the advisory states should be assessed by looking at whether the company ‘willingly used all available means to . . . preserve relevant information’, ‘make employee testimony’ or company documents ‘available in a timely manner’, ‘explain transactions and interpret key information’ and ‘respond quickly to requests and subpoenas for information’ from the CFTC, among other things.^[82] Indeed, these considerations are relevant to any situation where a company is considering co-operating with authorities, regardless of the type of misconduct or whether the misconduct falls under the jurisdiction of the CFTC.

16.2.4 Case studies: Walmart and Goldman Sachs

Choosing to co-operate with the government is not a one-size-fits-all decision, and companies sometimes choose to (or may be able to) co-operate with some aspects of a government investigation, but not others. Two examples of settlements of criminal charges brought by the DOJ for FCPA violations, involving Walmart Inc and the Goldman Sachs Group Inc, are described below.

In June 2019, Walmart and a Brazilian Walmart subsidiary agreed to pay US$137 million to settle criminal charges brought by the DOJ in connection with FCPA violations. These allegations arose out of conduct that occurred from 2000 to 2011, in which Walmart employees failed to implement and maintain the company’s internal accounting controls to prevent improper payments to foreign government officials. Crucially, certain senior executives at the company were aware of this lapse in controls, yet these practices persisted.^[83]

Walmart’s co-operation with the government led to a reduction in the overall fine that was levied against the company. Walmart fully co-operated with the investigations into conduct in Brazil, China and India; however, it did not provide full documents and information in connection with the Mexican investigation and chose to interview a key witness before making the witness available for a DOJ interview, contrary to the DOJ’s request. Furthermore, Walmart did not self-disclose the misconduct that occurred in Mexico, though it did disclose the conduct in the other countries after the government began investigating the Mexican conduct. Because Walmart fully co-operated with the investigations in Brazil, China and India, it received a 25 per cent reduction in the fines applicable to those jurisdictions under the US Sentencing Guidelines, while it only received a 20 per cent reduction in the fines applicable to the Mexican misconduct.^[84]

In October 2020, Goldman Sachs and its Malaysian subsidiary agreed to pay US$2.9 billion to resolve criminal charges brought by the DOJ in connection with certain FCPA violations.^[85] These charges arose out of a five-year scheme, from 2009 to 2014, to pay more than US$1.6 billion in bribes to officials in Malaysia and Abu Dhabi to obtain business for Goldman Sachs from 1MDB, a Malaysian state-owned and state-controlled fund created to pursue investment and development projects for the economic benefit of Malaysia and its people. Through this bribery scheme, Goldman Sachs secured lucrative business opportunities, which included, among other things, its role as underwriter on bond deals with a total value of US$6.5 billion. In resolving the charges, Goldman Sachs admitted to conspiring to violate the FCPA in connection with the scheme and, among other admissions, admitted that there were significant red flags raised during the due diligence process that allowed certain employees to advance the bribery scheme and to divert and misappropriate funds from the bond offerings underwritten by Goldman Sachs. The bank’s Malaysian subsidiary pleaded guilty to ‘knowingly and willfully’ conspiring to violate the FCPA, while Goldman Sachs entered into a DPA with the DOJ.^[86]

Goldman Sachs received partial credit for its co-operation with the government, which resulted in a 10 per cent reduction in the overall fine.^[87] It did not receive full credit because it allegedly failed to voluntarily disclose the misconduct and significantly delayed producing relevant evidence, such as recorded telephone calls between Goldman Sachs’ business and control function personnel about the bribery scheme. The DOJ also credited Goldman Sachs with US$1.6 billion in payments in separate parallel resolutions in the United Kingdom, Singapore and Malaysia.^[88]

16.3 Key benefits and drawbacks to co-operation

Deciding whether to co-operate with a government investigation requires careful consideration of the associated benefits and drawbacks. On the one hand, co-operation affords the opportunity of substantially reduced or even no criminal charges and penalties; on the other hand, co-operation brings with it significant risks and costs.

