2008 Year-End Update on Corporate Deferred Prosecution and Non-Prosecution Agreements

January 6, 2009

2008 – A Dynamic Year in Corporate Deferred Prosecution Agreements

In the post-Enron and WorldCom era, the U.S. Department of Justice ("DOJ") often uses corporate deferred prosecution agreements ("DPAs") to resolve federal criminal investigations.[1] Although corporate DPAs play an important role in limiting the collateral consequences of corporate indictment, their dramatically increased use has prompted considerable debate. The DPA debate hit a high point in 2008 with several DPAs drawing media and legislative attention, culminating in new DOJ guidance.

Gibson Dunn has been counsel to corporations in some of the earliest DPAs, and we have written extensively on DPA policy considerations. This client update provides an overview of the corporate DPAs entered into in 2008 and discusses the legislative, judicial, and executive activity surrounding DPAs. It also provides practical guidance to help companies navigate the DPA process.

Deferred Prosecution Agreements and Non-Prosecution Agreements

Although a conviction establishes legal culpability, the simple indictment of a corporation—particularly a public, regulated corporation—can have massive collateral consequences for the company and third parties. The fallout from the Arthur Andersen prosecution is a textbook example. Prior to its indictment in 2002, Arthur Andersen was a worldwide institution with over $9.3 billion in annual revenues and over 85,000 worldwide employees. By the time the Supreme Court unanimously reversed Arthur Andersen’s conviction in 2005, the employees were virtually all gone, partnership value had vanished, and the few remaining assets were being divvied up by litigants. Contemporaneous newspaper reports say Arthur Andersen and the DOJ discussed a DPA but failed to come to an agreement. To mitigate some of these unintended consequences, the DOJ has relied more frequently on DPAs to resolve corporate criminal investigations.

The practice of corporate deferred prosecution is based loosely on the individual pretrial diversion principles set forth in section 9-22.010 of the United States Attorney’s Manual, and Chapter Eight of the United States Sentencing Guidelines, which addresses organizational sentencing considerations. In a DPA, the DOJ typically files charges against a corporation, often through a criminal complaint, but agrees to dismiss those charges after a period of time, so long as the corporation does not breach the agreement. In exchange, the corporation generally accepts responsibility for criminal wrongdoing; pays a combination of a criminal fine, civil penalty, and restitution; complies with the ongoing investigations; and takes remedial measures, such as revamped compliance programs with independent monitors overseeing compliance improvements. Most DPAs also require the corporation to admit to a statement of facts, which the DOJ may use to prosecute the corporation if the corporation breaches the agreement. Many DPAs prohibit the corporation from denying the facts in any context, including civil litigation, press releases, or investor conferences.

Because a DPA takes place at the pre-indictment stage, there is typically no judicial oversight of the agreement, though many are filed with the court. Non-Prosecution Agreements are similar to DPAs, but these agreements do not involve the filing of charges. Instead, the DOJ simply agrees, typically in a letter agreement, not to prosecute so long as the corporation complies with the terms of the agreement. Although DPAs and NPAs have very similar characteristics—requiring a corporation to accept responsibility, cooperate with the government, and adopt remedial measures—NPAs are generally less detailed than DPAs. Additionally, NPAs generally do not include provisions for corporate monitors.

Despite the obvious advantages of a DPA over a criminal indictment for companies under investigation, one central problem with DPAs has been the lack of DOJ guidance. Before 2008, the DOJ had no formal—and little informal—guidance for individual prosecutors regarding when DPAs should be offered and what terms should be included in an agreement. The lack of DOJ internal guidance resulted in differing treatment for corporations with similar conduct. For example, one corporation that violates a law but reports it to the DOJ and cooperates fully with the investigation may receive a DPA—still paying millions of dollars in fines and undertaking costly compliance programs. Another corporation that violates the same law and equally cooperates with the DOJ investigation may receive a total pass. This inconsistent application of DPAs raises concerns of inequity and makes it more difficult for a corporation to manage criminal investigations and predictability of the result. Simply put, absent consistent and uniform guidance, a corporation has no way of measuring the consequences of coming forward and self-reporting potential criminal activity.

A History of Deferred Prosecution Agreements

The DOJ has a long tradition of granting pretrial diversions to appropriate individuals accused of criminal wrongdoing as an alternative to prosecution. Only recently have corporate DPAs become widely utilized. The DOJ entered into its first corporate DPA in 1992, but they were relatively rare until 2003. Following the Arthur Andersen indictment and the formation of the DOJ Corporate Fraud Task Force, their use began to steadily increase. In 2007, the use of DPAs increased substantially, more than doubling to 37 that year, from 14 in 2006. This past year saw the first decline in the number of corporate DPAs, with only 14 reported DPAs and three reported NPAs. The below chart tracks the modern history of the DOJ DPA agreements.

DOJ Deferred Prosecution Agreements

Who Gives DPAs and Who Receives Them

Not all DPAs are equal. Indeed, some divisions of the DOJ are more likely to enter into corporate DPAs, and some types of corporations are more likely to receive a DPA arrangement.

Historically, the DOJ’s Fraud Section has been the clear leader in corporate DPAs, entering into 26 agreements since 2003. The Fraud Section accounts for 28 percent of the total agreements entered into during the last five years. Similarly, a handful of United States Attorney’s Offices account for the vast majority of DPAs. The Southern District of New York entered into 21 DPAs since 2001, more than any other office. The Eastern District of New York, the District of New Jersey, and the District of Massachusetts round out the top five offices entering into DPAs over the previous decade. The vast majority of U.S. Attorney’s Offices have never entered—or at least publicly announced—a DPA. From our experience, some U.S. Attorney’s Offices have entered into DPAs that have never been publicly announced.

Corporate recipients of DPAs also tend to share certain characteristics. For example, large, publicly-held corporations historically receive DPAs. Previous DPA recipients include: American Express Bank International (a former subsidiary of American Express Company), Boeing, Bristol-Myers Squibb, British Petroleum, Chevron, Health South, Lucent Technologies, Monsanto, Pfizer, and Sears. This list of DPA recipients is not surprising given the DPAs’ implicit purpose of limiting the collateral consequences of corporate convictions. These consequences can be especially harsh for corporations that operate in highly regulated industries. For example, a conviction for certain violations could result in a corporation losing its broker-dealer license, banking license, charter, or deposit insurance; being stripped of eligibility to be a government contractor; or being prohibited from participation in government healthcare programs. Although it is little consolation to a small corporation, the indictment of a publicly-held corporation that operates in a regulated industry is likely to have more significant collateral consequences, placing more employees at risk of losing their jobs and affecting greater shareholder value.

