chevron-down Created with Sketch Beta.

The Business Lawyer

Winter 2023/2024 | Volume 79, Issue 1

Corporate Crime and Cooperation

Karen E Woody

Corporate Crime and Cooperation

Jump to:


Over the past few decades as the number of Foreign Corrupt Practices Act (FCPA) cases has steadily climbed, and the fines associated with FCPA dispositions have skyrocketed, the U.S. Department of Justice (DOJ) has regularly issued guidance about how companies could or should assist the government in reaching a resolution to an FCPA investigation. It is now taken as a given that a company will cooperate with the DOJ in order to receive the best outcome and settlement. What “cooperation” entails has differed over the past few decades, but what is no longer on the table is the option NOT to cooperate with the DOJ, or any parallel investigations by the U.S. Securities and Exchange Commission or even foreign regulatory agencies. The reason companies cooperate is to be afforded the “carrot” of cooperation credit, rather than face the “stick” of increased fines and punishment. Cooperation credit is a major factor in corporations’ decisions regarding all aspects of their own internal investigations, including whether to voluntarily disclose potential violations of the FCPA, what documents to produce to the government and when, and whether to allow the government to interview (and potentially indict) executives. The recent DOJ Memorandum issued by Deputy Attorney General Lisa Monaco doubles down on the notion that companies must be swift in voluntarily disclosing violations, quick to point fingers at executives involved, and must produce to the government potentially damning documents immediately upon discovery. The Monaco Memo seemingly moves the needle further in favor of the government; meaning, a company must do more to meet the standard of “cooperation” in order to be eligible for cooperation credit. As the standard for cooperation becomes harder to attain, more corporations may push back. The risk to the DOJ of making cooperation credit too elusive is that the DOJ likely does not have the resources to engage in full-scale investigations of companies. Rather, the government relies upon companies to voluntarily disclose violations and to perform internal investigations at their own expense. What then happens when companies refuse to cooperate? When the carrot becomes too elusive, will companies begin taking their odds with the stick? This Article outlines the historical underpinnings of corporate cooperation, and expands upon the literature considering the structural, constitutional, and normative issues with corporate cooperation.


On December 2, 2022, the U.S. Department of Justice issued a press release detailing a settlement with ABB Ltd. (hereinafter “ABB”), a Swiss-based global technology company, related to violations of the Foreign Corrupt Practices Act (FCPA). The press release stated that ABB had agreed to a Deferred Prosecution Agreement (DPA), and it was required to pay $315 million in criminal penalties. Given the skyrocketing amount of fines and penalties awarded in other recent FCPA dispositions, ABB’s fine, while large, was not necessarily remarkable. Rather, what was remarkable about this particular FCPA disposition was this: ABB represents the only company that is a third-time offender of the FCPA. ABB is a two-time recidivist company, meaning that twice before, ABB, settled with government authorities for violations of the FCPA, once in 2010 and once in 2004.

In 2004, ABB Vetco Gray Inc. and ABB Vetco Gray UK Ltd., the United States and United Kingdom subsidiaries of ABB, pleaded guilty to a criminal information charging each of the two companies with two counts of bribery in violation of the FCPA. Pursuant to the plea agreement, both companies agreed to pay a fine of $5.25 million.

ABB Vetco Gray was the U.S. company based in Houston, Texas, and served as the headquarters for Vetco Gray’s Western Hemisphere operations. ABB Vetco Gray UK Ltd. was based in Aberdeen, Scotland, and was headquarters for Vetco Gray’s Eastern Hemisphere operations. The DOJ charged the two companies for paying bribes to officials of NAPIMS, a Nigerian government agency that evaluates and approves potential bidders for contract work on oil exploration projects in Nigeria. According to the stipulated statement of facts, the companies paid more than $1 million in exchange for obtaining confidential bid information and favorable recommendations from Nigerian government agencies in connection with seven oil and gas construction contracts in Nigeria from which the companies expected to realize profits of almost $12 million.

The SEC conducted a parallel investigation and filed a complaint against the parent company, ABB, the stock of which is traded in the United States through American Depository Receipts. The SEC complaint alleged violations of anti-bribery, books and records, and internal control provisions of the FCPA, arising from suspected payments in Nigeria, Kazakhstan, and Angola. ABB agreed to a civil settlement that included the hiring of an outside consultant to review its system of internal controls, disgorgement of profits, and pre-judgement interest of $5,915,405.64, and a civil penalty payment of $10.5 million, which was deemed satisfied by payment of the criminal fine.

Interestingly, in 2004, the new era of robust FCPA enforcement was in its infancy. As such, ABB Vetco Gray UK Ltd. was only the second foreign company to be charged under the 1998 amendment to the FCPA, which allowed the law to cover foreign companies that take an “act in furtherance of the bribe of a foreign official while in the United States.” What is also interesting is that in 2004, the Thompson Memorandum issued by Larry Thompson, Deputy Attorney General, was in effect. As detailed below in Part II, the Thompson Memorandum marked a swing in the DOJ’s stance toward corporate crime, and demanded significant efforts by the corporation, including the waiver of attorney-client privilege, in order to receive any credit or alternative resolution. Not surprisingly, the DOJ press release concerning this prosecution of ABB indicated that ABB provided significant cooperation, including “real-time disclosure” of results of an internal investigation.

A few years later, ABB ran into FCPA-related problems with the DOJ and the SEC again. In 2010, ABB Inc., the U.S.-based subsidiary of ABB Ltd., pleaded guilty to a criminal information charging it with one count of violating the anti-bribery provisions of the FCPA and one count of conspiracy to violate the provisions of the FCPA, and paid a criminal fine of $17.1 million. As part of ABB Inc.’s plea, it admitted that one of its business units based in Sugar Land, Texas, ABB Network Management (ABB NM), paid bribes from 1997 to 2004 that totaled approximately $1.9 million to officials at Comisión Federal de Electricidad (CFE), a Mexican state-owned utility company. In exchange for the bribe payments, ABB NM received contracts worth more than $81 million in revenue. ABB Inc. admitted that the bribe payments were made through various intermediaries, including a Mexican company that served as ABB NM’s sales representative in Mexico on its contracts with CFE.

In addition to the guilty plea, the parent company, ABB Ltd., entered into a DPA, agreeing to the filing of a criminal information charging its Jordanian subsidiary, ABB Ltd.–Jordan, with one count of conspiracy to commit wire fraud and to violate the books and records provisions of the FCPA. ABB agreed to a criminal penalty of $1.9 million related to the allegations of misconduct. Specifically, ABB Ltd. admitted that ABB Ltd.–Jordan agreed to pay kickbacks to the former Iraqi government in connection with contracts to sell vehicles to Iraq under the United Nations’ Oil for Food program. From 2000 to 2004, it paid more than $300,000 in kickbacks to the former Iraqi government to secure contracts with the government agencies. As a result, ABB Ltd. and its subsidiary received eleven purchase orders for electrical equipment and services worth more than $5.9 million.

Notably, the DOJ acknowledged that ABB voluntarily disclosed the misconduct and “cooperated fully” with the DOJ investigation, which undoubtedly allowed ABB to receive a DPA rather than other possible disposition. Under the terms of the 2010 three-year DPA, ABB Ltd. agreed to fully cooperate with investigations by U.S. and foreign authorities of the company’s corrupt payments and to adhere to a set of enhanced corporate compliance and reporting obligations, which include the recommendations of an independent compliance consultant. ABB Ltd. also settled with the SEC, and agreed to pay more than $39 million in disgorgement, pre-judgment interest, and civil penalties.

Fast-forward to 2022, wherein ABB finds itself in FCPA hot water for the third time. In December 2022, ABB entered into a DPA with the DOJ, in conjunction with resolutions with regulators in South Africa, regarding criminal schemes taking place in South Africa. The misconduct took place between 2014 and 2017. ABB subsidiaries paid bribes to a South African government official at the state-owned and controlled energy company, Eskom Holdings Limited (Eskom), to obtain business advantages in connection with the award of multiple contracts. ABB executives in Switzerland were intently focused on obtaining the contract for the Kusile power plant, which was going to by granted by Eksom, and sent a Swiss executive to South Africa to help land the contract. The efforts to obtain the contract involved ABB engaging multiple subcontractors associated with the South African government official, and making payments to those subcontractors that were intended as bribes. ABB worked with these subcontractors despite their poor qualifications and lack of experience. In return, ABB received improper advantages in its efforts to obtain work with Eskom, including, among other benefits, confidential and internal Eskom information. Even when ABB internal controls caught that the subcontractors were not qualified, ABB executives ignored the red flag and warnings from employees and compliance personnel. ABB also falsely recorded payments to the subcontractors as legitimate business expenses when, in fact, a portion of the payments were intended as bribes for the South African government official.

