Why it matters: Recent remarks by top U.S. enforcement officials underscore the ever-increasing importance the government places on robust corporate compliance programs. Moreover, it appears that the government won’t be reticent to withdraw existing deferred prosecution and non-prosecution agreements and criminally charge repeat offenders.

Detailed discussion: Assistant Attorney General Leslie Caldwell and the SEC Director of Enforcement Andrew Ceresney, speaking at separate conferences last month, both stressed the importance to the government of robust corporate compliance programs by banks, financial institutions and other corporate entities operating internationally. Moreover, Caldwell indicated that the government would not hesitate to revoke existing deferred prosecution and non-prosecution agreements (DPAs and NPAs) and criminally charge repeat offenders.

Speaking before the ACAMS Anti-Money Laundering & Financial Crime Conference on March 16, 2015, Caldwell started her discussion of corporate compliance by saying “[t]he health of the global economy depends on both creating access for a wide range of participants and preventing abuse and corruption. To accomplish these goals, banks and other financial institutions must maintain robust, effective anti-money laundering and other compliance programs that account for international business realities.”

Caldwell went on to say that “robust compliance programs are essential to preventing fraud and corruption. But they also are an important factor for prosecutors in determining whether to bring charges against a business entity that has engaged in some form of criminal conduct.” Caldwell said that prosecutors will look at “the existence and effectiveness of the corporation’s pre-existing compliance program” and the remedial measures, if any, that the corporation took once it learned of the misconduct. Of course, there is no “one-size-fits-all” compliance program, and the most effective ones will be “tailored to the unique needs, risks and structure of each institution.” She then detailed the seven familiar “hallmarks” of an effective compliance program generally, and listed an additional three specific ones that would be essential in anti-money laundering and sanctions compliance programs: Know your customer, comply with U.S. laws, and be candid with regulators.

In a speech before CBI’s Pharmaceutical Compliance Congress on March 3, 2015, SEC Director of Enforcement Andrew Ceresney also emphasized the importance to the pharmaceutical industry of robust FCPA corporate compliance programs. After discussing the types of FCPA violations that can arise in the pharmaceutical industry, Ceresney said “[t]he best way for a company to avoid some of the violations that I have just described is a robust FCPA compliance program. I can’t emphasize enough the importance of such programs.”

Ceresney went on to say that “[t]he best companies have adopted strong FCPA compliance programs that include compliance personnel, extensive policies and procedures, training, vendor reviews, due diligence on third-party agents, expense controls, escalation of red flags, and internal audits to review compliance.” He said that “the hallmarks of an effective compliance program” can be found in the SEC/DOJ Resource Guide on the FCPA, and went on to highlight a few familiar ones.

These speeches by key government enforcement officials emphasize the importance the government places on corporate compliance programs. With respect to enforcement, the strength (“robustness”) or weakness of such programs, as well as a corporation’s adherence to the program, will be assessed when determining corporate liability.

In her speech, Caldwell also discussed DPAs and NPAs as “useful enforcement tools in criminal cases” because the government can “require improved compliance programs, remedial steps or the imposition of a monitor,” among other things. She emphasized that DPAs and NPAs “have teeth” because of “the potential penalties triggered by a breach.”

Caldwell then went on to forcefully state that the government will not hesitate to find a corporation in breach of a DPA or NPA: “Let me be clear: in the Criminal Division, we will hold banks and other entities that enter into DPAs and NPAs to the obligations imposed on them by those agreements. . . . Make no mistake: the Criminal Division will not hesitate to tear up a DPA or NPA and file criminal charges, where such action is appropriate and proportional to the breach.” Moreover, “where a bank that violates a DPA or NPA is a repeat offender with a history of misconduct, or where a violating bank fails to cooperate with an investigation or drags its feet, that bank will face criminal consequences for its breach of the agreement.”

The government has not declared a breach of a corporate DPA or NPA since their use became frequent in the last decade, and Caldwell did not refer to any specific cases in her speech. However, there have been recent indications that the government could be close to undertaking such steps in the near future. On April 1, 2015, in connection with HSBC’s 2013 DPA relating to violations of U.S. sanctions and anti-money laundering laws, the DOJ filed a quarterly status report with the court with respect to the First Annual Follow-Up Review Report submitted by independent monitor Michael G. Cherkasky. U.S. Attorney (and current Attorney General nominee) Loretta E. Lynch, writing for the government, said in the filing that, generally, “the government concurs with the Monitor’s assessment that HSBC Group continued to act in good faith to meet the requirements of the DPA.” However, in connection with HSBC’s development of effective AML and sanctions compliance programs, “the Monitor believes that HSBC Group’s progress has been too slow. The Monitor does not believe this is the result of bad faith or lack of commitment by HSBC Group’s senior leadership, but does believe that HSBC Group can—and must—do more.” The government’s report summed up that “HSBC must continue and enhance its progress in order to maintain compliance with the DPA’s very strict terms. The Department of Justice will continue to closely monitor HSBC’s progress in complying with the DPA’s elevated standards of compliance, and stands ready to pursue all available remedies should HSBC fail to adhere to the DPA’s terms.”

