Top Ten Changes to the DOJ/SEC FCPA Resource Guide

On July 3, the US Department of Justice (DOJ) and Securities and Exchange Commission (SEC) issued the second edition of the Resource Guide to the US Foreign Corrupt Practices Act (the 2020 Guide), the first full-scope overhaul of the Resource Guide since its issuance in 2012.^[1]  

The original edition of the Resource Guide (the 2012 Guide) was prompted by the OECD Phase 3 review of the United States, as the original guide acknowledges, and this update may have had a similar impetus. Work on the second edition reportedly began about six months ago, and would have followed the OECD Phase 4 review of the United States late last year. With the pandemic perhaps giving prosecutors more time to reflect, the timing may have turned out to be propitious.

A detailed comparison of the additions and changes is available at this link. Some of the changes are nuanced, and it is useful to see the prior language. Steptoe's alert on the 2012 edition is also available here. 

The structure and scope of the second addition is unchanged. The vast majority of the additions and changes are simply updates to the original edition of the 2012 Guide based on settlements, judicial decisions (including the decisions of the US Supreme Court in Kokesh v. SEC and Liu v. SEC), and the evolution of enforcement policy (the Evaluation of Corporate Compliance Programs, Corporate Enforcement Policy, No Piling On Policy, and new guidance on monitorships) in the intervening eight years, and do not evidence a fundamental rethinking of the enforcement agencies' view of the statute or its enforcement. Nevertheless, the 2020 Guide represents the most comprehensive, current collective thinking of the two key enforcement agencies about those topics, and therefore merits careful scrutiny. Moreover, the 2020 Guide contains some subtle additions and changes that may prove to be important. 

Having said that, the Resource Guide has limitations and must be recognized for what it is (and is not). Its focus is very much on US law and enforcement, and with limited exceptions (principally the discussion of the "No Piling On" policy), does not provide much guidance to those dealing with the brave new world of multijurisdictional cases, or cases where there are requests for formal or informal mutual legal assistance or extradition. It is very much about the supply side of bribery (in keeping with its topic), although it does briefly tip its hat to the demand side in a section on the use of anti-money laundering laws. Victims and others seeking to recover diverted funds will also find it of little use. Those seeking further insight on how disgorgement is calculated will be frustrated. Its focus on DOJ and SEC enforcement—natural given the authors—while representing the two major enforcers, may not fully convey the ever-increasing array of relevant actors in the anti-bribery arena, even within the United States. Nor is it easy to glean from it answers to the oft-posed questions about enforcement trends and priorities. Subtle differences in presentation of the newer enforcement policies raise questions about possible divergence between FCPA and more general DOJ criminal enforcement in the evaluation of corporate compliance programs as well as between prior policy statements and this guidance document.  

Despite these limitations, and as with the original edition, the 2020 Guide will be an important desktop reference for all whose work touches this area, if not as the definitive word, at least to provide the current perspective of the key US enforcement agencies. 

Beyond updates, below are the top 10 items (representing additions, changes, or their absence) we have distilled from the revised edition. A more detailed discussion of these and other updates, organized by chapter, follows. 

1. Increased emphasis on the accounting provisions, especially in the criminal arena, while clarifying the mens rea requirement for criminal violations [Chapters 1 and 3]

2. Continued emphasis on aggressive jurisdictional theories for anti-bribery liability, especially involving foreign persons [Chapter 2]

3. Pushback on adverse judicial decisions, at least from the lower courts [Chapters 2 and 3]

4. Acknowledgement that compliance programs and internal accounting controls are not coterminous (to what ultimate effect remains to be seen) [Chapter 3]

5. Increasing focus on "lessons learned" as a hallmark of an effective compliance program along with other important updating of compliance program expectations [Chapter 5]

6. Possible increased benefits of a properly risk-grounded compliance program when a problem arises [Chapter 5]

7. Reiteration of third-party liability standards (while raising some questions regarding risk management practices) [Chapter 5]

8. Some refinement of the theory of parent/subsidiary liability [Chapters 2 and 5]

9. Continued de-emphasis of successor liability risks [Chapters 2 and 5]

10. Clarifying the priority of "issuer" over "domestic concern" status when a firm qualifies as both [Chapter 2] 

Chapter 1: Introduction

The introduction largely sets the stage for what is to come in the later chapters. Having said that, there are a few additions or changes worth brief mention:  

• On page 2, the authors highlight the DOJ's criminal FCPA enforcement authority over issuers and their officers, directors, shareholders, employees, and agents.
• Page 2 also reflects a stronger statement about the authority of Main Justice/the FCPA Unit vis-à-vis US Attorneys Offices.
• Page 4, with respect to the role of the FBI, now references multiple dedicated squads, whereas previously the reference was singular. 

