October 28, 2016
On October 2, 2016, the DOJ’s National Security Division issued a memorandum entitled "Guidance Regarding Voluntary Self-Disclosures, Cooperation, and Remediation in Export Control and Sanctions Investigations Involving Business Organizations" (the "Guidance"). The Guidance specifies the DOJ’s expectations for self-disclosure, cooperation, and remediation for companies seeking maximum mitigation credit in prosecutions for violations of the export-control and sanctions laws under the Arms Export Control Act ("AECA") and the International Emergency Economic Powers Act ("IEEPA"). As a way of background, the AECA is administered by the U.S. Department of Sate Directorate of Defense Trade Controls, and regulates the export of goods and services listed on the United States Munitions List; while the IEEPA criminalizes willful violations of trade-sanctions regimes administered by the Treasury Department’s Office of Foreign Assets Control and the unlicensed export of dual-use commodities (items with both civilian and military applications) administered by the Department of Commerce Bureau of Industry and Security. The Guidance only applies to potential criminal violations of these statutes administratively enforced by the three regulatory agencies just mentioned, and specifies that it "does not apply to financial institutions." Guidance at 2 n.3.
In a nutshell, the Guidance discusses the availability of reduced penalties for voluntary self-disclosure, full cooperation, and timely remediation (as defined in the Guidance) of export-control and trade-sanctions violations. These requirements are largely identical to those provided in the DOJ Fraud Section’s April 5, 2016 memo entitled "The Fraud Section’s Foreign Corrupt Practices Act Enforcement Plan and Guidance," and the Guidance continues the DOJ’s recent trend of incentivizing self-disclosure of corporate crimes and raising the bar for mitigation credit. Importantly, the Guidance emphasizes that "[i]t is not the purpose of this Guidance to alter" the current practice of companies voluntarily self-disclosing potential AECA and IEEPA violations to the relevant regulatory agencies (Department of State, Commerce, or Treasury); the Guidance encourages companies to continue that practice but moving forward strongly recommends companies to separately self-disclose to the DOJ when the violation "may have been willful." Guidance at 4.
The Guidance provides that qualifying companies can benefit from possible non-prosecution agreement, a reduced period of supervised compliance, a reduced fine and forfeiture, and no requirement of monitor. Guidance at 8. To be eligible for such benefits, however, companies must first meet the Guidance’s stringent requirements of "voluntary disclosure," "full cooperation," and "timely and appropriate remediation."
For a company’s self-disclosure to be deemed "voluntary," 1) the company must disclose the misconduct prior to an imminent threat of disclosure or government investigation; 2) the company must disclose the conduct to the DOJ’s National Security Division (through the Counterintelligence and Export Control Section) and the relevant regulatory agency "within a reasonably prompt time after becoming aware of the offense"; and 3) the company must disclose all relevant facts known to it, including all relevant facts about the individual wrongdoers involved in any export-control or sanctions violation. Guidance at 5. Additionally, the self-disclosure must not be required by a plea agreement, a deferred prosecution agreement, a non-prosecution agreement, or any other similar agreement. Guidance at 4 n.7.
Once the company has made an adequate self-disclosure, it must then provide "full cooperation" with any resulting government investigation. As a preliminary matter, the company must comply with the threshold requirements set forth in both the 1) September 2015 Memorandum of the Deputy Attorney General on Individual Accountability for Corporate Wrongdoings (the "Yates Memo") and 2) the United States Attorney’s Manual Principles. Guidance at 5. Additionally, the DOJ expects "fully cooperative" companies to 1) proactively disclose all relevant facts even when not asked to do so; 2) preserve, collect, and disclose all relevant documents, even those located overseas, with appropriate details; 3) provide information learned from the company’s internal investigation and timely updates; 4) prioritize the government investigation over the company’s internal investigation when requested; 5) provide all facts relevant to potential criminal conduct by all third-party actors; 6) make available all officers and employees, even those located overseas, for interview when requested; and 7) translate foreign documents when requested. Guidance at 6. Where a company claims that disclosure is prohibited by foreign law, the burden is on the company to prove that prohibition. Guidance at 6 n.11. If a company meets some—but not all—of these requirements, then the company would generally receive some benefits, although the benefits would be "markedly less than for full cooperation as defined in this Guidance." Guidance at 7.
Finally, once the company is deemed to have "self-disclosed" and "fully cooperated," the DOJ will then evaluate whether the company has engaged in "timely and appropriate remediation." In evaluating the company’s remediation efforts, the DOJ mandates the implementation of an "effective compliance program, the criteria for which . . . may vary based on the size and resources of the organization." Guidance at 7. Generally, an effective compliance program includes: 1) a culture of compliance; 2) dedication of sufficient resources to the compliance function; 3) adequate training of compliance personnel to identify potentially risky transactions; 4) independent compliance function; 5) effective risk assessment; 6) a technology control plan and related regular training to ensure export-controlled materials are appropriately handled; 7) appropriate compensation and promotion of a company’s compliance personnel, as compared to non-compliance employees; 8) auditing of the compliance program to ensure its effectiveness; and 9) a reporting structure of compliance personnel that facilitates the identification of compliance problems to senior officials as soon as possible. Guidance at 7.
