2021 Year-End Update on Corporate Non-Prosecution Agreements and Deferred Prosecution Agreements

February 3, 2022

Click for PDF

In 2021, the U.S. Department of Justice (“DOJ”) articulated a renewed prosecutorial vision and strong statements and took decisive moves to expand the scope of enforcement efforts and devote more resources to them.  Enforcement activity resulting in corporate non-prosecution agreements (“NPAs”) and deferred prosecution agreements (“DPAs”) was lower in 2021 than in 2020, but generally consistent with the trend in the past two decades.  We expect continued aggressive corporate enforcement in 2022 as part of President Biden’s stated initiative to revisit standards of corporate prosecution.

In this client alert, the 25th in our series on NPAs and DPAs, we: (1) report key statistics regarding NPAs and DPAs from 2000 through 2021; (2) analyze statements by DOJ about recalibrating corporate enforcement policies and a coming effort to “surge resources” in corporate enforcement; (3) take an in-depth look at the use of corporate resolutions by DOJ’s National Security Division (“NSD”); (4) provide an update on the SEC whistleblower program and its implications for NPAs and DPAs; (5) summarize 2021’s publicly available DOJ corporate NPAs and DPAs since our 2021 Mid-Year Update; and (6) survey recent developments in DPA regimes abroad.

Chart 1 below shows all known DOJ NPAs and DPAs from 2000 through 2021.  Of 2021’s 28 total NPAs and DPAs, 7 are NPAs and 21 are DPAs.[1]  The SEC, consistent with its trend since 2016, did not enter into any NPAs or DPAs in 2021.

Chart 2 reflects total monetary recoveries related to NPAs and DPAs from 2000 through 2021.  At approximately $4.0 billion, recoveries associated with NPAs and DPAs in 2021 are the lowest since 2018, and are below the average yearly recoveries for the period between 2005 (when use of these agreements became fairly routine) and 2021.  As we have stated repeatedly, annual statistics should not be isolated to try to extrapolate a trend.  The completion of investigations ebb and flow and are not calibrated to the calendar.  Although 2021 represents a significant reduction in recoveries compared to 2020’s record-breaking $9.4 billion, certain patterns identified in prior years have remained.  For example, in 2020, the two largest resolutions accounted for approximately 53% of the total monetary recoveries.  Similarly, in 2021, the two largest resolutions accounted for 69% of all recoveries, and the largest resolution accounted for approximately 62%.  In 2020, 34% of the agreements had total recoveries of $100 million or more; in 2021, approximately 21% included recoveries of at least $100 million.  Supported by statements suggesting a possible shift in DOJ corporate enforcement policies (discussed in further detail below), these 2021 trends suggest a continued focus by DOJ on large monetary resolutions.

2021 in Context

21 of the 28 resolutions—or 75%— in 2021 were DPAs.  The 28 resolutions entered in 2021 resolved investigations brought by fourteen distinct lead enforcement offices, including nine different U.S. Attorney’s offices.  Among the fourteen, DOJ’s Fraud Section (5), Antitrust Division (4), and Consumer Protection Branch (3) were most active.  Increased activity by DOJ’s Consumer Protection Branch, in particular, may be a trend to watch in the coming year.  This branch has a broad enforcement mandate and is staffed by approximately 100 lawyers.

Of particular note, the number of DPAs in 2021, as illustrated in Chart 3 below and discussed in our Mid-Year Update, is consistent with a seven-year trend toward the increased use of DPAs compared to NPAs.

Three of the seven NPAs entered in 2021 referenced division-specific self-disclosure programs as primary motivating factors.  SAP SE and Avnet Asia Pte. Ltd., respectively, qualified for NPAs under NSD’s Export Control and Sanctions Enforcement Policy for Business Organizations, announced in late 2019.[2]

Although there are limited outliers, the numbers reflect a continuing trend toward increased use of DPAs.

2021 was also the first year without a public declination pursuant to DOJ’s FCPA Corporate Enforcement Policy since DOJ first announced the precursor FCPA Pilot Program in 2016.  The program was designed originally to encourage voluntary self-disclosure and cooperation from companies involved in potential misconduct.  The number of public declinations offered by DOJ under the program and the FCPA Corporate Enforcement Policy has steadily declined in recent years, with four declinations in 2018, two in 2019, and only one in 2020.[3]  However, DOJ has disagreed with commentary suggesting this decline reflects a long-term trend, with an official spokesperson stating “We do not believe the aforementioned results in 2019 and 2020 reflect a ‘lull’ or a downward trend, rather we believe they reflect the natural ebb and flow of our cases.”[4]  Further, it remains possible that DOJ has issued private declinations where it has determined “a public declination is neither necessary nor warranted,” on the basis that that the decision to disclose a declination belongs solely to the DOJ.[5]   Gibson Dunn’s investigative inventory corresponds to DOJ’s perspective.

DOJ Announces Shifting Enforcement Policies and Resource “Surge”

In the final months of 2021, DOJ has made several important announcements regarding corporate enforcement as part of President Biden’s broader initiative to revisit the standards and practices that DOJ has applied to corporate criminal enforcement.  These announcements, which touch on every stage of corporate enforcement—from investigation through charging, settlement, and beyond—reflect that DOJ is taking a fresh, holistic look at its approach to corporate enforcement.  Through these changes, DOJ is signaling to companies that DOJ intends to maintain a sharp focus on identifying and addressing corporate crime.

Reflecting this focus, DOJ announced the formation of a Corporate Crime Advisory Group, which will be made up of representatives from all divisions of DOJ involved in corporate criminal enforcement.  This new advisory body has a broad mandate to make recommendations and propose revisions to DOJ’s policies on corporate criminal enforcement topics, including monitorship selection, recidivism and NPA/DPA non-compliance, and prioritization of individual accountability, all of which were targeted for updates in 2021.

Zero Tolerance for Recidivism and Noncompliance

In an October 5, 2021 speech, Principal Associate Deputy Attorney General (“PADAG”) John Carlin emphasized that DOJ will continue to use NPAs, DPAs, and guilty pleas, and that DOJ views the inking of an agreement as the start of a longer-term obligation.[6]  He stated that companies should expect DOJ to enforce agreement terms, noting that DOJ will be firm with companies that do not comply.  He also said that the consequences for violating an agreement “may be worse than the original punishment.”  Typically, DPAs and NPAs include specific obligations with respect to compliance, cooperation, and reporting of misconduct over the term of the agreement (often three years).

Shortly after PADAG Carlin’s speech, Deputy Attorney General (“DAG”) Lisa Monaco amplified this position, stating that DOJ has “no tolerance for companies that take advantage of [DPAs or NPAs] by going on to continue to commit crimes.”[7]  These statements hearken back to 2015, when DOJ similarly postured about not hesitating to “tear up” agreements for companies that fail to meet their NPA or DPA obligations.[8]  DOJ has already proved willing to follow through on this renewed zero-tolerance policy, requiring Monsanto Company (“Monsanto”) to plead guilty to both of the previously deferred two felony charges that otherwise would have been dismissed pursuant to its 2019 DPA, as well as thirty new misdemeanor charges, as a result of new conduct that violated laws involving the proper use of pesticides and the terms of the 2019 DPA.[9]

Further emphasizing its tough stance on recidivist behavior, DOJ also announced that it will take into account a corporation’s full criminal, civil, and regulatory record in making charging decisions, even if alleged prior misconduct is dissimilar from the alleged conduct at issue.[10]  No longer will DOJ focus primarily on prior misconduct similar to the conduct under investigation.  This revised policy is sweeping, implicating not only prior enforcement actions across all DOJ units, but all prosecutions and non-criminal enforcement actions across all federal regulators, the states and other countries, as well.[11]

Taken at face value, this means that a prior resolution for conduct that would not be illegal in the United States could theoretically be taken into account in a domestic charging decision.  Practitioners have raised significant concerns about this new policy, particularly given this potential for consideration of acts that are not punishable in the United States, and for consideration of criminal, civil, and regulatory actions involving completely inapposite facts, standards, and legal frameworks.

Speaking at the American Conference Institute’s 38th International Conference on the FCPA, Assistant Attorney General for the Criminal Division, Kenneth Polite, responded to these concerns, stating that, “it’s a discretionary evaluation, where we have to trust and rely on our trial attorneys to properly evaluate each instance…where every potential act of misconduct is not going to be weighted the same way.”[12]  At the same event, Chief of the DOJ’s FCPA Unit, David Last stated that, “if there are so many instances to count, that may be another conversation that we need to have…If you’re in the 50s, or the hundreds of prior touches, that’s something we probably need to know.”[13]

Surging Resources to Investigate Corporate Wrongdoing

Also in October, PADAG John Carlin noted that DOJ is “building up to surge resources for corporate enforcement.”[14]  These resources include additional FBI agents tasked to work full-time alongside the prosecutors in the Criminal Fraud section, which PADAG Carlin stated has worked in the past and would provide flexibility to pursue white-collar matters nationwide.