Conversely, the introduction does not materially revise the discussion of the international landscape, although it prioritizes the OECD and UN Conventions over regional instruments.

Chapter 2: Anti-Bribery Provisions

The 2020 Guide does not set forth any major new interpretive theories of the anti-bribery provisions. The most significant additions and changes in this chapter relate to jurisdiction and the statute of limitations. Several of these are part of our top 10 changes set forth above. 

Jurisdictional Updates 

The 2020 Guide includes clarifications and updates to its description of the anti-bribery provisions' jurisdictional reach. 

First, the 2020 Guide clarifies that, consistent with the FCPA's statutory language, the anti-bribery provisions applicable to "domestic concerns"^[2] do not apply to such concerns to the extent they are also "issuers" subject to the FCPA's "issuer" provisions.^[3] For example, language has been added to state that a company that is organized or headquartered in the United States and, therefore, normally would be considered a "domestic concern" is not subject to § 78dd-2  if it is also an "issuer" subject to anti-bribery jurisdiction under §78dd-1.^[4] "Issuers" are, of course, also subject to the FCPA's accounting provisions. 

Second, in its discussion of conspiracy and aiding and abetting liability for anti-bribery violations, the 2020 Guide continues to assert that foreign companies and individuals may be liable under traditional conspiracy and complicity law, even if they could not independently be charged with an FCPA violation. This theory has been the basis for a number of prior, settled corporate FCPA enforcement actions involving foreign, non-issuer defendants. 

The 2020 Guide acknowledges an important decision the Second Circuit issued in 2018 in United States v. Hoskins holding that the government could not circumvent the FCPA's jurisdictional provisions by relying on a conspiracy theory.^[5] The Second Circuit concluded in that case that "foreign nationals may only violate the statute outside the United States if they are agents, employees, officers, directors, or shareholders of an American issuer or domestic concern."^[6] The 2020 Guide treats this case as an exception from "normal principles of conspiracy liability,"^[7] however, and notes that a district court in the Seventh Circuit reached the opposite result in United States v. Firtash.^[8] 

The 2020 Guide further seeks to limit Hoskins by explicitly pointing out in Chapter 3 (on the accounting provisions) that the latter provisions apply to "any person," and thus "are not subject to the reasoning in the Second Circuit's decision in Hoskins limiting conspiracy and aiding and abetting liability under the FCPA anti-bribery provisions." 

We expect to see further litigation of this issue, as well as reliance on other expansive theories of jurisdiction (e.g., under anti-money laundering laws) to reach non-US defendants involved in foreign corruption. 

Notably, the 2020 Guide maintains the DOJ’s long-standing interpretation of its territorial jurisdiction under § 78dd-3 as covering not only foreign, non-issuer defendants who engage in one or more corrupt acts while in US territory, but also conferring jurisdiction "whenever a foreign company or national causes an act to be done within the territory of the United States by any person acting as that company's or national's agent."^[9] Although a number of companies have settled FCPA matters on this basis, the 2020 Guide does not mention recent district court rulings that have cast doubt on this interpretation by holding that a foreign, non-issuer defendant must have committed corrupt acts while "physically present" in US territory to be subject to FCPA jurisdiction under § 78dd-3.^[10]   

Statute of Limitations Updates 

For criminal actions, the 2020 Guide clarifies that, while 18 U.S.C. § 3282’s general five-year limitations period applies to substantive violations of the FCPA's anti-bribery provisions, violations of the accounting provisions, which under 18 U.S.C. § 3301(a) are "securities fraud offense[s],"^[11] carry a six-year statute of limitations.^[12] The 2020 Guide further notes that the statute of limitations for conspiracy offenses under 18 U.S.C. § 371 follows the limitations period of the underlying violation, meaning a five-year limitations period for anti-bribery conspiracy violations and a six-year period for accounting conspiracy violations. (The 2012 Guide did not distinguish between the limitations period for anti-bribery and accounting provision violations.) Companies and others subject to the FCPA's accounting provisions will want to keep the extended limitations period in mind when assessing risks and any allegations of misconduct. 

The 2020 Guide notes that for SEC civil actions seeking a civil fine, penalty, or forfeiture, 28 U.S.C. § 2462 provides a five-year limitations period. While that limitations period does not stop the SEC from seeking equitable remedies, such as an injunction, for acts outside of the five-year period, the 2020 Guide now mentions the Supreme Court's 2017 decision in Kokesh v. Securities and Exchange Commission. In Kokesh, the Supreme Court unanimously held that disgorgement in SEC enforcement actions operates as a penalty, not an equitable remedy, and is thus subject to 28 U.S.C. § 2462’s five-year statute of limitations. Kokesh limited the SEC's ability to seek disgorgement for conduct that occurred more than five years before the SEC brought an action against a particular defendant—a regular practice of the SEC’s before Kokesh. For more information on Kokesh and its implications, please see our July 13, 2017 International Law Advisory. 