In order to resolve these allegations, ABB paid a $315 million criminal penalty. In addition, ABB entered into a three-year DPA with the department in connection with the filing of a criminal information in the Eastern District of Virginia charging the company with conspiracy to violate the FCPA’s anti-bribery provisions, conspiracy to violate the FCPA’s books and records provisions, and substantive violations of the FCPA. In addition, ABB subsidiaries ABB Management Services Ltd. (Switzerland) and ABB South Africa (Pty) Ltd. (South Africa) each pleaded guilty to one count of conspiracy to violate the anti-bribery provisions of the FCPA.

To summarize, ABB had issues related to its Nigerian, Kazakhstani, and Angolan operations in 2004; its Mexico and Jordanian operations in 2010; and its South African operations in 2022. In addition, ABB had entered a guilty plea in 2001 related to a bid-rigging conspiracy for a contract in Egypt, executed by its Italian subsidiary. The recent guidance and “tone” from the DOJ has made clear that recidivist companies will not be shown much mercy. How then did ABB receive another DPA, without even a monitorship? The DOJ’s press release explains its calculations of the relevant factors for the disposition of the third-time offender:

The department reached this resolution with ABB based on a number of factors, including: 1) the nature and seriousness of the misconduct; 2) ABB’s demonstrated intent to disclose the misconduct promptly to the department; 3) ABB’s extraordinary cooperation with the department’s investigation; 4) ABB’s extensive remediation, including carrying out a root-cause analysis of the misconduct and making significant investments in compliance personnel, compliance testing, and monitoring through the organization; 5) ABB’s commitment to further enhance its compliance program and internal controls, including enhanced reporting provisions that require ABB, during the pendency of the DPA, to meet with the department at least quarterly and to submit yearly reports regarding the status of its remediation efforts, the results of its testing of its compliance program, and its proposals to ensure that its compliance program is reasonably designed, implemented, and enforced, so that it is effective in deterring and detecting violations of the FCPA and other applicable anti-corruption laws; 6) ABB’s decade-old criminal history, which includes two prior criminal resolutions by ABB entities with the department for FCPA violations in 2004 and 2010, as well as a guilty plea by an ABB entity for bid rigging in 2001; 7) ABB’s agreement to concurrently resolve separate investigations by authorities in South Africa and Switzerland, as well as the SEC, and its anticipated resolution of a related investigation by German authorities; and 8) ABB’s agreement to continue to cooperate with the department in ongoing investigations. In light of these considerations, the criminal monetary penalty reflects a 25% discount off the mid-point between the middle and high end of the otherwise applicable U.S. Sentencing Guidelines fine range.

Let’s unpack this explanation a bit. First, factor one: the nature and seriousness of the misconduct. This factor does not behoove ABB because the allegations of misconduct run all the way to the executive suite at ABB. The facts suggest that the leadership and entire culture at ABB did not take compliance seriously and even went to lengths to end-run around any compliance controls. Factor two: the demonstrated “intent” to disclose the misconduct; here, too, there was an issue because prior to ABB voluntarily disclosing the misconduct, a newspaper printed the allegations, effectively ruining ABB’s chances to be the first to tell the DOJ. Factors three, four, and five seem to outweigh factors one and two. In particular, the descriptor of “extraordinary” in factor three—regarding the level of cooperation ABB engaged in—seems to be carrying the water. Factor six again weighs against any credit in ABB’s favor, as it underscores the recidivist status of the company. Factors seven and eight, acknowledging that ABB is resolving other foreign investigations and is agreeing to continue its cooperation with regulators, weighs in favor of ABB. Given the balance of these factors, the DOJ awarded a 25 percentage discount off of the fine range as required by the U.S. Sentencing Guidelines.

What are we to learn from this list of factors and the eventual outcome of ABB’s DPA? Is the lesson simply that the saber-rattling from the DOJ about the lack of credit to recidivist companies, and the increased pressure on companies to voluntarily disclose, is mere puffery? Or is the explanation of this outcome rooted more in the efforts of “extraordinary” cooperation? If the 2022 Monaco Memo outlining DOJ prosecutorial policies sets only the standard for cooperation, what is to be considered “extraordinary” beyond the standard? The DOJ’s drumbeat about increased prosecutions, increased penalties for corporations and individuals, and more monitorships in the future does not represent a bluff, or puffery. The lesson of ABB is that companies will be expected to provide an increased amount of cooperation, up to and possibly including the waiver of attorney-client privilege. The result of this “extraordinary” cooperation could render in-house and outside defense counsel effectively deputies of the government, creating ethical, structural, and constitutional issues.

This Article contributes to the growing literature on compliance, corporate crime, and corporate cooperation by taking a holistic and historical view of corporate cooperation over the past four decades. It traces the arc of DOJ policies since the late 1990s to show the entire scope of shifts in policy from administration to administration. Importantly, this Article points out the implications that the DOJ policies bring to bear on corporations and the individuals therein. It argues that the breadth of implications from DOJ policies could shift the value proposition for corporate cooperation, particularly as individuals will face personal criminal liability as part of the corporate cooperation negotiation.

This Article proceeds in four parts. Part I discusses the history of corporate cooperation in white collar criminal matters. Part II analyzes the arc of regulation and policy procedures disseminated via the DOJ memoranda. Six important DOJ memoranda regarding corporate prosecutions have been issued from 1999 until 2022 and provide guidance related to corporate investigations, prosecutions, and sentencing; each of these memorandums will be detailed in this Part. Part II also takes a close look at DOJ memoranda and policies in the past twenty-five years, beginning with the Holder Memorandum issued in 1999 up until the recent 2022 Monaco Memorandum. In particular, this Part will address the level of cooperation required by the government in order for corporations to receive cooperation credit. Part III focuses on the most recent DOJ policies disseminated over the past two years, including the Monaco Memoranda, and the changes to the Corporate Enforcement Policy. Part IV considers the implications from the recent DOJ policies in light of the history of corporate cooperation. Specifically, this Part addresses the normative shift resulting from higher standards for cooperation credit that could compel companies to refuse to cooperate. This Part also details the structural and normative problems that arise if the DOJ expects to effectively deputize in-house and outside corporate defense counsel in the name of cooperation. The Article then briefly concludes.

I. History of Corporate Crime and Corporate Cooperation

A. Regulation, Prosecution, and Cooperation

Cooperation with the government in corporate prosecutions has not always been the prevailing norm. Historically, under common law, crimes or torts committed by corporations were seen as a regulatory rather than criminal issue. The theory underpinning this regulatory regime was that corporations could not commit crimes because, as mere legal entities, they could not form the required mens rea to violate criminal law. Moreover, corporations could not be imprisoned, rendering criminal law somewhat toothless as applied to corporations.

During the Progressive Era, courts shifted away from the common law view and held that corporations could be criminally liable for their wrongdoing. In New York Central & Hudson River Railroad Co. v. United States, the U.S. Supreme Court, relying on the civil law doctrine of vicarious liability, ruled that corporations could be held criminally liable for the actions of their employees committed within the scope of their employment. The case was the legal foundation for corporate criminal liability through the theory of respondeat superior.

Despite the legal foundation established in New York Central, criminal prosecution of corporations was still rare. During the New Deal Era, the federal government established many of the modern regulatory agencies, and industries formed self-regulatory bodies, but the rise of corporate power and size was generally celebrated through the post-WWII era as a marker of progress. It was not until the late ‘60s and early ‘70s that public opinion began to reflect the sentiment that corporations were too powerful and/or might not have the best interest of the public at heart.

The shift in popular sentiment, driven in part by events such as the Watergate scandal in the 1970s, fueled an increased awareness of corporate crime, and in turn, caused a coinciding shift in corporate prosecutorial policy. During the 1970s and 1980s, the federal government began to see prosecution of corporations as a more effective way to prevent and deter corporate crime. In 1978, the DOJ elevated the prosecution of white collar crimes to the top of its priority list, resulting in an increase in corporate criminal cases. For example, in 1970, the SEC referred thirty-five cases to the DOJ for criminal prosecution; in 1978, the number was 109. Prosecutors became increasingly aggressive, and often pursued criminal charges through vicarious liability theories, even when company policy expressly prohibited the conduct charged.

Where and when does corporate cooperation come into play? Prior to the 1990s, prosecutors occasionally sought cooperation from corporations, but on a case-by-case basis. The application of vicarious liability, which often looked nearly like strict liability in practice, forced corporations to join forces with employees in order to defend themselves against criminal sanction. Criminal convictions carried the risk of losing licenses to do business and financial penalties that jeopardized the future of the company, which gave companies an incentive to vigorously defend against individual indictments of employees. Thus, corporations generally paid their employees’ legal fees and often entered into joint defense agreements. Because federal prosecutors aggressively sought criminal convictions, corporations responded with aggressive defenses.