According to Mr. Carlin, the surge in resources also will facilitate the use of data analytics tools, including working together with other regulatory agencies to share “the same fruits of analytic [labor],” to identify criminal conduct.  He noted corporations should take advantage of these types of tools as DOJ will expect corporations to use data analytics in their compliance programs to look for and predict misconduct.[15]

These comments build on updates to DOJ’s corporate enforcement posture dating back to 2020.  On June 1, 2020, DOJ updated its guidance to prosecutors for assessing corporate compliance programs when conducting investigations, making charging decisions, and negotiating resolutions.  That guidance included an expectation that companies’ internal risk assessments should be based on “continuous access to operational data and information across functions.”  Reflecting the application of this guidance, 2021 agreements include a provision requiring data-based monitoring, review, and testing of a company’s compliance procedures.  As discussed in our Mid-Year Update, the Epsilon DPA, for example, requires the company to “conduct periodic reviews and testing” of its compliance program as it relates to “preventing and detecting the transfer or sale of consumer data.”[16]  More recently, the Recology DPA requires that “compliance and control personnel have sufficient direct or indirect access to relevant sources of data to allow for timely and effective monitoring and/or testing.”[17]  The Credit Suisse DPA contains nearly identical language that specifically aims at monitoring and testing transactional data.[18]  Given the express focus on analytics, Mr. Carlin’s recent messaging, and the cross-pollination that tends to occur among the 93 U.S. Attorney’s Offices and Main Justice, we expect to see this enhanced language make its way into future agreements.

Continued Focus on Pursuit of Individual Actions

Historically, DOJ has had a particular focus on pursuing individuals responsible for corporate crime.  In 2015, the Yates Memorandum announced a requirement that companies seeking cooperation credit provide DOJ with all non-privileged information about all individuals involved in misconduct to receive credit.[19]  Reflecting what some viewed as a more pro-company stance, DOJ modified the Yates Memo requirement in November 2018, in response to concerns that the requirement was slowing down investigations by forcing companies to pursue and disclose every individual fact pattern—even relatively immaterial ones.[20]  This revised standard premised cooperation credit on providing information about individuals who were “substantially” involved in, or responsible for, the misconduct.[21]

In October 2021, Deputy Attorney General Monaco announced a return to the Yates standard, explaining that the revised standard had proved unworkable because the standard was not clear and left too much to the judgment of cooperating companies.[22]  In response to renewed concerns about the burden on companies imposed by the Yates standard, Assistant Attorney General Polite disagreed about the impacts to companies, explaining that the Yates standard is appropriate because it swings the decision regarding who is culpable back to DOJ, which views itself as being in the best position to evaluate who is substantially involved, based on all of the information known to it.[23]

Monitorship Policy Reconsidered

In 2021, DOJ also has “rescinded” any prior guidance suggesting that monitorships are disfavored, and prosecutors are, therefore, free to impose a corporate monitor when they determine it is appropriate.  This signals a possible intent to reverse a trend away from compliance monitorships, which have declined in recent years in favor of self-reporting requirements.  According to our records, only two of the 28 publicly available agreements in 2021 and two of 38 resolutions in 2020 imposed a corporate monitor, as compared to 9 out of 40 agreements in 2016, for example, and 5 out of 23 in 2017.  Practitioners have raised concerns that DOJ’s new position on corporate monitors may make companies less willing to self-report, because self-reporting will carry a greater risk of monitorship—an extremely expensive and burdensome outcome.  It remains to be seen whether individual prosecutors will take this as a signal to increase use of monitorship arrangements, and whether this will have a chilling effect on self-reporting.

DOJ Adds a Formal Disclosure Certification

NPAs and DPAs have long included obligations to disclose additional related conduct or evidence of illegal activity identified during the agreement’s term.[24]  Many also require certification on behalf of the company, at the conclusion of the term, that all relevant evidence has been disclosed.[25]   Until recently, DOJ had not given form to this certification requirement, instead relying on companies to provide the certification in an ad hoc manner.

Beginning in late-2020, DOJ’s Fraud Section introduced a new certification attached to some NPAs and DPAs, formalizing the certification requirement.  This certification requires a company’s executives to certify, on the date that that the period of the NPA or DPA expires, that (1) they are aware of the company’s disclosure obligations under the NPA or DPA; and (2) the company has disclosed “any and all evidence,” including all allegations relating to broadly-specified conduct (which varies by agreement).[26]  In 2021, this new certification became standard across resolutions involving the Fraud Section.[27]  It  also was adopted by the Antitrust Division in several resolutions[28] and the USAO for the Eastern District of New York in at least one case[29].  The corporate officers required to sign the certification varies; the Fraud Section has thus far required the CEO and CFO to sign, the Antitrust Division lists the CEO/President and internal or external legal counsel as mandatory signatories, and the Eastern District of New York required that the President and Chief Compliance Officer sign the certification.

Consistent with past practice surrounding disclosures, the certification expressly deems any disclosure “ a material statement and representation by the Company to the executive branch of the United States” under 18 U.S.C. § 1001, which imposes harsh penalties for materially false or fraudulent statements.  The resolutions provide that the certification “constitute[s] a significant and important component” of the resolution for the purposes of determining whether the company has satisfied its obligations under the agreement—an express acknowledgment that did not exist before the new certification requirement.

At the same time, as has been the case in recent years, continuing disclosure requirements often are more expansive than the conduct at issue in the underlying agreement.  For example, an agreement may require disclosure of evidence relating to any potential violation of a specific law anywhere in the world, even where the underlying agreement relates to conduct specific to a location or line of business, even if the conduct would not constitute a violation of law because it did not occur within the jurisdiction of the United States, and even where the evidence is not credible on its face.  As a continuation of this trend, the certification form defines “disclosable information” exceptionally broadly, to include “any and all evidence or allegations” of specified illegal conduct – going well beyond concrete evidence of illegal activity.

As a result, accurate and complete self-reporting is becoming increasingly more difficult to navigate as companies seek to balance their self-reporting obligations with retaining some autonomy to make informed judgments about the credibility of allegations raised and the sufficiency of evidence identified in internal investigations.  This, coupled with the new statement that adherence to expansive self-reporting mandates is a “significant and important component” of agreement compliance, plus DOJ’s renewed emphasis on the consequences of breach and recidivist acts, create a mine field for companies seeking to meet their agreement obligations without outsourcing investigative judgment completely to the U.S. government.

We will continue to monitor whether this certification requirement becomes the norm across Divisions and USAOs moving forward.  For now, it continues a trend of extracting increasingly intrusive disclosure agreements from companies, and increasing the risk of potential breach when the letter of those requirements is not met.

Spotlight on DOJ National Security Division (NSD) Developments

Background on Updated Guidance

As detailed in a prior Gibson Dunn client alert, in December 2019, NSD released updated guidance governing the treatment of voluntary self-disclosures in criminal sanctions and export control investigations.[30]  To incentivize self-reporting, the NSD guidance established a presumption that a company that voluntarily discloses potentially willful criminal sanctions or export control violations will receive an NPA and will not pay a fine.[31]  Although a company will not pay a fine under the NSD guidance, the company must still pay all disgorgement, forfeiture, and restitution resulting from the misconduct.[32]  The NSD guidance also takes into account potential aggravating factors that could merit a DPA or guilty plea instead of an NPA.  Listed aggravating factors present elevated threats to national security, such as the export of items known to be used in the construction of weapons of mass destruction, the knowing involvement of upper management in the criminal conduct, or repeated violations.[33]  If aggravating factors are present such that a DPA or guilty plea is warranted, DOJ will recommend a reduced fine and will not require a monitor if the other requirements in the guidance are met, including voluntary self-disclosure, full cooperation with the government’s investigation, remediation, and the implementation of an effective compliance program.[34]  In this way, the guidance assigns value to voluntary self-disclosure even where the facts and circumstances of a particular case otherwise make an NPA inappropriate in the eyes of DOJ.

Recent NSD Corporate Resolutions

Since the NSD guidance was published in December 2019, NSD has entered into five corporate resolutions.  These resolutions provide an initial view into how DOJ is applying the updated NSD guidance in practice and how companies should weigh the guidance when considering a potential voluntary self-disclosure.  We covered two of these resolutions in our 2020 Mid‑Year and Year-End Updates.

