The issue of the proper handling of federal cases involving allegations of unlawful conduct by corporations and other businesses is a matter of vital interest to all with a stake in those companies. That group includes truly all of our citizens: the people who own companies, including the tens of millions of Americans who invest in mutual funds and other shareholders of public companies, the millions of employees who depend on these companies for their livelihood, and the countless individuals and other businesses that depend on the goods and services these companies provide.
I appreciate the opportunity to share my views as the Subcommittee considers the questions of policies and/or guidelines that can be applied to individual case decisions, which are important to achieving basic fairness by insuring that like cases are treated alike. The views I offer for your consideration are from the perspective of 30 years of litigation experience, now divided almost evenly between public service and private practice. In fifteen years at the Department of Justice, I had the privilege to serve eight years in a career position as an Assistant United States Attorney, five years in the Reagan Administration as the United States Attorney for the District of Vermont, two years in the first Bush presidency as Deputy Attorney General of the United States with responsibility, among other things, for supervising the nation’s 93 United States Attorneys, and finally concluding my public service with the privilege of briefly serving as Acting Attorney General. In private practice, I have represented business organizations, including corporations, their boards, and audit committees, as they navigate their way through enforcement matters, including those under the jurisdiction of the Department of Justice.
How Deferred Prosecution Agreements Work
Deferred Prosecution Agreements (DPAs) are a relatively recent development, at least as they are typically used, and are in part the result of the far more frequent prosecution of business organizations today than in the past. Prior to the use of DPAs, the only way a company could avoid the onerous experience of a criminal prosecution was to enter a guilty plea to a criminal offense or to convince prosecutors that they should forego a criminal prosecution in favor of either no charges or, more likely, a disposition using civil law enforcement penalties and mechanisms.
DPAs provide a middle ground between criminal and civil dispositions. The company avoids the opprobrium and the often considerable adverse collateral consequences that would attend to either a guilty plea to criminal violations or to a conviction after a trial, while the government achieves deterrence and punishment objectives without the expenditure of the massive resources—with the attendant litigation risks—that would be necessary to indict and try such a case.
DPAs are a form of what might be called “corporate probation,” because the company typically will have to admit facts sufficient to prove its own guilt in the event the company fails to abide by the terms and conditions of the DPA. If the corporation successfully completes this “probationary” period, then the prosecution deferred temporarily is declined permanently. Typically, the DPA also imposes an obligation on the company to employ—at its expense—an outside monitor to insure robust compliance with the company’s regulatory and legal obligations, including those imposed by the DPA itself.
A key feature of most DPAs is the imposition on the subject company of a requirement that it utilize an outside “compliance monitor,” sometimes termed a “compliance consultant,” for a period of time, usually coextensive with the life of the DPA. In sum, monitors are charged with closely observing, testing, and reporting to the government on the subject company’s compliance with its legal obligations. This role necessarily involves making judgments both about the nature and extent of those obligations and the effectiveness of a subject company’s policies, programs, and operations that define its commitment and level of compliance with those obligations.
Brief History of the Prosecution of Business Organizations
For the purposes of this hearing, it is helpful to consider current practices regarding DPAs and monitors in the larger context of the prosecution of business organizations. The prosecution of business organizations is not quite 100 years old: in 1909, the Supreme Court held for the first time that a corporation, which obviously has no capacity to form the wrongful intent that traditionally marks criminal conduct, could be held criminally liable for the actions of its agents, declaring that providing for corporate criminal liability was “only a step farther” following existing vicarious civil liability.1 Four years later, the Supreme Court unanimously concluded that “[t]he power of Congress [to personify a company in order to collect a fine] hardly is denied.”2 The Supreme Court eventually discarded any remnant of traditional notions of mens rea in the context of corporate conduct,3 and in 1948, Congress revised the criminal code to expressly include corporations and other organizations within the definition of “person” and “whoever.”4 Subsequently, courts fashioned a “collective knowledge” doctrine, whereby corporations can be criminally liable based on employees’ knowledge imputed to their employer, even in circumstances where no single employee possesses all of the knowledge necessary to prove a criminal offense.5
Despite these developments, the prosecution of business organizations was the exception, rather than the rule, until the 1970’s and early 1980’s when the frequency of corporate prosecutions increased in connection with a greatly expanded role in the federal regulation of commercial conduct.6 Corporations and other business entities became increasingly vulnerable to criminal prosecution for “crimes” founded on regulatory standards without regard for the substantial increase in the complexity of the regulatory environment and the significant available non-criminal penalties for non-compliance. A particularly apt illustration of the outcome of the intersection of these trends is the 1982 case of United States v. Hartley, in which the Eleventh Circuit upheld the conviction of a corporation and two of its employees for selling to the military breaded shrimp that failed to meet certain specifications, including the amount of breading on each piece of shrimp, resulting in 33 counts of conspiracy, mail fraud, violations of the National Stolen Property Act, and the Racketeer Influenced and Corrupt Organizations Act (“RICO”).7
Beginning in the mid-1980’s, agencies designed voluntary disclosure programs that had the potential for both providing corporate defendants—and prosecutors and courts—with a respite from the costs of criminal prosecutions and encouraging a more active corporate compliance effort. Voluntary disclosure programs offered corporations who reported wrongdoing the possibility of prosecutorial leniency in exchange for the company’s selfpolicing and disclosure of possible wrongdoing. Voluntary disclosure programs were established at the Department of Defense in 1986,8 the Environmental Protection Agency in 1995,9 and the Department of Health and Human Services in 1998.10 In 1993, the Antitrust Division of the Department of Justice instituted a voluntary disclosure program that imposed a contractual obligation on the government to grant leniency if the corporation met the terms and conditions of the agreement, though this guarantee to the company is the exception, not the rule, in such programs.11 Voluntary disclosure programs are typically not available to corporations, however, once the government learns of wrongdoing, because the purpose of such agreements is to exchange leniency for the revelation of a crime that otherwise might have gone undetected or that occurred under circumstances that might have posed substantial obstacles to prosecution.