Congress similarly intensified its efforts to curb white collar crime by enacting new criminal statutes and increasing criminal penalties. In 1977, Congress passed the Foreign Corrupt Practices Act, aimed at curbing corrupt practices by American corporations, and included criminal sanctions among the penalties. In 1984, Congress passed the Criminal Fine Enforcement Act, which increased penalties for corporate criminal convictions. Indeed, a Task Force on the Federalization of Criminal Law stated that “more than a quarter of the federal criminal provisions enacted since the Civil War have been enacted in between 1980 and 1996.” Also in 1984, Congress established the U.S. Sentencing Commission, which was charged with making sentences uniform and just, particularly for white collar and corporate crimes. The Commission sought to address disparities in sentencing—often, white collar criminals received lenient sentences, while blue collar criminals were sent to prison. Moreover, the Commission acknowledged that the government often had limited resources to detect wrongdoing, particularly wrongdoing by organizations, and therefore needed firms to play a role in detection and prevention.

B. U.S. Sentencing Guidelines

In the 1990s, the federal government gradually shifted its corporate criminal policy from prosecution, with piecemeal cooperation at times, to a practice that incorporated cooperation as federal policy. This policy shift was fueled primarily by the United States Sentencing Commission and the DOJ.

In 1991, the United States Sentencing Commission adopted the first Sentencing Guidelines for Organizations. Uniformity and predictability were the goals of the Guidelines, given that corporations often received varying sentences for similar conduct. Pragmatically, for corporations, the Sentencing Guidelines and standardized sentences represented a heightened risk of increased punishment because corporations often had previously benefited from sentencing disparities. The Guidelines incentivized companies to detect and deter criminal conduct of their employees because they afforded companies a reduction in corporate fines if the company could show it had established effective programs or systems to prevent criminal wrongdoing. A company’s culpability, and attendant fines, was outlined by the Guidelines, which factored in the “steps taken by the organization prior to the offense to prevent and detect criminal conduct, the level and extent of involvement in or tolerance of the offense by certain personnel, and the organization’s actions after the offense has been committed.” Rather than taking a punitive tack, the Guidelines focused on prevention and deterrence through the use of restitution and fines.

Thus, the “carrot or stick” approach, as a matter of federal policy, became enshrined in the Sentencing Guidelines. Effectively, the Sentencing Guidelines codified what had previously been a matter of prosecutorial discretion. In order to reduce their culpability scores, corporations quickly established internal compliance programs and agreed to cooperate with prosecutors during the investigation. In addition, the Sentencing Guidelines allowed prosecutors to file motions for “substantial assistance.” If a prosecutor filed a motion for substantial assistance, a judge could (and most often did) depart downward from the sentence that would otherwise apply under the Sentencing Guidelines, giving corporations another reason to cooperate with prosecutors.

The importance of the Sentencing Guidelines cannot be overstated, given that the Guidelines ushered in the new era of corporate criminal prosecutorial tactics, as well as the modern era of corporate compliance. Because of the Guidelines, corporate cooperation was “quantified” as an incentive. Professor Arlen refers to this as the “duty-based composite regime,” defined as a structure under which firms are held liable for the acts of their employees, but also are afforded a reduction in fine, and even a shift from criminal to civil liability, “if the firm satisfied any (or each) of its policing duties: specifically adopting an effective compliance program, self-reporting detected wrongs, and fully cooperating with federal investigations.

II. DOJ Memoranda and Policies 1999–2018

In the era of cooperation sparked by the Sentencing Guidelines, the DOJ began to issue memoranda establishing guidelines for prosecutors’ investigations and charging corporations for misconduct. The memoranda establish varying criteria for prosecutors and reflect varying levels of aggressiveness on the part of the DOJ, yet they carry a common theme: corporations that cooperate with the prosecution receive favorable deals and can avoid prosecution. This Part walks through the important DOJ memoranda issued since 1999, tracking the expansion and contraction of prosecutorial tactics over the past twenty-five years, up until the 2022 Monaco Memoranda, which are analyzed in Part III.

A. Foundational Principles: The Holder Memorandum

The Holder Memo was the first to establish principles for federal prosecutors to consider when deciding whether to pursue criminal charges against a corporation. The Holder Memo was not binding, but nevertheless instructed prosecutors to consider a corporation’s cooperation when evaluating its case.

The major contribution of the Holder Memo was that it established a list of eight principles for prosecutors to consider when deciding whether to file criminal charges against a corporation. The principles were: (1) the nature and seriousness of the offense, including risk of harm to the public; (2) pervasiveness of wrongdoing within the corporation, including complicity in the wrongdoing by management; (3) the corporation’s history of similar conduct; (4) “the corporation’s timely and voluntary disclosure of wrongdoing and its willingness to cooperate in the investigation of its agents, including, if necessary, the waiver of the corporate attorney-client and work product privileges”; (5) the existence and adequacy of the corporation’s compliance program; (6) the corporation’s remedial actions, including efforts to implement or improve a compliance program, to discipline or terminate wrongdoers, or to cooperate with authorities; (7) collateral consequences, including disproportionate harm to shareholders and employees not proven personally culpable; and (8) the adequacy of non-criminal remedies.

Certain factors, particularly factors four and five, made clear that a corporation had the “carrot” of avoiding prosecution in exchange for disclosures and waiver of evidentiary protections. In other words, the Holder Memo also offered guidance on non-prosecution agreements for corporations, and tied them explicitly to the corporation’s cooperation. Principles endorsed by the Holder Memo acknowledged that it is often easier to find wrongdoers and evidence of wrongdoing with the corporation’s cooperation, and therefore concluded that offering non-prosecution agreements to the corporation may be the best course of action to effectuate the goals of deterrence. The Holder Memo therefore endorsed offering non-prosecution agreements to corporations when cooperation was reasonably necessary for the public interest and other means of obtaining cooperation are unavailable or would be ineffective.

At the same time, the Holder Memo allowed prosecutors to take a close look at whether the corporation appeared to be covering or protecting its culpable employees or executives. Some examples of this included retaining the culpable employees without any sanction, providing information via joint defense agreements, or paying attorneys’ fees for separate counsel.

Importantly, the waiver of the attorney-client privilege is contemplated by the Holder Memo, but is not required. Rather, waiver was listed as a factor that prosecutors could weigh to determine the extent of cooperation. While asking for a waiver of attorney-client privilege granted significant power to prosecutors, there were some limitations to that power. First, the waiver of the privilege was limited only to the facts from the internal investigation and any “contemporaneous advice given to the corporation concerning the conduct at issue.” Second, the Holder Memo prevented prosecutors from seeking a waiver of the privilege for information related to the ongoing investigation.

B. Pendulum Swing: The Thompson Memorandum

In 2001, the Enron and Arthur Anderson scandals erupted, with widespread ripple effects in the financial, energy, accounting, and legal industries, among others. The Holder Memo remained in effect at the DOJ, and the SEC issued its Seaboard Report, identifying principles of corporate liability and corporate cooperation in the context of SEC investigations. In 2002, then-President George Bush issued an executive order creating the Corporate Fraud Task Force. The purpose of the task force was “to hold wrongdoers responsible and to restore an atmosphere of accountability and integrity within corporations across the country.” The task force was comprised of eighteen members representing nine federal agencies and seven U.S. Attorneys’ offices.

As part of the initiative of the Task Force, the DOJ reviewed the Holder Memo and its list of prosecution principles. Unsurprisingly, given the tone in Washington, D.C., and the desire for corporate prosecution and accountability in the wake of such scandals, Deputy Attorney General Larry Thompson, acting as head of the Corporate Fraud Task Force, issued the Thompson Memo in January 2003.

While the substance of the Thompson Memo was largely similar to the Holder Memo, a few key changes reflected the more aggressive posture. First, where the Holder Memorandum has been merely guidance for federal prosecutors, the Thompson Memo was binding. Second, while the Thompson Memo reproduced the eight principles to be considered from the Holder Memo, it also added an additional principle. The new principle instructed prosecutors to consider the adequacy of the prosecution of individuals for the corporation’s malfeasance. Third, the Thompson Memo instructed prosecutors to assess the quality of a corporation’s compliance program in determining whether criminal charges were appropriate, whereas the Holder Memo contemplated merely the existence, implementation, or improvement of a compliance program.