In 2021, NSD entered into NPAs with Avnet Asia Pte. Ltd (“Avnet”) and SAP SE (“SAP”).  In January 2021, Avnet entered into a two-year NPA to resolve allegations related to an alleged criminal conspiracy carried out by former employees to violate U.S. export laws by shipping U.S. power amplifiers to Iran and China.[35]  Avnet paid a $1.5 million penalty.  Avnet did not receive voluntary self-disclosure credit.  The NPA suggests that Avnet may have made a self-disclosure to DOJ after prosecutors initiated their own investigation as it states that Avnet did not receive voluntary self-disclosure credit because it did not disclose the conduct “prior to commencement of the investigation.”[36]  In contrast, in April 2021 SAP entered into a three-year NPA after making voluntary self-disclosures to NSD, the Bureau of Industry and Security (“BIS”), and the Office of Foreign Assets Controls (“OFAC”) acknowledging violations of the Export Administration Regulations (“EAR”) and Iranian sanctions through the export of software to Iranian end users.[37]  SAP received full credit for its timely voluntary self-disclosure to NSD and, consistent with the 2019 NSD guidance, SAP was required to disgorge $5.14 million but was not required to pay additional financial penalties pursuant to the NPA.[38]  In the press release announcing the SAP NPA, NSD noted the December 2019 guidance and encouraged companies to make voluntary self-disclosures of all potentially willful violations of export control and sanctions laws.[39]  The SAP NPA is the first clear example of NSD applying the updated NSD guidance and entering an NPA, and it appears that the updated NSD guidance may have informed the approach for the Avnet NPA as well.

By contrast, in early 2021, NSD entered into a DPA with PT Bukit Muria Jaya (“BMJ”) to resolve allegations of conspiracy to commit bank fraud in connection with providing goods to North Korea.[40]  BMJ did not self-disclose and therefore did not receive voluntary self-disclosure credit, and the Company paid a $1.5 million penalty.[41]  The BMJ DPA did not identify aggravating factors related to repeat offenses or the involvement of upper management, so it appears that the lack of voluntary self-disclosure may have meaningfully influenced DOJ’s decision to offer a DPA instead of an NPA.

Guidance for Practitioners

These NSD developments illustrate several important considerations for companies when evaluating if and when to disclose potential misconduct.  The developments highlight the significant role played by NSD in the criminal enforcement of U.S. sanctions and export controls.  Relatedly, the updated NSD guidance includes a stringent timing requirement for voluntary self-disclosures.  To receive full credit, the updated NSD guidance requires that a company submit a voluntary self-disclosure to NSD rather than submitting it only to a regulatory agency (e.g. the Department of State’s Directorate of Defense Trade Controls (“DDTC”), BIS, or OFAC).[42]  In the SAP case, for example, SAP made a voluntary self-disclosure to DOJ on the same day that a voluntary self-disclosure was made to OFAC.[43]  In an investigation with NSD implications, careful consideration should be given to the NSD program.

Under the guidance, when considering the potential benefits or downside to self-disclosing misconduct, a company that discovers a potential willful export control or sanctions violation must carefully consider at what stage in an investigation the misconduct should be disclosed to the government; and to what agencies the disclosure should be made and in what sequence.  The NSD guidance does not answer these questions so much as it emphasizes that, for any situation in which the conduct at issue could be of interest to DOJ, timely voluntary self-disclosure can carry significant weight in resolution negotiations.

Developments in SEC Whistleblower Program

Effective December 7, 2020, the SEC amended its whistleblower program rules to include NPAs and DPAs in its definition of “administrative action.”[44]  Given that the SEC can award whistleblowers for information leading to a successful “administrative action,” this amendment  expands the scope of actions in which the SEC can make such awards.[45]  Gibson Dunn analyzed the changes to the whistleblower rules in an alert in September 2020, when the Commission first approved the amendments.  In February 2021, the SEC made its first award under the new rules, which included a $9.2 million award to a whistleblower who reportedly provided “significant information” that led to “successful related actions” by DOJ, “one of which was” an NPA or DPA.[46]  The SEC has continued to issue awards under this new rule.  On October 29, 2021, the SEC announced an award of over $2 million to a whistleblower who provided information that led to a successful NPA or DPA.[47]  The award order notes that the whistleblower “provided information that prompted the opening of the DOJ and SEC investigations.”[48]  The whistleblower also “provided extensive, ongoing assistance in the investigations.”[49]  This award came shortly after the SEC announced that it issued whistleblower awards in connection with four NPAs and DPAs in fiscal year 2021, accounting for more than $117 million in whistleblower awards, equivalent to approximately 21% of total whistleblower awards reported in 2021.[50]

This uptick in NPA- and DPA-related whistleblower awards is in line with the SEC’s overall whistleblower award increase.  According to the 2021 Whistleblower Program Annual Report to Congress, the SEC broke nearly every whistleblower program record in fiscal year 2021, including the highest amount awarded, the highest number of individuals awarded, and the highest number of whistleblower tips received—all previous highs from only one year prior.[51]  The report also states that the SEC has “made more whistleblower awards in FY 2021 than in all prior years combined.”[52]  We can expect the trend in NPA- and DPA-related whistleblower awards to continue, particularly in light of the link the SEC rule amendments now make between whistleblower tips and related DOJ “administrative actions,” DOJ’s own plans for a “surge” in corporate enforcement[53], and the other features of the amended SEC rules that reinforce incentives for whistleblowers to report directly to the government without first reporting internally.

2021 Agreements Since Mid-Year

Bank of N.T. Butterfield & Son Ltd. (NPA)

On July 26, 2021, The Bank of N.T. Butterfield & Son Limited (“Butterfield” or “Bank”) entered into a three-year NPA with the Office of the United States Attorney (“USAO”) for the Southern District of New York and the DOJ Tax Division.[54]  The government alleged that from at least 2001 through 2013, Butterfield, whose principal operations were based out of its Bermuda and Cayman Island operations, assisted U.S. taxpayer-clients in evading their U.S. tax obligations.[55]  The government alleged that Butterfield knew or should have known that these clients were using their Butterfield accounts to evade U.S. tax obligations.[56]

In entering into the NPA, the USAO considered Butterfield’s voluntary and “extraordinary cooperation” with the government, specifically noting that the Bank turned over approximately 386 client files; its voluntary implementation of remedial measures beginning in or about 2013; and its representation that the conduct did not extend beyond what is described in the NPA’s statement of facts.[57]  The government did not impose a criminal penalty on Butterfield.  Butterfield agreed to pay $5.6 million in forfeiture and restitution and agreed not to contest a civil forfeiture action filed by the United States.[58]  Further, Butterfield agreed to continuing cooperating and disclosure requirements for the NPA’s three-year term.[59]  During this term, Butterfield is also required to report any criminal conduct by, and criminal investigations of, Butterfield or its employees related to any federal law violations that come to senior management’s attention, in addition to any administrative proceeding or civil action brought by the U.S. government in which Butterfield is a party.[60]  Notwithstanding the three-year term, Butterfield is also required to cooperate with the government on any matters related to the conduct in the NPA until all investigations, proceedings, or appeals are concluded.[61]

Bicycle Casino (NPA)

On October 22, 2021, The Bicycle Casino, L.P. (“Bicycle”), a California-based hotel and casino, entered into a two-year NPA with the United States Attorney’s Office for the Central District of California to resolve an investigation into alleged violations of the anti-money laundering provisions of the Bank Secrecy Act (“BSA”).[62] According to the NPA, after a foreign national conducted certain transactions at the casino, Bicycle failed to properly file Currency Transaction Reports (“CTRs”) and Suspicious Activity Reports for Casinos (“SARCS”) that are required under the BSA.[63]

In deciding to enter into the NPA, DOJ considered Bicycle’s remedial efforts to strengthen its anti-money laundering program, as well as its cooperation with authorities during the investigation.[64] Additionally, Bicycle agreed to pay $500,000, which represents the revenue that Bicycle made from the foreign national in question, and to undergo enhanced review and reporting requirements.  These requirements included both self-reporting and a one-time audit and report, within one year of signing the agreement and an at least two-year look-back review by an independent “third-party reviewer” retained by Bicycle and “subject to the determination of non-objection” of DOJ.[65]

Constructure Technologies (DPA)

On September 14, 2021, Constructure Technologies LLC (“Constructure”), a New York-based information technology services company, entered into a three-year DPA with the U.S. Attorney’s Office for the Eastern District of New York to resolve a criminal charge for violating the Digital Millennium Copyright Act (“DMCA”) in relation to certain copyright protection systems for software, including encryption systems.[66]  Specifically, the government alleged that from 2011 to 2018, the company installed unlicensed versions of software for its customers using illegally-obtained license keys that company employees had acquired through cracking programs and key generators found on the internet.  These keys allowed Constructure to grant its customers access to copyrighted software programs and then bill its customers for those same keys, which the customers believed to be legitimate license keys.[67]  This case appears to be the first time that the DOJ has entered into either a DPA or NPA in relation to the DMCA.