Chapter 3: Accounting Provisions 

Criminal Violations 

The 2020 Guide contains several noteworthy additions or changes dealing with criminal violations of the accounting provisions.^[13]    

As noted in the section on Chapter 1, the 2020 Guide's introductory chapter contains new language highlighting the DOJ's authority to prosecute criminal violations of the FCPA's provisions by issuers, and their officers, directors, shareholders, employees, and agents. 

Second, also as noted in the section on Chapter 2, unlike the 2012 Guide, the 2020 Guide identifies a specific statute of limitations period applicable to criminal violations of the FCPA's accounting provisions.^[14] 

Finally, the 2020 Guide revises the language used in the 2012 Guide to set forth more precisely the mens rea requirement for criminal violations of the accounting provisions. The 2012 Guide stated that "[c]riminal liability can be imposed on companies and individuals for knowingly failing to comply with the FCPA's books and records or internal controls provisions" and "[a]s with the FCPA's anti-bribery provisions, individuals are only subject to the FCPA's criminal penalties for violations of the accounting provisions if they acted 'willfully.'"^[15] The 2020 Guide deletes the second statement above and revises the first to include the term "willfully" (i.e., knowledge that one's conduct is unlawful), making that term applicable to companies as well as individuals ("[c]riminal liability can be imposed on companies and individuals for knowingly and willfully failing to comply with the FCPA's books and records or internal controls provisions.").^[16] This articulation is arguably a more accurate reflection of the statute when its penalty provisions are considered together with the substantive prohibitions,^[17] and largely reflective of DOJ practice. It is therefore not clear this reflects a change in view that will narrow the instances where DOJ pursues such charges. 

Additional Context for Books and Records Violations  

The 2020 Guide's discussion of the FCPA's anti-bribery provisions notes that improper recording of expenses may be viewed as evidence of corrupt intent. In its discussion of the accounting provisions, the 2012 Guide noted that there is no materiality threshold for books and records violations, while observing that DOJ and SEC enforcement has generally involved "misreporting of either large bribe payments or widespread inaccurate recording of smaller payments made as part of a systemic pattern of bribery."^[18] The 2020 Guide changed "systemic" to "systematic" and adds some potentially limiting gloss to the government's consideration of when to pursue such cases, stating that "both DOJ and SEC look to the nature and seriousness of the conduct in determining whether to pursue an enforcement action."^[19] 

Acknowledgement that Internal Accounting Controls are Distinct from a Company's Compliance Program 

Perhaps most tantalizing in this chapter are the changes in the 2020 Guide in relation to internal controls. Although the FCPA refers to systems of "internal accounting controls," DOJ and SEC have for years tended to read out the reference to "accounting" and tended to conflate an effective FCPA compliance program with an issuer’s internal controls, something that we and others had criticized. It is therefore somewhat of a welcome surprise to see the 2020 Guide acknowledge that the two are distinct. 

The 2012 Guide had stated that "[a]n effective compliance program is a critical component of the an issuer’s internal controls," a "company's compliance program should be tailored" to the operational realities and risks attendant to the business, and that "[b]usinesses whose operations expose them to a high risk of corruption will necessarily devise and employ different internal controls than business that have a lesser exposure to corruption . . . ."^[20] The 2020 Guide revises this language, replacing references to "internal controls" with "internal accounting controls" throughout this section,^[21] and explicitly acknowledging that "[a]lthough a company's internal accounting controls are not synonymous with a company's compliance program, an effective compliance program contains a number of components that may overlap with a critical component of an issuer's internal accounting controls."^[22] The 2020 Guide then revises the sentences above to say that "[j]ust as a company's internal accounting controls are tailored to its operations, its compliance program needs to be tailored to the risks specific to its operations" and "[b]usinesses whose operations expose them to a high risk of corruption will necessarily devise and employ different compliance programs than businesses that have a lesser exposure to corruption . . . ."^[23] 

Acknowledging that there is a distinction between a company's internal accounting controls and its compliance program is a welcome step forward. However, it may be premature to read too much into this change. The 2020 Guide makes explicit that there is a relationship and overlap between the two, and its reference to "operational realities and risks," signals that the DOJ and SEC will continue to take an expansive approach to charging violations of the internal accounting control provisions, including in areas that are not generally considered to implicate internal accounting controls. The FCPA itself does not set forth a specific set of internal financial controls, instead requiring companies to implement processes to provide "reasonable assurances" regarding the reliability of financial reporting and the preparation of financial statements. Nothing in the 2020 Guide's acknowledgement that "a company's internal accounting controls are not synonymous with a company's compliance program" suggests that the effectiveness of a company's compliance program writ large will no longer be a critical focus in DOJ's and SEC's investigations of possible violations of the internal accounting control provisions. 

