The U.S. Department of Justice, through the Assistant Attorney General in charge of its Criminal Division, spoke forcefully on Tuesday regarding “the role of criminal law enforcement in prosecuting conduct that may also be subject to regulatory enforcement.”   Speaking at a conference at New York University, AAG Leslie R. Caldwell discussed the sometimes “critical need” for criminal prosecution even where there are civil and regulatory options, noting that individuals may receive prison sentences and companies may suffer collateral consequences that are “the only just punishment” for the conduct at issue and that serve to deter others.  Recognizing that there are different kinds of breaches, she spoke of calibrating the penalty to the nature of the breach and the entity’s history and culture.   AAG Caldwell also stated that  DOJ’s Criminal Division, unlike other authorities, requires entities to admit their misconduct when resolving a criminal matter by a Non-Prosecution Agreement, a Deferred Prosecution Agreement, or a guilty plea.  She addressed the Criminal Division’s power – and resolve – when it suspects or finds non-compliance with an NPA or a DPA, stating,

“And let me be clear:  the Criminal Division will not hesitate to tear up a DPA or NPA and file criminal charges, where such action is appropriate and proportional to the breach.”

In addition to the strong message that DOJ will ultimately bring a criminal prosecution if it believes an entity has committed a worthy breach of an NPA or a DPA, AAG Caldwell’s remarks serve as a reminder that there are steps that can be taken to avoid such a consequence.  If an entity is under an NPA or DPA, rigorous adherence to its terms are, of course, required.  More importantly to the vast number of entities that are not laboring under such agreements, proactively conducting risk assessments and fine-tuning compliance policies, procedures and training should be done at least annually and whenever changing circumstances make it advisable.