Overall, the Thompson Memo revised departmental guidance to promote closer scrutiny of corporate cooperation efforts. The aim of the Thompson Memo was to promote total cooperation and punish obstructionist behavior. The Thompson Memo instructed prosecutors, in evaluating the cooperative effort of corporations, to consider factors such as the willingness of the corporation to waive attorney- client privilege, as well as “whether the corporation, while purporting to cooperate, has engaged in conduct which impedes the investigation.” If such conduct was present, prosecutors were instructed to “weigh in favor” of the prosecution.

The Thompson Memo received widespread criticism, especially on the issue of waiver of privilege. Under the Thompson Memo, prosecutors began to demand complete waiver of privilege, and threatened corporations that if they did not waive privilege completely, they would be deemed non-cooperative and face prosecution.

In addition to the Thompson Memo, Acting Deputy Attorney General Robert D. McCallum “bobbed and weaved” on the principles in the Thompson Memo by issuing a memorandum entitled “Waiver of Corporate Attorney-Client and Work Product Protection” (hereinafter “McCallum Memo”). The McCallum Memo focused exclusively on one of the nine factors listed in the Thompson memo: “the corporation’s timely and voluntary disclosure of wrongdoing and its willingness to cooperate in the investigation of its agents, including, if necessary, the waiver of corporate attorney-client and work product protection.” The McCallum Memo directed prosecutors to “establish a written waiver review process” in each respective district, rather than create a homogenous policy from the DOJ regarding waiver. There was speculation that the McCallum Memo, by allowing waiver of privilege to be a district-by-district decision, was an attempt to distance Main Justice from the criticisms related to waiver.

The criticism to the Thompson Memo resulted in a task force by the American Bar Association, which issued a report and resolution that strongly supported the attorney-client privilege and work product doctrine, and opposed “routine practice by government officials of seeking to obtain a waiver of the attorney-client privilege or work product doctrine through the grant or denial of any benefit or advantage.” The ABA report, and lobbying efforts, put pressure on Congress to step in. In December 2006, Senator Arlen Specter introduced legislation entitled the Attorney-Client Privilege Protection Act, intended to stop federal prosecutors from forcing corporations to waive attorney-client privilege in order to avoid prosecution. The legislation did not make it to the Senate floor, but it suggested there was legislative attention and awareness of the DOJ’s aggressive policies.

The aggressive DOJ tactics regarding corporate cooperation and privilege waiver—and the conflict that creates for individual defendants—ultimately faced significant backlash in court. In United States v. Stein, the United States District Court for the Southern District of New York ruled that portions of the Thompson Memo were unconstitutional. Specifically, Judge Lewis Kaplan ruled that sections of the Thompson Memo, which allowed prosecutors to deem a corporation’s payment of employees’ attorney’s fees obstructionist (and thus cut against a finding of cooperation for the corporation), violated substantive due process by disallowing them a right to counsel. The Stein case marked a turning point for DOJ tactics, and a pivot that likely would not have occurred if individuals had not been prosecuted alongside KPMG. The Second Circuit subsequently affirmed the district court ruling, prompting the disclosure of the Filip Memo, discussed below in Part II.D.

C. The McNulty Memorandum: More of the Same?

Deputy Attorney General Paul McNulty issued the McNulty Memo in December 2006 in response to the criticism engulfing the Thompson Memo. Generally, the McNulty Memo was an effort to reign in federal prosecutors while maintaining general departmental policy of seeking corporate cooperation. Specifically, the McNulty Memo sought to narrow the grounds on which federal prosecutors sought waivers of privilege and/or considered the payment of attorneys’ fees as factors in evaluating cooperation.

The McNulty Memo provided that waiver of privilege was not a prerequisite to a finding of cooperation in the government’s investigation. It further limited the ability of prosecutors to compel privilege waivers. The McNulty Memo allowed federal prosecutors to pursue a privilege waiver only when necessary to fulfill their law enforcement obligations, and even then the waiver was to be on the narrowest possible grounds. The McNulty Memo created a process by which prosecutors could pursue the waivers, by creating two categories of information: (1) Category I information which included purely factual information; and (2) Category II which consisted of attorney-client communications and non-factual attorney work product.

Category II information was, according to the McNulty Memo, only to be pursued in “rare circumstances” and required written approval of the Deputy Attorney General. That said, the McNulty Memo stated that although corporations were free to assert attorney and work product privileges, waiver of the privileges would be viewed favorably, implying that refusing to waive the privilege would be viewed unfavorably.

In addition, and ostensibly in response to the district court decision in Stein and related criticism of Thompson Memo requirements, the McNulty Memo instructed prosecutors not to consider whether corporations paid the legal fees of its employees. The only exception to this policy was when the totality of the circumstances suggested that the corporation intended that the payments impede a criminal investigation.

While intended to ease some of the criticism from the Thompson Memo, the McNulty Memo too received widespread criticism. First, critics pointed out that it did not specify what type of behavior could be deemed intended to impede an investigation. Second, the McNulty Memo was non-binding, and thus could not technically control a prosecutor who refused to abide by its provisions. Finally, while the McNulty Memo made explicit that waiver of privilege was not a requirement for cooperation, it still allowed prosecutors to consider a waiver of privilege in evaluating cooperation.

D. Codified Policy Shifts: The Filip Memorandum

On August 28, 2008, the Second Circuit upheld the Stein decision of the lower court. On the same day, Deputy Attorney General Mark Filip issued the Filip Memo, which replaced and superseded the McNulty Memo, walking back the DOJ policy on both the issues of waiver of privilege and attorneys’ fees. Unlike the earlier DOJ Memoranda, the Filip Memo was incorporated into the U.S. Attorneys’ Manual, making its rules and policies mandatory for federal prosecutors.

Like the McNulty Memo before it, the Filip Memo listed the same nine factors to be considered by prosecutors in determining whether to prosecute a corporation. The Filip Memo, however, extended what was only discretion afforded to prosecutors in the McNulty Memo and went further by expressly prohibiting requests by prosecutors to obtain non-factual attorney-client privileged material. Instead, the Memo highlighted that cooperation credit turns on the extent to which a corporation discloses “relevant facts” as opposed to an outright waiver of attorney-client and work product protections. In the press release that included Deputy Attorney General Filip’s Memo, the DOJ pointed out the following changes in policy from the McNulty Memo:

  • (1) Cooperation credit no longer depends on the waiver of the attorney-client and attorney work product privileges, as prosecutors should focus on the sufficiency and willingness of a corporation’s disclosure regardless of its sources;
  • (2) Prosecutors are forbidden from requesting attorney-client communications or “non-factual” attorney work product (considered Category II information under the McNulty Memo);
  • (3) Prosecutors are no longer allowed to consider the “advancement of attorneys’ fees” as a factor weighing against awarding cooperation credit;
  • (4) Prosecutors may not consider a corporation’s participation in a joint defense agreement when determining whether to award cooperation credit; and
  • (5) Prosecutors may not consider whether a corporation “disciplined or terminated employees” in evaluating the extent of a firm’s cooperation. Rather, this factor should be considered as part of the larger analysis of a corporation’s compliance program and other remedial steps.

Finally, the Filip Memo promoted the use of deferred and non-prosecution agreements as a “middle ground” to criminal prosecution or declination. Specifically, it stated that “under appropriate circumstances, a deferred prosecution or non-prosecution agreement can help restore the integrity of a company's operations and preserve the financial viability of a corporation that has engaged in criminal conduct, while preserving the government's ability to prosecute a recalcitrant corporation that materially breaches the agreement. Such agreements achieve other important objectives as well, like prompt restitution for victims.”

E. Individuals Beware: The Yates Memorandum

Under the new U.S. Attorneys’ Manual guidelines established in the Filip Memo, prosecutors were able to take advantage of the cooperation credit and the work of corporations that had done their own internal investigations. In addition, the use of deferred and non-prosecution agreements became more common. However, particularly in light of the events of 2008 in the financial sector, critics began to make a steady drumbeat calling for holding individuals accountable for financial and white collar offenses. In response, Deputy Attorney General Sally Yates issued the Yates Memo in 2015, creating waves among the defense bar given the Yates Memo’s emphasis on prosecuting individuals. The Yates Memo effectively codified the DOJ policy of prioritizing the prosecution of individuals in white collar crimes.

Specifically, the Yates Memo stressed six areas of focus for the DOJ in considering the prosecution of individuals within the firm:

  • (1) corporations will be eligible for cooperation credit only if they provide the DOJ with “all relevant facts” relating to all individuals responsible for misconduct, regardless of seniority level;
  • (2) both criminal and civil DOJ investigations will focus on investigating individuals “from the inception of the investigation”;
  • (3) criminal and civil DOJ attorneys should be in routine communication with each other, notifying civil counterparts when conduct giving rise to potential individual liability is discovered;
  • (4) the DOJ will not agree to a corporate resolution that provides immunity to potentially culpable individuals unless there are extraordinary circumstances present;
  • (5) the DOJ will have a clear plan to resolve open investigations of individuals when the case against a corporation is resolved; and
  • (6) civil attorneys, in addition to criminal attorneys, should focus on individuals and take into account issues such as accountability and deterrence, as well as ability to pay fines.

