2024-2025 Global AI Trends Guide
On March 7, 2024, the U.S. Department of Justice’s National Security Division (NSD) issued an updated Enforcement Policy for Business Organizations. The updated policy encourages companies to voluntarily disclose to NSD certain potential criminal violations primarily related to export controls and sanctions laws, but also other criminal violations that “arise” out of such laws and implicate national security concerns. The updated policy also incorporates DOJ’s recently-announced Mergers & Acquisition Safe Harbor Policy providing that an acquiror may not be criminally liable for the conduct of its acquiree assuming the acquiror takes certain steps to rectify the conduct. Finally, the updated policy no longer guarantees that a monitor will not be required in certain cases.
On March 7, 2024, the U.S. Department of Justice’s National Security Division updated its Enforcement Policy for Business Organizations (2024 Enforcement Policy).1 The 2024 Enforcement Policy encourages companies to voluntary self-disclose to NSD certain potential criminal violations primarily related to export controls and sanctions laws and supersedes NSD’s previous enforcement policy, dated March 1, 2023 (2023 Policy). The 2024 Enforcement Policy arrived the same day as Deputy Attorney General Lisa Monaco’s public announcement of a DOJ-wide whistleblower rewards pilot program, which, when finalized, will qualify individuals who help DOJ discover significant corporate or financial misconduct to receive a share of any resulting forfeiture,2 and one day before Assistant Attorney General Matthew Olsen’s remarks that NSD is “ramping up [its] staffing and resources significantly”3 – two indicators that NSD enforcement efforts are on the rise. This Alert highlights the key differences between the 2023 and 2024 Policies – the largest change being the explicit incorporation of the Department-wide Mergers & Acquisitions (M&A) Safe Harbor Policy, which DAG Monaco announced last October.4 The NSD-specific M&A Policy illustrates the concurrent development of corporate cooperation incentives with NSD’s efforts to increase the size of its criminal export controls and sanctions enforcement docket.
Companies should seek to structure acquisitions and pre-closing due diligence in a manner that allows them to take advantage of the Safe Harbor protections, should they become relevant and desirable. In addition to incorporating the M&A Safe Harbor Policy, the 2024 Enforcement Policy makes clear that the NSD voluntary self-disclosure (VSD) program applies to potential violations of some criminal statutes beyond export control and sanctions laws. Finally, the 2024 Enforcement Policy appears to soften the language of NSD’s former policy which stated that, even in the presence of aggravating factors, NSD would not impose a monitor if a business entity met the requirements to claim credit under the VSD program.
The biggest change in the 2024 Enforcement Policy is the full incorporation of the Department-wide M&A Safe Harbor Policy. NSD appears to have incorporated in full the policy, which DAG Monaco outlined last October.
An acquiring company will qualify for the M&A Safe Harbor Policy if it:
Under such circumstances, there is a presumption that NSD will decline to prosecute the acquiror. Additionally, the acquiror will not pay a criminal fine or forfeit assets, and the disclosed conduct will not factor into the acquiror’s history of recidivism in future matters.6 These safe harbor protections are available despite the presence of aggravating factors at either the acquiror or the acquiree, so long as those aggravating factors do not persist after self-disclosure.7 While the acquiree does not benefit from the additional safe harbor protections, NSD may credit the acquiror’s timely voluntary self-disclosure to the acquiree if it remains a distinct legal entity.
The 2024 Enforcement Policy preserves the essential elements of the 2023 Policy for when a business may benefit from NSD’s VSD program. To do so, a company must:
If a company meets these three conditions, NSD “generally will not seek a guilty plea, and there is a presumption that the company will receive a non-prosecution agreement and will not pay a fine,” with a declination also being a possibility.9 However, certain aggravating factors listed in the 2024 Enforcement Policy may warrant a deferred prosecution or guilty plea even when the three conditions are met. The aggravating factors listed in the 2024 Enforcement Policy include: repeat violations; involvement of senior management; significant profit to the company from the misconduct; sanctions or export offenses that are actively concealed by other serious criminal activity such as fraud or corruption; unlawful transactions or exports involving a Foreign Terrorist Organization or Specially Designated Global Terrorist (both designations used by the U.S. Department of the Treasury’s Office of Foreign Assets Control for certain Specially Designated Nationals and Blocked Persons); and exports of items controlled for nuclear nonproliferation or missile technology to a proliferator country, items known to be used in the construction of weapons of mass destruction, or military items to a hostile foreign power.10
Under such circumstances, NSD will recommend less than a full criminal fine and “generally” not require appointment of a compliance monitor if the company can demonstrate it has instilled an effective compliance program and remediated the root cause of misconduct.11
The 2024 Enforcement Policy makes two potentially key changes to the non-M&A VSD program. First, the 2023 Policy applied to potentially criminal violations of the government’s “primary export control and sanctions regimes,” identified as the Arms Export Control Act, the Export Control Reform Act, and the International Emergency Economic Powers Act. The updated VSD program broadens its scope to potential violations of “other criminal statutes” that implicate national security because they “arise out of or relate to the enforcement of export control and sanctions laws.”12 Those other criminal violations may include offenses related to money laundering, bank fraud, smuggling, fraudulent importation, false statements, the Foreign Agents Registration Act (FARA), laws prohibiting material support to and financing of terrorists, and criminal violations of proceedings before the Committee on Foreign Investment in the United States (CFIUS) or the Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector (Team Telecom).13 These other offenses are non-exclusive, and companies will need to carefully assess whether potential criminal violations have an export control/sanctions nexus that warrants self-disclosure to NSD.
Second, the 2023 Policy stated that NSD “will not require appointment of a monitor” on companies meeting the three conditions of the VSD program – but which are nevertheless subject to a DPA or guilty plea due to aggravating factors.14 However, the 2024 Enforcement Policy adds a qualifier that NSD will “generally” not require a monitor, which appears to soften the perceived benefits of self-reporting to NSD under the 2023 Policy.15 It is important to note that adding the word “generally” to the 2024 Enforcement Policy appears more in line with language from enforcement policies issued by other DOJ components.16 It remains to be seen whether NSD will actually impose a monitor in circumstances that also merit leniency pursuant to the updated policy, or whether this change is merely meant to provide additional flexibility to NSD during negotiations and bring its policy in line with policies issued by other DOJ components.
Companies should assess these factors when conducting due diligence on a potential acquiree and when assessing potential criminal violations related to export controls and sanctions to determine whether any additional national security laws are implicated.
Please contact any of the Hogan Lovells attorneys listed for additional information.
Authored by Jesse Suh, Ashley E. Roberts, David Sharfstein, J. Evans Rice, and Stephen F. Propst.