Interestingly, and contrary to the banner headlines, DOJ’s prosecution of corporations has not increased substantially over the last ten years; 2000 was the high mark with 296 convictions, and the low was 2004 with 130. For the remaining years, the number of convictions fluctuated between approximately 185 and 260. The vast majority of corporations actually prosecuted are small, closely-held, non-public corporations with less than 200 employees. Despite the substantial emphasis regulators place on compliance programs, from 2003 to 2007 only one corporation received sentencing credit for having an effective compliance program. Our perception is that the corporations prosecuted are small entities that do not have robust compliance programs, which are the best antidote against criminal indictment.

Deferred Prosecution Agreements Entered in 2008

The 17 DPAs entered into in 2008 are approximately half the number entered in 2007. This downturn may result from the normal ups-and-downs of corporate investigations and prosecutions. It may also reflect the debate surrounding the use of DPAs and the cautious approach that the DOJ took in entering into DPAs while awaiting further legislative and internal guidance. For example, the use of DPAs by individual U.S. Attorney’s Offices dropped in 2008, making up only approximately one-half of the DPAs in 2008, as opposed to two-thirds of DPAs in 2007. The DOJ Fraud Section remained the leader in entering into DPAs in 2008, handling 6 of the 17—approximately 35 percent of the total.

Consistent with increased DOJ interest in Foreign Corrupt Practices Act ("FCPA") investigations, 40 percent of the DPAs in 2008 involved FCPA violations. DPAs involving immigration fraud—hiring illegal aliens— also increased resulting in three DPAs. The DOJ entered two DPAs for money laundering, and two DPAs for accounting irregularities and securities violations. Finally, there was one DPA each for the following: internet gambling operations; mail fraud for providing illegal purchasing incentives to a customer; and False Claims Act violations. Numerous DPAs in 2007 involved health care and food and drug fraud actions; 2008 saw no DPAs in these areas. Overall, the mix of allegations in the 2008 DPAs is consistent with DOJ prosecution trends, and does not demonstrate any tendency by DOJ to enter DPAs for specific criminal violations.

Allegations 2008

This past year saw a noticeable and important trend toward uniformity in the terms and conditions of the 17 DPAs entered into in 2008. Although the time frames of the 2008 DPAs ranged from January to December, almost every agreement contained broad language requiring that: (1) the corporation cooperate with ongoing government investigations; (2) the corporation bind any successor in the event of a sale or merger; (3) the corporation refrain from making statements that contradict the facts set forth in the agreement; and (4) the DOJ had sole discretion to determine whether a breach occurred. Several DPAs give the DOJ the option to extend the agreement for a year in case of a breach. None of the DPAs entered in 2008 provided for "extraordinary restitution"—a widely critiqued practice whereby an uninjured third party receives a benefit.

As in previous years, DPAs were more prominent in 2008 than NPAs. Two of the four reported NPAs in 2008 were entered by the U.S. Attorney’s Office for the Northern District of New York. The U.S. Attorney’s Office for the Southern District of New York and the U.S. Attorney’s Office for the Southern District of Texas entered the other two NPAs.

The below chart shows the reported DPAs and NPAs entered in 2008. An explanation of these DPAs and NPAs is found in Appendix A.

Revocation of a Deferred Prosecution Agreement

Before 2008, DPAs were rarely, if ever, revoked due to non-compliance. The prospect of a DPA revocation arose in 2007 after FirstEnergy Corp. paid $28 million pursuant to a DPA for alleged misrepresentations to the Nuclear Regulatory Commission. When the corporation submitted a $200 million insurance claim arguing that it did not intentionally cause the corrosion damage at its nuclear plant, there were reports that DOJ thought the insurance claim violated the terms of the company’s DPA. FirstEnergy subsequently dropped the insurance claim.

November 28, 2008, however, brought the first reported case where the DOJ actually revoked a DPA. In January 2007, Aibel Group Ltd. entered into a DPA with the DOJ Fraud Section. Aibel was charged with violating the FCPA by making illegal payments to Nigerian customs officials. The DPA required Aibel to (1) establish a Compliance Committee of its Board of Directors, (2) engage outside compliance counsel to monitor its duties and obligations under the DPA, and (3) establish and effectively implement an FCPA compliance program.

On November 21, 2008, the DOJ announced that, although Aibel "committed substantial time, personnel, and resources to meeting the obligations of the DPA," it was not in compliance with the DPA. Because Aibel self-reported the non-compliance and agreed to plead guilty to the underlying FCPA charges, it avoided the more complicated question, raised in FirstCorp, of how to determine if a corporation has, in fact, violated a DPA. Under the terms of the guilty plea Aibel agreed to pay a fine of $4.2 million and receive two years of corporate probation, during which time it must periodically report on its progress implementing anti-bribery measures. Although the terms of the DPA will no longer be enforceable upon sentencing, the terms of the plea agreement are quite similar. Ironically, unlike the prior requirement of its DPA, under the terms of the plea agreement, Aibel is no longer required to have an outside compliance monitor.

2008 Changes Related to DPAs

In 2008 several DPAs drew media and Congressional attention. In one instance, a company agreed to endow an ethics chair to the prosecutor’s alma mater as part of the corporation’s agreement to avoid indictment. In a second instance, a prosecutor selected a former U.S. Attorney General to be a monitor as part of a DPA, leading to concerns regarding the selection process. Following Congressional hearings on DPAs, New Jersey Congressman Frank Pallone introduced legislation (H.R. 5086) aimed at providing oversight to the DPA process. This bill would require the Attorney General to issue guidelines regarding when DPAs should be entered; require a federal judge to approve all DPAs, determine breach, and appoint monitors; and require the courts to set fee schedules for monitors. Senator Arlen Specter also re-introduced legislation (S. 3217) that would prohibit any government prosecutor or any agency from requesting information protected by the attorney-client privilege in exchange for leniency. Neither bill, however, made it out of committee.

