Update Compliance Programs To Meet DOJ New Voluntary Compliance Disclosure Policy Requirements


Organizations and their leaders risk, federal criminal liability from violations of an ever-growing multitude of federal tax, securities, cyber liability, labor and employment, safety, environmental and other laws.

As part of these efforts, leaders now need to consider the advisability of enhancements or other modifications of their organization’s Federal Sentencing Guideline and other compliance programs and practices in light of the new corporate criminal conduct Voluntary Self-Disclosure Policy (“VSD policy”) announced by the Department of Justice on February 23, 2023. Concurrently, organizations and their leaders also will want to monitor and respond promptly to Justice Department statements and congressional recommendations on proposed Guideline changes providing critical insights into the Justice Department’s planned interpretation and enforcement of federal criminal laws and the Guidelines against organizations and their leaders like those available here.

While the application of the VSP policy inherently requires subjective decision-making, the VSP policy and other emerging statements reinforces to organizations and their leaders the advisability of ensuring their organizations adopt and administer effective Federal Sentencing Guideline compliance programs for the ever-growing list of laws applicable to their organizations that carry potential felony and class A misdemeanor criminal liability and timely to investigate and self-disclose violations with the assistance of legal counsel in accordance with the Guideline requirements for liability mitigation to mitigate the potential liability exposure of the organization and its leader.

VSD Policy Standardizes USAO Sentencing Guideline Organization Liability Determinations

Chapter 8 of the Federal Sentencing Guidelines sets standards for the assessment of criminal liability and punishment against corporations, partnerships, labor unions, pension funds, trusts, non-profit entities, and governmental units (“organizations”) and their leaders for legal violations committed by the organization that carry felony or Class A misdemeanor liability or when the Federal Sentencing Guidelines impute criminal liability to the organization for criminal acts that an employee of the organization commits an act within the apparent scope of his employment.

The standards for organizational sentencing offer organizations and potentially culpable leaders the opportunity to mitigate their liability exposure by persuading the prosecuting U.S. attorneys office (“USAO”) the organization had and followed an effective compliance program, promptly reported the violation to the authorities, and high-level officials or the organization were not involved in the actual offense conduct or its coverup. On the other hand, lack of an effective compliance program, delay in investigation, cover-up or delay or failure to timely disclose and make restitution for violations remain aggravating factors that can increase its potential sanction.

According to the Justice Department, the Justice Department intends that the VSD policy ensure that organizations can rely on receiving the same treatment and benefits for voluntarily self-disclosing criminal conduct under the Federal Sentencing Guidelines organizational liability rules to any USAO no matter where the organization operates by setting “a nationwide standard” for how USAOs will determine whether an organization has made a voluntary self-disclosure and making transparent the specific, tangible benefits to an organization that the USAO will offer the organization for making a voluntary self-disclosure, fully cooperating, and remediating the criminal conduct.

In furtherance of this goal, the new VSD policy provides that a USAG will consider an organization to have made a VSD for purposes of the Federal Sentencing Guidelines if the organization becomes aware of misconduct by employees or agents before that misconduct is publicly reported or otherwise known to the Justice Department and discloses all relevant facts known to the company about the misconduct to USAO in a timely fashion before an imminent threat of disclosure or government investigation. 

Absent any aggravating factor, the VSD policy calls for the USAGs to provide “significant benefits” to a corporation that voluntarily self-discloses criminal conduct committed by its employee or agent in accordance with the VSD policy, fully meets the other requirements of the VSD policy, fully cooperates and timely and appropriately remediates the criminal conduct including agreeing to pay all disgorgement, forfeiture, and restitution resulting from the misconduct.  These promised benefits of voluntary disclosure include that the USAO:

  • Will not seek a guilty plea;
  • May choose not to impose any criminal penalty and in any event will not impose a criminal penalty that is greater than 50% below the low end of the United States Sentencing Guidelines (USSG) fine range; and
  • Will not seek the imposition of an independent compliance monitor if the company demonstrates that it has implemented and tested an effective compliance program.

The VSD policy identifies three aggravating factors that could warrant a USAO seeking a guilty plea even if the other requirements of the VSD policy are met:

  • If the misconduct poses a grave threat to national security, public health, or the environment;
  • If the misconduct is deeply pervasive throughout the company; or
  • If the misconduct involved the current executive management of the company. 

The Justice Department says the presence of an aggravating factor does not necessarily mean that a guilty plea will be required. Rather, the USAO will assess the relevant facts and circumstances to determine the appropriate resolution.  If a guilty plea is ultimately required, the Justice Department says the organization will still receive the other benefits under the VSD policy, including that the USAO will recommend a criminal penalty of at least a 50% and up to a 75% reduction off the low end of the USSG fine range, and that the USAO will not require the appointment of a monitor if the company has implemented and tested an effective compliance program.

In cases where a company is being jointly prosecuted by a USAO and another DOJ component, or where the misconduct reported by the company falls within the scope of conduct covered by VSD policies administered by other DOJ components, the USAO will coordinate with, or, if necessary, obtain approval from, the DOJ component responsible for the VSD policy specific to the reported misconduct when considering a potential resolution.  Consistent with relevant provisions of the Justice Manual and as allowable under alternate VSD policies, the USAO may choose to apply any provision of an alternate VSD policy in addition to, or in place of, any provision of its policy.

