DOJ corporate enforcement overhaul: More declinations, fewer monitors, and FCPA enforcement still in question

Nine key takeaways

1. The revisions provide a clear path to declination – instead of a presumption of declination under the previous policies.
2. Remediation and cooperation can lead to a declination even if self-disclosure requirements are not met.
3. Non-prosecution agreements will be the default form of resolution if declination is unwarranted.
4. Despite these benefits, disgorgement/forfeiture remains a requirement, which can be a significant cost disadvantage to self-disclosure.
5. DOJ will not impose monitors except in exceptional circumstances.
6. Individual prosecutions remain DOJ’s top priority, whereas DOJ may refrain from corporate prosecutions when civil or administrative alternatives are available.
7. DOJ outlines key priority areas, such as national security, healthcare fraud, and transnational criminal organizations, some of which have been integrated into CWA’s scope.
8. Companies should reconsider their exposure to corporate criminal enforcement risks in light of these key priority areas, especially where whistleblower incentives are provided.
9. Nothing in the revised policies indicates whether or not these revisions satisfy the requirements of Executive Order 14209, which temporarily pause the enforcement of the U.S. Foreign Corrupt Practices Act pending issuance of updated enforcement guidelines.

Overarching policy rationale

The Head of DOJ’s Criminal Division, Matthew Galeotti, outlined the scope and rationale of the policy revisions in a memorandum to the Division’s personnel and in public remarks at the Securities Industry and Financial Markets Association’s Anti-Money Laundering and Financial Crimes Conference.

Galeotti stated that white-collar enforcement efforts “have come at too high a cost for businesses and American enterprise” because “businesses have been subject to unchecked and long-running investigations that can be costly—both to the Department and to the subjects and targets of its investigations—and can unduly interfere with day-to-day business operations.”¹ Galleotti directed prosecutors to “avoid overreach that punishes risk-taking and hinders innovation” and “strike an appropriate balance between the need to effectively identify, investigate, and prosecute corporate and individuals’ criminal wrongdoing while minimizing unnecessary burdens on American enterprise.”²

In response, DOJ revised (i) the Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy (CEP) to provide increased incentives to companies that self-disclose misconduct, (ii) the Memorandum on Selection of Monitors in Criminal Division Matters, and (iii) the Corporate Whistleblower Awards Pilot Program.

CEP revisions

The CEP is the Criminal Division’s primary policy on determining whether to initiate corporate enforcement and assessing a company’s voluntary self-disclosure. The CEP has been influential on other DOJ Divisions’ voluntary disclosure policies, such as the National Security Division, and on other Department’s policies, such as the Department of Commerce. Galeotti remarked that the CEP “had gotten unwieldy and hard to navigate” and that companies assumed that the previous version of the policy would “generate lengthy drawn-out investigations that [were] ultimately detrimental.” Galeotti concluded that this assumption “deterred companies from cooperating and allowing [DOJ] to more readily target the most culpable actors.”³

The revised CEP seeks to bring transparency and eliminate uncertainty of DOJ’s assessment of a company’s self-disclosure, as well as provide additional incentives to companies that self-disclose. The CEP now provides a clear path to declination – instead of a presumption of declination – assuming that a company (i) voluntarily self-discloses, (ii) fully cooperates, (iii) timely and appropriately remediates, (iv) pays disgorgement/forfeiture, and (v) has no aggravating circumstances. The CEP also now allows for a declination even if aggravating circumstances are present based on weighing the severity of these circumstances and the company’s cooperation and remediation.

Further, the revised CEP provides a path to a non-prosecution agreement (NPA) for three or fewer years, a 75 percent redaction off the low end of the U.S. Sentencing Guidelines (USSG), and no compliance monitor, even if (i) aggravating circumstances are present, or (ii) the self-disclosure was untimely or made after DOJ had become aware of the misconduct.

Absent self-disclosure or other requirements, DOJ will still have discretion to recommend a resolution of any type of (presumably including a declination, NPA, or deferred prosecution agreement (DPA)), any term, and any compliance obligations. DOJ will not reduce the fine more than 50 percent of the USSG range. The CEP clarifies that this 50 percent reduction will presumptively be off the low end for companies that fully cooperate and timely and appropriately remediate, otherwise prosecutors will have discretion to select the starting point of the reduction.

In practice, these revisions mean that the vast majority of companies that seek to resolve potential misconduct can likely count on either a declination or an NPA instead of a DPA, which was considered the default outcome under the previous CEP. The revised CEP also attempts to assuage the concern under the previous CEP that a company may genuinely self-disclose misconduct only to discover that it is ineligible for a declination because DOJ was already aware of it. That company is today potentially eligible for a declination or at least at 75 percent fine reduction.

However, the revised CEP does not address another chronic issue in considering a self-disclosure: the amount of disgorgement/forfeiture that will be at issue. As we analyzed before, potential disgorgement/forfeiture amounts can potentially rise to hundreds of millions of dollars, even without fines. Further, the requirements of full cooperation and timely and appropriate remediation remain largely the same, though the revised CEP has eliminated the notion of “extraordinary cooperation.” These requirements, and how they are satisfied, remain open to interpretation, and each prosecutor retains discretion, even despite DOJ’s more business-friendly approach.