Following the media publicity and legislative activity, in 2008 the DOJ issued its first formal remedial guidance relating to DPAs. The Department issued a memo addressing the use of monitors and also revised the United States Attorney’s Manual to prohibit "restitution" to uninjured third-parties. Although the DOJ did not issue guidance on when a prosecutor should offer a corporation a DPA, it amended its internal policy regarding a corporation’s cooperation and waiver of attorney-client and work product privilege; two factors relevant to the DOJ’s decision making process.

Morford Memorandum – Monitors

On March 10, 2008, the DOJ issued its first formal guidance with respect to the remedial provisions in DPAs. Acting Deputy Attorney General Craig S. Morford issued a memorandum ("Morford Memo") setting forth the principles that federal prosecutors must follow in the selection and use of monitors in DPA agreements. Previously, there had been no specific guidance on the use of monitors, or any other aspect of DPAs. Deputy Attorney General Morford, an experienced and talented veteran DOJ prosecutor, brought a line-attorney’s perspective to the DPA process. The Morford Memo standardizes common practices involving monitors by addressing, inter alia, the criteria for selecting a monitor, the need for a monitor’s independence, restrictions on the scope of a monitor’s duties, and the need for procedures to resolve disputes over the monitor’s suggestions.

In determining whether to appoint a monitor, the Morford Memo instructs prosecutors to consider not only the benefits of a monitor but also the cost to the corporation, as well as the impact on its operations. Prosecutors now must notify the United States Attorney or the DOJ Component Head before they execute a DPA that requires a monitor.

In addition to guidance on whether to use a monitor, the Morford Memo creates guidelines for selecting a corporate monitor. The selection process should "be designed to: (1) select a highly qualified and respected person or entity based on suitability for the assignment and all of the circumstances; (2) avoid potential and actual conflicts of interests; and (3) otherwise instill public confidence by implementing the steps set forth in this Principle."

Traditionally, the selection process of monitors varied widely, with the prosecutor often holding veto power. The Morford Memo, however, requires the creation of a "standing or ad hoc committee in the Department component or office where the case originated to consider monitor candidates." Individual prosecutors are no longer allowed to make, accept, or veto monitor candidates unilaterally, and the Office of the Deputy Attorney General must approve all monitors. Furthermore, the Morford Memo directs prosecutors not to accept a monitor that "has an interest in, or relationship with, the corporation or its employees, officers or directors that would cause a reasonable person to question the monitor’s impartiality." Monitors are prohibited from employment or affiliation, presumably including representation, with the corporation for one year from the date of the end of the monitorship.

In addition to guidance on choosing a monitor, the Morford Memo also defines the scope of the monitor’s duties. First, the Memorandum makes clear that the monitor is "an independent third-party, not an employee or agent of the corporation or of the Government." Even though the corporation pays the monitor’s fees and costs, a corporation may not seek or obtain legal advice from its monitor.

Second, the Morford Memo makes clear the common understanding of the monitor’s purposes to "assess and monitor a corporation’s compliance with the terms of the deferred prosecution agreement designed to address and reduce the risk of reoccurrence of the corporation’s misconduct." The responsibility for designing and maintaining a compliance program lies with the corporation, "subject to the monitor’s input, evaluation and recommendations." The Morford Memo also makes clear that the monitor’s role is to evaluate ongoing compliance, not to "investigate historical misconduct."

Corporations may not always wish to accept the suggestions of their compliance monitors, nor, under the DOJ guidance, are they required to follow the monitor’s recommendations. However, if a corporation "chooses not to adopt recommendations made by the monitor within a reasonable time, either the monitor or the corporation, or both, should report that fact to the Government, along with the corporation’s reasons. The Government may consider this conduct when evaluating whether the corporation has fulfilled its obligations under the agreement." Further, the Morford Memo directs that a DPA clearly identify what, if any, previously undisclosed or new misconduct a monitor is required to report to the Government. The Morford Memo does not establish a set duration for monitors, but directs prosecutors to provide for extension or early termination of the monitor of the DPA should the circumstances so require.

The Willbros Group was the first corporation to enter a DPA after the issuance of the Morford Memo. Consistent with the Memo’s guidance, the DPA required the monitor to "have, at a minimum . . . demonstrated expertise with respect to the FCPA . . . experience designing and/or reviewing corporate compliance policies, procedures and internal controls, including FCPA-specific policies, procedures and internal controls . . . and sufficient independence from [Willbros] to ensure effective and impartial performance of the Monitor’s duties . . . ." The agreement also included a provision governing Willbros’ relationship with the monitor, reiterating the principles set out in the Morford Memo. AGA Medical’s DPA one month later contained similar provisions. Although not all of the subsequent DPAs contained provisions as detailed as these two DPAs, the Morford Memo is likely to contribute to a standardization of these provisions.

Although the Morford Memo is a welcome development for practitioners seeking guidance and uniformity in the selection and use of monitors in DPAs, it may only be the first step. Senator Leahy, chairman of the Senate Judiciary Committee, recently expressed disappointment that the Morford Memo does not address the potentially excessive compensation of monitors or other issues such as a monitor’s reporting requirements. For corporations worried about predictability in DPAs, the Morford Memo is a positive development, providing some guidance and uniformity in DPA agreements.

Extraordinary Restitution

Following the public and Congressional reaction to DPAs that included extraordinary restitution, the DOJ prohibited DPA provisions granting money to uninjured third-parties. On May 14, 2008, Deputy Attorney General Mark Filip added Section 9-16.325 to the Unites States Attorney’s Manual to make clear that "[p]lea agreements, deferred prosecution agreements and non-prosecution agreements should not include terms requiring the defendant to pay funds to a charitable, educational, community, or other organization or individual that is not a victim of the criminal activity or is not providing services to redress the harm caused by the defendant’s criminal conduct." The DOJ prohibited the practice because it could "create actual or perceived conflicts of interest and/or other ethical issues."

Defining Cooperation

On August 28, 2008, Deputy Attorney General Mark Filip published revisions to the Principles of Federal Prosecution of Business Organizations, which substantially modified the DOJ’s policy defining cooperation—one of the main factors the DOJ considers in determining whether to prosecute a corporation. The Filip Memo[2] departs from previous guidance by expressly stating that "[e]ligibility for cooperation credit is not predicated upon the waiver of attorney-client privilege or work product protection," and that prosecutors "should not ask for such waivers and are directed not to do so." However, the Filip Memo emphasizes that in order to obtain cooperation credit a corporation may need to provide factual information, even if that information is obtained in an internal investigation. Producing factual information from an internal corporate investigation may still have adverse consequences for corporations as the production of factual information to the DOJ may create a subject matter waiver of a corporation’s attorney-client or work product privilege in subsequent civil litigation.