16.3.1 Reduced or no charges and penalties

By and large, companies and individuals choose to co-operate with the government to receive some leniency in the form of reduced (or even no) penalties or charges. Unsurprisingly, research has shown that companies that choose to co-operate with the government tend to achieve better outcomes and typically end up paying lower fines than those that do not.^[89] For example, in 2021, British engineering company Amec Foster Wheeler Energy Limited paid US$18.4 million in criminal fines to the DOJ, UK and Brazilian authorities, reflecting a 25 per cent reduction off the applicable US Sentencing Guidelines fine for the company’s full co-operation and remediation.^[90] On the other hand, in 2015, Alstom SA was required to pay a criminal fine of US$772 million, the largest-ever recorded fine for an FCPA violation at that time, in part because of ‘Alstom’s failure to voluntarily disclose the misconduct . . . [and] Alstom’s refusal to fully cooperate with the department’s investigation for several years’.^[91] More recently, in 2020, Beam Suntory Inc (Beam) was required to pay a criminal fine of US$19 million – a 10 per cent reduction off the applicable US Sentencing Guidelines fine for the company’s partial co-operation and remediation – to resolve DOJ charges of FCPA violations. The DOJ awarded only partial credit for co-operation and remediation and no credit for self-disclosure because of Beam’s ‘failure to fully cooperate’, ‘significant delays caused by Beam in reaching a timely resolution’, ‘its refusal to accept responsibility for several years’ and Beam’s ‘failure to fully remediate, including its failure to discipline certain individuals involved in the conduct’. The DOJ also did not credit any of the US$8 million that the company paid to settle parallel charges with the SEC because Beam ‘did not seek to coordinate a parallel resolution’ with the DOJ.^[92]

The SEC, in 2021, imposed no civil fine in its settlement with Gulfport Energy Corporation regarding failures to disclose executive perks as compensation. The SEC, in its press release, noted Gulf’s ‘significant cooperation’ and timely remediation were key factors in its decision not to impose a penalty.^[93]

In addition to the reduced monetary fines that can result from co-operation, the form of a penalty may also vary depending on whether, and how much, a company co-operates with government authorities. If a company has fully co-operated, and if the facts and circumstances warrant such a resolution, the government may consider offering a declination (whereby the government declines to prosecute the entity for any alleged wrongdoing). If a declination is not an option, the next best scenario is an NPA, which is a contractual agreement between the wrongdoer and the government in which the government agrees not to bring criminal charges in exchange for certain requirements from the company (e.g., a fine, admitting to certain facts, further co-operating with the government or entering into compliance or remediation efforts). Another option in the government’s toolbox is a DPA, which is an agreement with the government where criminal charges are filed with the court but prosecution is postponed for a certain period in exchange for the company undertaking certain conditions (e.g., payment of fines, compliance reforms, further co-operating with the government, annual reporting or certification requirements, or the appointment of a monitor). If the company complies with these conditions, the government will move to dismiss the charges at the end of the term of deferment. For example, in April 2020, the DOJ explained that it had, at least in part, agreed to enter into a DPA with the Industrial Bank of Korea to resolve violations of the Bank Secrecy Act because the bank accepted and acknowledged responsibility for its conduct, had conducted a ‘thorough internal investigation’, provided ‘frequent and regular updates’ and made non-US-based employees available for interviews.^[94] Unlike NPAs, DPAs require court approval, which is usually granted. And if the government believes a stronger penalty is warranted, it could request that a subsidiary of the company, rather than the parent, enter a guilty plea, which can reduce some of the collateral consequences facing the parent company had it been required to plead guilty.^[95] The resolution of the Goldman Sachs FCPA charges, in which the bank’s Malaysian’s subsidiary pleaded guilty to an FCPA charge, is one example. Finally, the government could request that the parent company enter a guilty plea if it is culpable – an even more severe penalty.

In 2021, the DOJ announced a new emphasis on ensuring that companies signing a guilty plea, NPA or DPA comply with the terms of those agreements.^[96] Often, these agreements require settling companies to remediate the misconduct, implement strong compliance programmes, and report future misconduct that occurs or is discovered during the term of the agreement. The DOJ stated that it will be ‘firm’ with settling companies that do not uphold their obligations set forth in the guilty plea, NPA or DPA. Violations of such agreements ‘may be worse than the original punishment’. As such, according to the DOJ, a settlement ‘is not the end of an obligation for a company’, but rather is just the start.

