With Biden’s inauguration around the corner and additional political appointments on the horizon, what can corporate compliance officers and in-house counsel expect with regard to corporate enforcement under the Biden administration? Alvarez & Marsal’s Steve Spiegelhalter and Paul Fitzsimmons discuss.
In a normal presidential transition year, Washington, DC welcomes thousands of new legislators, policymakers and lawyers. The changes deeply impact Washington, as at least half of Washington looks forward to the coming years as a chance to change policy and adopt laws that reflect its worldview. Companies read the tea leaves to determine how a new regulatory agenda may impact their businesses.
2020 was an oddity by any standard – and the tea leaves don’t necessarily yield a clear reading of what’s to come. Congress is narrowly divided; indeed, as of now, its balance is undecided. And the pandemic looms large. In March 2020, former Attorney General Barr diverted significant U.S. Department of Justice (DOJ) resources to “prioritize the detection, investigation and prosecution of all criminal conduct related to the pandemic.”[1] Even the DOJ units that usually spend their time focusing on alleged corporate wrongdoing – like the DOJ’s Criminal Fraud Section – have diverted resources to pandemic-related crime. Those that have continued standard corporate enforcement have faced unprecedented challenges. Building rapport with witnesses and looking subjects and targets in the eye are time-honored features of criminal enforcement. That work is harder to do in a pandemic, when most prosecutors can’t even spend time in their offices.
Neither the pandemic nor the DOJ’s current constitution will last forever. A vaccine is coming, prosecutors and regulators will return to their offices and the business of investigation and regulation will return to normal. In the coming months, the DOJ and the U.S. Securities and Exchange Commission (SEC) will resume their standard business, even if their emphases or policies may change. Upcoming political appointments in key agencies such as the DOJ and SEC, the Treasury, the Environmental Protection Agency (EPA) and the Consumer Financial Protection Bureau (CFPB) will surely influence each agency’s enforcement priorities.
Some changes are predictable: The DOJ’s Civil Rights Division is likely to become more active in the coming four years than it was in the last four, as will the enforcement of environmental statutes. Yet some will undoubtedly take us by surprise. Who would have predicted that the past four years of enforcement would have focused so heavily on opioid distribution and pandemic-related crime? And who knows what shock the next four years will bring? To paraphrase Ralph Waldo Emerson, events are in the saddle and ride mankind.
We will focus on the knowable, along with areas that impact most companies and offer some guidance most appropriate for the world in which we currently find ourselves. This article briefly addresses the Foreign Corrupt Practices Act, False Claims Act, SEC enforcement and what’s to come in the realm of financial disclosures. We conclude with some thoughts on how to prepare for increased activity in each of these areas.
Foreign Corrupt Practices Act (FCPA)
President Trump notoriously disliked the FCPA, but his career prosecutors unabashedly continued the statute’s enforcement. Of the 10 largest FCPA resolutions in history, six were resolved under Trump’s watch – although, notably, all six cases were initiated prior to Trump’s tenure.[2] Activity under the Trump administration reflects the generally nonpartisan nature of foreign anti-corruption enforcement. FCPA enforcement originally came alive during a Republican administration and has increased at an even pace across administrations of both parties.
Much of how the DOJ and SEC will enforce the FCPA is already baked in anyhow. Over the past four years, the DOJ and SEC have accelerated the pace at which they issue FCPA-related guidance. The DOJ’s latest guidance, in June 2020, reiterated key elements of the U.S. Sentencing Guidelines while offering expanded guidance for corporate compliance officers. It is unlikely that that this guidance – or the incentive structure in place for self-reporting and cooperation – will change under the Biden administration. Instead, companies can expect the DOJ and SEC to maintain their emphasis on effective corporate compliance, self-disclosure and cooperation during investigations.
Two things may change. First, a Biden DOJ may be more predisposed to impose external corporate monitorships on companies resolving FCPA and other cases. In an edict that might be interpreted to reflect a pro-business worldview, Trump’s DOJ issued a memorandum recognizing the costs of monitorships and a reluctance to impose them. A Biden DOJ Front Office is unlikely to strike the same balance on monitorships – a reality that raises the stakes for companies under investigation.