The Filip Memo also directs prosecutors not to consider whether a corporation advances or reimburses legal fees for its employees and prohibits prosecutors from requesting that a corporation refrain from advancing attorneys’ fees. In addition, prosecutors will not consider whether a corporation has retained or sanctioned employees in evaluating cooperation. However, the DOJ may look at a corporation’s disciple of culpable employees in evaluating its remedial measures and compliance program. Importantly, the Filip Memo makes clear that only discipline of employees deemed culpable by the company—not the prosecutor—may be considered in evaluating a company’s remedial measures. As a result, DOJ’s focus will be on appropriate disciplinary processes, including any efforts to implement effective compliance programs, replace responsible management, and discipline or terminate culpable employees.

On the same day that the DOJ published the Flip Memo, the Second Circuit decided a case that further defines the proper boundaries of corporate cooperation. In United States v. Stein, No. 07-3042 (2nd Cir. Aug. 28, 2008), the Second Circuit held that a company’s decision not to pay legal fees to certain employees, in response to pressure from the DOJ to obtain a DPA, violates the employees’ Sixth Amendment rights. The Court found the company’s decision not to pay legal fees amounted to government action, because absent DOJ’s pressure, the company would have paid the fees, even in the absence of a legal requirement to do so. The Stein decision, along with the Filip Memo, are important developments which will define the outer limits on the type of "cooperation" the DOJ can seek from corporations in exchange for a DPA.

The majority of the DPAs entered in 2008 before the issuance of the Filip Memo explicitly allow the DOJ to consider a company’s decision to withhold information based upon the attorney-client privilege or the attorney work-product doctrine in determining whether the company has fully cooperated with the DOJ. True to the guidance in the Filip Memo, none of the DPAs entered after the Memo contain this explicit provision.

Predictions for the Future

Although 2008 saw a marked decrease in the number of DPAs, the slowdown is not likely to continue in the future. The large number of government investigations borne out of the current financial crisis and the DOJ’s increased sensitivity to collateral consequences of corporate indictment are likely to lead to a further resurgence in DPAs. Indeed, we are aware of a large number of currently ongoing investigations likely to be resolved in 2009, which will likely include DPAs.

The average length of the DPAs—three years in 2008—is not likely to drop, given the complexity of the compliance programs likely to be pursued as a result of investigations growing out of the current financial crisis. Several of the 2008 DPAs include an option allowing the DOJ, in its discretion, to extend the terms of a DPA for a year or more to monitor compliance. This option is likely to be included in future DPAs.

It is uncertain whether more DPAs will be revoked in the future. Because Aibel self-reported its non-compliance with the DPA, the revocation of their DPA adds little to the ongoing potential dispute over how to determine whether a corporation breaches a DPA.

For the first time since corporate DPAs came into existence, 2008 brought several legislative, executive, and judicial reforms concerning DPAs. However, questions remain as to how the prospect of pending legislation, the Stein decision, and internal DOJ policy changes will effect DPA agreements. A new administration may take steps to clarify internal DOJ guidelines and provide corporations with some guidance on what conduct warrants a DPA, as well as the appropriate terms and conditions that should be standard in a DPA agreement. Furthermore, it is likely that the new Justice Department leadership will seek to harmonize the varied practices among the various DOJ divisions and the U.S. Attorney’s Offices.

Practical Guidance

No corporation welcomes the prospect of a criminal indictment. Yet due to the increasingly complex regulatory and criminal law environment, and the reality of respondeat superior liability, even the most conscientious corporation may find itself on the wrong side of a DOJ investigation. Given the severe ramifications of a corporate indictment, most corporations facing possible indictment will prefer to seek a DPA or NPA from the DOJ. A corporation should consider the following critical factors when seeking to secure a DPA.

Self-Reporting and Cooperation

The DOJ has consistently maintained that corporations that self-report wrongdoing are likely to receive cooperation credit from the DOJ. Nonetheless, a corporation should carefully weigh the benefits of cooperation credit against the detriment of reporting when considering if, and when, to report suspected wrongdoing to the DOJ. Before making any decision to report potential wrongdoing, a corporation should consult with experienced and knowledgeable counsel who are familiar with the DOJ and can help the company decide if, when, and how it should self-report.

Once the DOJ has begun a criminal investigation (initially through self-reporting or otherwise), a corporation needs to carefully plan its approach to cooperation. Deputy Attorney General Filip stated in a press conference announcing the new guidelines, that "[n]o corporation is obligated to cooperate or to seek cooperation credit by disclosing information to the government. Refusal by a corporation to cooperate . . . does not, in itself, support or require the filing of charges in any way." Notwithstanding that guidance, corporations may feel pressure to cooperate and may choose to "voluntarily" waive attorney-client and work-product privilege in order to obtain cooperation credit. The ramifications of this should be discussed with counsel before such a waiver is given.

Similarly, although new DOJ guidance prohibits prosecutors from considering whether a corporation pays its employees’ legal fees in evaluating the corporation’s cooperation, a prosecutor may still consider a corporation’s discipline of the employees the company finds culpable. Although corporations should take measures to protect their employees’ rights, they must be careful not to deliberately shield wrongdoers. As Stein illustrates, this balance can be exceedingly difficult to achieve and requires careful planning and execution.

Determining how best to cooperate with the DOJ, including a determination of whether to waive applicable privileges, is a crucial decision for any corporation. This decision is made even more important because the majority of courts hold that once a privilege is waived, it is waived for all purposes, including future civil litigation. Although corporations will want to continue to conduct detailed legal investigations into corporate wrongdoing for their board of directors and auditors, they may also want to explore alternative arrangements with the DOJ, which enable a corporation to disclose relevant facts without compromising the privileged information.

Remedial Measures

Instituting a compliance program, or modifying an existing one, is a nearly universal component of a DPA. The DOJ consistently considers compliance programs a central factor in evaluating a corporation’s remedial measures. Corporations should move swiftly to institute change as the DOJ gives consideration to "quick recognition of the flaws in the program and its efforts to improve." The complexity and depth of the compliance program (and the corresponding cost) will vary widely depending on the type and extent of the violation alleged. Corporations implementing or revising a compliance program should take special care to tailor their compliance program to incorporate the practices and procedures that will be viewed most favorably by the DOJ.