For example, Deutsche Bank announced that it had agreed to extend an existing monitorship in March 2022 after the DOJ determined that the bank violated the terms of its 2021 DPA through ‘untimely reporting . . . of certain allegations relating to environmental, social and governance (ESG)-related information’ at a subsidiary.^[97] Likewise, Ericsson disclosed in March 2022 that the DOJ determined it violated the terms of its 2019 DPA by failing to sufficiently disclose details of a pre-settlement investigation or related disclosures post-DPA.^[98]

16.3.2 Suspension and debarment

One consideration in deciding whether a company will plead guilty or otherwise admit wrongdoing is whether the company also faces collateral consequences from doing so.^[99] For instance, companies in the healthcare, defence and construction fields are particularly vulnerable because any admissions of wrongdoing could have the collateral consequence of excluding them from eligibility for the government contracts on which their business heavily relies. Furthermore, any admission of wrongdoing could trigger a host of civil litigation from shareholders or other claimants. Similarly in the Employee Retirement Income Security Act (ERISA) sphere, entities that have registered as a qualified professional asset manager, allowing them to work with pension funds and make investments for ERISA clients, may have their status revoked by the Department of Labor if key individuals or the company has been convicted of a crime. Likewise, for companies regulated by the SEC, enforcement actions can result in suspension, debarment, or both, from the securities markets. Furthermore, even if an issuer is not disqualified altogether, violations of certain provisions of federal securities laws may give rise to automatic disqualification from exercising certain privileges. For example, a company that violated certain federal securities laws risks no longer being able to be considered a well-known seasoned issuer, engage in certain private securities offerings and serve in certain capacities for an investment company.^[100] Being disqualified from these privileges can have a significant impact on an issuer’s ability to quickly file registration statements with the SEC and the issuer’s ability to appropriately time the market when offering securities for sale.^[101]

The SEC generally may, in its discretion, grant waivers from these disqualifications. However, the SEC and the DOJ’s settlement processes are separate from the process for requesting waivers from disqualification.^[102] As such, a settling entity cannot request that the SEC consider an offer of settlement that simultaneously addresses both the underlying enforcement action and any related collateral disqualifications.^[103] The SEC considers these requests separately. The segregated process of reviewing offers of settlement and requests for waivers results in longer delay and uncertainty for issuers.

16.3.3 Financial cost

While co-operation between company counsel and the DOJ can save scarce government resources, it often represents a significant cost for the company itself. A company may generally be better placed to run an investigation because conceivably it may know where information is housed and whom to talk to, and can more readily determine the relevant facts and documents at issue. Still, running a high-quality, diligent and thorough internal investigation, despite the relative ease of doing so compared with an external investigation, is expensive. Document review of company emails, hiring external counsel, travel to and from interviews and preparing presentations to the government, all add up to significant expense. Moreover, if individual employees are implicated in the wrongdoing, they may also choose to hire their own counsel who will also perform an investigation, albeit in a more limited fashion, for which the company may bear financial responsibility. Finally, companies that are found to have committed misconduct may also need to reimburse the victims of their misconduct for certain expenses or pay restitution, which could be considerable and affect other aspects of an investigation or settlement. For example, in 2016, asset management firm Och-Ziff (now named Sculptor Capital Management) agreed to a US$412 million criminal settlement with the DOJ and SEC for violations of the FCPA.^[104] In September 2019, however, a federal judge ruled that certain former investors in a Congolese mine should be classified as victims of Och-Ziff’s misconduct, raising the question of whether those investors would be entitled to restitution from the firm.^[105] While the investors initially claimed that they were entitled to US$1.8 billion,^[106] they ultimately entered into a settlement agreement in September 2020 that entitled them to US$136 million in restitution.^[107]

In years past, companies attempted to recoup the costs of their own internal investigations of misconduct by seeking restitution under the Mandatory Victims Restitution Act (MVRA), which requires that certain convicted felons ‘reimburse the victim for lost income and necessary child care, transportation, and other expenses incurred during participation in the investigation or prosecution of the offense or attendance at proceedings related to the offense’.^[108] In May 2018, however, the United States Supreme Court held that the MVRA’s provision for reimbursement of investigation expenses applied only to government investigations and not to private investigations undertaken by a victim.^[109] The Court explained that the MVRA does not ‘cover the costs of a private investigation that the victim chooses on its own to conduct, which are not “incurred during” participation in a government’s investigation’.^[110] Even if ‘the victim shared the results of its private investigation with the Government’, that does not mean that the private investigation was ‘necessary’ under the MVRA.^[111]