As earlier mentioned, when a company meets all of these requirements, it will qualify for benefits such as the possibility of a non-prosecution agreement (as opposed to a deferred prosecution agreement, which includes the filing of a criminal Information), a reduced period of supervised compliance, a reduced fine and forfeiture, and no requirement of monitor. Guidance at 8. In addition, where a company does not voluntarily self-disclose but, after learning of possible violations from a government investigation, fully cooperates with the government investigation and takes appropriate remedial measures, the company may still receive some credit, including the possibility of a deferred prosecution agreement (without self-disclosure, a company would rarely qualify for a non-prosecution agreement), a reduced fine and forfeiture, and an outside auditor as opposed to a monitor. Guidance at 9.
It should be noted, however, that even when a company meets all three requirements, there may be certain "aggravating circumstances that represent elevated threats to the national security and that, if present to a substantial degree, could result in a more stringent resolution." Guidance at 8. Such circumstances include exports of items controlled for nuclear proliferation or missile technologies; export of items known to be used in building weapons of mass destruction; exports to a terrorist organization; exports of military items to a hostile foreign power; corporate recidivism; knowing involvement of upper management in the criminal conduct; and significant profits from the criminal conduct, whether intended or realized. Guidance at 8.
The Guidance differs from the aforementioned DOJ Fraud Section’s April 2016 memo on Foreign Corrupt Practices Act Enforcement Plan and Guidance ("pilot program") in one critical aspect; unlike the FCPA pilot program, the Guidance does not specifically quantify the benefits from meeting its stringent requirements. For example, whereas the FCPA pilot program offers companies a declination or 50 percent off the bottom of the sentencing fine range, the Guidance does not lay out specific financial breaks; rather, the Guidance makes it clear that prosecutors maintain significant discretion in evaluating how fully the company met the three requirements and any aggravating circumstances. The Guidance does not even mention the possibility of a declination, which is one of the most distinct features of the FCPA pilot program.
The Guidance calls for a substantial departure from the current practice, where companies voluntarily disclose possible export-control or sanctions violations to the relevant regulatory agency (Department of State, Commerce, or Treasury), and the regulatory agency, in its discretion, referred appropriate cases to the DOJ for criminal prosecution. Self-disclosed violations, to date, have rarely been referred to DOJ except in egregious cases. Companies therefore have voluntarily disclosed to the regulatory agencies, while simultaneously arguing to the agencies that the violations were not willful (and hence not criminal) and should not be referred to the DOJ. Now, however, under the DOJ’s October 2016 Guidance, self-disclosing to the relevant agency is no longer enough if the company wishes to receive mitigation credit in a possible criminal prosecution. To afford the DOJ’s mercy, it must separately self-disclose to the DOJ’s Counterintelligence and Export Control Section. The Guidance directs companies to self-disclose when a violation "may have been willful," Guidance at 4, which means that the DOJ in practice will receive all or a substantial portion of self-disclosures made to regulatory agencies. Thus, the DOJ has now endowed itself with the responsibility to conduct first-level review of potential export-control or sanctions violations, despite the regulatory agencies’ expertise in these fields (recall that the criminal violations here are violations of the agency regulations themselves). Companies’ self-disclosure practice is likely to change as a result of this Guidance and interagency tension from the DOJ’s power grab is expected.
The following Gibson Dunn lawyers assisted in the preparation of this client alert: Judith Alison Lee and Jin I. Yoo.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the above developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm’s International Trade Group:
Judith A. Lee – Co-Chair, Washington, D.C. (+1 202-887-3591, email@example.com)
Ronald Kirk – Co-Chair, Dallas (+1 214-698-3295, firstname.lastname@example.org)
Jose W. Fernandez – New York (+1 212-351-2376, email@example.com)
Marcellus A. McRae – Los Angeles (+1 213-229-7675, firstname.lastname@example.org)
Daniel P. Chung – Washington, D.C. (+1 202-887-3729, email@example.com)
Adam M. Smith – Washington, D.C. (+1 202-887-3547, firstname.lastname@example.org)
Mehrnoosh Aryanpour – Washington, D.C. (+1 202-955-8619, email@example.com)
David A. Wolber – Washington, D.C. (+1 202-887-3727, firstname.lastname@example.org)
Peter Alexiadis – Brussels (+32 2 554 72 00, email@example.com)
Attila Borsos – Brussels (+32 2 554 72 10, firstname.lastname@example.org)
Patrick Doris – London (+44 (0)207 071 4276, email@example.com)
Penny Madden – London (+44 (0)20 7071 4226, firstname.lastname@example.org)
Benno Schwarz – Munich (+49 89 189 33 110, email@example.com)
Mark Handley – London (+44 (0)207 071 4277, firstname.lastname@example.org)
© 2016 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.