No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
    • Upcoming
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Rare Declinations by DOJ’s National Security Division Demonstrate Potential Benefits of Voluntary Disclosure — but Could Obscure the Risks

Self-reporting isn’t a get-out-of-jail-free card

by Justin Weitz, Loyaan Egal, Katelyn Hilferty and Moshe Klein
July 16, 2025
in Compliance, Featured
get out of jail free card

In a recent speech, Matthew R. Galeotti, the head of the DOJ’s Criminal Division, discussed changes in how the DOJ intends to conduct corporate enforcement. The speech, which followed the recent announcements of declinations by the National Security Division, provides insight into how the DOJ is likely to conduct its investigations and make charging determinations as well as guidance to companies on how to navigate a DOJ with changing enforcement priorities. Morgan Lewis partners Justin Weitz, Loyaan Egal and Katelyn Hilferty and associate Moshe Klein encourage companies to remember that self-disclosure has downsides, too.

On June 12, 2025, Matthew R. Galeotti, head of the DOJ’s Criminal Division, delivered remarks on how the recent memoranda impacting criminal enforcement guidelines fit with the DOJ’s efforts to address white-collar and corporate misconduct. Galeotti noted that the DOJ will continue rigorous enforcement of criminal activity by corporations.

Of particular note, Galeotti identified “three key areas of change”: declinations in light of self-disclosure, cooperation and remediation; reduction of corporate monitors; and increasing the efficiency of DOJ investigations. These changes include narrowing the definitions of “aggravating factors” to further incentivize voluntary self-disclosures, reducing or terminating corporate monitors when appropriate and increasing the speed for DOJ decisions to charge or decline.

The announcement came one month after the DOJ publicly released revisions to the Criminal Division’s enforcement priorities and policies for prosecuting corporate and white-collar crimes and almost two months after the DOJ’s National Security Division (NSD) declined to prosecute a NASA contractor that voluntarily disclosed export control violations committed by one of its employees.

That declination decision, only the second-ever issued under that division’s voluntary self-disclosure policy, showcases both how companies can avoid prosecutions for serious national security- and government contract-related violations and the importance of identifying potential violations.

Following Galeotti’s speech, on June 16, the NSD announced another declination after a voluntary self-disclosure by a private equity firm that acquired an entity that had committed sanctions violations by exporting to Iran and Venezuela. Although announced in June, the declination actually occurred in December 2024 and was authorized by the previous administration.

This episode underscores how, even where organizations have no actual knowledge of employee violations, such actions can be imputed to the company under basic principles of corporate liability and how DOJ’s stated policy of crediting prompt voluntary self-disclosures and fulsome cooperation can help companies mitigate those risks.

doj distorted
FCPA

FCPA Enforcement Back on at DOJ — With a New Look

by Jennifer L. Gaskin
June 18, 2025

Read moreDetails

Recent NSD declination decisions

In 2016, a program administrator working under a NASA contract, who was responsible for conducting due diligence on prospective purchasers, sold software licenses to Beijing University of Aeronautics and Astronautics, an institution that was on the US Department of Commerce’s entity list, without first acquiring a license. Court documents indicate that the employee conducted such transactions intentionally knowing that a license was required to sell such licenses to organizations on the entity list. When NASA inquired about such sales, the contractor investigated the sales and immediately disclosed the violations to the DOJ before it had even completed its investigation.

According to the DOJ’s press release on the case, it did not pursue prosecution because “the company took swift and proactive measures to disclose the employee’s wrongdoing, provide all known facts and cooperate—and continue to cooperate—with the government’s investigation.”

Moreover, the company was not required to pay any disgorgement, forfeiture or restitution. In many ways, the decision is in line with the DOJ manual and DOJ policy, which focus on individual wrongdoers and favor declination when an organization voluntarily discloses a violation and cooperates with government investigations.