The DPA was another outgrowth of the historical expansion of corporate criminal liability. In 1994, Prudential Securities and the U.S. Attorney for the Southern District of New York entered into the first comprehensive federal DPA (the “Prudential DPA”) to resolve criminal charges.12 The Prudential DPA has essentially become the blueprint for subsequent DPAs between the government and business organizations, and at the turn of the century the Department of Justice promulgated guidelines for the prosecution of business organizations that expressly identified pretrial diversion as an appropriate alternative to prosecution.13
Recent trends reflect significantly increased use of DPAs: until the 1990s, federal prosecutors did not typically use forms of pretrial diversion with corporations; in 2003, federal prosecutors only entered into three DPAs; and in 2007, federal prosecutors entered into 35 DPAs.14 From 2002 to 2005, the Department of Justice entered into twice as many non-prosecution agreements and DPAs than it had between 1992 and 2001.15 This trend mirrors the significant increase in the use and threatened use of criminal sanctions against business entities generally.
The Selection and Duties of Corporate Monitors
As noted earlier, the Government typically requires the use of a corporate monitor as a condition of a DPA. The manner in which monitors are selected varies, and, as a general matter, monitors are not typically selected until the execution of the DPA. A survey of several DPAs illustrates the variance that occurs in practice: in the CIBC and Merrill Lynch DPAs, the government selected the monitor;16 in the Monsanto and Micrus DPAs, the monitor only had to be “acceptable” or “agreeable” to the government;17 in the Schnitzer Steel DPA, the Department of Justice proposed two possible monitors and the company was allowed to choose between the two;18 in the Computer Associates DPA, the company presented a list of five names to the U.S. Attorney, the U.S. Attorney sent three names to the court, and the court selected the monitor from these three;19 and, finally, in the Bristol- Myers Squibb DPA, the Company preemptively hired a monitor while it was under investigation.20
At its core, the function of an outside corporate monitor appointed under a DPA is to observe and report. The monitor observes the conduct of a company relevant to the company’s obligations under a DPA. The monitor reports the facts learned from such observation and, very significantly to the topics of the Subcommittee’s interest today, reports judgments about the company’s conduct and commitment to compliance obligations. This provides the government with a process to secure additional assurances that the company is living up to its promises in the DPA of legal compliance and general good behavior.
Thus, to perform these functions, a monitor should be a person, to borrow a phrase, “learned in the law,” but as importantly, also a person with the background, experience, proven judgment, and integrity to make keen observations concerning the compliance of a given type of business with its legal obligations and to offer credible judgments and insights on what is observed. Appropriately, monitors’ professional backgrounds frequently include career experiences that signal credibility and trustworthiness to current prosecutors: of the 28 monitors appointed in deferred prosecution or non-prosecution agreements from 1994 to August 1, 2007, 17 were former federal prosecutors, four were former judges, one was a former SEC chairman, and one was a former SEC general counsel.21
Consistent with the government’s duty to assure the public that the administration of the law is free of any partisan considerations, the process of selecting monitors with these qualifications should be transparent and the subject of layered review and approval at Main Justice in Washington. The selection of monitor candidates should be on the basis of merit and enjoy input from both the government and the subject company. In my view, since the monitor will be paid for with corporate funds and the monitor can provide value to the company in achieving its compliance objectives, the best approach is for the company to select a monitor from a panel of candidates, each of whom has been previously designated as acceptable by the government.
I think many observers would conclude from the terms of typical DPAs that the government is the primary consumer of the monitor’s product. A better and more realistic view of the monitor’s role may be one where the monitor is an asset to the company’s operations, functioning both as an outside consultant on compliance issues and as an internal observer and tester of compliance who is answerable to the government. Indeed, DPAs often expressly describe the monitor as a “compliance consultant.”22 As with many consultants, the monitor is given full access to operations in order to assess activities relative to compliance and, in a variation on the usual consultant arrangement, also has communication and reporting duties to the government in connection with the monitor’s supervision of the company’s obligations under the DPA. Company expenditures for the monitor, which are born by the company’s owners, including the shareholders of a public company, are far more justified under this “compliance consultant” model as they return value for the company’s expenditure and are not, as they might otherwise be, merely subsidizing a government function imposed by contract on the company.