Monitors

A corporation seeking a DPA should assess early in the process whether a monitor is likely to be necessary. The standard in the 2008 DPAs was to allow the corporation to choose the monitor, with veto power held by the individual prosecutor. The Morford Memo no longer allows a single prosecutor to veto a monitor choice. Instead, the Deputy Attorney General must approve or disapprove all monitors. If a monitor is deemed necessary or prudent, a corporation should consider multiple qualified candidates, and make a selection early. Although the Morford Memo affords corporations more protection against arbitrary vetoes by individual prosecutors, the centralized approval process may subject the monitor to greater scrutiny and lengthen the approval process. A corporation can, and may desire to, put its own monitor in place before entering into a DPA.

The Morford Memo also recognizes that the monitor’s purpose is to assess compliance with the DPA. In negotiating the terms of a DPA, a corporation should seek to explicitly define up-front the monitor’s duties in assessing compliance, the information a monitor will have access to, how often and to whom the monitor will report, and what form the reports will take.

Conclusion

Corporations and prosecutors have been advocating changes to DPAs and corporate prosecution for years. Although it is too early to measure the significance of these changes on the DOJ’s practice with DPAs, the coming year is likely to bring an increased focus on corporate wrongdoing. These recent modifications are an important first step in recognizing the crucial role for DPAs and the need for additional guidance in order to ensure consistency and uniformity in their use and implementation. The changes in 2008 are a welcome development, which should create a framework that shapes corporate DPAs in future years.

[1] Deferred Prosecution Agreements are referred to in practice as "DPs" or "DPAs" and Non-Prosecution Agreements as "NPAs." For purposes of this update, we refer collectively to these agreements as DPAs unless otherwise noted. The DOJ is not the only law enforcement agency that utilizes deferred prosecution agreements in conjunction with corporate investigations. State Attorneys General, the SEC, the FTC, as well as other government agencies also utilize corporate DPAs or equivalents. This client update addresses only DPAs entered into by the DOJ, with the exception of DOJ’s Antitrust Division, which has an official policy of leniency—non-prosecution—often afforded to the first cooperative corporation in an industry, and which is not addressed here.

[2] These revisions were incorporated in the U.S. Attorney’s Manual in order to ensure their uniform application across the Department, but are still referred to as the Filip Memo.

Appendix A: DPAs Entered in 2008

Aktiebolaget (AB) Volvo March 18, 2008

DOJ Office

Department of Justice, Criminal Division, Fraud Section

Allegations

Wholly-owned subsidiaries of AB Volvo violated the FCPA by paying, through the Oil For Food Program, approximately $1.3 million in alleged kickbacks to the Iraqi government in order to obtain contracts to sell construction equipment
Internal accounting records were falsified to conceal the nature of the payments
The subsidiaries committed wire fraud violations by inflating the price of each piece of equipment before submitting contracts to the U.N. for approval, then drawing on a U.N. line of credit, issued via international wire, in order to fulfill payment

Length of DPA

Three years

Penalties

Criminal Fine – $7 million
Civil Penalty – $12.6 million to SEC

Revised Compliance Program

AB Volvo and its subsidiaries and affiliates will conduct a review of existing policies and procedures
Maintain a system of internal accounting controls designed to ensure fair and accurate books, records, and accounts
Institute an anti-corruption compliance code applicable to all directors, officers and employees, and where appropriate outside parties acting on the company’s behalf
Assign a senior official to oversee compliance with the FCPA and anti-corruption laws
Institute periodic training and annual certification on compliance for all directors, officers, employees, and where appropriate, agents and business partners
Institute a system for reporting criminal conduct and appropriately disciplining non-compliant employees
Insert standard provisions into contracts and agreements that are reasonably calculated to ensure business partners and agents are compliant with the FCPA and other anti-corruption laws

No monitor

AGA Medical Corp. June 2, 2008

DOJ Office

Department of Justice, Criminal Division, Fraud Section

Allegations

AGA violated the FCPA by making payments to Chinese physicians employed by the government, in order to entice them to use their products
AGA violated the FCPA by making payments to Chinese government officials in order to obtain a patent on their products

Length of DPA

Three years

Penalties

Criminal Fine – $2 million

Revised Compliance Program

AGA Medical will conduct a review of existing policies and procedures
Maintain a system of internal accounting controls designed to ensure fair and accurate books, records, and accounts
Institute an anti-corruption compliance code applicable to all directors, officers and employees, and, where appropriate, outside parties acting on the company’s behalf
Assign a senior official to oversee compliance with the FCPA and anti-corruption laws
Institute periodic training and annual certification on compliance for all directors, officers, employees, and, where appropriate, agents and business partners
Institute a system for reporting criminal conduct and appropriately disciplining non-compliant employees
Insert standard provisions into contracts and agreements that are reasonably calculated to ensure business partners and agents are compliant with the FCPA and other anti-corruption laws

Monitor

Company chooses monitor, with DOJ veto
Monitor must have expertise with FCPA counseling and compliance program design; have the resources necessary to discharge duties; and independence from the company
Scope of monitors duties is to review and evaluate the effectiveness of internal controls, record-keeping, and financial reporting policies and procedures as they relate to anti-corruption laws
Monitor is to have access to all documents, records, facilities, and employees that fall within the scope of responsibilities
Monitor is to conduct an initial review and report, followed by two follow-up reviews and reports to be submitted to the company and the DOJ
Company has 120 days to adopt the monitor’s recommendations, or 60 days to advise the monitor and the DOJ why it will not adopt them
If monitor discovers other corrupt payments, company has 10 days to self-report, or monitor is to report the payments to the DOJ

American Italian Pasta Company September 15, 2008

DOJ Office

United States Attorney’s Office for the Western District of Missouri

Allegations

Misrepresenting the company’s income to the SEC and the investing public through the use of accounting irregularities such as understating expenses, overstating inventory, and inappropriate amortization

Length of DPA

Two years

Penalties

Criminal Fine – $7.5 million

Revised Compliance Program

Replaced CEO and CFO
Completed a restatement of its financial statements
Established an independent chairman of the Board of Directors
Employed a General Counsel, Chief Compliance Officer and a Director of Internal Audit
Revised Board governance documents
Revised the Code of Conduct and initiated employee training
No monitor

