by Jay Holtmeier, Kimberly A. Parker, Erin G.H. Sloane, Christopher Cestaro, Meghan E. Kaler, and Caroline R. Geist-Benitez

While Foreign Corrupt Practices Act (FCPA) enforcement activity has not come close to returning to the heights seen a few years ago, 2022 reflected significant increases from the prior year in both the number of cases against corporate defendants (eight vs. four) and the combined total of monetary penalties levied ($1.56 billion[1] vs. $459 million). Consistent with this upward trend of enforcement activity, the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) continue to signal that anti-corruption enforcement is a priority and to provide further detail and clarification regarding their approach to corporate enforcement. Below are the key takeaways regarding FCPA enforcement in 2022 and trends to keep in mind as we look ahead to 2023.

For more information on FCPA enforcement trends and activities, please refer to WilmerHale’s Global Anti-Bribery Year-in-Review: 2022 Developments and Predictions for 2023 and other publications regarding the FCPA on our website. 

Level of Enforcement Activity in 2022 in Numbers. As shown in the graph below, there were 25 enforcement actions in 2022, which include eight corporate defendants, four of which were parties to parallel settlements with both the DOJ and SEC, and 13 individuals. The DOJ resolved five corporate cases and charged 13 individuals, and the SEC resolved seven corporate cases and did not bring any cases against individuals. Key take-aways regarding the number of cases include:

• Unlike 2021, when all four of the FCPA resolutions against corporate defendants were against non-US companies, in 2022, three of the eight corporate defendants were US companies.
• Three of the 2022 resolutions involved recidivist corporate defendants—companies that had resolved FCPA-related matters previously—bringing to 21 the total number of companies that have settled more than one FCPA-related matter.
• All of the DOJ and SEC corporate settlements entered in 2022, except for one SEC resolution, involved publicly announced coordination with or assistance from foreign authorities.
• Lastly, notwithstanding the DOJ’s oft repeated commitment to bringing individual prosecutions, the number of individual enforcement actions continued to decline in 2022 for the fourth year in a row. While this trend surely reflects the longtail of individual prosecutions that continue to follow corporate resolutions, the fact remains that such actions have been in decline to a degree despite the DOJ’s stated goal of prioritizing individual prosecutions.

DOJ and SEC Enforcement Actions from 2010-2022[2]

Updated Enforcement Guidance. In 2022 and early 2023, US authorities continued to provide further detail and clarification regarding their approach to corporate enforcement. Recent key guidance indicates:

• Continued priority focus on individual accountability and corporate cooperation in individual prosecutions.
• Continued DOJ efforts to incentivize voluntary self-disclosure, cooperation, robust corporate compliance programs, and remediation, including through January 2023 revisions to the DOJ’s Corporate Enforcement Policy, which indicate that:
  • Companies that voluntarily self-disclose misconduct will be eligible for declinations, even where aggravating circumstances are present. There will be a high bar for obtaining a declination with aggravating circumstances given that disclosure must be “immediate,” the company’s compliance program must have been effective at the time of the misconduct and at the time of the disclosure, and cooperation and remediation must be “extraordinary.”
  • Companies that voluntarily self-disclose but do not receive a declination have increased potential credit. DOJ will recommend a reduction of at least 50% and up to 75% off the low end of the US Sentencing Guidelines range—provided that the company fully cooperates, fully remediates, and is not a criminal recidivist. If the company is a recidivist, DOJ will still apply a 50% to 75% reduction, but generally not from the low end of the Guidelines range.
  • Companies that do not voluntarily self-disclose have increased potential credit up to 50% from the low end of the Guidelines range if they engage in “extraordinary” cooperation and remediation (previously, the maximum reduction available was 25%). Recidivists will be eligible for a similar reduction, but generally not from the low end of the Guidelines range.
• A revised approach to prior misconduct to consider it more holistically: DOJ will consider the most relevant prior misconduct to involve (1) US enforcement agencies, or (2) the same individuals as those implicated in the case under investigation. Prior misconduct will be considered against a company’s peers and age, and criminal misconduct older than ten years and civil/regulatory misconduct older than five years will be given less weight.
• A restricted use of Deferred Prosecution Agreements for certain types of offenders: Where a company has previously entered into a deferred prosecution agreement, the government will require sign-off from the responsible Assistant Attorney General or US Attorney and notice to the Deputy Attorney General before permitting another one. DOJ will disfavor multiple, successive non‑prosecution or deferred prosecution agreements with the same company and same leadership.

New Senior-Level Hires in the DOJ Fraud Section. Two senior-level hires in the DOJ Fraud Section in 2022 indicate the Department’s continued focus on encouraging corporate compliance to prevent and detect misconduct. Specifically, Glenn Leon, former senior vice president and chief ethics and compliance officer at Hewlett-Packard, was hired as the new chief of the Fraud Section, and Matthew Galvin, former global chief of compliance at Anheuser-Busch InBev, was hired to serve in a newly created position as the Fraud Section’s compliance and big data expert. Both Leon and Galvin have experience that includes leading in-house compliance programs, developing data analytics tools, and evaluating corporate compliance programs.

Corporate Executive Certification Requirement. Corporate FCPA resolutions going forward are expected to require both the Chief Executive Officer and the Chief Compliance Officer to certify compliance programs at the end of corporate resolution periods. Every corporate DOJ resolution announced since May 2022 has required these certifications. These certifications, in sum and substance, have required that the CCO and the CEO certify (under penalty of potential criminal prosecution) at the end of the term of the resolution that: (1) the company has implemented an anti-corruption compliance program that meets the requirements set forth in the resolution agreement; (2) the company’s compliance program is “reasonably designed to detect and prevent violations of [the relevant laws implicated by the resolution]”; and (3) in the cases where there is self-reporting by the company (as opposed to the imposition of an independent compliance monitor) during the term of the resolution, that any compliance reports submitted to the Department pursuant to that self-reporting “were true, accurate, and complete as of the date they were submitted.”