Under the terms of the DPA, Constructure agreed to pay a criminal penalty of $60,000 and implement a compliance and ethics program that will enhance the company’s ability to prevent and detect future violations of the DMCA.[68]  The company also agreed to fully cooperate with the government until the conclusion of the investigation or the end of the three-year DPA term, whichever is later.[69]  Three Constructure employees, including two principals, pleaded guilty to misdemeanor charges of criminal copyright infringement and face up to one year in prison and a fine.[70]

Credit Suisse (DPA)

On October 19, 2021, Credit Suisse Group AG (“Credit Suisse”) entered into a three-year DPA with DOJ’s Money Laundering and Asset Recovery Section (“MLARS”) and Fraud Section, and the United States Attorney’s Office for the Eastern District of New York.[71]  The government alleged that between 2013 and March 2017, Credit Suisse, through its subsidiary Credit Suisse Securities (Europe) Limited (“CSSEL”), defrauded investors in connection with a Mozambique lending project.[72]  DOJ alleged that Credit Suisse hid information regarding the risk that proceeds from loans to three Mozambican government-owned entities were used to pay approximately $150 million in bribes to senior government officials and $50 million in kickbacks to two CSSEL employees.[73]  DOJ also alleged that Credit Suisse hid from its investors information about debt owed by the Mozambique government.[74] The DPA followed guilty pleas by three CSSEL employees and was concurrent with CSSEL’s guilty plea to one count of conspiracy to commit wire fraud.[75]

Under the DPA, Credit Suisse agreed to pay a U.S. criminal monetary penalty of $247.5 million.[76]  The DPA considered Credit Suisse’s resolutions with SEC and United Kingdom’s Financial Conduct Authority (“FCA”), which included (1) a $65 million civil penalty and $34.1 million in disgorgement and prejudgment interest to SEC, and (2) a $200.6 million penalty to FCA and a promise to irrevocably undertake $200 million of debt relief to Mozambique.[77]  DOJ credited the Company for these payments, reducing its penalty to approximately $175.5 million.[78]  The DPA did not credit the Company with voluntary disclosure or full cooperation with the government’s investigation.[79]

Gree Electric Appliances (DPA)

On October 28, 2021, Gree Electric Appliances Inc. of Zhuhai (“Gree Zhuhai”)—a China-based appliance manufacturer—and one of its subsidiaries entered into a three-year DPA with the U.S. Attorney’s Office for the Central District of California and DOJ’s Consumer Protection Branch (“CPB”) to resolve charges related to the companies’ failure to notify the U.S. Consumer Product Safety Commission (“CPSC”) of defects in its humidifiers.[80]  DOJ alleged that the companies knew that their humidifiers failed to meet applicable safety standards and failed to notify the CPSC of these dangerous defects for six months.[81]  The resolutions are the first corporate criminal enforcement actions that have been brought under the Consumer Product Safety Act of 1972, the law which established the CPSC.[82]

Under the DPA terms, Gree Zhuhai agreed to pay $91 million in penalties and agreed to provide restitution for any uncompensated victims that received injuries as a result of the companies’ humidifiers.[83]  The companies also agreed to continue to cooperate with any ongoing or future investigations related to the defective humidifiers until these investigations are fully concluded.[84]  Additionally, Gree Zhuhai and its affiliate agreed to strengthen their compliance programs and to provide DOJ with yearly reports about the companies’ remediation efforts and the status of their compliance programs.[85]  Prior to the DPA, the Gree Companies had already agreed to pay a $15.45 million civil penalty as part of a 2016 settlement with the CPSC.[86]  Consistent with DOJ’s policy of coordinating resolution penalties in multi-agency investigations arising out of the same misconduct, the DPA credits the Gree Companies’ earlier payment of $15.45 million to the CPSC against the $91 million total penalty.[87]

National Spine and Pain Centers (NSPC) (NPA)

On August 4, 2021, the National Spine and Pain Centers, LLC (“NSPC” or “Company”) entered into a two-year NPA with the United States Attorney’s Offices for the Central District of California and Southern District of California (collectively “USAO”).[88]  NSPC agreed to pay $5.1 million to the government to resolve charges for receiving payments in violation of the Anti-Kickback Statute.

The USAO’s charges stem from NSPC’s and its affiliate’s agreement with Proove Biosciences, Inc. (“Proove”), a now defunct genetics testing company.  The USAO alleged, and NSPC admitted, that NSPC’s and its affiliate’s physicians received illegal kickback payments from Proove “under the guise of a clinical research program,” that they were receiving payments “per test” or “per patient,” and that as part of the scheme, these physicians submitted timesheets used by Proove to pay the physicians which overstated the time they spent conducting clinical research.[89]  The USAO also alleged that as a result of these violations, Medicare overpaid Proove for claims submitted in connection with its agreement with NSPC.[90]  NSPC terminated its contract with Proove for compliance reasons in March 2017 before NSPC was acquired by a new ownership group.[91]

In entering into the NPA, the USAO considered NSPC’s commitment to compliance, specifically noting its implementation of a compliance program designed to ensure compliance with the Anti-Kickback Statute; the Company’s early engagement and cooperation with the USAO’s investigation; the Company’s acceptance of responsibility; the Company’s voluntary undertaking of remedial measures prior to its knowledge of the criminal investigation; and the Company’s agreement to continue to cooperate with the USAO, FBI, and HHS-OIG.[92]  Further, the USAO determined that there was no need for an independent compliance monitor.[93]

Nine individuals were charged in connection with the alleged scheme in the Central District of California in a related case.[94]

Penn Credit Corp. (DPA)

On October 12, 2021, Penn Credit Corporation (“Penn Credit”), a debt collection company, entered into a two-year DPA with the United States Attorney’s Office for the Northern District of Illinois to resolve a corruption investigation.[95]  According to the DPA, Penn Credit engaged in a corruption scheme at the direction of its former owner, Donald Donagher, Jr.[96]  Donagher separately pleaded guilty to one count of bribery.[97]  Specifically, the scheme involved Donagher underwriting certain expenses for a special event hosted by the former Cook County Circuit Court Clerk in an effort to reward the Clerk for awarding debt collection work to Penn Credit.[98]

DOJ entered into the agreement based on the nature and seriousness of the offense conduct, Penn Credit’s and its current management’s ongoing cooperation, and its remedial measures and operational improvements.[99]  In terms of remedial measures, Penn Credit ensured that its former CEO is no longer employed by or has a business relationship with the company.[100]  Further, Penn Credit and its current management created a compliance policy and code of ethics for the company and implemented a system involving company counsel to ensure compliance with laws and regulations relating to monetary contributions to campaigns and/or charitable entities run or managed by elected officials.[101]  Additionally, Penn Credit agreed to report to DOJ annually during the term of the agreement regarding remediation and implementation of the compliance measures.[102]  As a part of the DPA, Penn Credit will pay a monetary penalty of $225,000.[103]

SF Recology Group (DPA)

On September 9, 2021, three San Francisco-based trash disposal subsidiaries of Recology, Inc., entered into a three-year DPA with the United States Attorney’s Office for the Northern District of California and agreed to pay $36 million in criminal penalties.[104]  The DPA resolved allegations that the companies conspired to commit honest services fraud in violation of 18 U.S.C. §§ 1343, 1346, and 1349.[105]  Specifically, the companies admitted to utilizing recurring nonprofit donations to pay bribes and kickbacks or rewards to a former public official with the City and County of San Francisco, with the intent to obtain favorable official action and influence.[106]

As part of the resolution, Recology and its subsidiaries agreed to cooperate with the government’s ongoing investigation into public corruption, and to adopt a new compliance program or modify its existing compliance program.[107]  The DPA outlines a number of remedial measures taken by Recology, including terminating employees identified as responsible for the underlying conduct.[108]  In addition, Recology “revamped” its companywide compliance program by, among other things, developing new policy guidance, procedures, training and reporting mechanisms around travel expenses, charitable contributions, gifts, and interactions with public officials.[109]

International Developments

As noted in prior Mid-Year and Year-End Updates (see, e.g., our 2020 Year-End Update), a number of countries have adopted DPA-like regimes.[110]  DPA-like agreements are available in Brazil, Canada, France, Singapore, and the United Kingdom, although prosecutors in Canada and Singapore have yet to enter into such an agreement since both countries passed legislation authorizing the practice in 2018.[111]

In 2021, France and Brazil had the most active DPA-like regimes.  Prosecuting authorities in each country entered into four DPA-like agreements this year.  The UK was close behind with the SFO entering into three DPAs in the first half of the year, but there have been no new agreements in the latter half of the year.  For a summary of the DPAs entered by the SFO in 2021, see our 2021 Mid-Year Alert.  As discussed there, the SFO has received wide-spread media attention recently for its failure to successfully prosecute individuals involved in the subject matter of past DPAs.