16.3.4 Disruption to business

Any business executive or in-house counsel will know keenly that an investi­gation, regardless of whether the company chooses to co-operate with government authorities, will result in some amount of disruption to key business activities. While declining to co-operate with an investigation should not in and of itself indicate an organisation’s culpability, it could have negative public relations consequences as investors and other third-party stakeholders may view this as indicative of guilt or the potential magnitude of the financial penalty. The Justice Manual does make clear, however, that ‘the decision not to co-operate by a corporation . . . is not itself evidence of misconduct at least where the lack of co-operation does not involve criminal misconduct or demonstrate consciousness of guilt’.^[112]

Whether or not a company chooses to co-operate with the government in an investigation, any investigation will cause disruption to the company’s daily operations, and may even affect share prices. For example, an investigation can take up executives’ time and attention; in-house counsel must coordinate extensively with external counsel; any key witnesses have to set aside time to be prepped and interviewed. In addition, financial resources may need to be diverted to help cover the costs of complying with or conducting an internal investigation.

Furthermore, investigations often bring about significant uncertainty for a business, depending on the seriousness and scale of the investigation. Investors may lose confidence in the company’s financial prospects, especially because it may be necessary to divulge details related to the investigation to lenders and other third-party finance partners even before the investigation has been concluded (including details that have not been disclosed publicly). In the event that a company is facing the prospect of paying a substantial financial penalty in an investigation, lenders may choose to withdraw funding or revaluate the terms of any outstanding loans, causing the company’s share price to drop accordingly.^[113]

Monitorships can also disrupt standard business operations. Monitors are appointed at the expense of the company, and such fees can run into the millions of dollars. Monitors also need access to company documents, information and employees (for interviews) to be able to make informed assessments of the company’s compliance programme.

16.3.5 Exposure to civil litigation

Companies that co-operate with the government are often at risk of follow-on civil litigation based on any admissions or acceptance of lesser charges in connection with an investigation. Many investigations result in companies making certain admissions to the government, which potential plaintiffs can use to base any civil ligation on, either through class or derivative actions. These civil actions can also have significant financial ramifications. For example, civil penalties in the antitrust sphere can result in treble damages.^[114] Because of the associated risks of derivative civil actions, companies may ultimately decide that the cost of co-operation is simply too high, and instead decline to co-operate, deny liability and risk defending the company’s innocence at trial.

A government investigation or admission of guilt may only be the first stage of a company’s legal issues. For example, in 2014, following an investigation, the SEC charged Avon Products with having violated the FCPA for failing to put in place comprehensive controls for detecting instances of bribery in China. Avon settled the civil and criminal cases by agreeing to a fine of US$135 million. This resulted in shareholders filing several securities class action lawsuits against the company, claiming that Avon’s management failed to put in place adequate controls to prevent FCPA violations, causing the company to lose millions of dollars of shareholder money through the cost of the related investigations and government fines. Ultimately, the case was dismissed because the court declined to find that the FCPA created a private right of action; however, defending the follow-on civil litigation had cost yet more resources and time.^[115]

VEON (formerly known as VimpelCom) faced similar ramifications following a government investigation in 2017. VEON’s share price dropped after it disclosed that it was under investigation by US and Dutch government authorities for potential FCPA violations and was conducting its own internal investi­gation. Ultimately, VEON entered into a DPA with the US government and paid roughly US$460 million in penalties.^[116] Additionally, the company had spent nearly US$900 million in related investigation and litigation costs. VEON shareholders brought a securities fraud action against the company, claiming that it had failed to disclose that the company’s gains were the result of bribes paid to foreign governments in violation of the FCPA. The plaintiffs relied on certain admissions that VEON had made in connection with its DPA, which the court ultimately decided were actionable.^[117]

16.3.6 Excessive co-operation between counsel and the government

At what point is co-operation and coordination between the DOJ and company counsel too much? Sometimes a company’s internal investigation becomes so entangled with a government investigation and government and company counsel are so coordinated, that it appears as if the government has ‘outsourced’ its investigatory authority. This can cause problems later down the line. For example, a company’s investigation records could become subject to discovery in a criminal case against one of its employees, even if those records would otherwise be considered privileged. Additionally, a court could decide to exclude certain evidence or testimony in the criminal case for running afoul of certain constitutional provisions, even if that testimony was elicited by company counsel and not the government.