Hoskins Does Not Apply to the Accounting Provisions  

As noted in the discussion of Chapter 2, the 2020 Guide not only seeks to limit the impact of Hoskins on the FCPA's anti-bribery provisions,^[24] but it explicitly points out that the accounting provisions apply to "any person," and thus "are not subject to the reasoning in the Second Circuit's decision in Hoskins limiting conspiracy and aiding and abetting liability under the FCPA anti-bribery provisions."^[25]

Chapter 4: Other Related Laws

This chapter, which covers the Travel Act, anti-money laundering (AML) laws, mail and wire fraud, certification and peporting violations, and tax violations, has been updated to reflect additional cases but there are no major changes. The agencies have noted that although the FCPA does not reach foreign officials, the AML laws can be used to do so where the specified unlawful activity, or predicate offense, is an FCPA violation.[^26] In fact, the DOJ has increasingly invoked this authority where bribery proceeds can be found in the United States.

Chapters 2 and 5: Vicarious Liability - Third Parties; Parent/Subsidiary Liability, and Successor, Liability

Third Parties. Third parties are addressed in Chapter 2's overview of the FCPA's anti-bribery provisions and in Chapter 5, Guiding Principles of Enforcement. As is well known, third parties—including but not limited to agents—are a central risk area under the FCPA, accounting for the vast majority of cases in recent years. Except for a possible change in guidance on the extent of expected due diligence for certain third parties (discussed below under compliance programs), however, the 2020 Guide does not substantively change the original guidance in this area in any material respect. Rather, the changes are in the nature of case updates.^[27] 

There are, however, some important tweaks to the 2012 Guide in relation to other areas of vicarious liability: parent/subsidiary and successor liability. 

Parent/Subsidiary Liability. With respect to parent/subsidiary liability, the 2020 Guide continues to describe two ways a parent may be held responsible for bribes paid by the subsidiary: first, if it participates directly; and second if the subsidiary is found to be acting as the agent of the parent. With respect to the latter, the 2012 Guide simply said that if an agency relationship existed, there would be imputation. The 2020 Guide adds the requirement that the subsidiary should be acting within the scope of authority conferred by the parent.^[28] 

Successor Liability The successor liability section in Chapter 2 tempers somewhat the 2012 Guide, with added language explicitly recognizing that mergers and acquisitions can be beneficial where the buyer has a "robust" compliance program and implements it as quickly as possible in the target, and acknowledging that "robust" pre-acquisition due diligence may not be possible in some cases. In that scenario, the enforcement agencies indicate they will "look to the timeliness and thoroughness of the acquiring company's post-acquisition due diligence and compliance integration efforts." They also note that under the DOJ FCPA Corporate Enforcement Policy, an acquiring company that makes a voluntary disclosure may be eligible for a declination, even in the face of aggravating circumstances in relation to the target.^[29]

Chapter 5: Hallmarks of an Effective Compliance Program

The 2020 Guide follows the same "hallmarks of effectiveness" approach to corporate compliance programs as the 2012 Guide. The 2020 Guide, like the 2012 Guide, advises that a company's compliance program should be tailored to the company's specific business, including in particular the risks associated with that business. It also stresses the importance of a company's making whatever changes are needed in the program as the company’s business and markets change.^[30]  

The core questions the DOJ and SEC ask in assessing corporate compliance programs – (1) whether the program is well designed, (2) whether it is being applied in "good faith" and (3) whether it "works"—have remained the same. At the same time, however, the 2020 Guide adds to the 2012 Guide two refinements—first, emphasizing that "good faith" requires the program to be "adequately resourced and empowered to function effectively" and, second, that the program can be shown to work "in practice" (emphasis added). The 2020 Guide also notes that the DOJ and SEC consider the adequacy and effectiveness of a company's compliance program both at the time of the misconduct that has occurred and when deciding what, if any, action to take with respect to the company.^[31] 

While the changes to the compliance section of the guide qualify for the most part as modest refinements, the 2020 Guide incorporates by reference the DOJ Criminal Division's Evaluation of Corporate Compliance Programs,^[32] originally issued in February 2017 and last updated in June 2020.^[33] See our client alert for more details on the updates to the Evaluation of Corporate Compliance Programs. The Evaluation of Corporate Compliance Programs is at times more prescriptive than the 2020 Guide in describing the DOJ's expectations with respect to corporate compliance programs—in particular when it comes to a company's use of data analytics in monitoring, assessing and testing its compliance program.