Continued International and Cross-Border Cooperation and Penalty Crediting with a Move Away from Simultaneous Resolutions. International cooperation and cross-border investigations have now become an established characteristic of corporate anti-corruption enforcement. In 2022, each of the five corporate resolutions announced by the DOJ’s FCPA Unit involved the DOJ agreeing to credit penalties to resolutions with foreign authorities, including the first-ever coordination with authorities in South Africa. While the trend of international and cross-border cooperation and penalty crediting continued in 2022, the prior convention of international authorities announcing resolutions simultaneously no longer appears to be the given practice. Increasingly, different governments resolve cases on different timelines and, in certain cases, with credits for penalties in potential future actions by foreign authorities.

Continued Focus on High-Risk Industries. In 2022, the SEC and DOJ continued to focus enforcement actions on high-risk industries, such as energy, technology, aerospace, and telecommunications. These industries have historically attracted FCPA enforcement attention due to their broad geographic reach, reliance on third parties, and involvement in sectors with heavy government regulation.

Increased Imposition of Monitorships. In 2022, the US government returned to imposing monitorships more actively—in two out of five corporate resolutions. The DOJ has provided recent guidance related to monitorships, including a September 2022 memorandum by Deputy Attorney General Monaco clarifying that selection of a monitor “must depend on the facts and circumstances of the particular case” and that prosecutors’ assessments of the need for a monitor must occur on a “case-by-case basis.” Also, in February 2023, the DOJ issued a Voluntary Self-Disclosure Policy (VSDP), providing that all US Attorney’s Offices nationwide will not require the imposition of an independent compliance monitor for a cooperating company that voluntarily self-discloses the relevant conduct and timely and appropriately remediates the criminal conduct, if the company demonstrates at the time of resolution that it has implemented and tested an effective compliance program.

Enforcement Focused on Conduct in Latin America. As in prior years, a number of the enforcement actions in 2022 involved conduct that occurred in Latin America. This trend may be explained in part by (1) potentially greater US touch points for many Latin American businesses and government officials; and (2) a strong, cooperative relationship between the DOJ and Brazilian authorities. Examples of 2022 enforcement activity related to conduct in Latin America include the DOJ’s and SEC’s resolutions with Stericycle, an Illinois-based waste disposal and waste management company, connected to bribery schemes in Argentina, Brazil, and Mexico; GOL Linhas Aéreas Inteligentes S.A., a Brazilian airline, related to a bribery scheme involving Brazilian government officials; Tenaris, a global steel pipe manufacturer, related to conduct involving its Brazilian subsidiary; and Honeywell, a manufacturing and technology company, related to a bribery scheme involving a state-owned oil company in Brazil.

Predictions for 2023. In 2023, we expect that DOJ and SEC will continue to prioritize FCPA enforcement with a sustained focus on individual prosecutions linked to large corporate investigations and to encourage cooperation and coordination among international authorities by crediting penalties paid to foreign authorities. It is likely that enforcement authorities will continue to focus on the use of data within corporate compliance programs, with increasing expectations by enforcement authorities for companies to devote greater resources to this issue. In addition, we expect that corporate resolutions in 2023 will provide greater clarity on DOJ’s implementation of its recent amendments to the Corporate Enforcement Policy, including further detail on “extraordinary” cooperation and remediation. Lastly, there will likely be further clarification on the US government’s enforcement policies, including guidance from DOJ relating to ephemeral messaging and compensation claw back policies. Indeed, last week, DOJ announced changes related to both of these topics, as we discuss further here.

[1] To calculate the total monetary penalties imposed in FCPA-related actions against companies, we counted the amounts set out in resolution papers that a settling party could be liable to pay to US enforcement agencies, even if those penalties were ultimately offset by payments to other entities (e.g., foreign authorities).

[2] We recognize that other commentators may present slightly different numbers depending on their methodology. To determine the number of corporate enforcement actions for the year, we counted enforcement actions brought by the SEC and DOJ separately (e.g., parallel settlements with the same entity by the SEC and DOJ count as two actions). However, actions brought by a single agency against related corporate entities (e.g., a parent and subsidiary) for the same core conduct count as only one action. Declinations and case closures are not included within this metric.

To determine the number of enforcement actions against individuals for the year, we counted charges against individuals in the year they were filed, not the year they were announced (i.e., criminal charges unsealed at a later date are included in the count for the year they were originally filed). In addition to charges alleging violations of the substantive FCPA provisions, we also included non-FCPA charges for which the allegations relate to bribery schemes. These non-FCPA charges included, but are not limited to, conspiracy to violate the FCPA, money laundering, and conspiracy to commit money laundering.

Jay Holtmeier, Kimberly A. Parker, Erin G.H. Sloane, and Christopher Cestaro are Partners, and Meghan E. Kaler and Caroline R. Geist-Benitez are Counsel, at Wilmer, Cutler, Pickering, Hale & Dorr LLP.

The views, opinions and positions expressed within all posts are those of the author(s) alone and do not represent those of the Program on Corporate Compliance and Enforcement (PCCE) or of the New York University School of Law. PCCE makes no representations as to the accuracy, completeness and validity or any statements made on this site and will not be liable any errors, omissions or representations. The copyright or this content belongs to the author(s) and any liability with regards to infringement of intellectual property rights remains with the author(s).