On March 1, 2018, DOJ attorneys, speaking at the ABA’s annual White Collar Crime Conference, indicated that DOJ may consult the FCPA Corporate Enforcement Policy for guidance in other areas of corporate criminal prosecution when assessing whether voluntary self-disclosure may justify declination. John Cronan, acting head of the Criminal Division, and Benjamin Singer, chief of the Securities and Financial Fraud Unit, highlighted DOJ’s decision to forgo prosecution of Barclays PLC as an example of the application of the self-disclosure policy outside the FCPA context, but noted that such application was merely “nonbinding guidance.”

The Barclays case may be an important signal of DOJ’s policy objectives, but it reflects neither formal nor mandatory policy at this time. Therefore, companies must understand that there is significant uncertainty with respect to self-disclosure outside the FCPA context.

FCPA Corporate Enforcement Policy

The FCPA Corporate Enforcement Policy adopted in November 2017 affords a presumption of declination if a company, absent aggravating circumstances, voluntarily self-discloses misconduct, fully cooperates, and timely and appropriately remediates. Companies also are expected to pay all disgorgement, forfeiture and restitution resulting from the misconduct.

Voluntary self-disclosure requires disclosure (i) prior to the imminent threat of disclosure or government investigation, (ii) within a reasonably prompt time after the company becomes aware of misconduct, and (iii) wherein the company reveals all relevant facts known to the company. Full cooperation exists where the company (i) cooperates proactively, (ii) discloses all relevant facts on an ongoing basis, (iii) discloses all relevant documents and information, (iv) undertakes an appropriate internal investigation in coordination with what DOJ intends to do as part of its investigation, and (v) makes available for DOJ interviews officers and employees (and third parties, as appropriate). Finally, timely and appropriate remediation requires (i) a thorough analysis of the causes of the underlying conduct and appropriate remediation, (ii) implementation of an effective compliance and ethics program, (iii) appropriate discipline of employees, (iv) retention of business records, and (v) any further steps that demonstrate recognition of the seriousness of the misconduct.[1]

Beyond the FCPA: Barclays

The Barclays investigation focused on employees’ alleged misuse of confidential information obtained from a client, Hewlett-Packard (HP). The misconduct involved so-called “front running,” whereby employees executed trades ahead of HP that suppressed market volatility and decreased the value of HP’s options to the benefit of Barclays and the detriment of HP.

According to the February 28, 2018, declination letter,[2] DOJ opted to close the investigation without prosecuting the bank “based on” Barclays having (i) timely and voluntarily self-disclosed the issues, (ii) undertaken a “thorough and comprehensive” investigation, (iii) fully cooperated with DOJ “including its provision of all known relevant facts about the individuals involved in or responsible for the misconduct,” (iv) undertaken steps to enhance its compliance program, (v) demonstrated full remediation, including agreeing “to provide full restitution to HP and disgorge any ill-gotten gains,” and (vi) agreed to continue to cooperate “in this or any related matters.” Barclays agreed to implement policies and procedures designed to reduce fraud and market manipulation violations and to take appropriate measures to encourage and support adherence to ethics and compliance policies and procedures by personnel at all levels of its foreign exchange business. Barclays also agreed to pay $12.8 million in combined restitution and disgorgement.

The Barclays declination demonstrates how a company’s actions that are consistent with the self-disclosure policy can obtain a beneficial result. Cronan and Singer contrasted Barclays with another recent case in which a bank that failed to disclose and cooperate up front paid over $100 million in penalties and disgorgement. The Barclays case is also significant in its application of the policy outside the FCPA context, a point that Cronan and Singer suggested may also include areas such as government contract fraud, financial statement fraud and other financial institution misconduct.

The self-disclosure policy, however, is not mandatory outside the FCPA space. Deputy Attorney General Rod Rosenstein has cautioned that there is a key distinction between binding policies expressed in the U.S. Attorneys’ Manual and mere commentary or “guidance” expressed outside the manual. Speaking on March 2, Rosenstein appeared to criticize such unincorporated, informal policy. But he also emphasized the importance of corporate compliance efforts, remarking that DOJ should “reward companies that invest in strong compliance measures” and not “punish innocent employees, shareholders, customers and other stakeholders.”[3]

It is uncertain whether the self-disclosure policy will be applied in other, non-FCPA areas in the future. The practice is not binding on DOJ officials, and instead falls within their prosecutorial discretion.

But given the result in Barclays, and in light of DOJ’s expressed desire to reward companies that have strong compliance programs embedded in their corporate cultures, companies may still benefit from following the voluntary self-disclosure framework in other areas. To that end, companies should consider taking steps such as:

  • Reviewing (or adopting) policies and procedures designed to ensure employees are trained in responding to and internally reporting allegations of misconduct
  • Developing an internal investigation template aimed at prompt, thorough and appropriate responses to discovered misconduct
  • Regularly testing compliance functions to ensure effective detection of misconduct
  • Adopting corporate guidelines that emphasize transparency and disclosure as a cornerstone of corporate culture