Such complications from perceived ‘outsourcing’ of criminal investigations to the private sector have resulted in judicial oversight of internal investigations, which would otherwise be rare. In United States v. Connolly, for example, Gavin Campbell Black, a former Deutsche Bank trader who was charged with unlawfully manipulating LIBOR interest rates, moved to suppress statements he had made in connection with Deutsche Bank’s internal investigation of his trading activity and that of other traders.^[118] Black argued that, because the DOJ had effectively ‘outsourced’ its own investigation function to Deutsche Bank’s company counsel, his statements had actually been compelled by the US government in violation of his right against self-incrimination. The underlying investigation – which included interviews with Black and other traders – involved allegations that several banks, including Deutsche Bank, unlawfully manipulated the setting of LIBOR interest rates, and Deutsche Bank eventually entered into a DPA with the DOJ. Because Black’s statements were not used at his criminal trial, before the grand jury or during its investigation, Judge McMahon found that Black’s right against self-incrimination was not actually violated. She did, however, conclude that Deutsche Bank’s company counsel had essentially become an arm of the DOJ, writing that:

[R]ather than conduct its own investigation, the Government outsourced the important developmental stage of its investigation to Deutsche Bank – the original target of that investigation . . . Deutsche Bank . . . effectively deposed their employees by company counsel and then turned over the resulting questions and answers to the investigating agencies.^[119]

Judge McMahon’s findings underscore the need for the DOJ and company counsel to maintain their independence during an internal investigation, lest the company become a de facto part of the prosecution team. Given widespread sensitivity to the issue, it is unlikely that the line between an independent but appropriately coordinated investigation, and an excessively outsourced investigation, will actually be crossed, but defendants may well continue to raise outsourcing arguments when they see an opening to demand additional discovery from the DOJ as well as the company. To steer clear of this risk, company counsel are advised to carefully evaluate (and re-evaluate) their relationship to the government and ensure that they are keenly aware of how their fiduciary duties may differ from and conflict with those of the government.

16.3.7 Other options besides co-operation

Co-operation is not the only option for companies or individuals when facing a government investigation. While companies that co-operate are generally guaranteed some degree of leniency, there are situations in which co-operation many not effectively prevent prosecution or reduce a financial penalty, which the Justice Manual guidelines themselves acknowledge:

The government may charge even the most cooperative corporation . . . if . . . the prosecutor determines that a charge is required in the interests of justice. Put differently, even the most sincere and thorough effort to cooperate cannot necessarily absolve a corporation that has . . . engaged in an egregious, orchestrated, and widespread fraud.^[120]

Therefore, there are situations when it is actually pointless to pursue co-operation and other methods must be employed.

First, the company can request a meeting with authorities to explain why the allegations do not amount to an actual violation of law or the particular agency does not have jurisdiction. Second, the defendant could challenge the jurisdiction of the court or regulator’s jurisdiction to investigate the matter. Third, companies always have the option to fight the charges on the merits based on insufficiency of evidence in a court of law. This method was employed to dramatic effect by FedEx, when it refused to settle charges that it had conspired to ship illegal prescription drugs to online pharmacies.^[121] Just four days into the trial, the DOJ voluntarily dismissed the charges, because it had insufficient evidence to proceed.^[122] Meanwhile, United Parcel Service, Google, Walgreens Company and CVS Caremark Corporation had to pay hefty fines after settling with the government.^[123]