Entertainment Systems Inc. June 3, 2008

DOJ Office

United States Attorney’s Office for the Southern District of New York

Allegations

Citadel, a wholly-owned subsidiary, committed wire fraud due to its payment processing services being used for internet gambling by U.S. persons
Conducting an illegal gambling business
Conducting international monetary transactions for the purpose of promoting illegal gambling
Conducting an unlicensed money transmitting business

Length of DPA

Three years

Penalties

Criminal Forfeiture – $9.1 million

Revised Compliance Program

Implemented controls to prevent member accounts from being used to conduct or process illegal transactions between internet gambling merchants and U.S. persons
Regularly monitor effectiveness of its procedures and controls, and revise and update them when necessary

Monitor

Monitor will provide a "Controls Report" within 45 days of the DPA

Monitor will provide an initial compliance report within 90 days of the DPA

Company has 60 days to cure defects detected in the monitor’s report, and 15 more days for monitor to report on the cure

All information, documents, or other records necessary for the monitor to prepare the reports should be provided by the company

Faro Technologies June 3, 2008

DOJ Office

Department of Justice, Criminal Division, Fraud Section

Allegations

Faro China, a wholly-owned subsidiary, violated the FCPA by making payments of approximately $450,000 to Chinese government officials or employees of government run entities in order to obtain and retain business
Internal records and books were falsified to conceal the nature of the illegal payments
Internal controls and procedures were inadequate to detect or prevent anti-corruption violations

Length of DPA

Two years

Penalties

Criminal Fine – $1.1 million
Civil Penalty – $1.8 million

Revised Compliance Program

Faro will conduct a review of existing policies and procedures
Maintain a system of internal accounting controls designed to ensure fair and accurate books, records, and accounts
Institute an anti-corruption compliance code applicable to all directors, officers and employees, and, where appropriate, outside parties acting on the company’s behalf
Assign a senior official to oversee compliance with the FCPA and anti-corruption laws
Institute periodic training and annual certification on compliance for all directors, officers, employees, and where appropriate, agents and business partners
Institute a system for reporting criminal conduct and appropriately disciplining non-compliant employees
Insert standard provisions into contracts and agreements that are reasonably calculated to ensure business partners and agents are compliant with the FCPA and other anti-corruption laws
Institute appropriate due diligence requirements pertaining to the retention and oversight of agents and business partners

Monitor

Company chooses monitor, with DOJ veto
Monitor must have expertise with FCPA counseling and compliance program design; have the resources necessary to discharge duties; and independence from the company
Scope of monitors duties is to review and evaluate the effectiveness of internal controls, record-keeping, and financial reporting policies and procedures as they relate to anti-corruption laws
Monitor is to have access to all documents, records, facilities, and employees that fall within the scope of responsibilities
Monitor is to conduct an initial review and report, followed by two follow-up reviews and reports to be submitted to the company and the DOJ
Company has 120 days to adopt the monitor’s recommendations, or 60 days to advise the monitor and the DOJ why it will not adopt them
If monitor discovers other corrupt payments, company has 10 days to self-report, or monitor is to report the payments to the DOJ

Fiat December 22, 2008

DOJ Office

Department of Justice, Criminal Division, Fraud Section

Allegations

Iveco, CNH Italia, and CNH France, wholly-owned subsidiaries of Fiat, violated the FCPA by paying, through the Oil For Food Program, approximately $5.26 million in kickbacks to the Iraqi government in order to obtain contracts to sell trucks, tractors, and spare parts
Internal accounting records were falsified to conceal the nature of the payments
The subsidiaries committed wire fraud violations by inflating the price of each truck, tractor, or spare part before submitting contracts to the U.N. for approval, then drawing on a U.N. line of credit, issued via international wire, in order to fulfill payment

Length of DPA

Three years

Penalties

Criminal Fine – $7 million

Revised Compliance Program

Fiat and its subsidiaries and affiliates will conduct a review of existing policies and procedures
Maintain a system of internal accounting controls designed to ensure fair and accurate books, records, and accounts
Institute an anti-corruption compliance code applicable to all directors, officers and employees, and where appropriate outside parties acting on the company’s behalf
Assign a senior official to oversee compliance with the FCPA and anti-corruption laws
Institute periodic training and annual certification on compliance for all directors, officers, employees, and where appropriate, agents and business partners
Institute a system for reporting criminal conduct and appropriately disciplining non-compliant employees
Insert standard provisions into contracts and agreements that are reasonably calculated to ensure business partners and agents are compliant with the FCPA and other anti-corruption laws
No monitor

Fine Host Corp. December 16, 2008

DOJ Office

United States Attorney’s Office for the Southern District of New York

Allegations

Billed school districts for inflated supplier invoices

Length of NPA

No set term

Penalties

Civil Fine – $5.3 million
Restitution – $4.3 million to the schools serviced by Fine Host’s Ronkonkoma, Long Island office

Revised Compliance Program

None reported
No monitor

Flowserve Corp. February 21, 2008

DOJ Office

Department of Justice, Criminal Division, Fraud Section

Allegations

A wholly-owned French subsidiary violated the FCPA by paying, through the Oil For Food Program, approximately $778,000 in kickbacks to the Iraqi government in order to obtain contracts to sell large scale water pumps
Internal accounting records were falsified to conceal the nature of the payments
The French subsidiary committed wire fraud violations by inflating the price of each pump before submitting contracts to the U.N. for approval, then drawing on a U.N. line of credit, issued via international wire, in order to fulfill payment

Length of DPA

Three years

Penalties

Criminal Fine – $4 million
Civil Penalty – $6.5 million to SEC

Revised Compliance Program

Flowserve and its subsidiaries and affiliates will conduct a review of existing policies and procedures
Maintain a system of internal accounting controls designed to ensure fair and accurate books, records, and accounts
Institute an anti-corruption compliance code applicable to all directors, officers and employees, and, where appropriate, outside parties acting on the company’s behalf
Assign a senior official to oversee compliance with the FCPA and anti-corruption laws
Institute periodic training and annual certification on compliance for all directors, officers, employees, and where appropriate, agents and business partners
Institute a system for reporting criminal conduct and appropriately disciplining non-compliant employees
Insert standard provisions into contracts and agreements that are reasonably calculated to ensure business partners and agents are compliant with the FCPA and other anti-corruption laws
No monitor

