On 4 October 2023, Deputy Attorney General (DAG) Lisa Monaco announced a new US Department of Justice (DOJ) Safe Harbor Policy for voluntary self-disclosure made in connection with mergers and acquisitions (M&A).1 Under the new policy, companies that timely and voluntarily self-disclose criminal misconduct uncovered during their pre-acquisition due diligence or during the integration of the newly acquired entity will receive the presumption of a declination of prosecution from the DOJ. To qualify under this new policy, companies must self-disclose misconduct they uncover within six months from the date of closing, cooperate with the DOJ during their investigation, and undertake full remediation within one year from the date of closing. The policy, however, does not apply to misconduct that was otherwise required to be disclosed by law, publically known, or already discovered by or disclosed to the DOJ. The policy does not affect civil merger enforcement.
In making her announcement, DAG Monaco emphasized how “corporate executives need to redouble time and attention to compliance programs, compensation programs, and diligence on acquisitions. Failing to do so can have dire consequences for companies, shareholders, and our nation.”2
BACKGROUND
The new M&A Safe Harbor Policy is the latest example of the DOJ’s continuing efforts to encourage companies to voluntarily self-disclose. In September 2022, DAG Monaco announced new corporate compliance guidelines requiring all DOJ components to review or to draft and publish a written policy on the expectations and benefits of self-disclosure.3 Similarly, in January 2023, the DOJ extended the application of its FCPA Corporate Enforcement Policy (CEP)
to include all corporate criminal matters handled by the DOJ’s Criminal Division.4 Under the CEP, if a company voluntarily self-discloses, fully cooperates, and timely and appropriately remediates, there is a presumption of a declination to prosecute, absent certain aggravating circumstances.5 The new M&A Safe Harbor Policy builds on these recent updates to the CEP.
KEY HIGHLIGHTS FROM THE SAFE HARBOR POLICY:
In outlining how “[g]ood corporate governance and effective compliance programs can shield companies from enormous financial risks and penalties,”6 DAG Monaco explained the following scope and conditions of the Safe Harbor policy:
- Self-disclosure: To qualify for the policy, the acquiring company must voluntarily self-disclose misconduct within six months of the acquisition’s closing date. This six-month deadline applies regardless of whether the misconduct was identified prior to or after acquisition. A company that fails to self-disclose misconduct within the six-month safe harbor may face potential successor liability for that misconduct. However, the six-month period does not apply when companies uncover misconduct related to national security or involving ongoing or imminent harm.7 In such cases, companies are expected to self-disclose upon discovery.
- Remediation: The acquiring company must fully remediate misconduct within one year from the date of closing and make restitution and disgorgement payments where applicable.
- Flexibility and Reasonableness: While the policy sets baseline timeframes for self-disclosure and remediation, it emphasizes a “reasonableness analysis.” This analysis allows for flexibility in extending deadlines based on the specific circumstances of individual transactions, acknowledging that not all M&A deals are alike.
- Aggravating Factors: The presence of aggravating factors at the acquired company, such as an executive’s involvement in misconduct or longstanding or pervasive misconduct, will not affect the acquiring company’s ability to receive a declination.
- Recidivism Analysis: Misconduct disclosed under the policy will not factor into the DOJ’s recidivism analysis for the acquiring company, both at the time of disclosure or in the future.
- Scope of Application: The policy is limited to misconduct discovered during “bona fide, arms-length M&A transactions” and does not encompass conduct that is already publically disclosed, known to the DOJ, or otherwise required to be disclosed. Additionally, it does not impact civil merger enforcement.
- Department-Wide Application: The policy is designed to be applied department wide, ensuring consistency in its implementation across various DOJ components. Each component will tailor the policy to fit its unique enforcement mandates while adhering to the overarching guidelines.
IMPLICATIONS AND RECOMMENDATIONS
The M&A Safe Harbor policy offers important incentives to acquiring companies to disclose misconduct and avoid prosecution. Companies, however, should proceed with caution to ensure they are taking the steps necessary to discover misconduct early in the transaction in order to be eligible for the policy’s benefits. To ensure maximum benefit from the new Safe Harbor provisions, companies engaging in M&A transactions should design and maintain robust corporate compliance programs that enable them to:
- conduct thorough risk-based due diligence on potential new business acquisitions;
- ensure that the acquiring company’s code of conduct and compliance policies and procedures regarding the FCPA and other applicable laws apply as quickly as is practicable to newly acquired businesses or merged entities;
- train the directors, officers, and employees of newly acquired businesses or merged entities;
- conduct a risk-based audit of all newly acquired or merged businesses as quickly as practicable; and
- disclose misconduct discovered as part of its due diligence of newly acquired entities or merged entities.8
Companies should keep in mind that even when the DOJ chooses to decline prosecution, it will still require disgorgement and restitution where appropriate.9 Companies should also be aware that the policy is not binding on other US enforcement or regulatory authorities.10 Accordingly, self-disclosed misconduct could be pursued by other federal agencies or by foreign, state, or local authorities.
How the DOJ will apply the policy and what implications this new guidance will have on the existing voluntary self-disclosure framework remains to be seen, and we continue to monitor updates to the revised DOJ policies. The K&L Gates US White Collar Defense and Investigations group includes former high-level DOJ officials from the Criminal Division and US Attorney’s Offices throughout the country who have deep experience in all aspects of DOJ investigations and enforcement actions. For more information regarding this client alert, do not hesitate to contact the authors or other members of the K&L Gates White Collar Defense and Investigations group.