I believe the Department of Justice has taken an important and valuable step forward by articulating a principled basis for the selection and use of monitors, as found in Acting Deputy Attorney General Craig S. Morford’s March 7, 2008, memorandum on the subject.23 These guidelines require the corporation and the government to discuss the necessary qualifications of a monitor, establish committees within the U.S. Attorneys’ Offices and Department components to vet potential monitors, and provide that the Office of the Deputy Attorney General must approve the selection of all monitors. The involvement of the Deputy Attorney General, the Department’s number two official, elevates the importance of both the selection and use of monitors in a positive fashion and helps to assure the public and interested parties that monitors will be selected on a principled basis. This process will certainly promote the selection of a highly qualified person, avoid potential or perceived conflicts of interest, and instill public confidence in the selection process.
The guidelines make clear that the monitor is to be an independent third party who facilitates the exchange of information, but who may not override the legal responsibilities and authority of management and directors to operate the company. The guidelines appropriately scale the monitor’s authority and term of service to the underlying business conduct that necessitated the imposition of the monitor, thereby providing the subject company with a basis to articulate appropriate limitations on the scope of the monitor’s activities. I think most of the guidelines’ provisions will be received positively by all concerned, even if one does believe that there is still room for improvement. The surest test of these guidelines will be in how they operate in practice in the weeks and months ahead.
Those who might favor having the government be the primary beneficiary of the monitor’s work might be said to adhere to the concept of a monitor as a “contract policeman,” keeping a close eye on the company’s conduct and arresting any bad conduct that arises. Perhaps, more narrowly, this view would have the monitor performing a role analogous to that undertaken by the Inspectors General of the Executive agencies that are charged with investigating and reporting on instances of waste, fraud and abuse. Under this “inspector general” model, a monitor would serve as an externally imposed internal watchdog on the lookout for company conduct that deviates substantially from compliance commitments and obligations.
Some go even farther and describe the monitor as being a government representative who is essentially given a seat at the boardroom table.24 I think this goes too far and, to the extent it reflects current practice, this concept of the monitor’s role should be discouraged. To the extent monitors have the power to dictate practices to be used—or not to be used—to the company, and even to the board of a public corporation, such powers are a legal abomination that completely undercuts the legal basis of responsibility for corporate governance and management. That responsibility, and authority, ultimately resides as a matter of law in individual directors. Apart from simply giving monitors authority well beyond that necessary to perform their functions, such excess powers are inconsistent with the law and sound corporate governance practices. In short, as the new Department of Justice guidelines recognize, monitors should not have the power to run companies by being able to dictate practices, policies, and personnel decisions to the directors and others who are responsible by law for doing so and who, in a public corporation, can be held accountable to shareholders.
Guidelines prescribing the selection and use of monitors are the province of the Department of Justice, the agency to which the Executive Branch’s constitutional power for the plenary exercise of prosecutorial discretion is entrusted. 25 The Constitution commands that the President “take Care that the Laws be faithfully executed,”26 and under the Constitution’s separation of powers doctrine, this affords the Executive Branch the exclusive power over the exercise of prosecutorial discretion.27 Because the separation of powers dictates that Congress cannot grant powers it does not possess28 and that the Judicial Branch cannot “be assigned nor allowed tasks that are more appropriately accomplished by [other] branches,”29 neither Congress nor the Judiciary have lawful authority to dictate the terms of or control the exercise of prosecutorial discretion. Only the prosecutor can choose what cases to bring or decide the terms and conditions under which the prosecution of a case may be compromised.30 The Federal Rules of Criminal Procedure comport, of course, with this Constitutional standard, providing that judges have a limited role regarding plea agreements: judges are to satisfy themselves that plea agreements meet with due process requirements and that waivers of certain rights attendant to pleas are made voluntarily, knowingly, and intelligently.31 One circuit court of appeals has recently held that a court must accept a plea agreement that clears these constitutional hurdles.32 The Federal Rules of Criminal Procedure also exclude judges from the negotiation of plea agreements, do not grant judges discretion to modify plea agreements, and allow for judicial rejection of plea agreements that otherwise meet with due process only when the terms of a plea agreement contemplate that the court take an action properly within the court’s own discretion.33
Mandating specific considerations to a prosecutor regarding the terms and conditions for the disposition of cases would clearly restrict the prosecutor’s exercise of discretion to enter into a DPA. As to the Judiciary’s involvement, the Supreme Court has adopted the unremarkable proposition that the power to terminate is equivalent to the power to control.34 Accordingly, a Judge’s power to reject a proposed DPA would be, in practice, the power to control the exercise of the prosecutor’s discretion to offer a DPA as an alternative to prosecution.
Because, under the Constitution, the decision as to whether to enter into a DPA or to require some other terms in deciding whether to bring charges belongs exclusively to the Executive, that discretion is not subject to policies dictated by Congress or to review by the courts, I believe that the legislation currently on the table before the Committee35 runs afoul of these constitutional principles and is not, therefore, well-advised. I also believe that the Department’s new guidelines address legitimate concerns regarding the selection and use of federal monitors.
I thank the committee for the opportunity to express my views and I would be pleased to answer any questions the members may have.