Late last week, the Department of Justice’s Criminal Division announced at an ABA white-collar conference that it has begun using the FCPA Corporate Enforcement Policy (PDF: 51 KB) as “nonbinding guidance” in other areas of white-collar enforcement beyond the FCPA. As a result, absent aggravating factors, DOJ may more frequently decline to prosecute companies that promptly self-disclose misconduct, fully cooperate with DOJ’s investigation, remediate in a complete and timely fashion, and disgorge any ill-gotten gains. As a first example of this approach, the officials pointed to DOJ’s recent decision (PDF: 1,743 KB) to decline charges against Barclays PLC, after the bank agreed to pay back $12.9 million in wrongful profits, following individual charges arising out of a foreign exchange front-running scheme. Continue reading
Yesterday, in keeping with a heightened governmental focus on cybersecurity, as exemplified by the Justice Department’s formation of a new Cyber-Digital Task Force (PDF: 62 KB) earlier this week, the Securities and Exchange Commission announced new guidance on cybersecurity disclosures by public companies (the “Guidance (PDF: 139 KB)”).
Much of the Guidance tracks 2011 interpretive guidance from the SEC’s Division of Corporation Finance and retains a focus on “material” cyber risks and incidents. However, the expanded details and heightened pressure to disclose indicated in the Guidance, along with its issuance by the Commission itself, signal that the SEC expects public companies to consider more detailed disclosure of cyber risks and incidents, and to maintain “comprehensive” policies and procedures in this area. The SEC is also encouraging, though not requiring, forward-leaning approaches, such as with respect to disclosures about the company’s cyber risk management programs and the engagement of the board of directors with management on cybersecurity issues. SEC Chairman Jay Clayton has also directed (PDF: 92 KB) SEC staff to monitor corporate cyber disclosures. Continue reading
In our memo last year, we acknowledged that it was close to impossible to predict the likely impact that the newly elected Trump administration would have on white-collar and regulatory enforcement. (White Collar and Regulatory Enforcement: What to Expect in 2017 (PDF: 240 KB)) Instead, we set out a list of initiatives we urged the new administration to consider, including clarifying standards for when cooperation credit would be given, reducing the use of monitors, and giving greater weight to a company’s pre-existing compliance program when exercising prosecutorial discretion, among other suggestions. While the DOJ under Attorney General Jeff Sessions has, for example, taken some steps toward clarifying the applicable standards for cooperation and increasing incentives to disclose misconduct in the FCPA area, few other policy choices or shifts in approach have been articulated or implemented. Continue reading