After a relatively quiet first half of the year, France’s prosecuting agencies entered into three DPA-like agreements (known as convention judiciaire d’intérêt public, or “CJIPs”) in the latter half of 2021.  On July 12, 2021, Systra SA, a subsidiary of French state transport company RATP and public railway company SNCF, entered into a CJIP with the French National Prosecutor’s Office (PNF) to resolve allegations that it profited in the amount of €5 million by engaging in multiple bribery schemes in connection with public contracts in Azerbaijan and Uzbekistan between 2009 and 2014.[112]  Consistent with the trend we are seeing in increasingly complex international enforcement interactions, the PNF initiated the investigation into Systra’s misconduct in 2017, based on a complaint filed by Japanese authorities in 2015, following a complaint by a Japanese expatriate living in Uzbekistan.[113]  The PNF’s investigation also identified misconduct by Systra in connection with the award of an engineering contract in Azerbaijan in May 2009.[114]

Under the CJIP, Systra agreed to pay a €7.5 million fine (approximately $8.9 million at the time of the agreement), which reflected a significant reduction from the maximum permitted under the law (€187.2 million).[115]  In imposing the reduced fine, the PNF considered mitigating factors such as the relatively distant dates of the misconduct, Systra’s implementation of a reinforced compliance program since the discovery of the facts, and the company’s ongoing cooperation and remediation.[116]

On September 2, 2021, JP Morgan Chase Bank (“JPMC”) entered into a CJIP with the PNF to resolve allegations that JPMC aided and abetted tax fraud committed by former executives and board directors at French investment company, the Wendel Group.[117]  The investigation was opened in 2012 after the French tax authority filed a complaint related to a series of transactions made from 2004 to 2007.[118]  JPMC allegedly helped finance 11 former executives and three former board directors at the Wendel Group to help them evade capital gains taxes on €315 million of investment income.[119]  Under the terms of the agreement, JPMC agreed to pay €25 million (approximately $29.6 million at the time of the agreement).[120]  JPMC’s role was limited to financing, and it did not act as a legal or tax advisor; PNF treated these facts, JPMC’s cooperation, and the isolated nature of the facts, as mitigating factors.[121]  Conversely, the complexity of the individuals’ alleged tax scheme was considered an aggravating factor.[122]  The individuals involved in the alleged misconduct are scheduled to go to trial in early 2022.[123]

Finally, on December 15, 2021, a luxury goods company agreed to pay €10 million (approximately $11.3 million) to resolve allegations that the company hired the former head of France’s domestic intelligence agency to spy on a French journalist and filmmaker and other private citizens.


On October 25, 2021, Brazil’s Office of the Comptroller General (CGU) and the Attorney General of the Union (AGU) entered into a leniency agreement with Rolls-Royce PLC related to allegations that the company bribed public bribery Petrobras 2003, 2004, and 2005.[124]  The agreement is related to the coordinated resolution Rolls-Royce entered into in 2017 with the UK’s SFO, the Brazilian Ministério Público Federal (MPF), and DOJ to resolve allegations that Rolls-Royce caused millions in bribes to be paid to officials of state-owned oil companies in Angola, Azerbaijan, Brazil, Iraq, Kazakhstan, and Thailand.[125]  As discussed in our 2017 Mid-Year FCPA Update, under the terms of the 2017 settlement, Rolls-Royce agreed to pay over $800 million in penalties, including a penalty of approximately $25.5 million to the MPF in connection with conspiring to bribe Brazilian officials between 2005 and 2008.[126]  Under the new agreement with the CGU and AGU, Rolls-Royce agreed to pay a penalty of $27.8 million.[127]

On June 7, 2021, manufacturing companies SICPA do Brasil Ltda (SICPA) and CEPTIS SA (CEPTIS), agreed to pay fines and restitution totaling 762 million reais (approximately $135.4 million), to be paid to the Brazilian government and the Brazilian Mint in 21 installments over a 20-year period.[128]  Through its own internal investigation, SICPA identified irregularities in certain payments made to a public agent between 2009 and 2015 and self-disclosed the issue to Brazilian authorities.[129]  The agreement recognizes the companies’ cooperation and remedial efforts.[130]

On February 22, 2021, South Korean shipbuilder Samsung Heavy Industries (SHI) entered into a leniency agreement with the CGU, AGU, MPF to resolve allegations that the company engaged in bribery and money laundering in connection with its contracts with Petrobras.[131]  The agreement is second part of a global resolution SHI negotiated with Brazilian and U.S. authorities.[132]  As discussed in our 2019 Year-End Update, in November 2019, SHI entered into a DPA with the DOJ and agreed to pay a $75.5 million penalty.[133] Under the new agreement with Brazilian authorities, SHI agreed to a pay a total of 812 million reais (approximately $148.56 million), reflecting 706 million reais in damages to be paid to Petrobras and a 106 million reais fine.[134]

Brazilian authorities entered into a fourth leniency agreement in 2021, in connection with the resolution with Amec Foster Wheeler Energy Limited (“AFWEL”) that we discussed in our 2021 Mid-Year Update.[135]  DOJ and the SEC credited most of the amounts paid under the leniency agreement against those agencies’ resolutions in the AFWEL matter.[136]

APPENDIX:  2021 Non-Prosecution and Deferred Prosecution Agreements

The chart below summarizes the agreements entered into by DOJ in 2021.  The SEC has not entered into any NPAs or DPAs in 2021.  The complete text of each publicly available agreement is hyperlinked in the chart.

The figures for “Monetary Recoveries” may include amounts not strictly limited to an NPA or a DPA, such as fines, penalties, forfeitures, and restitution requirements imposed by other regulators and enforcement agencies, as well as amounts from related settlement agreements, all of which may be part of a global resolution in connection with the NPA or DPA, paid by the named entity and/or subsidiaries.  The term “Monitoring & Reporting” includes traditional compliance monitors, self-reporting arrangements, and other monitorship arrangements found in settlement agreements.

U.S. Deferred and Non-Prosecution Agreements in 2020



Alleged Violation


Monetary Recoveries

Monitoring & Reporting

Term of DPA/NPA (months)

Foster Wheeler Energy Limited

Fraud; E.D.N.Y.

to violate the FCPA





American Century Companies, Inc.

DOJ Antitrust

of interstate trade












A Medical Technology Company

Fraud; DOJ CPB; N.D. Tex.






Asia Pte. Ltd


controls – conspiracy to violate the International Emergency Economic Powers





Julius Baer & Co. Ltd.







Bank of
N.T. Butterfield & Son Ltd.

Tax; S.D.N.Y.

IRS; filing false tax returns; evading federal income tax





Languages, Inc.









Secrecy Act





Boeing Company

Fraud; N.D. Texas






Djibouti SARL

Cal.; DOJ Civil






Language Center, Inc.





















Bank AG

Fraud; MLARS; E.D.N.Y.






Data Management, LLC

CPB; D. Colo.

and wire fraud





Gree Electric Appliances

CPB; C.D. Cal.

to notify of substantial product hazards





Group, LLC

CPB; D. Colo.

and wire fraud





Spine and Pain Centers

Cal.; C.D. Cal.

to defraud United States





Credit Corp.


against the United States; bribery





Bukit Muria Jaya









false tax return filings, and tax evasion






NSD; D. Mass.






SF Recology Group


services wire fraud





Street Corporation







Life Holding AG


false tax return filings, and tax evasion





Airlines, Inc.








[1] For client reasons, an additional DPA is not discussed here but is included in relevant statistics.

[2] See infra “New NSD Corporate Resolutions”; see also U.S. Dep’t of Justice, NSD Div., Export Control and Sanctions Enforcement Policy for Business Organizations (Dec. 13, 2019), https://www.justice.gov/nsd/ces_vsd_policy_2019/download (hereinafter “Updated NSD Guidance”).

[3] See U.S. Dep’t of Justice, Fraud Section: Declinations, available at https://www.justice.gov/criminal-fraud/corporate-enforcement-policy/declinations.

[4] Clara Hudson, “DOJ sees decrease in corporate enforcement policy declinations,” Global Investigations Review (Apr. 15, 2021), https://globalinvestigationsreview.com/just-anti-corruption/fcpa/doj-corporate-enforcement-policy-declinations-decrease.

[5] Deputy Assistant Attorney General Matt Miner Delivers Remarks at The American Bar Association, Criminal Justice Section Third Global White Collar Crime Institute Conference, (June 27, 2019), available at https://www.justice.gov/opa/speech/deputy-assistant-attorney-general-matt-miner-delivers-remarks-american-bar-association.

[6] Transcript, John Carlin on Stepping up DOJ Corporate Enforcement (Oct. 11, 2021), https://globalinvestigationsreview.com/news-and-features/in-house/2020/article/john-carlin-stepping-doj-corporate-enforcement.

[7] Deputy Attorney General Lisa O. Monaco Gives Keynote Address at ABA’s 36th National Institute on White Collar Crime (Oct. 28, 2021), https://www.justice.gov/opa/speech/deputy-attorney-general-lisa-o-monaco-gives-keynote-address-abas-36th-national-institute.

[8] See Assistant Attorney General Leslie R. Caldwell Delivers Remarks at a Press Conference on Foreign Exchange Spot Market Manipulation (May 20, 2015), available at https://www.justice.gov/opa/speech/assistant-attorney-general-leslie-r-caldwell-delivers-remarks-press-conference-foreign (“If appropriate and proportional to the misconduct and the company’s track record, we will tear up an NPA or a DPA and prosecute the offending company based on the admitted statement of facts”).