The Yates Memo therefore heightened the standard for corporations to be deemed cooperative by demanding that they provide all information about all individuals responsible, and removed any cooperation credit unless corporations provided this information. The Yates Memo also underscored the idea that an individual prosecution was not off the table simply because a corporation had already settled.

The Yates Memo was met with consternation by many, with predictions that it would result in companies “throwing individuals under the bus,” so to speak. In fact, empirical analyses of the effects of the Yates Memo showed little to no change in the number of individual prosecutions. In 2018, however, Deputy Attorney General Rod Rosenstein walked back the all-or-nothing policy that the Yates Memo established.

On the heels of the Yates Memo, the DOJ created its FCPA Pilot Program in April 2016. As stated in the memorandum outlining the program, the “principal goal [] is to promote greater accountability for individuals and companies that engage in corporate crime by motivating companies to voluntarily self-disclose FCPA-related misconduct, fully cooperate with the Fraud Section, and, where appropriate, remediate flaws in their controls and compliance programs.” In addition, the goals of the Pilot Program are to further deter individuals and companies from engaging in FCPA violations, encourage strong compliance programs, and “increase the Fraud Section’s ability to prosecute individual wrongdoers.”

The Pilot Program memorandum sets out finite requirements companies must meet before being eligible for mitigation credit. The first requirement is timely, voluntary self-disclosure. The disclosure must occur “prior to an imminent threat of disclosure or government investigation”; it must occur “within a reasonably prompt time after becoming aware of the offense; and the disclosure must be fulsome.” Second, the company must cooperate fully in all FCPA matters, meaning it must provide ongoing disclosure of the facts relevant to the wrongdoing at issue; preserve, collect, and disclose all relevant documents; provide updates and disclose relevant facts discovered in the corporate internal investigation; make employees available for interviews by the government; facilitate third-party production of documents from foreign jurisdictions; and provide translations as necessary. Third, companies must perform timely and appropriate remediation, which includes implementation of an effective compliance and ethics program; appropriate discipline of employees responsible for misconduct; and any additional measures the company believes would identify future risks and would demonstrate the recognition of the seriousness of misconduct.

If the above requirements are met, companies are eligible for mitigation credit. According to the Pilot Program memorandum, mitigation credit can be in the form of a different type of disposition, a reduction in fine, or in a different determination regarding the need for a monitor. The requirements of the Pilot Program are not “new” in the sense that the factors included are omnipresent in the 2012 FCPA Guidance issued by the DOJ and SEC. However, the factors are not simply suggestions or “best practices,” but are requirements for eligibility in the Pilot Program itself.

In 2017, the Pilot Program was codified in the Corporate Enforcement Policy within the U.S. Attorneys’ Manual.

III. Modern DOJ Policies

A. The Monaco Memoranda: A Return to the Yates Era (or the Thompson Era?)

To be fair, “Monaco Memo” is not entirely the correct term given that there were actually two important memoranda issued by Deputy Attorney General Lisa Monaco, one in October 2021 and the other in September 2022. Additionally, in March 2023, Deputy Attorney General Monaco implemented another Pilot Program regarding clawback provisions, discussed below.

The 2021 Memo highlighted three important changes to the existing corporate criminal enforcement and practices of the DOJ and U.S. Attorneys. Specifically, the 2021 Monaco Memo instructed prosecutors to take a “holistic approach” when considering a company’s characteristics, “including its history of misconduct, without limiting their consideration to whether past misconduct is similar to the instant offense.” In other words, companies convicted (or even with other non-conviction dispositions) will be considered recidivist companies in the eyes of the DOJ, pursuant to this policy.

Second, the 2021 Monaco Memo reinstated the Yates Memo requirement that in order for a company to receive cooperation credit, it must provide all “relevant facts” relating to the individuals responsible for the conduct. The “individuals responsible” must be all individuals, regardless of position, status, or seniority, inside and outside of the company; in addition, the disclosure about the individuals cannot be cabined to only individuals believed to be “substantially” involved; rather, it must include individuals “deemed to be less than substantially involved in misconduct, [who] may nonetheless have important information.”

Third, the 2021 Monaco Memo revised the standards, policies, and procedures for evaluating the necessity of monitors as part of a corporate criminal resolution. This marked a fairly major shift in DOJ policy regarding monitorships; the takeaway is that the new policy states that the Department “should favor the imposition of a monitor” in certain circumstances. These circumstances include where a corporation’s “compliance program and controls are untested, ineffective, inadequately resourced, or not fully implemented at the time of resolution.”

The final major shift in the 2021 Monaco Memo involved the creation of the Corporate Crime Advisory Group (CCAG), the purpose of which is to “consider and, where necessary, recommend additional guidance” regarding the Department’s approach to prosecuting criminal conduct by corporations and executives. The creation of the CCAG became part of the reason for the second Monaco Memo in 2022, given that the 2022 Monaco Memo stated that it incorporated input and advice from the CCAG among others.

The 2022 Monaco Memo kept the same tone that was struck in the 2021 Monaco Memo, evincing a hard-charging DOJ that would not go easy on recidivists or individuals, and would require more monitorships. However, the 2022 Monaco Memo had other shifts in corporate prosecution strategies and policies. These shifts in policy apply to the following areas, which this Article will address in turn:

  • (1) Cooperation credit and the timeliness of disclosure of information learned in internal investigations, particularly as pertaining to individuals
  • (2) Assessing prior corporate misconduct
  • (3) The benefits of voluntary self-disclosure
  • (4) Clarification on cooperation credit
  • (5) Corporate policies inuring to potentially culpable individuals, including clawback provisions in executive compensation, and use of personal devices
  • (6) Monitors.

Timeliness. With respect to timeliness, the 2022 Monaco Memo stated that individual accountability is paramount for corporate prosecution. As stated in the 2021 Monaco Memo, companies must provide all relevant, nonprivileged facts about individual misconduct in order to receive cooperation credit. The 2022 Monaco Memo added to that requirement that the disclosures about individuals be “swift and without delay.” Further, “prosecutors will consider, for example, whether a company promptly notified prosecutors of particularly relevant information once it was discovered, or if the company instead delayed disclosure in a manner that inhibited the government’s investigation.” This statement was coupled with the threat that “[c]ompanies that identify significant facts but delay their disclosure will place in jeopardy their eligibility for cooperation credit.”

In a speech accompanying the release of the 2022 Monaco Memo, Deputy Attorney General Monaco put the timeliness requirement more bluntly:

We need to do more and move faster. So, starting today, we will take steps to empower our prosecutors, to clear impediments in their way, and to expedite our investigations of individuals.

To do that, we will require cooperating companies to come forward with important evidence more quickly.

Sometimes we see companies and counsel elect—for strategic reasons—to delay the disclosure of critical documents or information while they consider how to mitigate the damage or investigate on their own. Delayed disclosure undermines efforts to hold individuals accountable. It limits the Department’s ability to proactively pursue leads and preserve evidence before it disappears. As time goes on, the lapse of statutes of limitations, dissipation of evidence, and the fading of memories can all undermine a successful prosecution.

In individual prosecutions, speed is of the essence.

Going forward, undue or intentional delay in producing information or documents—particularly those that show individual culpability—will result in the reduction or denial of cooperation credit. Gamesmanship with disclosures and productions will not be tolerated.

If a cooperating company discovers hot documents or evidence, its first reaction should be to notify the prosecutors. This requirement is in addition to prior guidance that corporations must provide all relevant, non-privileged facts about individual misconduct to receive any cooperation credit.

Prior Misconduct. Regarding the instruction to consider prior corporate misconduct, the Monaco Speech acknowledged “no issue had garnered more discussion” than the 2021 Monaco Memo requirement to consider a company’s full criminal, civil, and regulatory record when deciding upon a resolution. The 2022 Memo backtracked a bit on the 2021 policy. In particular, the 2022 Memo stated that “dated” conduct, meaning criminal conduct that occurred over ten years prior to the conduct at issue, or civil or regulatory resolutions that occurred more than five years prior might not be considered recidivist conduct. Other factors beyond the timing of the prior (mis)conduct could factor into a prosecutor’s analysis, including whether the company operates in a highly regulated industry, whether there has been significant changes to management, prior misconduct by an entity that was later acquired, and whether the current misconduct shares the same “root causes” as the prior misconduct.