Increased Expectations Regarding Investigation, Analysis and Remediation of Misconduct 

As noted earlier, the 2020 Guide includes a new hallmark on "Investigation, Analysis, and Remediation of Misconduct."^[34] Interestingly, the 2020 Guide addition overlaps significantly with the hallmark on "Confidential Reporting and Internal Investigation"^[35] included in the 2012 Guide and maintained in the second edition, covering internal investigations, documenting the company's response and incorporating lessons learned. 

The 2020 Guide characterizes the significance of how a company responds to misconduct as the "truest measure of an effective compliance program." Moreover, it implicitly expands the need for a well-functioning and appropriately funded investigation mechanism to "any allegations or suspicions of misconduct by the company, its employees, or agents" and adds that any investigation that is needed should be "timely and thorough."

The new hallmark on "Investigations, Analysis, and Remediation of Misconduct" also confirms an increase in the DOJ's and SEC's expectations regarding a company's obligation to incorporate into its compliance program the lessons learned from any compliance investigation that has been conducted or compliance violation that has been reported or otherwise discovered. While the hallmark on "Confidential Reporting and Internal Investigation" merely encourages companies to consider taking lessons learned, the new hallmark stresses that companies should integrate lessons learned from any misconduct that occurs based on an analysis of the root causes of the misconduct. In spite of this, the 2020 Guide does not go as far as the Evaluation of Corporate Compliance Programs, which explicitly states that companies should have a "process" "for tracking and incorporating" into their periodic risk assessments both lessons learned from the company's own prior issues and misconduct as well as "from those of other companies operating in the same industry and/or geographical region."^[36] 

Other Updates: Emphasis on the Potential Benefits of Corporate Mergers and Acquisitions from a Compliance Perspective  

In the context of both successor liability^[37] and declinations,^[38] the 2020 Guide adds language recognizing the potential benefits of corporate mergers and acquisitions from a compliance perspective, especially when the acquiring entity has a robust compliance program that is implemented "as quickly as practicable" at the merged or acquired entity. The need for timely and thorough post-acquisition due diligence and integration efforts is also emphasized whenever "robust pre-acquisition due diligence may not be possible." These additions complement the hallmark on "Mergers and Acquisitions" in the compliance section of the 2020 Guide, which has remained unchanged from the original version.^[39] 

Risk-Based Approach: Subtle Differences Between the Guide and the Evaluation of Corporate Compliance Programs 

While the 2020 Guide mentions the Evaluation of Corporate Compliance Programs in its section on other guidance on compliance,^[40] the expectations described in those documents do not fully align. 

In particular, the 2020 Guide keeps the same language as the original version in expressing the DOJ/SEC expectations for a risk-based approach to compliance, providing that the DOJ and SEC will give credit to a company for implementing "a comprehensive, risk-based compliance program, even if that program does not prevent an infraction in a low risk area" (emphasis added).^[41] In contrast, the Evaluation of Corporate Compliance Programs states that "[p]rosecutors may credit the quality and effectiveness of a risk-based compliance program […] even if it fails to prevent an infraction" (emphasis added).^[42] This suggests that the DOJ recognizes that an effective risk-based approach may fail to prevent an infraction irrespective of whether the infraction occurs in a low- or higher-risk area. Similarly, when discussing risk-based third-party due diligence, the 2020 Guide declares that "some guiding principles always apply" (emphasis added)^[43] whereas the Evaluation of Corporate Compliance Programs—by referring to "the need for, and degree of, appropriate [third party] due diligence" (emphasis added)^[44]—suggests that the DOJ does not necessarily expect due diligence to be required for all of a company's current and proposed business partners under a risk-based approach. 

When deciding how to design and implement a risk-based approach to compliance, it bears keeping in mind that the distinctions we have mentioned are subtle and that the DOJ/SEC assessment of a company's compliance program will necessarily be fact-specific. It also is worth noting that the Evaluation of Corporate Compliance Programs provides the guidance for the entirety of the DOJ Criminal Division, whereas the 2020 Guide is a joint DOJ and SEC document that is specific to the FCPA.

Chapters 5 and 6: Enforcement Policies and Penalties, Sanctions and Remedies

The primary changes to the enforcement and penalties sections in Chapters 5 and 6 in the 2020 Guide account for the various policy changes that have occurred since the original edition in 2012. Although the additions to the 2020 Guide are generally faithful restatements from the policies, on two occasions, the 2020 Guide notes that DOJ may still decline prosecution even where there are aggravating circumstances. We believe that the addition of this language indicates DOJ's efforts to encourage disclosure regardless of the underlying conduct. 