[9] Press Release, Monsanto Agrees to Plead Guilty to Illegally Using Pesticide at Corn Growing Fields in Hawaii and to Pay Additional $12 Million (Dec. 9, 2021), https://www.justice.gov/usao-cdca/pr/monsanto-agrees-plead-guilty-illegally-using-pesticide-corn-growing-fields-hawaii-and.

[10] Deputy Attorney General Lisa O. Monaco Gives Keynote Address at ABA’s 36th National Institute on White Collar Crime (Oct. 28, 2021), https://www.justice.gov/opa/speech/deputy-attorney-general-lisa-o-monaco-gives-keynote-address-abas-36th-national-institute.

[11] Id.

[12] Dylan Tokar, Justice Department Officials Dig In on Corporate Repeat Offenders, Wall. St. J. (Dec. 1, 2021), https://www.wsj.com/articles/justice-department-officials-dig-in-on-corporate-repeat-offenders-11638405092.

[13] Id.

[14] Transcript, John Carlin on Stepping up DOJ Corporate Enforcement (Oct. 11, 2021), https://globalinvestigationsreview.com/news-and-features/in-house/2020/article/john-carlin-stepping-doj-corporate-enforcement.

[15] Id.

[16] Deferred Prosecution Agreement, United States v. Epsilon Data Mgmt., LLC, No. 21-cr-06 (D. Colo. Jan. 19, 2021) (hereinafter “Epsilon DPA”), at C-5.

[17] Deferred Prosecution Agreement, United States v. Recology San Francisco, et al., No. CR21-356 (N.D. Cal. Sep. 9, 2021) (hereinafter “Recology DPA”), at B-4.

[18] Deferred Prosecution Agreement, United States v. Credit Suisse Group AG, Cr. No. 21-521 (E.D.N.Y. Oct. 19, 2021) (hereinafter “Credit Suisse DPA”), at C-9.

[19] Memorandum from Sally Quillian Yates, Deputy Attorney General, U.S. Dep’t of Justice, to Assistant Attorney General, Antitrust Division, et al., Individual Accountability for Corporate Wrongdoing (Sept. 9, 2015), at 3, http://www.justice.gov/dag/file/769036/download; as covered in our prior client alert here.

[20] See Deputy Attorney General Rod J. Rosenstein Delivers Remarks at the American Conference Institute’s 35th International Conference on the Foreign Corrupt Practices Act (Nov. 29, 2018), available at https://www.justice.gov/opa/speech/deputy-attorney-general-rod-j-rosenstein-delivers-remarks-american-conference-institute-0.

[21] Id.

[22] Deputy Attorney General Lisa O. Monaco Gives Keynote Address at ABA’s 36th National Institute on White Collar Crime (Oct. 28, 2021), https://www.justice.gov/opa/speech/deputy-attorney-general-lisa-o-monaco-gives-keynote-address-abas-36th-national-institute.

[23] Jack Queen, New DOJ Crime Chief Talks ‘Carrot And Stick’ Enforcement, Law360 (Dec. 8, 2021), https://www.law360.com/articles/1447069/new-doj-crime-chief-talks-carrot-and-stick-enforcement.

[24] See, e.g., Non-Prosecution Agreement, Petróleo Brasileiro S.A. – Petrobras (Sept. 26, 2018), at 5 (imposing obligation to “promptly report” “evidence or allegations of actual or potentially corrupt payments or actual or potential violations of the FCPA” to DOJ) (hereinafter “Petrobras NPA”); Deferred Prosecution Agreement, United States v. Telefonaktiebolaget LM Ericsson (Nov. 26, 2019), at 7 (hereinafter “Ericsson DPA”).

[25] Petrobras NPA at 5; Ericsson DPA at 18.

[26] See, e.g., Deferred Prosecution Agreement, United States v. Vitol Inc., No. 20-539 (ENV) (E.D.N.Y. Dec. 3, 2020).

[27] See, e.g., Deferred Prosecution Agreement, United States v. Deutsche Bank Aktiengesellschaft, No. 20-00584 (E.D.N.Y. Jan. 8, 2021); Deferred Prosecution Agreement, United States v. The Boeing Company (N.D. Tex. Jan. 7, 2021).

[28] See, e.g., Non-Prosecution Agreement, American Century Companies, Inc. (March 5, 2021); Deferred Prosecution Agreement, United States v. Argos USA LLC, No. 4:21-CR-0002-RSB-CLR (S.D. Ga. Jan. 4, 2021); Deferred Prosecution Agreement, United States v. Berlitz Languages, Inc., No. 21-51-FLW (D.N.J. Jan. 19, 2021); Deferred Prosecution Agreement, United States v. Comprehensive Language Center, Inc., No. 21-50-FLW (D.N.J. Jan. 19, 2021).

[29] See, e.g., Deferred Prosecution Agreement, United States v. Ticketmaster L.L.C., Cr. No. 20-563 (MKB) (E.D.N.Y. Dec. 29, 2020).

[30] U.S. Dep’t of Justice, NSD Div., Export Control and Sanctions Enforcement Policy for Business Organizations (Dec. 13, 2019), https://www.justice.gov/nsd/ces_vsd_policy_2019/download (hereinafter “Updated NSD Guidance”).

[31] Id. at 2.  NSD defines an act as willful if done with knowledge that it is illegal.  Id. at 1 n.2.

[32] Id. at 2-3.

[33] Id. at 6.

[34] Id. at 2.

[35] Press Release, U.S. Dep’t of Justice, Chinese National Charged with Criminal Conspiracy to Export US Power Amplifiers to China (Jan. 29, 2021), https://www.justice.gov/opa/pr/chinese-national-charged-criminal-conspiracy-export-us-power-amplifiers-china.

[36] Non-Prosecution Agreement, Avnet Asia Pte. Ltd. (Jan. 21, 2021), at 3, 4 (“The Company did not receive voluntary disclosure credit because it did not disclose to the Offices the conduct described in the Statement of Facts prior to commencement of the investigation.”)

[37] Press Release, U.S. Dep’t of Justice, SAP Admits to Thousands of Illegal Exports of its Software Products to Iran and Enters into Non-Prosecution Agreement with DOJ (Apr. 29, 2021), https://www.justice.gov/opa/pr/sap-admits-thousands-illegal-exports-its-software-products-iran-and-enters-non-prosecution.

[38] Id.

[39] Id.

[40] Press Release, U.S. Dep’t of Justice, Indonesian Company Admits to Deceiving U.S. Banks in Order to Trade with North Korea, Agrees to Pay a Fine of More Than $1.5 Million (Jan. 17, 2021), https://www.justice.gov/opa/pr/indonesian-company-admits-deceiving-us-banks-order-trade-north-korea-agrees-pay-fine-more-15.

[41] United States v. PT Bukit Muria Jaya, No. 21-cr-14 (D.D.C. Jan. 14, 2021), at Attach. A, 3-4, 7‑8.

[42] Updated NSD Guidance, supra note 1, at 3 (“It is important to note that when a company identifies potentially willful conduct, but chooses to self-report only to a regulatory agency and not to DOJ, the company will not qualify for the benefits of a VSD under this Policy in any subsequent DOJ investigation.”).

[43] Non-Prosecution Agreement, SAP SE (Apr. 29, 2021), at Attach. A, 5 (“On September 8, 2017, SAP made a voluntary self-disclosure to DOJ’s National Security Division and the U.S. Department of the Treasury’s Office of Foreign Assets Control (‘OFAC&rsqrsquo;) regarding potential violations of the ITSR.”)

[44] 17 C.F.R. § 240.21F-4(d)(3)(i)-(ii).

[45] Id; 17 C.F.R. § 240.21F.

[46] Press Release, U.S. Sec. and Exch. Comm’n, SEC Awards More Than $9.2 Million to Whistleblower for Successful Related Actions, Including Agreement with DOJ (Feb. 23, 2021), https://www.sec.gov/news/press-release/2021-31; SEC Order Determining Whistleblower Award Claim, Release No. 91183 (Feb. 23, 2021), at 2, https://www.sec.gov/rules/other/2021/34-91183.pdf.

[47] Press Release, U.S. Sec. and Exch. Comm’n, SEC Awards More Than $2 Million to Whistleblower for Successful Related Action (Oct. 29, 2021), https://www.sec.gov/news/press-release/2021-220 (hereinafter “$2M Whistleblower Press Release”); SEC Order Determining Whistleblower Award Claim, Release No. 93465 (Oct. 29. 2021), https://www.sec.gov/rules/other/2021/34-93465.pdf (hereinafter “$2M Whistleblower Award Order”).

[48] $2M Whistleblower Award Order, at 2.

[49] Id.

[50] U.S. Sec. and Exch. Comm’n, Office of the Whistleblower, 2021 Annual Report to Congress: Whistleblower Program (2021), https://www.sec.gov/files/owb-2021-annual-report.pdf (hereinafter “2021 SEC Whistleblower Report”), at 1, 20.