Given this background, the 2022 Monaco Memo still suggested that prosecutors should “disfavor” a DPA or NPA with a company that has had a prior DPA or NPA, especially if the conduct is similar in nature. In addition, the 2022 Memo acknowledges that a company’s prior admissions in earlier dispositions will be taken into account.

Voluntary Self-Disclosure. The 2022 Memo offered additional guidance regarding the benefits of voluntary disclosure, and Deputy Attorney General Monaco underscored this in her speech, saying “the clearest path to avoiding a guilty plea or indictment is voluntary self-disclosure.” She stated further: “Our goal is simple: to reward those companies whose historical investments in compliance enable voluntary self-disclosure and to incentivize other companies to make the same investments going forward.”

Given this, the 2022 Monaco Memo instructed each division of the Department of Justice to create a formal, written corporate voluntary self-disclosure policy. Similar to the policy first enacted in the FCPA Pilot Program, the 2022 Monaco Memo stated that the Department, “absent the presence of aggravating factors, will not seek a guilty plea where a corporation has voluntarily self-disclosed, fully cooperated, and timely appropriately remediated criminal conduct.” In addition, the Memo stated that a monitor will not be imposed if the corporation voluntarily self-disclosed and if it demonstrates that is has implemented and tested an effective compliance program.

Cooperation Credit. Similar to earlier DOJ Memoranda, the 2022 Monaco Memo reiterated that cooperation credit will not be predicated upon waiver of the attorney-client privilege or work product protection. Interestingly, the 2022 Monaco Memo stated that companies seeking credit must “timely preserve, collect and disclose relevant documents located both within the United States and overseas.” While many foreign countries impose data privacy laws that prohibit the sharing of materials outside of their borders, the Monaco Memo placed the burden on the companies to “establish the existence of any restriction on production and of identifying reasonable alternatives to provide the requested facts and evidence . . . and to work diligently to identify all legal bases to preserve, collect, and produce such documents, data, and other evidence expeditiously.

Suggesting that companies are able to rewrite or simply ignore foreign laws, the Memo continued with the idea that prosecutors shall provide credit to “corporations that find ways to navigate such issues of foreign law and produce such records. Conversely, where a corporation actively seeks to capitalize on data privacy laws and similar statutes to shield misconduct inappropriately from detection and investigation by U.S. law enforcement, an adverse inference as to the corporation’s cooperation may be applicable if such a corporation subsequently fails to produce foreign evidence.”

This statement requires some serious consideration, given its implications. The 2022 Monaco Memo suggested that a corporation will not receive cooperation credit if it . . . complies with foreign data privacy laws, essentially. The implications of this stance are discussed further below.

Corporate Culture and Policies. The 2022 Monaco Memo discussed the necessity of reviewing a corporation’s culture, including its compliance program, as well as various company policies. Among these are the compensation structures that promote compliance. Specifically listed among these policies are executive compensation agreements that have clawback provisions if the executive is found to have contributed to the criminal conduct. Other policies that will be considered include the use of non-disclosure or non-disparagement provisions in executive compensation agreements, severance agreements, or other financial arrangements. Also considered by prosecutors in assessing the culture of compliance will be the corporate policies regarding the use of personal devices and third-party applications, and whether corporate documents are adequately being preserved and recorded.

Monitors. The 2022 Monaco Memo included a list of ten factors to consider when evaluating the appropriateness of a monitor. Seemingly toning down the rhetoric from the 2021 Monaco Memo, the 2022 Monaco Memo stated that prosecutors “will not apply any general presumption against requiring an independent compliance monitor [] as part of a criminal resolution, nor will they apply any presumption in favor of imposing one.” Finally, the 2022 Memo included guidance about the selection of monitors, and the continued review of monitorships by the Department.

In sum, the 2022 Monaco Memo demanded an incredibly deferential standard of behavior for corporations to be deemed “cooperative” by prosecutors. Increased DOJ expectations of cooperative behavior could tip the balance for corporations in deciding whether to cooperate—when cooperation becomes more exacting than launching a defense, corporations may opt for the latter.

B. Policy Changes Ushered in by the Monaco Memoranda Corporate Enforcement Policy

On January 17, 2023, Assistant Attorney General Kenneth Polite announced changes to the FCPA Corporate Enforcement Program (CEP) and added clarity around the value proposition of voluntary self-disclosure, among other facets of the policy.

Under the revised CEP, companies may be able to receive a declination even if aggravating factors are present. This is a change from the previous CEP which disqualified from a declination any company that had an aggravating factor, such as a recidivist company. Thus, under the revised CEP, although a company will not qualify for a presumption of a declination if aggravating circumstances are present, prosecutors may nonetheless determine that a declination is an appropriate outcome if the company “demonstrates to the Criminal Division that it has met all of the following factors:

  • The voluntary self-disclosure was made immediately upon the company becoming aware of the allegation of misconduct;
  • At the time of the misconduct and disclosure, the company had an effective compliance program and system of internal accounting controls, which enabled the identification of the misconduct and led to the company’s voluntary self-disclosure; and
  • The company provided extraordinary cooperation with the Department’s investigation and undertook extraordinary remediation that exceeds the respective factors listed herein.”

As noted above, a declination from prosecution is no longer the presumption. However, if all three factors listed are present, the Criminal Division will recommend at least a 50 percent reduction from the Sentencing Guidelines, and up to a 75 percent reduction. The case for recidivist companies, however, is different. Polite’s speech underscored that recidivist companies’ reduction will “generally not be from the low end of the fine range” and that “prosecutors will have discretion to determine the starting point within the Guidelines range.” That said, Polite reiterated that this overall revision is a “significant increase” from the previous maximum reduction of 50 percent off the Guidelines range.

What happens if a company does not voluntarily self-disclose, or is “scooped” before getting to the DOJ? The revised CEP states that such a company can avail itself of a 50 percent reduction in the low end of the Guidelines range, provided the company cooperates in a timely manner and appropriately remediates the issue. After laying out the carrot, Assistant Attorney General Polite reminded corporations of the stick, stating: “every company starts at zero cooperation credit and must earn it based on the parameters and factors outlined in the CEP. This is not a race to the bottom. A reduction of 50% will not be the new norm; it will be reserved for companies that truly distinguish themselves and demonstrate extraordinary cooperation and remediation.”

Assistant Attorney General Polite must have known that most attorneys in the defense bar, as well as in-house counsel, would question what he meant by “extraordinary” cooperation, because he continued in his speech by stating that the differences between “full” and “extraordinary” cooperation are “perhaps more in degree than in kind.” Further, “[t]o receive credit for extraordinary cooperation, companies must go above and beyond the criteria for full cooperation set in our policies—not just run of the mill, or even gold-standard cooperation, but truly extraordinary. . . . And of course, the facts and circumstances of each case will be unique.”

The themes from Assistant Attorney General Polite’s speech echoed that of Deputy Attorney General Monaco: timeliness/speed; extraordinary cooperation; and individual accountability. As for whether timeliness and speed, in conjunction with extraordinary cooperation, is code for “waiver of attorney-client privilege,” the DOJ stated in its revised CEP: “As set forth in JM 9-28.720, eligibility for cooperation or voluntary self-disclosure credit is not in any way predicated upon waiver of the attorney-client privilege or work product protection, and none of the requirements above require such waiver. Nothing herein alters that policy, which remains in full force and effect.” And as for the question about individual accountability, Assistant Attorney General Polite emphasized that point: “Our number one goal in this area—as we have repeatedly emphasized—is individual accountability. And we can hold accountable those who are criminally culpable—no matter their seniority—when companies come forward and cooperate with our investigation.”

1. Pilot Program 2.0—Clawback Edition

In March 2023, Deputy Attorney General Monaco announced at the annual ABA White Collar Crime Conference that the DOJ had initiated a Pilot Program regarding executive clawback provisions, which became effective March 15, 2023. Clawback provisions were listed as a new policy in Deputy Attorney General Monaco’s speech in 2022, so the Pilot Program outlined in the 2023 speech was not a new policy per se, but rather provided additional granularity on a topic the DOJ had previewed earlier. The clawback policy, understandably, lines up with the Department’s goal to shift the burden of corporate criminal behavior—and the attendant penalty—to individuals.

The Pilot Program, which will run for three years, requires that any company resolving a criminal investigation with the DOJ “implement criteria related to compliance in its compensation and bonus system.” The Program stipulates that factors that will be considered include, but are not limited to:

  • (1) a prohibition on bonuses for employees who do not satisfy compliance performance requirements;
  • (2) disciplinary measures for employees who violate applicable law and others who both (a) had supervisory authority over the employee(s) or business area engaged in the misconduct and (b) knew of, or were willfully blind to, the misconduct; and
  • (3) incentives for employees who demonstrate full commitment to compliance processes.

