Remarks as Prepared for Delivery
Thank you for that kind introduction. It’s always a pleasant change to get outside the beltway, and I’m particularly pleased to be back in my hometown, where New Yorkers tell it like it is.
It’s a timely moment for this conversation. On Thursday, the Deputy Attorney General announced significant advancements in the Justice Department’s corporate crime policy. Today, I will focus on the ways those policy changes incentivize corporate responsibility and promote individual accountability – by clarifying, rethinking and standardizing policies on voluntary self-disclosure and corporate cooperation.
I’ll also address how Department prosecutors are assessing some of the most challenging corporate compliance issues of the day, such as how incentive compensation systems can promote — rather than inhibit — compliance and how companies should be managing data given the proliferation of personal devices and messaging platforms that can take key communications off-system in the blink of an eye.
Then I’m looking forward to engaging in dialogue with this group of subject matter experts.
I first want to take a moment to discuss our process in crafting these changes. Last October, the Deputy Attorney General commissioned a top-to-bottom review of the Department’s corporate crime enforcement program — to see what was working, what wasn’t and where there were gaps.
As a leader who has advised executives from the Oval Office to the corporate boardroom, she knows first-hand that the most effective policies flow from the best ideas — whether they come from industry, academia, the public interest world or government. So, the Department engaged in an unprecedented effort to garner insight from practitioners and leaders outside of the Justice Department, as well as from within.
Gathering and pressure-testing these varied viewpoints has resulted in an approach to corporate crime enforcement that is more fit for purpose. The process helped us identify important changes to ensure individual accountability — the Department’s top enforcement priority.
And it clarified the need for policy transparency and predictability to provide a clearer picture of how companies benefit from investing in and acting upon good corporate citizenship.
Today, more than ever, companies are competing in an environment that forces corporate leaders to make tough choices about where to direct resources and how to set priorities.
The policy changes announced by Deputy Attorney General Monaco are intended to assist General Counsels, Chief Compliance Officers and outside counsel in making the boardroom business case for investing in compliance and an ethical corporate culture.
II. Incentivizing Corporate Responsibility
Accountability and Responsibility
So let’s dive in. I took the subway here from my home in Prospect Heights, and I’m going to be Brooklyn-blunt. The Department will not hesitate to seek criminal indictments or require guilty pleas where facts and circumstances require, including for serious and recalcitrant corporate criminal offenders.
Nor will the Department hesitate to breach companies that do not honor their obligations under Deferred Prosecution Agreements (DPAs) and Non Prosecution Agreements (NPAs), or the terms of corporate probation following guilty pleas.
Over the past year, the Department has obtained guilty pleas from some of the world’s most powerful companies — NatWest, Allianz Global Investors, Fiat Chrysler Automobiles, Balfour Beatty Communities and a double guilty plea from two Glencore entities, to name just a few.
Criminal charges and guilty pleas are no longer a “special” for certain customers — they’re now on the main, everyday menu.
But let me also be clear: while this Department will disfavor successive probationary agreements for the same company, we are not foreclosing their use.
To the contrary, there remain available pathways to obtain DPAs, NPAs, and even declinations. And we are working to clarify how to access those pathways, and to increase predictability as to the benefits of doing so.
Voluntary Self-Disclosure (VSD)
That brings me to voluntary self-disclosure. If you heard or read the Deputy Attorney General’s speech last week, I trust one thing came through loud and clear: the Department is placing a new and enhanced premium on voluntary self-disclosure.
We want companies to step up and own up when misconduct occurs. When companies do, they should expect to fare better in a clear and predictable way. After all, a complete and timely voluntary self-disclosure is an indicator that a company has a working compliance program and responsible corporate leadership.
To date, a few Justice Department components have implemented effective VSD programs in specialized areas of enforcement: the Antitrust Division’s leniency program, the Criminal Division’s Corporate Enforcement Policy, and the National Security Division’s policy on export control and sanctions, to name the most prominent examples.
Now, the Department is doubling down and scaling up. As the Deputy Attorney General directed, every Justice Department component that prosecutes corporate crime cases, including the U.S. Attorney community, will now have a voluntary self-disclosure policy that defines its terms and identifies its rewards.
Those policies will be clear. They will be public. And they will feature the same core tenets: any company that self-discloses promptly will not be required to enter a guilty plea — absent aggravating factors — and will not be assessed a monitor, if it has remediated, implemented and tested an effective compliance program.
You don’t have to just take my word for it. Let me walk you through a few examples where this has already taken place:
- For many years, the Antitrust Division’s voluntary self-disclosure policy has granted leniency to the first company to self-report, cooperate fully and meet the policy’s requirements. In a prototypical investigation into criminal price-fixing involving the canned tuna market, one company voluntarily self-disclosed, received leniency, was not prosecuted, and paid no fine.