Monitor selection

Galeotti reflected that “the value monitors add is often outweighed by the costs they impose,” “create an adversarial relationship . . . , impose significant expense, . . . and unduly interfere with business” and, therefore, we “can expect to see fewer of them going forward.”⁴

The monitor selection process is now governed by four criteria. If the criteria indicate potential benefit, DOJ must weigh the benefit against the potential cost of the monitor.

The criteria are:

1. Do the nature and seriousness of the underlying conduct and historical recidivism indicate potential reoccurrence that would significantly impact U.S. national security interests and can a monitor mitigate this risk? Examples of national security interests include sanctions evasion; foreign bribery with significant impact on U.S. interests; trade fraud and tariff evasion; procurement and healthcare fraud; and conduct involving cartels, terrorist organizations, and narcotics trafficking.
2. Can other U.S. or foreign regulators exercise sufficient oversight together with self-directed methods? Or has the company engaged in misconduct despite historical regulatory oversight?
3. Has the company taken remedial action by the time of the corporate resolution? DOJ must consider the company’s shifting risk profile, leadership changes, voluntary engagement of third-party compliance consultants, and other self-directed actions.
4. Has the company adequately tested its compliance program and internal controls to demonstrate that they would likely detect and prevent similar misconduct in the future?

The new monitor selection policy stipulates that the cost of the monitor must be proportionate to (i) the severity of the misconduct including loss, fine, and forfeiture; (ii) the illicit profits; and (iii) the company’s size and risk at the time of resolution. Monitors are required to cap their rates, submit a budget to DOJ, and take all reasonable steps to minimize costs.

Ultimately, if a monitor is determined to be necessary, Galeotti directed that prosecutors must “narrowly tailor and scope the monitor’s review and mandate.”⁵

The selection criteria and overriding cost considerations appear to provide prosecutors broad discretion on requiring a monitor. Considerations such as U.S. national security, effectiveness of regulatory oversight, and proportionality of costs to benefit are open to interpretation. These considerations have been adopted so that we see fewer monitorships going forward.

Corporate whistleblower awards pilot program

DOJ also announced the addition of several priority areas that are now covered under the CWA. These areas are consistent with the Trump administration’s broader enforcement priorities and demonstrate a desire to incentivize whistleblowers to come forward with actionable information. Specifically:

• Trade, tariff, and customs fraud, which harm the U.S economy, competitiveness, and national security;
• Violations of federal immigration law;
• Violations involving sanctions, material support of foreign terrorist organizations, or those that facilitate cartels, including money laundering and narcotics trafficking, with a focus on financial institutions, shadow bankers, other intermediaries that facilitate sanctions evasion, and manufacturers and distributors of fentanyl and opioids; and
• Procurement, healthcare, and federal program fraud including Medicare, Medicaid, defense spending, and other programs intended to assist vulnerable citizens.

Companies should factor in their risk assessments the presence of whistleblower incentives in these areas and, where appropriate, consider mitigation.

Other policy pronouncements

Galeotti’s memorandum to Criminal Division personnel provides a glimpse into DOJ’s priorities that companies under U.S. jurisdiction should incorporate into their risk assessments.

Galeotti reiterated DOJ’s commitment to relentlessly prosecute individuals, irrespective of seniority, who harm shareholders, workers, and American investors and consumers. He noted that not all corporate misconduct warrants federal criminal prosecution, especially in light of civil and administrative remedies, signaling a tempered stance.

In addition to the priority areas discussed above in the CWA context, Galeotti outlined types of misconduct in which DOJ is most interested, including:

• Complex fraud that victimizes U.S. investors, individuals, and markets, including, but not limited to, Ponzi schemes, investment fraud, elder fraud, service member fraud, and fraud that threatens the health and safety of consumers.
• Fraud against digital asset investors.
• Misconduct by variable interest entities, which DOJ asserts are typically Chinese-affiliated companies listed on U.S. exchanges, that facilitate the flow of U.S. funds into strategic industries in China, engage in “ramps and dumps,” and seek to manipulate the U.S. market.
• Money launderers including “Chinese Money Laundering Organizations,” which are understood to be connected with organized crime and narcotics trafficking.
• Misconduct by financial gatekeepers, such as financial institutions and presumably lawyers, accountants, real estate professionals, fine art and jewelry brokers, and others.

The open question: FCPA enforcement

On February 10, 2025, President Trump ordered DOJ to pause enforcement of the Foreign Corrupt Practices Act (FCPA) and issue new enforcement guidelines that take into consideration U.S. national security and the competitiveness of U.S companies abroad with Executive Order 14209. As we predicted, the May 12 barrage of policy revisions consistent with the executive order put “America first,” is interspersed with U.S. national security considerations, and repeatedly links corporate crime to organized crime.

The revised policies are not billed as the new FCPA enforcement guidelines requested by the President. The revised policies, however, have some predictive value for the revised FCPA enforcement guidelines that DOJ may issue in the future.

Conclusion

It will be necessary to closely monitor how DOJ implements its updated policies, including through enforcement action and resolutions to come. In the meantime, companies should continue to stay the course on compliance and ethics, re-assess their risk profiles in light of the priority areas that Galeotti announced, and continue to invest in prevention and remediation. Though self-disclosure and remediation appear to now lead to more significant benefits that are within a company’s control, companies should engage seasoned counsel that can guide them in assessing these benefits and potential pitfalls of self-disclosure.

Authored by Stephanie Yonekura, Peter Spivack, Matthew Sullivan, Jerrob Duffy, Kushaal Ved, and Nikolaos Doukellis.