If a company can recoup the compensation, it will pay the applicable fine to the DOJ, minus a reserved credit equaling the amount of compensation the company is attempting to claw back from the culpable individuals. Even companies who attempt in good faith but are unsuccessful in getting the money will be considered for a reduction of up to 25 percent of the amount that they attempted to claw back.

2. Evaluation of Corporate Compliance Programs

In conjunction with the Clawback Pilot Program, the DOJ updated its guidance on Evaluation of Corporate Compliance Programs (ECCP) in March 2023. The updated ECCP acknowledges that the adequacy and effectiveness of a corporate compliance program has long been a factor that prosecutors consider when making a charging decision. Citing to the Justice Manual, the revised ECCP states that the three fundamental questions a prosecutor should ask when considering the effectiveness of a corporate compliance program are the following: (1) is the compliance program well designed? (2) is the program being applied earnestly and in good faith, with adequate resources to allow it to function effectively? and (3) does the compliance program work in practice?

In evaluating the first fundamental question concerning the design of a compliance program, the ECCP instructs prosecutors to consider whether the company: (1) did a proper risk assessment; (2) had updated policies and procedures; (3) had an adequate training and communications program to disseminate critical information; (4) installed confidential reporting avenues and had a process for investigating reports of misconduct; (5) performed risk-based due diligence of all third-party relationships; and (6) preformed due diligence for any possible merger or acquisition.

For the second fundamental question, the revised ECCP focuses on the culture of senior and middle management. In addition, this fundamental question considers compensation structures and “consequence management,” which dovetails with the Clawback Pilot Program. The second fundamental question also considers resource allocation among compliance professionals.

Finally, the third fundamental question contemplates whether the compliance program has been tested and evaluated, considering the role of the audit committee. This fundamental question also addresses any past misconduct and asks prosecutors to evaluate the remediation and accountability measures undertaken.

What is notable about the updates to the ECCP are two significant policy additions: (1) the consideration of compensation structures, including possible escrow accounts to defer compensation if they are tied to conduct consistent with company values and policies; and (2) policies regarding personal devices and messaging platforms. Both of these policy shifts were addressed in Monaco’s 2022 speech, but the ECCP put those grander theories into more detail. Specifically, prosecutors are now tasked with evaluating whether a company’s policies regarding use of personal devices and messaging apps are tailored to the corporation’s risk profile and business needs. This includes whether the company allows personnel to “bring their own device” to work or not. Prosecutors will want to see a policy that requires data preservation, regardless of which device upon the business is taking place. In addition, the ECCP states that during an investigation, prosecutors will ask about a company’s ability to access communications that took place over ephemeral messaging apps and whether those messages are stored on company servers.

3. Update on Corporate Monitorships

To cap off the sweeping shift in policies issued by the DOJ in March 2023, the Department also issued an update on corporate monitorships, in the form of a memorandum issued by Assistant Attorney General Polite. Polite reiterated what Deputy Attorney General Monaco had stated in 2022—that is, that prosecutors should not apply presumptions for or against monitors. Instead, the Memorandum instructs that prosecutors should consider ten

non-exhaustive factors when assessing the necessity and potential benefits of a monitor:

  • 1. Whether the corporation voluntarily self-disclosed the underlying misconduct in a manner that satisfies the particular DOJ component’s voluntary self-disclosure policy;
  • 2. Whether, at the time of the resolution and after a thorough risk assessment, the corporation has implemented an effective compliance program and sufficient internal controls to detect and prevent similar misconduct in the future;
  • 3. Whether, at the time of the resolution, the corporation has adequately tested its compliance program and internal controls to demonstrate that they would likely detect and prevent similar misconduct in the future;
  • 4. Whether the underlying criminal conduct was long-lasting or pervasive across the business organization or was approved, facilitated, or ignored by senior management, executives, or directors (including by means of a corporate culture that tolerated risky behavior or misconduct, or did not encourage open discussion and reporting of possible risks and concerns);
  • 5. Whether the underlying criminal conduct involved the exploitation of an inadequate compliance program or system of internal controls;
  • 6. Whether the underlying criminal conduct involved active participation of compliance personnel or the failure of compliance personnel to appropriately escalate or respond to red flags;
  • 7. Whether the corporation took adequate investigative or remedial measures to address the underlying criminal conduct, including, where appropriate, the termination of business relationships and practices that contributed to the criminal conduct, and discipline or termination of personnel involved, including with respect to those with supervisory, management, or oversight responsibilities for the misconduct;
  • 8. Whether, at the time of the resolution, the corporation’s risk profile has substantially changed, such that the risk of recurrence of the misconduct is minimal or nonexistent;
  • 9. Whether the corporation faces any unique risks or compliance challenges, including with respect to the particular region or business sector in which the corporation operates or the nature of the corporation’s customers; and
  • 10. Whether and the extent to which the corporation is subject to oversight from industry regulators or is receiving a monitor from another domestic or foreign enforcement authority or regulator.

While it is helpful to see all of the updates to the policies and procedures listed out and detailed as above, the import of this Article is to analyze what those changes will mean in practicality. The implications of these sometimes sweeping and sometimes subtle shifts in policies from the DOJ are addressed below.

IV. Implications of Current DOJ Policies

There certainly have been a number of pendulum swings over the past decades of DOJ memoranda and policies, with the Thompson Memo representing a high-water mark of government power because it called for the waiver of attorney-client privilege. The Stein case in the Second Circuit and the same-day Filip Memorandum “re-righted the ship” somewhat, but the 2022 Monaco Memo both re-establishes the stance from the Yates Memo regarding individual accountability, and inches closer toward the Thompson Memorandum policies through the soft standard of “extraordinary” cooperation.

While the 2022 Monaco Memo and the attendant policy changes that they ushered in may not be earth-shattering in scope, the recent policy shifts mark an inflection point, forcing us to stop and consider the general structure of corporate cooperation and corporate criminal prosecution writ large, including the normative and constitutional implications of stricter requirements for corporate cooperation. The concerns that arose in response to the Thompson Memo remain. Further, the practical implications of dangling an ever-more elusive carrot in the form of cooperation credit may result in more companies refusing to cooperate, which would wreak havoc on the current process for handling potential FCPA investigations and prosecutions. This Part addresses particular implications of the current DOJ policies and concludes by addressing the broad question about whether cooperation is a legitimate value proposition.

A. Implications for Attorney-Client Privilege: Timeliness and “Extraordinariness” as Proxy for Waiver

Is the current 2023 DOJ policy simply a reboot of the Thompson Memo? Not exactly. Importantly, there is no forced waiver of attorney-client privilege under the current policy. However, the push for real-time disclosure and “extraordinary” cooperation (above and beyond “full cooperation”) seem to be a wink by the DOJ that waivers of attorney-client privilege would be “seen favorably.” If nothing else, the tone of the 2022 Monaco Memo suggests that there could be a “culture of waiver,” a term defined and explained by Professor Katrice Bridges Copeland.

Although Deputy Attorney General Monaco subsequently backtracked from the line in her 2022 speech, the sentiment expressed in that speech was clear—a corporation’s “first call” upon discovering a hot document should be to the government. Nevertheless, a culture wherein a “first call” is not to a company attorney but instead to the government is arguably beyond a culture of waiver—it is side-stepping seeking legal advice entirely, thereby eviscerating the functional role of defense counsel, be it in-house or outside, and creating significant risk for both the company and the individuals who work for the company.

At what point do we get Stein 2.0? When will the demand for “extraordinary” cooperation become a soft requirement for waiver? It is possible that the issue will never get to the courts. Such an outcome would be likely only when an individual, who would be willing to take these matters to trial because of the real threat of incarceration, was implicated for the effective waiver, much like the defendants at KPMG in Stein.

Of course, there are issues for the firm if it waives its attorney-client privilege; more importantly, however, there are significant implications for the individuals inside the firm if the company waives its attorney-client privilege and those materials implicate certain individuals. This is the design of the DOJ policy, which emphasizes that individuals must be held accountable for any illegal acts. But individuals in this context could be operating with one hand tied behind their backs because their employer could be turning over incriminating documents and interviews that help the government make a criminal case against them as individuals.

B. Implications for Defense Attorneys: Deputized Government Agents?

While real-time disclosure may not be as obvious as treading upon the sacrosanct attorney-client privilege, real-time disclosure of documents and other materials is effectively sidestepping any attempt or availability of providing both a privilege review and potentially creating a defense strategy. It is the effective deputization of in-house and outside defense counsel. This point may seem identical to the prior one in Part IV.A, but there is a critical, albeit nuanced, distinction: it is the structure of the process of real-time disclosure, rather than the effective waiver of privilege that I am addressing here. According to the Monaco Speech, “strategization” by corporations will be deemed un-cooperative. Given this statement, what then is the role of defense counsel at all? If defense counsel are merely a pass through, Sixth Amendment issues result.