Updates Relating to Enforcement Policies (Chapter 5)

Aside from incorporating the 2015 re-organization and refinement of the factors the DOJ considers in deciding whether to charge a corporation, (also known as the "Filip Factors"),^[45] Chapter 5 of the 2020 Guide reflects the FCPA Corporate Enforcement Policy (CEP), first launched on a pilot basis in April 2016 and incorporated into the Justice Manual in November 2017. 

The 2020 Guide now includes the CEP as one of the guiding documents for determining whether and how the DOJ will commence, decline, or otherwise resolve an FCPA matter, in addition to the Principles of Federal Prosecution in the case of individuals, and the Principles of Federal Prosecution of Business Organizations. 

The CEP creates a presumption that the DOJ will decline prosecution of a company, absent aggravating circumstances, if the company voluntarily self-discloses misconduct, fully cooperates, and timely and appropriately remediates.^[46] The CEP applies only to the DOJ, and does not bind the SEC. 

The 2020 Guide details three examples of declinations granted by DOJ under the CEP in 2018 and 2019: (1) Guralp Systems Limited;^[47] (2) Insurance Corporation of Barbados Limited;^[48] and (3) Cognizant Technology Solutions Corporation.^[49] 

The 2020 Guide also references the CEP, without making any notable observations, in its discussion of declinations at Chapter 7 (Resolutions).^[50] 

Updates Relating to Penalties, Sanctions, and Remedies (Chapter 6)

The 2020 Guide at Chapter 6 (Penalties, Sanctions, and Remedies) adds a discussion of forfeiture and disgorgement, following two important Supreme Court cases placing limits on the latter. The 2020 Guide notes that the purpose of forfeiture and disgorgement is not punishment and deterrence (like fines and imprisonment), but to return the perpetrator to the status quo before the misconduct, to negate any profit from the crime, i.e., equitable relief. However, the 2020 Guide acknowledges that in the seminal 2017 case of Kokesh v. SEC, the Supreme Court ruled that the civil disgorgement remedy constituted a "penalty" and is thus subject to the general five-year statute of limitations. Subsequently, in SEC v. Liu, decided just weeks before the 2020 Guide was issued, the Supreme Court held that disgorgement is permissible equitable relief only when it does not exceed a wrongdoer’s net profits, is based on individual responsibility, and is awarded for victims.^[51] 

Another addition in Chapter 6 of the 2020 Guide accounts for the DOJ's policy on coordinated resolutions and avoidance of "piling on," i.e., duplicative penalties from US federal, state, local, and foreign enforcement authorities for the same conduct. As introduced by then-Deputy Attorney General Rod Rosenstein in May 2018,^[52] this policy encourages federal prosecutors to coordinate enforcement efforts with, and to credit fines and penalties paid to, other authorities. As the 2020 Guide points out, this policy has since been applied in more than 10 cases handled by the DOJ, and at least five handled by the SEC. One example is the coordinated resolution between the DOJ and French authorities in the Société Générale S.A. settlement announced in June 2018.^[53] 

The 2020 Guide also includes the factors that prosecutors should consider in determining whether to impose a compliance monitor as part of a corporate resolution, acknowledging the disruption and expense of a monitor, to some extent. This addition to the 2020 Guide reflects an update to DOJ policy introduced by Assistant Attorney General Brian Benczkowski in October 2018 to "further refine the factors that go into the determination of whether a monitor is needed, as well as [to] clarify and refine the monitor selection process" (emphasis added).^[54] As noted in the 2020 Guide, if the company has in place at the time of resolution a compliance program that has been demonstrated to be effective and adequately resourced, a monitor will likely not be necessary and should never be punitive. 

Lastly, the 2020 Guide reflects an upward adjustment for inflation of the civil penalty amounts. Corporations and individuals (including officers, directors, stockholders, and agents of companies) who violate the anti-bribery provisions are subject to a civil penalty by the SEC of up to $21,410 per violation, up from $16,000 in the 2012 Guide. For the accounting provisions, the specified dollar limitation with respect to civil SEC penalties brought in federal court also increased to a range of $9,639 to $192,768 for an individual, and $96,384 to $963,837 for a company (the SEC can bring enforcement actions in federal court or in administrative proceedings).^[55]

Chapters 7-9: Resolutions, Whistleblowers, and the DOJ Opinion Procedure

The major change in these chapters is found in Chapter 7, dealing with the Corporate Enforcement Policy, discussed in Chapter 5. The whistleblower regime is largely unchanged since 2012 and the revisions are therefore entirely in the nature of updates. With the DOJ Opinion Procedure falling into even greater disuse in recent years than previously, there is almost nothing to update in Chapter 9; nonetheless, the 2020 Guide asserts that the procedure "remains" a valuable mechanism to determine that DOJ's enforcement intentions. Citations to specific opinion procedure releases in other chapters (e.g., dealing with M&A) have been carried forward in the second edition.

