Shifts in Enforcement

On January 20, President Trump issued an Executive Order designating certain international cartels as Foreign Terrorist Organizations (FTOs) or Specially Designated Global Terrorists (SDGTs). As stated in the order, it is now U.S. policy “to ensure the total elimination of these organizations’ presence in the United States and their ability to threaten the territory, safety, and security, of the United States through their extraterritorial command-and-control structures.”

On February 5, Attorney General Pamela Bondi issued fourteen memos on new enforcement priorities. Notably, the “Total Elimination of Cartels and Transnational Criminal Organizations” memo (the “Directive”) directs the DOJ to eliminate cartels and transnational criminal organizations (TCOs). The Directive requires the DOJ’s FCPA Unit to “prioritize investigations related to foreign bribery that facilitates the criminal operations of cartels and [TCOs],” shifting “focus away from investigations and cases that do not involve such a connection.” The Directive references examples, including “bribery of foreign officials to facilitate human smuggling and the trafficking of narcotics and firearms.”

On February 10, President Trump issued an Executive Order that: (1) pauses enforcement of the FCPA for an 180-day period; (2) directs the DOJ to issue revised guidance around FCPA enforcement, consistent with the administration’s national security and foreign affairs interests; (3) calls for the DOJ to review all open and pending FCPA investigations and enforcement actions, taking appropriate action as aligned with the order’s objectives; as well as (4) contemplates the DOJ reviewing prior enforcement actions to determine if “remedial measures” are appropriate.

Together, these actions demonstrate a profound shift in FCPA enforcement by moving away from traditional corporate corruption within otherwise legitimate industries to organized criminal syndicates. Companies are no doubt questioning the implications of these recent developments. Below we examine case studies of what these new enforcement areas may look like and offer advice for how companies can prepare for these enforcement shifts.

Case Studies

The shift in enforcement priorities on cartels and TCOs can be interpreted broadly, which may impact how companies evaluate their operations, especially those companies with activities in jurisdictions with heightened risks of cartel and TCO influence.

Lafarge

In October 2022, Lafarge S.A., a French multinational cement company, pleaded guilty in the United States to charges of conspiring to provide material support to designated foreign terrorist organizations, specifically ISIS and the al-Nusrah Front. From 2013 to 2014, Lafarge’s Syrian subsidiary made payments totaling approximately $5.92 million to these groups to maintain operations at its cement plant in Jalabiya, Syria. These payments were intended to secure protection for employees, ensure continued plant operations, and gain a competitive advantage in the Syrian cement market. As part of the plea agreement, Lafarge agreed to pay $778 million in fines and forfeitures. This case marked the first instance of a corporation being charged and pleading guilty in the U.S. to providing material support to foreign terrorist organizations.

According to then Deputy Attorney General Lisa Monaco, the case sent a “clear message to all companies, but especially those operating in high-risk environments, to invest in robust compliance programs, pay vigilant attention to national security compliance risks, and conduct careful due diligence in mergers and acquisitions.”

Chiquita

In March 2007, Chiquita Brands International, a major U.S. banana producer, pleaded guilty to charges of engaging in transactions with a designated terrorist organization. The company admitted to paying over $1.7 million between 1997 and 2004 to the United Self-Defense Forces of Colombia (AUC), a paramilitary group recognized by the U.S. government as a terrorist organization since 2001. These payments were purportedly made to protect Chiquita’s employees and operations in Colombia’s volatile regions.

Despite the AUC’s designation as a terrorist organization, Chiquita continued the payments, rationalizing them as necessary for employee safety. Internal documents revealed that company executives were aware of the legal and ethical implications but proceeded with the payments, describing them as the “cost of doing business in Colombia.” As part of a plea agreement with the DOJ, Chiquita consented to a $25 million fine and five years of corporate probation. According to then U.S. Attorney Jeffrey A. Taylor, “[f]unding a terrorist organization can never be treated as a cost of doing business…American businesses must take note that payments to terrorists are of a whole different category. They are crimes. But like adjustments that American businesses made to the passage of the [FCPA] decades ago, American businesses, as good corporate citizens, will find ways to conform their conduct to the requirements of the law and still remain competitive."

Although the Lafarge and Chiquita cases turned on violations of anti-terrorism laws, they underscore the significant challenges multinational corporations face when operating in high-risk jurisdictions, especially those companies with complex global supply chains, third party engagements, and/or local government interaction in these regions. Further investment in compliance under these circumstances is advisable given the heightened risks these companies may face.

What Should Companies Keep In Mind?

The Directive and related Executive Orders should not be interpreted as a repeal of the FCPA or FEPA, nor a nullification of the importance of compliance. Both the FCPA and FEPA remain valid and fully in force despite the 180-day enforcement pause, meaning that companies subject to the FCPA are still required to comply with the statute’s provisions. Maintaining robust, well-resourced, and effective compliance programs is not only essential but also expected, regardless of shifting enforcement priorities.