Second, the Biden administration will likely face an influx of whistleblower reports and self-reports from companies whose businesses changed and whose compliance programs were derailed by COVID-19 and the recession. Recessions lead to force reductions, and reduced employees are more likely to blow the whistle on conduct they find questionable. The SEC’s latest whistleblower report already reflects an uptick. This comes at the same time that the pandemic and economic downturn have seriously disrupted business. Companies in downturn often offer their salespeople outsized incentives to increase sales – measures that come with increased compliance risks. Many companies also altered the way they go to market, using more third parties and exposing themselves to more third-party risk. Moreover, companies often cut costs in recessions, and compliance departments must often do more with less. A simultaneous increase in compliance risks and decrease in compliance commitment could spell disaster. And it’s likely to lead prosecutors and regulators to question corporate commitment to avoiding crime.
False Claims Act (FCA)
Even before the pandemic, the FCA was on a roll. In early 2020, the DOJ announced that it recovered more than $3 billion in settlements and judgments from civil cases involving fraud and the FCA in fiscal year 2019. Of that amount, over 85 percent related to matters that involved the health care industry, including drug and medical device manufacturers, managed care providers, hospitals, pharmacies, hospice organizations, laboratories and physicians.[3] This marks the 10th consecutive year the department’s civil health care fraud settlements and judgments have exceeded $2 billion.
Even against that backdrop, the FCA is likely headed for an impressive uptick in enforcement. The government doled out unprecedent amounts of cash in the past year: The CARES Act, Paycheck Protection Program, Federal Reserve Lending and other COVID-19-related relief have pumped over $5 trillion into the U.S. economy to help individuals and companies ravaged by the virus.[4] Federal relief dollars always presage a rise in fraud and then an effort to recoup money that went astray. This was true, for instance, after Katrina and the Gulf oil spill. Unlike Katrina and the oil spill, which were generally localized in their impact, the pandemic has impacted companies large and small from all around the country. And companies applying for federal funds faced considerable uncertainty about the duration of the pandemic, its impact on their businesses and the rules around taking federal funds to survive. Indeed, some were so worried about the strings attached to funds that they returned them.[5]
Misusing funding may carry the potential for FCA liability, since recipients are required to make certain assertions and certifications to receive loans or other financial assistance, including loan forgiveness. The DOJ’s Procurement Collusion Strike Force has also worked closely with federal, state and local governments to deter, detect, investigate and prosecute wrongdoing associated with bidding on COVID-19-related contracts, including bid rigging, price fixing and other anti-competitive misconduct.[6]
With the massive influx of federal stimulus money related to COVID-19, government contractors and funding recipients can expect the DOJ to remain vigilant in its prosecution of FCA offenses. Organizations doing business with the government or taking government funds must therefore maintain robust compliance programs that prevent, detect and correct any potential noncompliance.
SEC Enforcement & Potential Changes to Financial Disclosures
With Jay Clayton’s November 2020 announcement that he would step down from his post as SEC Chair at year end, it’s been only natural to speculate about what the SEC may prioritize under the new administration. Despite some reported criticism that Clayton’s Commission wasn’t tough enough on Wall Street, the SEC collected approximately $14 billion in various fines and agreements during his tenure, with a record $4.68 billion in 2020 alone.[7]
The SEC Enforcement Division’s annual report, issued in November 2020, summarized a year of enforcement wins despite challenges introduced by the pandemic. Director Stephanie Avakian, who announced in December 2020 that she would resign at year end, highlighted the Division’s use of proactive, risk-based analytics to identify potential misconduct, its emphasis on accelerating the pace of investigations (median of 21.6 months last year – a five-year low) and its commitment to rewarding whistleblowers and cooperative companies.[8]
The bulk of the SEC’s 405 standalone cases in fiscal year 2020 concerned securities offerings (32 percent), investment advisory and investment company issues (21 percent) and issuer reporting/accounting and auditing (15 percent) matters. The SEC also brought actions relating to broker-dealers (10 percent), insider trading (8 percent) and market manipulation (5 percent), as well as other areas, such as public finance (3 percent) and FCPA (2 percent).[9]
On November 9, 2020, new SEC amendments took effect related to disclosure requirements associated with business, legal proceedings and risk factors. It is possible that the incoming administration and its congressional allies will also use disclosure requirements to effect changes aligned to their broader agenda. For instance, Dodd-Frank ushered in disclosures related to conflict minerals. We anticipate that, at the very least, the SEC may issue prescriptive guidance for areas with emerging emphasis, such as environmental, social and governance (ESG) standards and data privacy, both of which the U.S. government is likely to take cues from more well-developed European regimes. We also expect the SEC to take a fresh look at disclosure requirements around supply chain disruption and vulnerability exposed by the pandemic.