[51] 2021 SEC Whistleblower Report, at 1.

[52] Id.

[53] Transcript, John Carlin on Stepping up DOJ Corporate Enforcement (Oct. 11, 2021), https://globalinvestigationsreview.com/news-and-features/in-house/2020/article/john-carlin-stepping-doj-corporate-enforcement.

[54] Non-Prosecution Agreement, Bank of N.T. Butterfield & Son Ltd. (Jul. 26, 2021) (hereinafter “Butterfield NPA”).

[55] Id. at 1.

[56] Id., Ex. A at 2.

[57] Id. at 1.

[58] Press Release, U.S. Dep’t of Justice, Manhattan U.S. Attorney Announces Agreement With Bermudian Bank To Resolve Criminal Tax Investigation (Aug. 3, 2021), https://www.justice.gov/usao-sdny/pr/manhattan-us-attorney-announces-agreement-bermudian-bank-resolve-criminal-tax.

[59] Butterfield NPA at 2.

[60] Id. at 2‑3.

[61] Id.

[62] Non-Prosecution Agreement, The Bicycle Casino, L.P. (Oct. 22, 2021), (hereinafter “Bicycle NPA”); Press Release, U.S. Dep’t Justice, Bicycle Casino Agrees to Pay $500,000 Settlement and Submit to Increased Review of Anti-Money Laundering Compliance Program (Nov. 5, 2021), https://www.justice.gov/usao-cdca/pr/bicycle-casino-agrees-pay-500000-settlement-and-submit-increased-review-anti-money (hereinafter “Bicycle NPA Press Release”).

[63] Bicycle NPA Press Release.

[64] Id.

[65] Id.

[66] Press Release, U.S. Dep’t of Justice, Three Employees of a Long Island Information Technology Company Plead Guilty to Criminal Copyright Infringement (Sep. 16, 2021), https://www.justice.gov/usao-edny/pr/three-employees-long-island-information-technology-company-plead-guilty-criminal (hereinafter “Constructure Technologies DPA Press Release”).

[67] Id.

[68] Id.

[69] Deferred Prosecution Agreement, United States v. Constructure Technologies, LLC, No. 2:21-cr-00368, at 3 (E.D. N.Y., Sep. 15, 2021).

[70] Constructure Technologies DPA Press Release.

[71] Press Release, U.S. Dep’t of Justice, Credit Suisse Resolves Fraudulent Mozambique Loan Case in $547 Million Coordinated Global Resolution (Oct. 19, 2021), https://www.justice.gov/opa/pr/credit-suisse-resolves-fraudulent-mozambique-loan-case-547-million-coordinated-global.

[72] Id.

[73] Id.

[74] Id.

[75] Id.

[76] Id.

[77] Deferred Prosecution Agreement, United States v. Credit Suisse Group AG, No. 21-cr-00521, at 5 (E.D. N.Y., Oct. 19, 2021) (hereinafter “Credit Suisse DPA”).

[78] Credit Suisse Press Release, supra note 58.

[79] Credit Suisse DPA at 4.

[80] Deferred Prosecution Agreement, United States v. Gree Electric Appliances, Inc. of Zhuhai, and Hong Kong Gree Electric Appliances Sales Co., Ltd., (C.D. Cal. Oct. 28, 2021) (hereinafter “Gree DPA”); Press Release, U.S. Dep’t of Justice, Gree Appliance Companies Charged with Failure to Report Dangerous Dehumidifiers and Agree to $91 Million Resolution (Oct. 28, 2021), https://www.justice.gov/opa/pr/gree-appliance-companies-charged-failure-report-dangerous-dehumidifiers-and-agree-91-million (hereinafter “Gree Press Release”).

[81] Gree Press Release.

[82] Id.

[83] Id.

[84] Id.

[85] Id.

[86] Gree DPA at 17.

[87] Id. at 17‑18.

[88] Non-Prosecution Agreement, National Spine and Pain Centers, LLC (Aug. 3, 2021) (hereinafter “NSPC NPA”).

[89] Press Release, U.S. Dep’t of Justice, Pain Management Organization Pays $5.1 Million to Settle Criminal Medicare Kickback Violations (Aug. 6, 2021), https://www.justice.gov/usao-sdca/pr/pain-management-organization-pays-51-million-settle-criminal-medicare-kickback.

[90] NSPC NPA.

[91] Id.

[92] Id.

[93] Id.

[94] Case No. 21CR0112-JLS; Press Release, U.S. Dep’t of Justice, Pain Management Organization Pays $5.1 Million to Settle Criminal Medicare Kickback Violations (Aug. 6, 2021), https://www.justice.gov/usao-sdca/pr/pain-management-organization-pays-51-million-settle-criminal-medicare-kickback.

[95] Deferred Prosecution Agreement, United States v. Penn Credit Corporation, No. 19 CR 240 (Oct. 12, 2021), (hereinafter “Penn Credit DPA”); Press Release, Owner of Debt Collection Company Pleads Guilty to Corruptly Providing Benefits to Public Official (Oct. 12, 2021), https://www.justice.gov/usao-ndil/pr/owner-debt-collection-company-pleads-guilty-corruptly-providing-benefits-public (hereinafter “Penn Credit DPA Press Release”).

[96] Penn Credit DPA Press Release.

[97] Id.

[98] Id.

[99] Penn Credit DPA at 2-3.

[100] Id. at 6.

[101] Id.

[102] Id.

[103] Id.

[104] Press Release, U.S. Dep’t of Justice, Three San Francisco Garbage Companies Admit Bribery And Pay $36 Million To Resolve Federal Investigation (September 9, 2021), https://www.justice.gov/usao-ndca/pr/three-san-francisco-garbage-companies-admit-bribery-and-pay-36-million-resolve-federal.

[105] Deferred Prosecution Agreement, United States v. Recology San Francisco, Sunset Scavenger Company. Golden Gate Disposal & Recycling Company, No. 21-cr-356 (N.D. Cal., Sept. 9, 2021) (hereinafter “SF Recology DPA”).

[106] Id. at A-2.

[107] Id. at 4, 7.

[108] Id. at 7.

[109] Id at 7-8.

[110] Gibson, Dunn & Crutcher, 2020 Year-End Update On Corporate Non-Prosecution Agreements And Deferred Prosecution Agreements, at 22 (Jan. 19, 2021), https://www.gibsondunn.com/2020-year-end-update-on-corporate-non-prosecution-agreements-and-deferred-prosecution-agreements/.

[111] Lawrence F. Ritchie & Sonja Pavic, Canada’s Deferred Prosecution Agreements: Still Waiting for Takeoff, Osler (Dec. 11, 2020), https://www.osler.com/en/resources/regulations/2020/canada-s-deferred-prosecution-agreements-still-waiting-for-takeoff; Criminal Justice Reform Act 2018 (Act. No. 19/2018) (Sg.), https://sso.agc.gov.sg/Acts-Supp/19-2018.

[112] James Thomas, Regular compliance renewal helps French transport company minimize corruption fine, Global Investigations Review (Aug. 2, 2021) https://globalinvestigationsreview.com/anti-corruption/regular-compliance-renewal-helps-french-transport-company-minimise-corruption-fine

[113] Id.

[114] Id.

[115] Id.

[116] Id.

[117] Leila Abboud, JPMorgan to pay €25m to settle tax fraud case in France, Financial Times (Sept. 2, 2021) https://www.ft.com/content/0b845a1c-0b73-400f-93c5-b3d3d08ffe08/.

[118] Id.

[119] Fraude fiscale d’ex-dirigeants de Wendel: JPMorgan paie 25 millions d’euros d’amende pour clore les poursuites, Le Figaro (Sept. 2, 2021), https://www.lefigaro.fr/societes/fraude-fiscale-d-ex-dirigeants-de-wendel-jpmorgan-paie-25-millions-d-euros-d-amende-pour-clore-les-poursuites-20210902. \

[120] Id.

[121] Id.

[122] Id.

[123] US bank agrees 25 million euro deal to settle French tax fraud investigation (Sept. 2, 2021), https://www.rfi.fr/en/france/20210902-us-bank-agrees-25-million-euro-deal-to-settle-french-tax-fraud-investigation.

[124] CGU e AGU assinam acordo de leniência com a Rolls-Royce PLC (Oct. 26, 2021), https://www.gov.br/cgu/pt-br/assuntos/noticias/2021/10/cgu-e-agu-assinam-acordo-de-leniencia-com-a-rolls-royce-plc.

[125] Gibson, Dunn & Crutcher, 2017 Mid-Year FCPA Update, at 4-5 (July 10, 2017), https://www.gibsondunn.com/2017-mid-year-fcpa-update/.

[126] Id.

[127] CGU e AGU assinam acordo de leniência com a Rolls-Royce PLC (Oct. 26, 2021), https://www.gov.br/cgu/pt-br/assuntos/noticias/2021/10/cgu-e-agu-assinam-acordo-de-leniencia-com-a-rolls-royce-plc.