IFCO Systems December 19, 2008

DOJ Office

United States Attorney’s Office for the Northern District of New York

Allegations

Hired 1,182 illegal alien workers at over 40 plants in 26 states

Length of NPA

Three years

Penalties

Civil Forfeiture – $18.1 million to the Department of the Treasury Fund for law enforcement purposes
Civil Penalty – $2.6 million for violations of the Fair Labor Standards Act

Revised Compliance Program

Designation of a full-time compliance officer
Establishment of an employee hotline in order to report violations of law
Institute annual employee certifications with regard to the Compliance Manual and the Code of Conduct
Use Department of Homeland Security’s "E-Verify" Program for all hires
Use the Social Security Number Verification Service to verify all current employees, resolving any negative results on or before April 30, 2009
Ensure all employees complete a form I-9, including using the Spanish instructions were appropriate
Establish an internal training program with annual updates regarding hiring procedures and immigration verification
Annual external audit of program designed to deal with Social Security Administration "no-match" letters
Require subcontractors to swear under oath that they comply with good hiring procedures and immigration verification
No monitor

Jackson Country Club February 6, 2008

DOJ Office

United States Attorney’s Office for the Southern District of Mississippi

Allegations

Hiring and continuing to employ illegal aliens
Furnishing false information to the Social Security Administration

Length of DPA

Two years

Penalties

Criminal Fine – $214,500

Revised Compliance Program

Submit to an I-9 audit by ICE to verify Social Security numbers of existing workforce
Use Basic Pilot Employment Verification Program for all hires
Establish internal training program on completing I-9 and detecting fraudulent documents
Conduct I-9 form audits every 180 days, either by an outside company or by an employee who doe not complete the forms
Create a confidential tip-line for employees or members to report possible illegal aliens
Require contractors to swear by affidavit that they adhere to ICE Best Practices
Report to ICE every 180 days regarding the effect of compliance with ICE Best Practices
No monitor

Additional Requirements

Conduct a once quarterly workshop for the public, at no charge, based upon the Country Club’s internal training program, in order to educate employers on how to comply with the immigration laws

Lawson Products August 11, 2008

DOJ Office

United States Attorney’s Office for the Northern District of Illinois

Allegations

Mail fraud for providing illegal purchasing incentives of about $9.7 million to the employees of its customers so that they would buy higher priced tools, hardware, and chemicals

Length of DPA

Three years

Penalties

Criminal Forfeiture – $29.1 million
Restitution – $820,000

Revised Compliance Program

Will not re-employ any officer or director who formerly served in either position and left the company before the DPA
Implement a compliance and ethics program designed to prevent and detect violations of federal and state anti-corruption laws
Immediately notify the DOJ of any violations or suspected violations of anti-corruption laws
No monitor

Additional

19 individuals charged, 12 convicted to date

Milberg Weiss June 16, 2008

DOJ Office

United States Attorney’s Office for the Central District of California

Allegations

Mail fraud, money laundering, and obstruction of justice for its scheme to pay named plaintiffs a portion of attorneys’ fees in class actions the firm wished to prosecute
Paying kickbacks to stockbrokers to refer their clients to the firm
Retaining an expert witness on a contingent basis

Length of DPA

Two years

Penalties

Criminal Fine – $60 million, plus interest
Civil Fine – $15 million, plus interest, to the United States Postal Service Consumer Fraud Fund

Revised Compliance Program

Comply with all legal and ethical rules regarding fee division or fee sharing, expert witnesses, and political or charitable contributions
Require all attorneys, before entering a fee sharing arrangement, to submit to the monitor a description of the arrangement, a statement from the referrer that the arrangement comports with all legal and ethical rules, and a statement from referring counsel and client that the client has consented to the fee and will not have pecuniary benefit from the arrangement
Hold any fee sharing payments until the monitor has approved them
Disclose to the monitor any expert witness payments that are contingent on success in litigation
Disclose to the monitor and the court any fee arrangement between the firm and a client in any case in which the firm moves to become lead class counsel

Monitor

Previous monitor since 2006 required to be retained two years
Monitor to have an office and facilities in the firm’s New York office
Monitor is to report to the DOJ within 45 days whether company is in compliance with "best practices program"
Monitor is to report to the DOJ every three months regarding companies compliance
Monitor may conduct employee interviews, and is to have access to all company documents and information necessary to reviewing compliance
Monitor must promptly report any failures in compliance to the DOJ

Additional

Can appeal a finding of breach to a higher authority within the DOJ

Penn Traffic Company October 28, 2008

DOJ Office

United States Attorney’s Office for the Northern District of New York

Allegations

One or more employees violated federal law with regard to disclosures to the SEC, financial statements, press releases, and investor calls related to promotional allowances

Length of NPA

No set term

Revised Compliance Program

Assure internal controls are in place to account for promotional allowances, rebates and discounts from vendors in accordance with GAAP
Institute a hot-line or secure post office box whereby employees or vendors may confidentially notify Penn Traffic if they believe its promotional allowance policies are not in accordance with GAAP

Monitor

Imposed by the civil judgment entered with the SEC
Must maintain monitor for three years
Charged with annually reviewing Company policies regarding promotional allowances and reporting to the SEC, U.S. Attorney’s Office for the Northern District of New York, and the Board of Directors

Republic Services Inc. October 1, 2008

DOJ Office

United States Attorney’s Office for the Southern District of Texas

Allegations

Hiring undocumented alien workers
Dumping non-city waste at a city landfill, thereby causing the landfill to over-bill the city for waste

Length of NPA

18 months

Penalties

Criminal Penalty – $1 million
Restitution – $2 million to the City of Houston to benefit a recycling program

Revised Compliance Program

Terminated or disciplined responsible individuals
Formal training on I-9 procedures
Issuing I-9 self audit guidelines
Continued retention of immigration counsel
Implementing payroll software that included I-9 compliance measures
Appointing a Chief Compliance Officer
No monitor

Sigue Corporation and Sigue, L.L.C. January 24, 2008

DOJ Office

United States Attorney’s Office for the Eastern District of Missouri

Allegations

Charged with failure to maintain an effective anti-money laundering program under the Bank Secrecy Act
Fifty-nine agents transmitted funds represented by law enforcement officers to be the proceeds of drug trafficking; forty-seven of these agents assisted remitters in structuring transactions to avoid the reporting requirements of the Bank Secrecy Act.
Sigue filed suspicious transaction reports with the government on the obviously structured transactions but failed to report and prevent the broader money laundering activity.