Meanwhile, Bumble Bee Foods pleaded guilty and paid a $25 million fine, while StarKist pleaded guilty and paid the statutory maximum: $100 million.
- Last year, the National Security Division concluded its first resolution under its more recently adopted voluntary self-disclosure program. In that case, SAP voluntarily self-disclosed misconduct, cooperated substantially, and as a result, was required only to disgorge the relevant revenue, but it did not face criminal charges or a fine.
- And under its Corporate Enforcement Policy, the Criminal Division has approved declinations for 15 self-disclosing companies since 2016. Just this past March, the FCPA Unit announced a declination for Jardine Lloyd Thompson Group Holdings in a case that involved over $10 million in bribes and corrupt payments and the prosecution of five individuals.
After detecting and voluntarily disclosing the misconduct, the company fully cooperated, paid disgorgement, and made compliance enhancements to mitigate the risk of recurrence of the misconduct.
Contrast these resolutions with the series of guilty pleas I referenced earlier. The Allianz guilty plea involved criminal penalties of over $2.3 billion; the two Glencore guilty pleas carried collective criminal penalties of over $1 billion; and the FCA plea involved approximately $300 million in criminal fines and forfeiture.
The math is simple: voluntary self-disclosure, cooperation and remediation can save a company hundreds of millions of dollars, and it can make or break a company’s chances to avoid indictment or a guilty plea.
Voluntary self-disclosure is often only possible when a company has a well-functioning compliance program that can serve as an early warning system and detect the misconduct early.
So, investment in a world-class compliance program should be a win-win proposition for every company — helping it deter and prevent criminal conduct in the first place, and positioning it to self-disclose if misconduct occurs nonetheless.
Of course, we understand that sometimes misconduct occurs, even at companies with well-resourced and fully tested compliance programs and strong ethical cultures. As the Principal Associate Deputy Attorney General, I can certainly relate to the difficulties of managing a far-flung multinational organization with staff in every corner of the world and a budget akin to a Fortune 100 company.
So when misconduct happens and the compliance program discovers it, we say: pick up the phone and call us. Do not wait for us to call you. Unless aggravating factors are present, even a company with a significant history of misconduct has a powerful incentive to make a timely self-disclosure: it is likely to make all the difference between a DPA and a guilty plea resolution.
Another way we want to encourage corporate responsibility is by taking care not to deter companies with good compliance programs from acquiring companies with histories of misconduct.
Acquiring companies should be rewarded — rather than penalized — when they engage in careful pre-acquisition diligence and post-acquisition integration to detect and remediate misconduct at the acquired company’s business.
As I’m sure this audience is well aware, the Criminal Division has declined to take enforcement action against companies that have promptly and voluntarily self-disclosed misconduct uncovered in the mergers and acquisitions context and then remediated and cooperated with the Justice Department in prosecuting culpable individuals. We will be looking to apply that same approach Department-wide.
And to further that approach, we will not treat as a recidivist any company with a proven track record of compliance that acquires a company with a history of compliance problems, so long as those problems are promptly and properly addressed in the context of the acquisition.
The DAG also provided important guidance on corporate cooperation. The key point I want to highlight relates to timeliness.
In building cases against culpable individuals, we have heard one consistent message from our line attorneys: delay is the prosecutor’s enemy — it can lead to a lapse of statutes of limitation, dissipation of evidence, and fading of memories.
The Department will expect cooperating companies to produce hot documents or evidence in real time. And your clients can expect that their cooperation will be evaluated with timeliness as a principal factor. Undue or intentional delay in production of documents relating to individual culpability will result in reduction or denial of cooperation credit.
Where misconduct has occurred, everyone involved — from prosecutors to outside counsel to corporate leadership — should be “on the clock,” operating with a true sense of urgency.
III. Clawbacks & Incentive Compensation
Now let me turn to something from the DAG’s speech that received significant attention: clawbacks.
Companies are made up of individual executives and employees who should each feel personally invested in ensuring and promoting compliance. And nothing grabs attention and demands personal investment like having skin in the game, through a direct and tangible financial incentive.
So when Department prosecutors evaluate the strength of a compliance program, a key consideration will be whether a corporation’s compensation system effectively incentivizes good behavior and deters wrongdoing.
- Has the company clawed back incentives paid out to employees and supervisors who engaged in or did not stop wrongdoing?
- Is the company targeting bonuses to employees and supervisors who set the right tone, make compliance a priority, and build an ethical culture?
Linking financial incentives to compliance is not a new idea, but it has yet to even approach its potential. Twenty years ago, the Sarbanes-Oxley Act provided for the clawback of executive compensation for top executives of public companies — but that provision’s force and scope are limited to the context of financial restatements.