Conclusion

The 2020 Guide will undoubtedly find a place on many bookshelves, and it merits a place there. As the foregoing analysis demonstrates, the 2020 Guide is not simply an update or restatement. The DOJ and SEC have clearly made choices in a number of areas about what to highlight and what not to. In some cases, changes are subtle and only time will tell whether certain changes reflect new interpretations or enforcement shifts, or are simply the product of drafting. 

We hope this analysis has been useful, and welcome your feedback. 

For more information, contact Steptoe's FCPA team located in our Washington, London, and Hong Kong offices, found in the Professionals tab.

[1] Minor changes were made to portions of the Guide, without fanfare, shortly following its publication. See https://fcpablog.com/2015/08/05/hey-who-changed-the-fcpa-resource-guide/.

[2] 15 USC § 78dd-2, Prohibited foreign trade practices by domestic concerns.

[3] §78dd-1, Prohibited foreign trade practices by issuers.

[4] 2020 Guide at 10; 15 U.S.C. § 78dd-2.

[5] US v. Hoskins, 902 F.3d 69, 76-97 (2d Cir. 2018).

[6] Id. at 97.

[7] 2020 Guide at 35-36.

[8] 392 F.Supp.3d 872, 891-92 (N.D. Ill. 2019).

[9] 2020 Guide at n. 54.

[10] United States v. Hoskins, 123 F. Supp. 3d 316, 319 (D. Conn. 2015), aff'd in part, rev'd in part, 902 F.3d 69 (2d Cir. 2018); see also United States v. Patel, No. 1:09-cr-00335, Trial Tr. 5:11–14, 7:17–8:2 (D.D.C. June 6, 2011).

[11] 2020 Guide at 36 (citing 18 U.S.C. § 3301(a), which provides that "[T]he term 'securities fraud offense' means a violation of, or a conspiracy or an attempt to violate . . . section 32(a) of the Securities Exchange Act of 1934 (15 U.S.C. 78ff(a))"). 15 U.S.C. 78ff(a) sets forth criminal penalties for willful violations of "any provision of this chapter (other than section 78dd-1 of this title), or any rule or regulation of which is made unlawful or the observance of which is required under the terms of this chapter," or for false and misleading statements in securities filings.

[12] 2020 Guide at 36 (citing 18 U.S.C. § 3301(b)).

[13] 2020 Guide at 2.

[14] 2020 Guide at 36 (citing 18 U.S.C. § 3301(a) ("[T]he term 'securities fraud offense' means a violation of, or a conspiracy or an attempt to violate . . . section 32(a) of the Securities Exchange Act of 1934 (15 U.S.C. 78ff(a)))"; 18 U.S.C. § 3301(b) ("No person shall be prosecuted, tried, or punished for a securities fraud offense, unless the indictment is found or the information is instituted within 6 years after the commission of the offense.")).

[15] 2012 Guide at 44.

[16] 2020 Guide at 45.

[17] See 15 U.S.C. §§ 78m(b)4-5 and 78ff(a).

[18] 2012 Guide  at 39.

[19] Id. at 39.

[20] 2012 Guide at 40.

[21] 2020 Guide at 40.

[22] Id. at 40.

[23] Id. at 41.

[24] 2020 Guide at 36.

[25] Id. at 46.

[26] Id. at 48.

[27] 2020 Guide at 21-22.

[28] Id. at 27.

[29] Id. at 28.

[30] Id. at 64.

[31] 2020 Guide at 57.

[32] US Dep't. of Justice, Crim. Div., Evaluation of Corporate Compliance Programs, at 1 (June 2020) [hereinafter Evaluation of Corporate Compliance Programs], available at https://www.justice.gov/criminal-fraud/page/file/937501/download.

[33] 2020 Guide at Foreword and at 67.

[34] Id. at 67.

[35] Id. at 66.

[36] Evaluation of Corporate Compliance Programs at 4.

[37] 2020 Guide at 29.

[38] Id. at 52.

[39] Id. at 66-67.

[40] The 2020 Guide's section on compliance also lists other sources to which businesses may wish to refer. Three of these references have since been updated in the second edition: namely, Transparency International's Business Principles for Countering Bribery (3rd ed. 2013), World Bank’s Integrity Compliance Guidelines (2017), and World Economic Forum's Partnering Against Corruption–Principles for Countering Bribery (May 2016).

[41] 2020 Guide at 59.

[42] Evaluation of Corporate Compliance Programs at 3.

[43] 2020 Guide at 62.

[44] Evaluation of Corporate Compliance Programs at 7.

[45] See DOJ's Principles of Federal Prosecution of Business Organizations: Factors to be Considered at https://www.justice.gov/jm/jm-9-28000-principles-federal-prosecution-business-organizations.