VSD Policy Reinforces The Necessity of Effective Compliance Program & Guideline Compliance

The stated goal of the VSD policy to incentivize companies to maintain effective compliance programs capable of identifying misconduct, expeditiously and voluntarily disclose and remediate misconduct, and cooperate fully with the government in corporate criminal investigations sends a strong message to organizations and their leaders to maintain and administer effective compliance programs and follow the VSD policy promptly when issues arise.

While the Justice Department touts the benefits of compliance with the VSD policy, its adoption also carries an implicit warning to organizations and their leaders of the criminal prosecution and liability peril organizations and leaders face for failing to take appropriate steps to manage and enforce compliance with federal criminal statutes subject to Federal Sentencing Guideline organization liability or failing to take timely and appropriate steps to investigate and redress in accordance with the Organizational Liability provisions of the Federal Sentencing Guidelines as administered by the Justice Department pursuant to the new VSD policy. With the Biden Administration accelerating enforcement of a wide range of federal cybersecurity, tax, employment, securities, employee benefits, antitrust, market conduct, reporting and disclosure, customs, immigration, government contracting and other government program participation, insurance, fraud and other laws carrying potential Class A Misdemeanor or Felony criminal liability, organizations and their leaders should heed this warning by auditing and enhancing their and their organization’s potential criminal exposures and the adequacy of their compliance policies, practices, documentation,

Possessing and maintaining an up-to-date understanding of the ever-evolving range of federal laws carrying potential direct or vicarious liability exposure for the organization and its leaders is absolutely critical to the effectiveness of efforts to manage potential Federal Sentencing Guideline exposures. With laws and regulations constantly changing and liability risks arising from acts committed by agents or other third parties as well as the direct actions of organizations and their leaders, organizations and their leaders, organizations must adopt and administer their organization to be able should the need arise, to demonstrate the requisite “culture of compliance” when and if a compliance event occurs. Meeting this burden generally requires organizations and their leaders to demonstrate a continuous commitment to compliance in policy and practice through organization compliance policies backed up by consistent communication, implementation, administration, monitoring, timely and appropriate investigation and enforcement, and, if necessary, timely voluntary disclosure and remediation consistent with the Guidelines.

When implementing compliance procedures, for any specific law, organizations, and their leaders will also want to ensure that their processes and policies are designed to meet the seven criteria that Chapter 8 of the Federal Sentencing Guidelines outlines for establishing an “effective compliance program”

  • The maintenance and enforcement of compliance standards and procedures reasonably capable of reducing the prospect of criminal activity;
  • Oversight by high-level personnel;
  • Due care in delegating substantial discretionary authority;
  • Effective Communication to all levels of employees;
  • Reasonable steps to achieve compliance, which include systems for monitoring, auditing, and reporting suspected wrongdoing without fear of reprisal.
  • Consistent enforcement of compliance standards including disciplinary mechanisms; and
  • Reasonable steps to respond to and prevent further similar offenses upon detection of a violation.

Taking into account these criteria and the new VSP policy, organizations and their leaders also should ensure their organization has appropriate procedures and protocols for inviting, receiving, and investigating indicators and reports of potential violations and other compliance concerns and the organization’s timely and appropriate response in a manner that best positions the organization to demonstrate the culture of compliance, and other factors necessary to qualify for the maximum leniency under the Guidelines.

When designing and administering compliance investigations and responses, leaders should keep in mind that documentation and other evidence regarding actions taken to prevent, investigate, punish, mitigate and report snooping or other prohibited access or dealings with sensitive information can critically impact the resulting liability of the organization, its leaders and other potentially culpable parties under the VCD Policy for application of the Federal Sentencing Guidelines as well as other laws. Careful documentation of adequate efforts to establish, communicate, monitor and audit policies and safeguards and their compliance and other pre-event prevention and compliance efforts; the timing, up-the-ladder reporting and response to the discovery of the snooping or other concerning access; unprivileged communications, risk and compliance assessments and deliberations, and decision-making; and the timing and perceived adequacy of post-event response, reporting and mitigation and regarding, play a key role in deciding how the organization and its leaders will be treated under the VCD policy and the guidelines. For this reason, organizations and should include appropriate procedures to determine when and how legal counsel will become involved to guide the process and allow for the use of attorney-client privilege and other evidentiary privileges to help protect sensitive discussions along the way. Legal counsel also should assist in documenting the process and findings for presentation to the Justice Department and subsequent communications with it through resolution.

More Information

We hope this update is helpful. For more information about these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297

Solutions Law Press, Inc. invites you to receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations GroupHR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.  

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35+ years of workforce and other management work, public policy leadership and advocacy, coaching, teachings, scholarship and thought leadership.

A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer’s work throughout her 35 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As an ongoing component of this work, she regularly advises, represents and defends businesses on Guideline Program and other compliance, risk management and other internal and external controls in a wide range of areas and has published and spoken extensively on these concerns.

Ms. Stamer also is widely recognized for her decades of pragmatic, leading-edge work, scholarship and thought leadership on workforce, compensation, and other operations, risk management, compliance and regulatory and public affairs concerns.

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.  

IMPORTANT NOTICE ABOUT THIS COMMUNICATION

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstances at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving, and rapidly evolving rules make it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim and have no responsibility to provide any update or otherwise notify anyone of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

©2023 Cynthia Marcotte Stamer. Limited non-exclusive right to republish granted to Solutions Law Press, Inc.™

This entry was posted on Friday, February 24th, 2023 at 2:58 PM and is filed under Corporate Compliance. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.