[128] Brazil Leniency Agreement (June 7, 2021), https://www.sicpa.com/news/brazil-leniency-agreement.

[129] CGU and AGU Enter Into a Leniency Agreement with the Companies SICPA and CEPTIS in the Amount of BRL 762 million, gov.br (June 7, 2021), https://www.gov.br/cgu/pt-br/assuntos/noticias/2021/06/cgu-e-agu-celebram-acordo-de-leniencia-com-as-empresas-sicpa-e-ceptis-no-valor-de-r-762-milhoes.

[130] Id.

[131] UPDATE 1-South Korea’s Samsung Heavy settles Brazil graft probe for $149 mln, Reuters (Feb. 23, 2021), https://www.reuters.com/article/samsung-heavy-brazil-corruption/update-1-south-koreas-samsung-heavy-settles-brazil-graft-probe-for-149-mln-idUSL1N2KT0E1.

[132] Id.

[133] Gibson, Dunn & Crutcher, 2019 Year-End FCPA Update, at 8 (Jan. 6, 2020), https://www.gibsondunn.com/2019-year-end-fcpa-update/.

[134] UPDATE 1-South Korea’s Samsung Heavy settles Brazil graft probe for $149 mln, Reuters (Feb. 23, 2021), https://www.reuters.com/article/samsung-heavy-brazil-corruption/update-1-south-koreas-samsung-heavy-settles-brazil-graft-probe-for-149-mln-idUSL1N2KT0E1.

[135] CGU and AGU Enter Into a R$86 Million Leniency Agreement with Companies for Illicit Activities in a Project with Petrobras (June 25, 2021), https://www.gov.br/cgu/pt-br/assuntos/noticias/2021/06/cgu-e-agu-celebram-acordo-de-leniencia-de-r-86-milhoes-com-empresas-por-ilicitos-em-projeto-com-a-petrobras.

[136] Deferred Prosecution Agreement, United States v. Amec Foster Wheeler Energy Limited, No. 21-cr-298 (E.D. N.Y., June 23, 2021) (hereinafter “Amec DPA”); Order Instituting Cease-and-Desist Proceedings Pursuant to Section 21C of The Securities Exchange Act of 1934, Making Findings, and Imposing a Cease-and-Desist Order, Release No. 92259 (June 25, 2021), https://www.sec.gov/litigation/admin/2021/34-92259.pdf.


The following Gibson Dunn lawyers assisted in preparing this client update: F. Joseph Warin, M. Kendall Day, Courtney Brown, Melissa Farrar, Laura Cole, Michael Dziuban, Alexandra Buettner, Will Cobb, Abiel Garcia, Yamini Grema, Sarah Hafeez, Cate Harding, Jasdeep Kaur, Teddy Kristek, Madelyn La France, Allison Lewis, Jacob McGee, Katie Mills, Tory Roberts, Alyse Ullery-Glod, and Brian Williamson.

Gibson Dunn’s White Collar Defense and Investigations Practice Group successfully defends corporations and senior corporate executives in a wide range of federal and state investigations and prosecutions, and conducts sensitive internal investigations for leading companies and their boards of directors in almost every business sector. The Group has members across the globe and in every domestic office of the Firm and draws on more than 125 attorneys with deep government experience, including more than 50 former federal and state prosecutors and officials, many of whom served at high levels within the Department of Justice and the Securities and Exchange Commission, as well as former non-U.S. enforcers. Joe Warin, a former federal prosecutor, is co-chair of the Group and served as the U.S. counsel for the compliance monitor for Siemens and as the FCPA compliance monitor for Alliance One International. He previously served as the monitor for Statoil pursuant to a DOJ and SEC enforcement action. He co-authored the seminal law review article on NPAs and DPAs in 2007. M. Kendall Day is a partner in the Group and a former white collar federal prosecutor who spent 15 years at the Department of Justice, rising to the highest career position in the DOJ’s Criminal Division as an Acting Deputy Assistant Attorney General.

The Group has received numerous recognitions and awards, including its third consecutive ranking as No. 1 in the Global Investigations Review GIR 30 2020, an annual guide to the world’s top 30 cross-border investigations practices. GIR noted, “Gibson Dunn & Crutcher is the premier firm in the investigations space and has an unrivalled Foreign Corrupt Practices Act practice.” The list was published in October 2020.

Please feel free to contact any of the following practice leaders and members:

Washington, D.C.
F. Joseph Warin (+1 202-887-3609, [email protected])
M. Kendall Day (+1 202-955-8220, [email protected])
Stephanie L. Brooker (+1 202-887-3502, [email protected])
David P. Burns (+1 202-887-3786, [email protected])
John W.F. Chesley (+1 202-887-3788, [email protected])
Daniel P. Chung (+1 202-887-3729, [email protected])
David Debold (+1 202-955-8551, [email protected])
Michael Diamant (+1 202-887-3604, [email protected])
Richard W. Grime (202-955-8219, [email protected])
Scott D. Hammond (+1 202-887-3684, [email protected])
Judith A. Lee (+1 202-887-3591, [email protected])
Adam M. Smith (+1 202-887-3547, [email protected])
Patrick F. Stokes (+1 202-955-8504, [email protected])
Oleh Vretsona (+1 202-887-3779, [email protected])
Courtney M. Brown (+1 202-955-8685, [email protected])
Ella Alves Capone (+1 202-887-3511, [email protected])
Melissa Farrar (+1 202-887-3579, [email protected])
Jason H. Smith (+1 202-887-3576, [email protected])
Pedro G. Soto (+1 202-955-8661, [email protected])

New York
Zainab N. Ahmad (+1 212-351-2609, [email protected])
Matthew L. Biben (+1 212-351-6300, [email protected])
Reed Brodsky (+1 212-351-5334, [email protected])
Joel M. Cohen (+1 212-351-2664, [email protected])
Mylan L. Denerstein (+1 212-351-3850, [email protected])
Lee G. Dunst (+1 212-351-3824, [email protected])
Barry R. Goldsmith (+1 212-351-2440, [email protected])
Christopher M. Joralemon (+1 212-351-2668, [email protected])
Mark A. Kirsch (+1 212-351-2662, [email protected])
Randy M. Mastro (+1 212-351-3825, [email protected])
Karin Portlock (+1 212-351-2666, [email protected])
Marc K. Schonfeld (+1 212-351-2433, [email protected])
Orin Snyder (+1 212-351-2400, [email protected])
Alexander H. Southwell (+1 212-351-3981, [email protected])
Lawrence J. Zweifach (+1 212-351-2625, [email protected])

Robert C. Blume (+1 303-298-5758, [email protected])
John D.W. Partridge (+1 303-298-5931, [email protected])
Ryan T. Bergsieker (+1 303-298-5774, [email protected])
Laura M. Sturges (+1 303-298-5929, [email protected])

Los Angeles
Nicola T. Hanna (+1 213-229-7269, [email protected])
Debra Wong Yang (+1 213-229-7472, [email protected])
Marcellus McRae (+1 213-229-7675, [email protected])
Michael M. Farhang (+1 213-229-7005, [email protected])
Douglas Fuchs (+1 213-229-7605, [email protected])
Eric D. Vandevelde (+1 213-229-7186, [email protected])

Palo Alto
Benjamin B. Wagner (+1 650-849-5395, [email protected])

San Francisco
Winston Y. Chan (+1 415-393-8362, [email protected])
Thad A. Davis (+1 415-393-8251, [email protected])
Charles J. Stevens (+1 415-393-8391, [email protected])
Michael Li-Ming Wong (+1 415-393-8234, [email protected])

Patrick Doris (+44 20 7071 4276, [email protected])
Charlie Falconer (+44 20 7071 4270, [email protected])
Sacha Harber-Kelly (+44 20 7071 4205, [email protected])
Michelle Kirschner (+44 20 7071 4212, [email protected])
Matthew Nunan (+44 20 7071 4201, [email protected])
Philip Rocher (+44 20 7071 4202, [email protected])
Steve Melrose (+44 20 7071 4219, [email protected])

Benoît Fleury (+33 1 56 43 13 00, [email protected])
Bernard Grinspan (+33 1 56 43 13 00, [email protected])

Benno Schwarz (+49 89 189 33-110, [email protected])
Michael Walther (+49 89 189 33-180, [email protected])
Mark Zimmer
(+49 89 189 33-130, [email protected])

Graham Lovett (+971 (0) 4 318 4620, [email protected])

Hong Kong
Kelly Austin (+852 2214 3788, [email protected])
Oliver D. Welch (+852 2214 3716, [email protected])

São Paulo
Lisa A. Alfaro (+5511 3521-7160, [email protected])
Fernando Almeida (+5511 3521-7093, [email protected])

Joerg Bartz (+65 6507 3635, [email protected])

© 2022 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.