Since at least the adoption of the organizational Federal Sentencing Guidelines in 1991, the government has encouraged companies to adopt an effective compliance program that prevents and deters misconduct. Over the past several years, however, the United States Department of Justice has placed increasing emphasis on the importance of developing an effective compliance program, and to the extent that a compliance program could have been considered a luxury in the past, they are now essential for businesses. DOJ’s pronouncements over the past five years have progressively heightened expectations for compliance programs, beginning with the Justice Department’s 2019 guidance on evaluation of corporate compliance programs in criminal antitrust investigations, the revision of its Foreign Corrupt Practices Act resource guide, and 2022 revisions to its corporate criminal enforcement policies. Now, the Justice Department has raised the bar again with its adoption of a safe harbor policy relating to the discovery of criminal wrongdoing uncovered in the M&A process.
In October 2023, the Deputy Attorney General, Lisa Monaco, announced a new Department-wide policy. It encourages voluntary self-disclosure of criminal misconduct discovered during pre- or post-acquisition diligence and integration, and it further incentivizes organizations to invest in robust compliance programs. The key provisions of the safe harbor program are:
- An acquiring company that discovers criminal conduct by an acquired entity, whether discovered before or after the closing date, will receive a presumption of declination if it discloses the conduct to DOJ within six months of closing.
- The acquiring entity must remediate the misconduct within twelve months of closing.
- The company must disgorge any wrongful gains and pay restitution where appropriate.
- Wrongdoing that relates to potential national security issues must be reported promptly and cannot wait for the six- and twelve-month deadlines.
- Self-disclosed violations will not be considered into future “recidivist” analysis.
The six- and twelve-month deadlines are only guidelines, and they can be adjusted by the Department where appropriate. This could mean that some complex transactions have an extended deadline, but this must be negotiated with the Justice Department on a case-by-case basis.
The new safe harbor policy builds on the 2008 Opinion Procedure Release regarding Halliburton, in which the Department wrote that it did not intend to take enforcement action against Halliburton for misconduct that it self-disclosed and remediated post-acquisition, provided that Halliburton follow certain investigatory procedures and impose adequate compliance procedures on the target following the acquisition. Although the opinion release applied only to Halliburton and the specific transaction identified, the release was often used by anti-corruption practitioners as informal guidance in the M&A context.
The implications of the safe harbor policy are significant. The policy clearly incentivizes companies engaged in acquisitions – particularly acquisitions involving overseas assets – to have a strong compliance program and clear plans for pre- and post-closing diligence and integration, including the integration of the acquiring company’s code of conduct and compliance procedures. A notable case study predating the policy is the Safran declination in December 2022. Safran, a French aviation supplier, timely self-disclosed misconduct discovered after acquiring two companies: one U.S.-based and the other German-based. Employees of the two companies, prior to Safran’s acquisition, each paid a Chinese business consultant millions of dollars knowing that the funds would be used, in part, to pay bribes to a Chinese government official. Safran discovered the conduct after its acquisition, self-disclosed, and disgorged $17 million in profits from ill-gotten contracts. In addition, Safran remediated the conduct by terminating one of the employees involved in the misconduct and withheld the deferred compensation of another employee who had left the company. Although the legality of withholding or clawing back compensation may vary from jurisdiction to jurisdiction, the Department has frequently referenced this tool as a means to help incentivize compliant behavior from employees.
If the safe harbor is the carrot to convince organizations to adopt effective M&A compliance plans, the stick is enhanced enforcement. In announcing the policy, the deputy attorney general stated that “[i]f your company does not perform effective due diligence or self-disclosure misconduct at an acquired entity, it will be subject to full successor liability for that misconduct under the law.” To mitigate this risk, acquiring companies must:
- Conduct preliminary risk assessments to identify areas that may require enhanced diligence.
- Identify areas of misconduct by the target prior to closing the transaction.
- Prepare a plan for additional diligence, remediation, and (if appropriate) self-disclosure where misconduct is found.
As a practical matter, companies should be aware that pre-closing diligence may take longer, especially for sellers with significant international operations and assets.
M&A diligence from a compliance perspective is often focused on anti-corruption, sanctions, AML, and antitrust issues, but the new safe harbor policy is a DOJ-wide policy, meaning that it applies to all federal criminal conduct. This is potentially a double-edged sword; although a company can receive the benefits associated with self-disclosure for all federal criminal violations, it may enhance the risk that successor liability will attach to other potential compliance issues not typically part of the diligence process.
The clear expectation from the Justice Department is that compliance will have a seat at the table in mergers and acquisitions, and companies that fail to adequately involve their compliance teams run the risk of enhanced penalties. Because there are a number of unanswered questions about the scope and the application of the safe harbor policy, although the policy incentivizes risk reduction, decisions about self-disclosure and compliance issues should be made with experienced legal counsel.
For more information, please contact our White Collar, Government Investigations & Regulatory Compliance group.
Marisa T. Darden at mdarden@beneschlaw.com or 216.363.4440.
Matthew David Ridings at mridings@beneschlaw.com or 216.363.4512