Despite this, decisions on whether to prosecute a corporation are reviewed independently of decisions to prosecute any individual employees of that corporation. The declination comes more than two years after the DOJ announced the employee’s guilty plea, which may indicate that there was serious consideration over whether to prosecute the company. The ultimate decision is also consistent with Galeotti’s remarks and the Criminal Division’s changing enforcement strategy as the company’s prompt self-disclosure and “extraordinary cooperation” were considered significant factors in the decision to decline prosecution.

More recently, the DOJ’s decision to decline prosecution of a private equity firm is consistent with both NSD’s mergers & acquisitions policy and Galeotti’s remarks regarding the Criminal Division and encouraging voluntary self-disclosure. In that case, the private equity firm’s cooperation with the criminal prosecution of the company’s former CEO, prompt voluntary self-disclosure following the close of the transaction acquiring the company and remediation actions were important factors in the decision to decline prosecution of the firm.

In fact, the NSD recognized the private equity firm’s status as an acquiring entity that voluntarily self-disclosed and cooperated as factors it separately credited in entering into a non-prosecution agreement (NPA) with the entity that was acquired that violated US sanctions laws.

Further implications of the NSD declination decisions

The declination decisions are notable because they showcase the criminal and regulatory risks companies face when they have substandard export control compliance programs. In these cases, DOJ noted that the companies’ prompt voluntary disclosures were significant factors in the decisions not to prosecute.

However, voluntary self-disclosure is not always a panacea. While it ultimately resulted in positive outcomes in these cases, the disclosures were not without burden or risk. The DOJ may still choose to prosecute even after a voluntary self-disclosure, and the decision may largely be determined by the level of cooperation of the disclosing company.

Therefore, despite Galeotti’s statements, the decision on whether to self-disclose violations still requires careful consideration of a variety of factors, including the severity of a violation, political or public relations risks and whether companies are prepared to engage in the necessary steps to make a self-disclosure.

Companies must be prepared to conduct rigorous internal investigations in order to respond to the department’s questions, with the understanding that results are never guaranteed and this may not resolve all of the potential liabilities arising from the violative conduct.

Even a “successful” self-disclosure could have a significant impact on a company’s business. With regard to the company that the private equity firm acquired, which separately entered into an NPA with the DOJ, the Office of Foreign Assets Control at the US Department of the Treasury ultimately settled the sanctions violations for nearly $4 million in penalties.

The public announcements and declination decisions also highlight a potential race to the bottom between companies and employees. Reports by whistleblowers may have the opposite impact of voluntary disclosures as there are further incentives for prosecution, so identifying potential violations as early as possible is key for companies working in the national security space.

As Galeotti mentioned in his remarks, despite any shifting corporate enforcement strategy, the DOJ will continue to vigorously pursue meritorious investigations and open new ones when warranted and voluntary disclosure is only part of an “aggressive and robust strategy to investigate and prosecute white-collar and corporate crime.”

On this point, Galeotti explicitly noted that “[f]or those who do not come forward despite all the benefits available: we will move aggressively—yet fairly—to prosecute white-collar offenders whose crimes undermine U.S. interests.” As Galeotti stated, key to such aggressive enforcement will be whistleblowers.

Finally, national security-related violations do not only result in criminal enforcement. Such violations can also be the source of civil claims, including False Claims Act liability, as well as suspension or debarment for government contractors.

Companies must remain vigilant and proactive with regard to their compliance programs, and Galeotti has recommended that when facing potential white collar violations “[t]his is the time for companies to self-report.”

During this unique period, such decisions still require careful consideration informed by rigorous factual investigations and legal analysis to assist companies in limiting various liabilities and risks, ranging from criminal liability to False Claims Act liability, civil claims and suspensions or debarment.