16.4 Special challenges with multi-agency and cross-border investigations

16.4.1 Multi-agency coordination

Multi-agency coordination is a crucial element of successfully resolving any large, corporate investigation in which multiple US agencies are involved. In 2012, the DOJ issued guidance, which solidified long-standing agency practice, to ensure that ‘Department prosecutors and civil attorneys coordinate together and with agency attorneys in a manner that adequately takes into account the government’s criminal, civil, regulatory and administrative remedies’.^[124] The policy statement emphasises ‘that criminal prosecutors and civil trial counsel should timely communicate, coordinate, and cooperate with one another and agency attorneys to the fullest extent appropriate to the case and permissible by law’ by ensuring that ‘criminal, civil, and agency attorneys coordinate in a timely fashion, discuss common issues that may impact each matter, and proceed in a manner that allows information to be shared to the fullest extent appropriate to the case and permissible by law’.^[125] Furthermore, the Justice Manual has policies obliging departmental attorneys to consider the possibility of any parallel proceeding ‘[f]rom the moment of case intake’ and discuss remedies and communication with other interested investigatory agents and to ‘consider investigative strategies that maximize the government’s ability to share information among’ various agencies.^[126] Additionally, the Justice Manual directs prosecutors to assess ‘[a]t every point between case intake and final resolution . . . the potential impact of [agency] actions on criminal, civil, regulatory, and administrative proceedings’.^[127]

In practice, each agency has its own processes and time frames for investigating alleged misconduct and approving settlements. The same is true for state government enforcement actions, which may follow on from a federal investigation. As a result, on occasion, it can be difficult for agencies to effectively communicate and coordinate on a particular investigation such that multi-agency resolutions are reached simultaneously. In this regard, a company that co-operates with all of the relevant government agencies could play a role in encouraging agencies to coordinate by ensuring they are aware of each agency’s progress in the investigation and settlement discussions, and encouraging agencies to communicate, when appropriate.

16.4.2 Cross-border coordination

Coordination between international law enforcement agencies has only grown in recent years. In 2018, the DOJ announced that FCPA cases typically involve between four and five different international agencies, particularly because many of the largest DOJ bribery cases target foreign companies in coordination with foreign authorities.^[128]

Cross-border investigations may present special challenges and opportunities in comparison to single-jurisdiction investigations. A recent trend apparent in large, corporate investigations is the increased level of coordination and co-operation between various law enforcement agencies. This coordination may come in the form of official, administrative channels such as mutual legal assistance treaties (MLATs), memoranda of understanding, or specific agreements between countries in relation to particular subjects.^[129]

The MLAT process has undergone significant reform in recent years, in response to the oft-criticised laborious nature of preparing the requests and having them fulfilled. In December 2017, Jeff Sessions, then US Attorney General, called on the international law enforcement community to ‘expedite mutual legal assistance requests’, stating: ‘If [requests for information are] not properly shared between nations, then, in many cases, justice cannot be done. It is essential that we continue to improve that kind of sharing.’^[130] In accordance with this commitment to improve information sharing between the DOJ and other international law enforcement agencies, the DOJ has (1) allocated increased resources to the office responsible for handing MLAT requests and (2) established a cyber unit to process requests for electronic evidence.^[131] Aligning with the DOJ’s efforts, Congress passed the Anti-Money Laundering Act of 2020 (AML Act),^[132] which, among other things, authorises the DOJ and the US Department of the Treasury to obtain foreign bank records during criminal investigations and in civil forfeiture actions.^[133] Specifically, under the AML Act, regulators can issue subpoenas to any foreign bank that maintains a correspondent account in the United States to request records maintained abroad.^[134] This provides regulators with an alternative to the MLAT process to obtain foreign records, but it remains to be seen how regulators will use this power in practice.

In addition to these formal channels, however, international law enforcement agencies may also informally choose to share investigative strategies, information and access to information and witnesses within their respective jurisdictions. One notable innovation has been the use of text messaging between various prosecutorial agencies to compare evidence and coordinate simultaneous raids.^[135] For example, in 2016, Brazilian and French prosecutors used WhatsApp to communicate in advance of the raids at the 2016 Rio Olympic Games.^[136] Informal coordination presents obvious upsides to the US government. Instead of relying on slow and burdensome official processes for co-operation, informal co-operation allows US authorities to gain the benefits of shared knowledge in an expedient manner, more akin to the fast-paced nature of the wrongdoer’s misconduct in large, complex cross-border investigations.

For companies, this increased co-operation changes the calculus of whether and how to co-operate with authorities, precisely because information that is shared in one jurisdiction may easily and quickly become known in another jurisdiction, potentially with different criteria for liability.