Similarly, companies should expect additional disclosure requirements relating to their environmental impacts. The incoming Biden administration has already emphasized its focus on environmental issues. Biden’s appointments to the Office of Management and Budget and the National Economic Council both reflect Biden’s focus on the environment. Biden has also spoken about a desire to develop an Environmental and Climate Justice Division within the DOJ to complement the work of the Environment and Natural Resources Division. Companies should expect significant activity in this area – disclosure-related and otherwise.
What Organizations Can Do to Prepare
As has always been the case, today’s activities are the seeds of future enforcement – or defense against enforcement. Given the pandemic’s impacts and likely changes in enforcement, in some ways, the basics have never been more important.
Refresh Your Risk Assessment
Even under the best of circumstances, many companies let too much time pass between risk assessments. But the problem now may not only be age, but significant changes in circumstance. The starting point for an effective compliance program is a regular assessment of risks facing the company. With COVID-19 continuing to impact nearly every sector and geography, and a new administration around the corner, now is an excellent time to plan and conduct your next risk assessment.
When preparing the assessment, companies should specifically account for recent changes to their business. Today, that’s likely to include supply-chain disruption and attendant workarounds, exposure to new third parties who help out in functions that employees used to fill and increased sales incentives to help companies work their way out of a weakened economy. Companies should study these issues deeply when ascertaining their risks and assessing their compliance responses.
Evaluate Your Program Against the DOJ’s Latest Guidance
The DOJ’s June 2020 revised guidance on effective corporate compliance programs stressed that an effective program should be data-driven and continuous – constantly evolving based on insights gleaned from risk assessments and identified misconduct.
Consider the extent to which your organization is utilizing available data to drive compliance-related decisions. Has your company modernized its ability to monitor third-party relationships, implemented analytics to proactively spot potential issues and considered enhancements related to its ability to identify, investigate and remediate misconduct?
Document Your Compliance Initiatives and Progress
Organizations are making great strides in the use of technology and analytics to enhance compliance efforts, but often fail to document and articulate those enhancements to government investigators. Being able to explain not only the current state of your program – but tangible enhancements you’ve made over time (e.g., increased resources and technology) – will assist you in demonstrating to government investigators that your program is effective.
Recordkeeping not only facilitates information sharing and decision-making within the company, but will prove vital in the context of an investigation. Seek regular feedback from the board and management, document action items and plans related to compliance and keep track of progress toward objectives.
[1] https://www.justice.gov/ag/page/file/1258676/download (p.2)
[2] http://fcpa.stanford.edu/total-sanction.html
[3] https://www.justice.gov/opa/pr/justice-department-recovers-over-3-billion-false-claims-act-cases-fiscal-year-2019
[4] https://www.covidmoneytracker.org/
[5] https://www.nbcnews.com/business/business-news/which-companies-are-returning-their-ppp-loan-here-s-list-n1194566
[6] https://www.justice.gov/coronavirus/DOJresponse
[7] https://www.sec.gov/news/press-release/2020-284
[8] https://www.sec.gov/files/enforcement-annual-report-2020.pdf (p.6)
[9] Ibid, p.16