In addition, the government has recently extended corporate DPAs in cases where compliance and/or cooperation is in question. On March 15, 2015, the government extended by one year the three-year DPA it had entered into with Biomet, Inc., in 2012 in connection with FCPA violations in certain of Biomet’s foreign territories. In April 2014, Biomet had disclosed in a prior filing that it had become aware of alleged improprieties in Brazil and Mexico in October 2013, some of which predated the 2012 DPA. In its 8-K filed on March 13, 2015, disclosing the one-year DPA extension, Biomet said that “[t]he DOJ has informed Biomet that it retains its rights under the DPA to bring further action against Biomet relating to the conduct in Brazil and Mexico disclosed in 2014 or the violations set forth in the DPA. The DOJ could, among other things, revoke the DPA or prosecute Biomet and/or the involved employees and executives.”

On December 9, 2014, the DOJ extended by three years the two-year DPA it had entered into with Standard Chartered Bank in 2012 in connection with U.S. sanctions violations. In the Notice on Consent of Amendment to Deferred Prosecution Agreement filed on December 9, the government said that, while the bank had taken a number of steps to enhance its sanctions compliance program, “[n]evertheless, SCB’s U.S. economic sanctions compliance program has not yet reached the standard required by the DPA. Therefore, in order to fully comply with the DPA and the Factual Statement, SCB must make additional substantial improvements to its U.S. economic sanctions compliance program.” Moreover, in light of new information obtained by the government potentially revealing additional historical sanctions violations after the time period specified in the DPA’s Factual Statement (2001 to 2007), “the government has determined that the implementation of an independent compliance monitor and a 36-month extension of the DPA are necessary for SCB to demonstrate fulfillment of its obligations under the DPA and the Factual Statement.”

Finally, the interesting facts of the case involving Marubeni Corporation should be noted: In January 2012, Marubeni Corporation had entered into a DPA with the DOJ for violations of the FCPA arising out of Marubeni’s involvement in a bribery scheme with Nigerian government officials. On February 24, 2014, the DOJ moved to dismiss the pending charges, stating that Marubeni had fully complied with its obligations under the DPA and had paid a penalty in excess of $54 million; this motion was granted by the court on February 26. Then, two weeks later, on March 19, 2014, Marubeni pled guilty to an eight-count criminal information charging it with separate FCPA violations arising from an Indonesian bribery scheme to secure a lucrative power project and agreed to pay an additional criminal penalty of $88 million. While the DOJ said in its March 19 press release that “[t]he company refused to play by the rules, then refused to cooperate with the government’s investigations[, n]ow Marubeni faces the consequences for its crooked business practices in Indonesia,” no mention was made of Marubeni’s 2012 DPA or its apparent successful completion of that DPA. Conversely, the DOJ did not mention a pending investigation of Marubeni for the Indonesian bribery scheme in its February 24 motion to dismiss the DPA relating to the Nigerian FCPA violations. This apparent discrepancy can be explained by the fact that the Indonesia conduct to which Marubeni pled guilty predated the 2012 DPA by several years, so although Marubeni successfully completed the 2012 DPA, the government was not likely to agree to the other one in light of the company’s apparent history of multiple violations.

The message is clear: The government is looking to corporations to be vigilant about establishing, revising and updating their compliance programs to fit the ever-changing regulatory landscape both home and abroad. Moreover, those corporations that enter into DPAs or NPAs with the government must closely adhere to them lest they find themselves back at square one and under criminal prosecution.

See here to read Assistant Attorney General Leslie Caldwell’s Remarks at the ACAMS Anti-Money Laundering & Financial Crime Conference (3/16/15).

See here to read SEC Director of Enforcement Andrew Ceresney’s Remarks at CBI’s Pharmaceutical Compliance Congress (3/3/15).

For more on this matter, refer to the following:

U.S. Department of Justice Quarterly Status Report dated 4/1/15 in connection with United States v. HSBC Bank USA, N.A. and HSBC Holdings plc (Criminal Docket No. 12-763 (JG)).

Form 8-K filed by Biomet, Inc. on 3/13/15.

Notice on Consent of Amendment to Deferred Prosecution Agreement filed 12/9/15 in United States of America v. Standard Chartered Bank(Case No: 12-CR-262 (JEB)).

DOJ Press Release dated 3/19/14 re: Marubeni Corporation Agrees to Plead Guilty to Foreign Bribery Charges and to Pay an $88 Million Fine.