Companies, like individuals, have a right to counsel. Companies have a right to a robust defense. This is not inapposite to a culture of cooperation. Companies, like individuals, should be able to have a defense strategy and plan without being punished for it, and losing out on the “carrot” of cooperation credit.

Moreover, individuals within the corporation also have a right to counsel. This fact might be at odds with the fact that a corporation’s defense requires implication of individuals, creating a conflict of interest for many at the firm. As noted above in Part IV.A, this conflict of interest has very real consequences for individuals who can go to jail, unlike the corporation. The liberty interests at stake between individuals and the corporation are vastly different and call for some significant protections for individuals who might operate under the assumption that corporate counsel represents them as individuals.

C. Implications for Corporate Compliance Officers

The Corporate Compliance Officer (CCO) is a relatively recent addition to corporate organizations and, unsurprisingly, is often tasked with all responsibilities relating to corporate compliance. The implications of the tougher stance by the DOJ toward individuals may fall squarely within the realm of the CCO. Put another way, CCOs may be in the DOJ’s crosshairs more than ever before. Moreover, placing fault at the feet of the CCO may result in a divergence of interests between in-house legal teams and compliance teams, as explained below.

1. Increased Liability: CCO Certification

First, let us examine the potential increase in risk given to CCOs. In 2022, the DOJ rolled out the requirement of a CCO certification. The idea was first raised by Assistant Attorney General Polite on March 25, 2022. Polite explained in a speech that the DOJ expects companies to have compliance programs that (1) are well-designed, (2) are adequately resourced and empowered to function effectively, and (3) work in practice. In that speech, Polite announced that prosecutors have been instructed to consider requiring chief executive officers and chief compliance officers to certify (1) the accuracy of annual reports submitted pursuant to corporate resolutions and (2) that their compliance program is reasonably designed and implemented prior to releasing the company from its obligations under a resolution agreement.

In May 2022, the DOJ announced a new policy requiring CCOs to sign off on certain agreements with the Department, including NPAs and DPAs. In a speech to the Securities Industry and Financial Markets Association, Deputy Attorney General Monaco stressed that the new policy is meant to “empower” the CCO, to ensure that the CCOs are “in the room” and reporting to the board directly about what has or has not gone on in the course of fulfilling the company's obligations, and to promote the concept that “the business is taking ownership of its role in the compliance program and the Head of Compliance receives all relevant compliance-related information and can voice any concerns prior to certification.”

In sum, the CCO (or whomever in the organization is functioning as the CCO) now needs to certify that the corporate compliance program is “reasonably designed” in order for the company to receive any resolution with the DOJ. Certification is not mere window dressing; it carries with it the risk of 18 U.S.C. § 1001 liability for lying to a government agent.

2. Different Agendas Among CCOs and In-House Counsel

With the elevation and increased visibility of the CCO, it seems the person in that position would be a likely target for culpable individuals involved in possible misconduct. Given that the DOJ will require companies to offer up individuals as part of any resolution that includes cooperation credit, do the roles of defense counsel and the role of CCO begin to show a conflict of interest? Meaning, will the GC and CCO always have the same interest at heart?

This point is an extension of the issues detailed in Parts IV.A and B. For a company to receive cooperation credit, it cannot be “strategizing”; it might need to offer a waiver of its attorney-client privilege; and it will need to point fingers at culpable individuals, perhaps including the CCO. This situation could put the in-house and outside counsel at odds with the compliance personnel. For example, in-house and outside defense counsel may be incentivized to provide incriminating documentation regarding the compliance office and the likely ineffective compliance program at the time of the misconduct. After all, had the compliance program passed muster, the company likely would not be in a situation with the DOJ that would require corporate efforts for cooperation credit. Conversely, there could be a division of interest between CCOs and defense counsel if defense counsel opts to strategize and not provide an effective waiver of attorney-client privilege, or offer up individuals as guilty parties. CCOs likely would advise full and robust compliance with DOJ policies, which might be at odds with a defense strategy.

D. Implications Regarding Foreign Data Privacy Laws and Labor Laws

As noted above, the new DOJ policies will take into account the effort companies make to secure documents from abroad. Indeed, the 2022 Monaco Memo stated that cooperation credit will be considered for “corporations that find ways to navigate such issues of foreign law and produce such records. Conversely, where a corporation actively seeks to capitalize on data privacy laws and similar statutes to shield misconduct inappropriately from detection and investigation by U.S. law enforcement, an adverse inference as to the corporation’s cooperation may be applicable if such a corporation subsequently fails to produce foreign evidence.”

This statement in the 2022 Monaco Memo creates significant implications for global companies. To be clear, either foreign data privacy laws apply to the material sought, or they do not. “Navigating” around the purpose and function of foreign laws, enacted to protect foreign employees, suggests an aggressive stance by the DOJ that could affect future Mutual Legal Assistance Treaties (MLATs) and international coordination. Many foreign jurisdictions prohibit sharing of personal data.

Beyond the issue around data privacy and the varying regulations around the world, another provision of the current DOJ policy that could be problematic when dealing with foreign activity is the clawback provision. In certain foreign jurisdictions, including China and France, there are bars or limits to clawbacks from bonuses. Complying with DOJ’s policies could force companies to deal with employee lawsuits from the clawback procedure.

E. Empty “Value Proposition” for Self-Disclosure and Cooperation

Finally, and perhaps most important in a theoretical and normative sense, is the question about what happens when this all goes too far and companies do not think the “value proposition” of cooperation credit is worth it anymore because it is too much of a gamble? This seems like a line from a bad cop movie that would go something like this: “If you’re going to kill me either way, let’s do it the way where I don’t tell you anything.”

Perhaps it is curious that I chose to list the driving thesis of this piece as the last argument in this section. The reason for that is that all of the factors listed above play into this important final section. Meaning, the calculus a company will engage in regarding voluntary self-disclosure and cooperation must take into account: (1) the implications concerning what will be required of the firm, including the possible waiver of attorney-client privilege; (2) what the likely consequences will be for the individuals in the firm, including the individuals in the role of defense counsel, both in-house and outside; (3) the implications and requirements for the compliance personnel; and (4) the legal, political, and business ramifications for any international work the company does if clawback and data privacy laws in foreign countries must be eschewed in order to meet the cooperation standard required by the DOJ.

The DOJ needs the culture of compliance and the voluntary self-disclosure regime in order to have the resources to take on these major complex corporate crimes. The balance between government and cooperating companies is a precarious one, but is a house of cards that needs to be intact for both sides to come out ahead. If companies balk at providing information from internal investigations, will the government actually be able to mount an effective prosecution? In other words, a nefarious corporate strategy could be: “we won’t tell you anything about where the bodies are buried, knowing that you don’t have the resources to dig them up.”


As this Article has laid out, corporate cooperation in criminal matters is a relatively new phenomenon in the arc of criminal law, meaning, it has seen about forty years of testing. The requirements and standards for corporate cooperation, however, have fluctuated over the last twenty-five years. The requirements and standards are set by the DOJ, which recently issued additional guidance for corporate cooperation. The recent guidance harkens back to an earlier era of corporate compliance that placed significant burdens on corporations to waive privileges, and even violated a constitutional right to counsel in the case of employees’ litigation fees. The implications of this new tone and stance of the DOJ are problematic for the same reasons that the earlier era of overly strong government tactics proved to be problematic. While maybe not going as far as the Thompson Memo did in terms of requirements, the 2022 Monaco Memo certainly swings the pendulum back in that direction, begging the question about what will be considered too much for companies to perform in order to receive the carrot of cooperation credit. Further, this Article questions the risk calculus that will occur in companies if the carrot is deemed “unobtainable.” The ripple effects of companies being willing to forego cooperation credit would result in many government investigations coming to a halt, given the somewhat-symbiotic relationship companies and the government need to continue in order for resolutions, particularly FCPA resolutions, to take place.

Many thanks to the participants in the Duke Law School Compliance Roundtable, the Ethics and Compliance Institute Fellows, and to Miriam Baer, Suneal Bedi, Sam Buell, Kevin Davis, Charles Duross, Todd Haugh, Karen Popp, Veronica Root Martinez, and F. Joseph Warin. Thanks also to the participants in the ComplianceNet conference at American University Washington College of Law. Many thanks to Cole Davidson and Lidia Kurganova for superb research assistance.