Key takeaways

  • Comprehensive internal investigations are a key tool for companies, government contractors and organizations engaged in international trade and whose activities implicate national security considerations to identify potential violations and ultimately mitigate enforcement risk.
  • Failure to identify violations opens the door to whistleblower reports that present the risk of criminal and civil enforcement as well as suspension or debarment. For example, the Criminal Division has amended its corporate whistleblower awards pilot program to include tips that lead to forfeiture for, among other things, trade, tariff and customs fraud by corporations.
  • Changes in DOJ corporate enforcement strategy indicate that voluntary self-disclosures, including in the national security context, may result in positive outcomes for companies, including assessing whether early termination of an existing compliance agreement is warranted based on self-reporting of the conduct, and that the DOJ will continue to prosecute serious violations, especially when such violations are not disclosed. Yet, despite these policies and Galeotti’s remarks, there remain risks related to self-disclosure, including criminal prosecution. NSD’s voluntary self-disclosure program is still new, and in some circumstances, the division may determine that national security considerations require criminal prosecution despite the self-disclosure.
  • Thus far, it appears the DOJ is rewarding companies that mitigate further criminal liability by voluntarily self-disclosing and fully cooperating once they discover violations, especially those related to export control and/or sanctions. However, the decision on whether to self-disclose is not without risk and should be subject to a factual investigation of the underlying potential violation and a rigorous legal analysis to ensure that all necessary factors have been considered and self-disclosure remains the most appropriate avenue. 

Tags: DOJ
Previous Post

If AI Can Easily Game Hiring Processes, Maybe It’s Time to Rethink What You’re Looking For

Justin Weitz, Loyaan Egal, Katelyn Hilferty and Moshe Klein

Justin Weitz, Loyaan Egal, Katelyn Hilferty and Moshe Klein

Justin Weitz is a partner at Morgan Lewis in Washington, D.C. who spent nearly a decade in the DOJ’s Criminal Division. He represents clients in a variety of matters, including government and internal investigations, criminal and civil enforcement proceedings and litigation and other white collar matters.
Loyaan A. Egal is a partner at Morgan Lewis in Washington, D.C. He represents clients on regulatory, national security, and law enforcement matters related to privacy, data protection, cybersecurity, national security/foreign investment screening, information and communications technology and services (ICTS) supply chain risk, consumer protection and fraud, and he formerly served as chief of enforcement for a regulatory agency, staff chair of an executive branch interagency committee tasked with national security/foreign investment risk reviews and an assistant US attorney in two of the largest US Attorney’s Offices in the country.
Katelyn Hilferty is a partner at Morgan Lewis in Washington, D.C. She advises clients on a wide range of international compliance and enforcement issues, including import matters before US Customs and Border Protection (CBP), export controls under the International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR), economic sanctions and embargoes administered by the Office of Foreign Assets Control (OFAC) and foreign investment reviews before the Committee on Foreign Investment in the United States (CFIUS)
Moshe Klein is an associate at Morgan Lewis in Washington, D.C. He focuses his practice on a range of litigation matters, including government contracts and international trade and national security. Prior to joining Morgan Lewis, he attended the Georgetown University Law Center and the School of Foreign Service, graduating as joint-degree student with a J.D. and M.A. in security studies.

Related Posts

doj distorted

FCPA Enforcement Back on at DOJ — With a New Look

by Jennifer L. Gaskin
June 18, 2025

After a shorter-than-expected pause, officials with the DOJ have formally renewed the department’s enforcement of the FCPA. CCI’s Jennifer L....

doj exterior sign

How to Use the DOJ’s ECCP to Build (or Fix) Your Compliance Program

by Susan Divers
June 5, 2025

Corporate compliance programs face increasing scrutiny as the DOJ applies its evaluation framework across industries and company sizes, from multinational...

doj sign front

Assessing the Business Risks of the Trump Administration’s ‘Total Elimination’ Strategy

by José Cortina and Jennifer Christian
May 20, 2025

As cartels increasingly participate in mainstream economic activities, traditional due diligence practices become inadequate to address new material support risks

doj sign and sculpture

DOJ’s New CEP Proposes Guaranteed Declination for Some Self-Reporters

by Jennifer L. Gaskin
May 13, 2025

The Trump Administration continues reshaping its approach to corporate crime, with the DOJ issuing major revisions of its corporate enforcement...

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
    • Upcoming
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights