Under the Trump administration, DOJ may be taking a more conciliatory approach to dealing with businesses, favoring compliance programs and self-reporting over punitive settlements. At the annual American Bar Association’s National Institute on White Collar Crime last week, which Nelson Mullins attorneys Nekia Hackworth and Steven Joseph attended, Deputy Attorney General Rod Rosenstein said DOJ would not use “the hammer of criminal enforcement to exact unfair settlements” from businesses. Rosenstein told the audience that such corporate settlements unfairly punish innocent investors and employees. The Deputy AG reiterated a commitment to prosecute individual wrongdoers, but said DOJ would pursue companies only when “appropriate.” “If you want us to treat a corporate entity as a victim, you should act like a victim who wants to see the perpetrators held accountable.” Referring to corporate America as the “first line of defense,” Rosenstein said DOJ wants to reward companies with good compliance programs that cooperate with law enforcement.
Rosenstein’s remarks were consistent with another DOJ announcement that it will extend its policy of declining to charge companies that self-report violations of the Foreign Corrupt Practices Act to companies that self-report other types of crimes. John Cronan, acting head of the DOJ Criminal Division, and Benjamin Singer, chief of the DOJ Securities and Financial Fraud Unit, announced the new nonbinding guidance the prior day at the conference. The first company to benefit is Barclays PLC. DOJ declined to charge Barclays after it self-reported a scheme to manipulate foreign currency options, cooperated with the prosecution of the individual who perpetrated the scheme, and developed a compliance program to prevent similar misconduct in the future. As part of the deal with DOJ, Barclays must pay restitution and disgorge profits.
The same week, the FBI echoed this preference for corporate cooperation at a cyber security conference. Speaking at Boston College, FBI Director Christopher Wray further pledged to treat corporate entities as “victims” of cyber attacks and invited businesses to promptly report data breaches to law enforcement. Wray acknowledged that companies may be reluctant to report a data breach to the FBI out of fear that the FBI would share the information and subject the company to consumer litigation and regulatory action. Wray assured the business community that the FBI would maintain the confidentiality of potentially damaging corporate information in order to encourage self-reporting and cooperation.