Companies should consider the following issues as they navigate this shift:

• Voluntary Self-Disclosure. The Criminal Division’s Corporate Enforcement and Voluntary Self-Disclosure policy remains in place. This policy lays out the benefits – ranging from reduced criminal or monetary penalties to non-prosecution or deferred prosecution agreements – of self-reporting, assuming the standards for voluntary self-disclosure are met. The DOJ’s Whistleblower Pilot Program also remains intact; companies should continue to ensure that internal whistleblower programs are adequately staffed and complaints timely addressed.
• Foreign Legal Frameworks. Many countries, including the U.K. and France, have enacted anti-bribery laws that have a broad reach and continue to rigorously enforce those laws. As the U.S. shifts its FCPA enforcement focus, especially towards non-U.S. companies, foreign regulators may increase scrutiny on U.S. entities. Additionally, the U.S. remains obligated under the OECD’s Convention on Combating Bribery of Foreign Public Officials in International Business Transactions, which requires signatories to criminalize bribery involving foreign government officials, potentially causing friction with the administration’s new enforcement directives.
• Broader Discretion for United States Attorney's Offices’ (USAOs). The Directive authorizes USAOs to pursue FCPA cases involving cartels or TCOs with just 24-hours of notice to the DOJ’s FCPA Unit, removing the requirement to first obtain approval from the DOJ’s Criminal Division’s Fraud Section. This arguably grants USAOs more discretion and flexibility to pursue FCPA cases linked to cartels and TCOs, which could result in increased FCPA enforcement activity following the initial 180-day pause.
• Current Open and Pending FCPA Matters. There is no indication that ongoing or pending FCPA investigations and enforcement actions will be immediately closed. Rather the February 10 Executive Order instructs an internal review of current FCPA investigations and enforcement actions in light of shifting priorities. Regardless, companies under investigation by the DOJ for potential FCPA violations should not assume dismissal is a foregone conclusion.
• Statute of Limitations. The FCPA’s anti-bribery provisions carry a five-year statute of limitations, while the accounting provisions have a six-year limit. These periods can be extended while DOJ seeks foreign evidence under Mutual Legal Assistance Treaty requests. Recent, ongoing, or future violations could still be fair game under the current administration, regardless of refocused enforcement priorities, as well as the next administration.
• SEC Enforcement. While many may anticipate that the SEC will follow suit, announcing similar priority shifts to FCPA enforcement as the DOJ, the SEC, at present, appears to be business as usual enforcing FCPA violations. In other words, issuers falling under the SEC’s jurisdiction should continue to be mindful of their obligations under the FCPA.
• Compliance Program Assessment. Companies should continue to evaluate their risk profiles by assessing their industry sector, where they operate, the extent of third-party engagements, interactions with government officials, the current regulatory landscape, and other emerging risks they may face. Under forthcoming guidance, companies may need to conduct a more targeted assessment of their activities in higher-risk markets for cartel and TCO involvement, considering specific business activities and interactions that could expose the company to heightened risks associated with cartels and TCOs. As a result, companies may identify potential gaps in their compliance programs, leading them to, for instance, improve financial oversight, refocus on employee training and internal communications, revise third party due diligence processes and contractual terms and conditions, and/or enhance internal controls around suppliers, vendors, local partners, and other third parties.

Takeaways

Effective and robust compliance programs help to mitigate not only bribery and corruption risks, but also money laundering, sanctions issues, human rights violations, and financial fraud risks. Duties of loyalty and oversight responsibilities for boards of directors require implementing a range of internal compliance controls, including effective reporting channels, to assess company risks. Compliance frameworks help promote fairness across a company’s operations, including through, for instance, employee incentive programs that encourage ethical behavior. Further, comprehensive compliance measures facilitate the management of third-party engagement risks through diligent vetting, ongoing monitoring, and stringent payment controls.

Compliance is not only good business, it is insurance in the event of enforcement. The DOJ has consistently given credit to companies with robust compliance programs when considering enforcement resolutions, monetary penalties, and post-resolution compliance obligations. Companies with strong compliance programs are better positioned to negotiate favorable outcomes in the event enforcement actions arise, making proactive investment in compliance crucial.

Compliance still matters. While the recent shift in enforcement priorities is important, it is not a repeal of the FCPA or FEPA, nor is it a license to stop investing in compliance. Well-designed, effective compliance programs expedite efficient responses to new enforcement trends. Companies should continue to ensure their compliance programs align with the DOJ’s Evaluation of Corporate Compliance Program guidance and consider using the 180-pause to reassess the effectiveness of their compliance programs and cultures as recent directives and orders usher in FCPA enforcement shifts.