16.4.3 DOJ’s policy against ‘piling on’

Piling on can negatively affect the morale of companies, investors and customers and can often mean that companies seldom have a sense of finality when it comes to investigations brought by an alphabet soup of different law enforcement agencies or regulatory agencies.

Given the number of different government agencies, both foreign and domestic, that could have an interest in any given investigation, in May 2018, Deputy Attorney General Rod Rosenstein announced the DOJ’s new policy against ‘­piling on’, which favours a less aggressive approach to cumulative prosecution. In describing this new policy, Rosenstein stated that the DOJ should ‘discourage disproportionate enforcement of laws by multiple authorities’, likening it to the football practice of multiple players ‘piling on’ after a player has already been tackled.^[137] He added: ‘Our new policy discourages “piling on” by instructing Department [of Justice] components to appropriately coordinate with one another and with other enforcement agencies in imposing multiple penalties on a company in relation to investigations of the same misconduct’, noting that often large, regulated companies are accountable to ‘multiple regulatory bodies’, which creates the risk of duplicative and onerous punishments beyond ‘what is necessary to rectify the harm and deter future violations’.^[138]

Under this new policy, the DOJ now considers ‘the totality of fines, penalties, and/or forfeiture imposed by’ all enforcement agencies to avoid excessive punishment.^[139] Moreover, Rosenstein emphasised that the new policy reinforces the following core policies: ensuring that the federal government (1) does not use its enforcement power for impermissible purposes (i.e., leveraging the threat of criminal prosecution to induce a company to settle a civil case), (2) encourages intra-governmental coordination to ensure an ‘overall equitable result’, (3) encourages DOJ officials to coordinate with other DOJ officials, and (4) specifies concrete factors that the DOJ will evaluate in the event that a case does warrant multiple penalties.^[140]

In the enforcement of the FCPA, in particular, it has been long-standing practice for the DOJ and SEC to coordinate their investigations and ensuing resolutions; however, the formalisation of the anti-piling on policy indicates that this practice will become more commonplace in other legal arenas.

Indeed, since former Deputy Attorney General Rod Rosenstein’s announcement of the anti-piling on policy in May 2018, there have been several corporate settlements involving federal and state prosecutors and regulators that reflect this policy. For example, in April 2019, Standard Chartered Bank reached a settlement with the DOJ, the Department of the Treasury’s Office of Foreign Assets Control (OFAC), the Federal Reserve Board of Governors, New York State prosecutors and regulators and the UK’s Financial Conduct Authority, regarding sanctions violations.^[141] Standard Chartered agreed to pay more than US$1 billion in penalties, fines and forfeiture to these different authorities.^[142] The DOJ agreed to ‘credit a portion’ of the related payments to other authorities, and after crediting received US$52 million in fines and US$240 million in forfeiture. OFAC assessed a separate civil penalty of US$639 million, which was deemed satisfied by the payments to the DOJ and the Federal Reserve Board of Governors.^[143] In another example, in August 2020, the DOJ declined to prosecute consumer loan company World Acceptance Corporation for violations of the FCPA, in part because the corporation had agreed to disgorge to the SEC the full amount of its ill-gotten gains.^[144] World Acceptance agreed to pay US$21.7 million in disgorgement, penalties and prejudgment interest to the SEC to settle the same FCPA violations.^[145]

The DOJ’s anti-piling on policy can also be used as a defence by corporations against perceived duplicative charges by various government agencies. Volkswagen AG, the car manufacturer facing charges by the SEC for failing to disclose its clean diesel emission cheating scheme in a bond offering, successfully narrowed the scope of the SEC’s civil suit by arguing that the SEC cannot ‘pile on’ more charges after the company had already pleaded guilty to three felonies and paid US$25 billion in fines, penalties and settlements to US and state authorities, as well as car owners and dealers, in connection to the alleged misconduct.^[146] Indeed, the judge presiding over the case dismissed several claims against Volkswagen, finding that its settlement with the DOJ had already released Volkswagen from any government-filed civil claims arising out of the same underlying fraud.^[147] In addition, the judge had questioned why the SEC brought its case against Volkswagen two years after the company resolved the matter with the DOJ.^[148] The matter remains pending and likely will not be resolved for several years.

Footnotes