And the Dodd-Frank Act included broader clawback provisions for public companies, as to which the SEC remains engaged in rulemaking.
We’ve seen companies claw back pay from executives who were engaged in criminal conduct and from executive leadership in high-profile cases. So we know it can be done — and in the Department’s view it should be done.
What we expect now, in 2022, is that companies will have robust and regularly deployed clawback programs. All too often we see companies scramble to dust off and implement dormant policies once they are in the crosshairs of an investigation.
Companies should take note: compensation clawback policies matter, and those policies should be deployed regularly. A paper policy not acted upon will not move the needle — it is really no better than having no policy at all.
To up the ante, the Deputy Attorney General has instructed the Criminal Division to examine how to provide incentives for companies to claw back compensation, with particular attention to shifting the burden of corporate financial penalties away from shareholders — who frequently play no role in misconduct — onto those who bear responsibility.
But using compensation systems to promote compliance isn’t just about clawbacks. It’s also about rewarding compliance-promoting behavior. For years, companies have designed and fine-tuned sophisticated incentive compensation systems that reward behavior that enhances profits.
We’ll be evaluating whether corporations are making the same types of investments in adopting and calibrating compensation systems that reward employees who promote an ethical corporate culture and mitigate compliance risk.
As a former terrorism prosecutor, I’ll put this in national security terms: our goal is not just to hold people accountable after crime has been committed, but to disrupt and deter the threat before crime takes place.
We expect companies to find innovative, effective, and targeted ways to use compensation to incentivize good corporate behavior and deter misconduct, using their own mix of carrots and sticks.
Next, let’s discuss another issue that triggered robust conversation in the advisory group meetings. We heard loud and clear about the need for greater transparency and sharper guidance when it comes to monitors.
As this crowd well knows, monitors are less effective when they operate as blunt instruments. Last week’s policy revisions are meant to replace the bludgeon with the scalpel. The scope of every monitorship should be carefully tailored to the particular misconduct and compliance program deficiencies identified.
There are, of course, different ways to structure monitorships. To give one example, where a company has instituted new management and embarked on a compliance program overhaul, but the controls are new and untested at the time of the resolution, a monitorship may be appropriate — but should be narrowly drawn.
The Foreign Corrupt Practices Act Unit’s recent resolution with Stericycle is a good example of this situation, and it resulted in a carefully tailored monitorship of two years, with an opportunity for early termination if warranted.
On the other side of the spectrum, where a company has not demonstrated a reliable compliance culture or addressed compliance deficiencies, the Department will not shy away from imposing a broader monitorship to prevent the recurrence of misconduct — here, the Glencore case springs to mind, where the Department and the company agreed to separate monitors for each of the two corporate resolutions with the company.
Regardless of the length and scope of the monitorship, Department prosecutors will stay engaged throughout the lifespan of the monitorship.
As the DAG put it, our prosecutors will monitor the monitors, to keep them on task and on budget. Companies that invest in their compliance programs to get ahead of the curve will be rewarded with shorter monitorships, with the opportunity for early termination.
V. Meeting the Compliance Challenges of Communications Technology
Now let me turn to an area that we recognize is a big challenge for all organizations — employees’ use of personal devices and third-party messaging platforms for work-related communications.
The ubiquity of personal smartphones, tablets, laptops and other devices and the rising use of third-party messaging platforms pose significant corporate compliance risks, particularly as to detecting their use for misconduct and recovering relevant data during a subsequent investigation.
Many companies require all work to be conducted on corporate devices; others permit the use of personal devices but limit their use for business purposes to authorized applications and platforms.
However a company chooses to address the use of personal devices or messaging platforms for business communications, the end result must be the same: companies need to prevent circumvention of compliance protocols through off-system activity, preserve all key data and communications and have the capability to promptly produce that information for government investigations.
Company policies and procedures addressing the use of personal devices and third-party messaging systems for business purposes will be reviewed as part of evaluating the effectiveness of a corporation’s compliance program.
And a company’s ability to produce relevant work-related communications — whether on-system or off — will be an important factor in assessing a corporation’s cooperation during a criminal investigation.
VI. Concluding Points
In conclusion, let me emphasize that we do not view the recent policy announcements as the culmination of our work. Far from it.
We are reviewing and updating policies regarding voluntary self-disclosure and monitor selection, across the entire Department. The Criminal Division is assessing how to shift some of the burden of corporate financial penalties onto individual wrongdoers.
And we are looking at additional ways to improve corporate enforcement, including through analysis of the debarment process.
I can assure you that effective corporate criminal enforcement will remain a top priority for the Department — and the subject of continued and careful attention and analysis.
It has been a privilege to speak with you today, and I look forward to taking questions.