Length of DPA

One year

Penalties

Criminal Fine – $15 million forfeiture
Civil Penalty – $12 million (satisfied by the $15 million criminal forfeiture)

Revised Compliance Program

Committed to spend additional $9.7 million to update its anti-money laundering program
Employ a Global Compliance Officer who reports to the Audit and Finance Committee of the Board of Directors and provide adequate resources
Authorized delegates will be subject to credit and criminal background checks, and periodic checks in certain circumstances
Maintain improved transaction monitoring, including implementing enhanced identification and due diligence requirements that exceed current regulatory requirements
Implement a transaction interdiction system to block future suspicious transactions
No monitor

Westinghouse Air Brake Technologies Corp. February 8, 2008

DOJ Office

Department of Justice, Criminal Division, Fraud Section

Allegations

A wholly owned Indian subsidiary violated the FCPA by making approximately $170,000 in cash payments to Indian government officials in order to obtaining business, schedule pre-shipping product inspections, have certificates of product delivery issued and curb excise tax audits
Internal accounting records were falsified to conceal the nature of the payments

Length of DPA

Three years

Penalties

Criminal Fine – $300,000
Civil Penalty – $375,000

Revised Compliance Program

Conduct an internal review of existing policies and procedures
Adopt or modify policies and procedures in order to maintain a comprehensive anti-corruption program
Ensure a system of accounting procedures that will ensure accurate books, records and accounts
Promulgate a compliance code in order to avoid FCPA or other anti-corruption violations
Assign a senior executive, to report to the Audit Committee, to oversee the compliance program
Institute periodic training and annual certification on compliance for all directors, officers, employees, and where appropriate, agents and business partners
Institute a system for reporting criminal conduct and appropriately disciplining non-compliant employees
Insert standard provisions into contracts and agreements that are reasonably calculated to ensure business partners and agents are compliant with the FCPA and other anti-corruption laws
No monitor

Willbros Group Inc. May 14, 2008

DOJ Office

Department of Justice, Criminal Division, Fraud Section

Allegations

Willbros International, a wholly-owned subsidiary, through three Nigerian Subsidiaries, violated the FCPA by making payments of over $6 million to Nigerian government officials in order to obtain contracts to work on a natural gas pipeline project
Willbros International, through another subsidiary, violated the FCPA by making payments of approximately $300,000 to Ecuadorian government officials in order to obtain business
Internal records and books were falsified to conceal the nature of the illegal payments

Length of DPA

Three years

Penalties

Criminal Fine – $22 million
Civil Disgorgement – $8.9 million plus $1.4 million pre-judgment interest to SEC

Revised Compliance Program

Implement a compliance and ethics program designed to detect and prevent violations of the FCPA and other anti-corruption laws applicable to subsidiaries, affiliates, joint ventures, contractors, and subcontractors
Review existing internal policies and procedures
Maintain a system of internal accounting controls designed to ensure fair and accurate books, records, and accounts
Assign a senior official to oversee compliance with the FCPA and anti-corruption laws
Institute periodic training and annual certification on compliance for all directors, officers, employees, and where appropriate, agents and business partners
Institute a system for reporting criminal conduct and appropriately disciplining non-compliant employees
Insert standard provisions into contracts and agreements that are reasonably calculated to ensure business partners and agents are compliant with the FCPA and other anti-corruption laws

Monitor

Company chooses monitor, with DOJ veto
Monitor must have expertise with FCPA counseling and compliance program design, have the resources necessary to discharge duties, and independence from the company
Scope of monitors duties is to review and evaluate the effectiveness of internal controls, record-keeping, and financial reporting policies and procedures as they relate to anti-corruption laws
Monitor is to have access to all documents, records, facilities, and employees that fall within the scope of responsibilities
Monitor is to conduct an initial review and report, followed by two follow up reviews and reports to be submitted to the company and the DOJ
Company has 120 days to adopt the monitor’s recommendations, or 60 days to advise the monitor and the DOJ why it will not adopt them
If monitor discovers other corrupt payments, company has 10 days to self-report, or monitor is to report the payments to the DOJ

Additional

Culpable employees had to pay civil penalties to the SEC
Company fired one senior executive and disciplined 18 other employees

The White Collar Defense and Investigations Practice Group of Gibson, Dunn & Crutcher LLP successfully defends corporations, senior corporate executives, and public officials in a wide range of federal and state investigations and prosecutions, and conducts sensitive internal investigations for leading companies in almost every business sector. The Group has members in every domestic office of the Firm and draws on more than 75 attorneys with deep government experience, including numerous former federal and state prosecutors and officials, many of whom served at high levels within the Department of Justice and the Securities and Exchange Commission. Joe Warin, a former federal prosecutor, currently serves as a monitor pursuant to a DOJ and SEC enforcement action, and recently has been selected as the U.S. counsel for the compliance monitor for Siemens. Debra Wong Yang is the former United States Attorney for the Central District of California, and currently serves as a monitor pursuant to a DOJ enforcement action.

Washington, D.C.
F. Joseph Warin (202-887-3609, [email protected])
John H. Sturc (202-955-8243, [email protected])
Barry Goldsmith (202-955-8580, [email protected])
David P. Burns (202-887-3786, [email protected])
David Debold (202-955-8551, [email protected])
Brian C. Baldrate (202-887-3717, [email protected])

New York
Jim Walden (212-351-2300, [email protected])
Lee G. Dunst (212-351-3824, [email protected])
Randy M. Mastro (213-351-3825, [email protected])
Marc K. Schonfeld (212-351-2433, [email protected])
Orin Snyder (212-351-2400, [email protected])
Lawrence J. Zweifach (212-351-2625, [email protected])
Alexander H. Southwell (212-351-3981, [email protected])

Denver
Robert C. Blume (303-298-5758, [email protected])

Orange County
Nicola T. Hanna (949-451-4270, [email protected])

Los Angeles

Debra Wong Yang (213-229-7472, [email protected])
Thomas E. Holliday (213-229-7370, [email protected])
Marcellus McRae (213-229-7675, [email protected])
Robert C. Bonner (213-229-7321, [email protected])
Michael M. Farhang (213-229-7005, [email protected])
Douglas Fuchs (213-229-7605, [email protected])

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.