[46] See our previous commentaries on the CEP at The DOJ's New FCPA Corporate Enforcement Policy: Dangling Presumptive Declination as an Incentive for Voluntary Disclosure (https://www.steptoe.com/en/news-publications/the-dojs-new-fcpa-corporate-enforcement-policy-dangling-presumptive-declination-as-an-incentive-for-voluntary-disclosure.html), December 4, 2017; FCPA/Anti-Corruption Developments: 2017 Year in Review & 2018 Q1 Preview (https://www.steptoe.com/en/news-publications/2017-fcpa-year-in-review.html), April 12, 2018; FCPA/Anti-Corruption Developments: 2018 Year in Review (https://www.steptoe.com/en/news-publications/fcpaanti-corruption-developments-2018-year-in-review.html), February 28, 2019; and FCPA/Anti-Corruption Developments: 2019 Year in Review (https://www.steptoe.com/en/news-publications/fcpaanti-corruption-developments-2019-year-in-review.html), January 21, 2020.

[47] See the Guralp Systems Limited declination at https://www.justice.gov/criminal-fraud/page/file/1088621/download; and our discussion of the declination at FCPA/Anti-Corruption Developments: 2018 Year in Review (https://www.steptoe.com/en/news-publications/fcpaanti-corruption-developments-2018-year-in-review.html), February 28, 2019.

[48] See the Insurance Corporation of Barbados Limited declination at https://www.justice.gov/criminal-fraud/page/file/1089626/download; and our discussion of the declination at FCPA/Anti-Corruption Developments: 2018 Year in Review (https://www.steptoe.com/en/news-publications/fcpaanti-corruption-developments-2018-year-in-review.html), February 28, 2019.

[49] See the Cognizant Technology Solutions Corporation declination at https://www.justice.gov/criminal-fraud/file/1132666/download; and our discussion of the declination at FCPA/Anti-Corruption Developments: 2019 Year in Review (https://www.steptoe.com/en/news-publications/fcpaanti-corruption-developments-2019-year-in-review.html), January 21, 2020.

[50] See the successor liability discussion, supra, for a discussion of the CEP in the context of mergers and acquisitions.

[51] See our commentary on the US Supreme Court’s decisions in SEC v. Liu and Kokesh v. SEC: Kokesh's Open Question Resolved: SCOTUS Upholds But Limits Equitable Disgorgement in SEC Civil Actions (https://www.steptoe.com/en/news-publications/kokeshs-open-question-resolved-scotus-upholds-but-limits-equitable-disgorgement-in-sec-civil-actions.html), June 23, 2020.

[52] See DOJ's Policy on Coordination of Corporate Resolution Penalties  (https://www.justice.gov/opa/speech/file/1061186/download), May 9, 2018; our commentary at Sportsmanlike Conduct? DOJ Announces Policy to Avoid 'Piling On' Monetary Sanctions in Corporate Resolutions (https://www.steptoe.com/en/news-publications/sportsmanlike-conduct-doj-announces-policy-to-avoid-piling-on-monetary-sanctions-in-corporate-resolutions.html), May 14, 2018; and our summary at FCPA/Anti-Corruption Developments: 2018 Year in Review (https://www.steptoe.com/en/news-publications/fcpaanti-corruption-developments-2018-year-in-review.html), February 28, 2019.

[53] See Société Générale Settlement press release at https://www.justice.gov/opa/pr/soci-t-g-n-rale-sa-agrees-pay-860-million-criminal-penalties-bribing-gaddafi-era-libyan, January 31, 2020; and our summaries at FCPA/Anti-Corruption Developments: 2018 Year in Review (https://www.steptoe.com/en/news-publications/fcpaanti-corruption-developments-2018-year-in-review.html), February 28, 2019.

[54] See the Remarks by Assistant Attorney General Brian A. Benczkowski at NYU School of Law Program on Corporate Compliance and Enforcement Conference on Achieving Effective Compliance, https://www.justice.gov/opa/speech/assistant-attorney-general-brian-benczkowski-delivers-remarks-nyu-school-law-program, October 12, 2018; Memorandum dated October 11, 2018 from Brian A. Benczkowski, Assistant Attorney General, to All Criminal Division Personnel regarding Selection of Monitors in Criminal Division Matters at https://www.justice.gov/opa/speech/file/1100531/download; and our summary at FCPA/Anti-Corruption Developments: 2018 Year in Review (https://www.steptoe.com/en/news-publications/fcpaanti-corruption-developments-2018-year-in-review.html), February 28, 2019.

[55] See Inflation Adjustments to the Civil Monetary Penalties Administered by the Securities and Exchange Commission (as of January 15, 2020) (https://www.sec.gov/enforce/civil-penalties-inflation-adjustments.htm).