Buyer Beware: What to Know About the DOJ’s Policy on Self-Reporting in M&A

Show Notes

What happens when you buy somebody else’s problems? A new policy from the U.S. Department of Justice (DOJ) is encouraging companies to disclose the misconduct of the companies they buy. The DOJ says it won’t prosecute businesses that voluntarily report wrongdoing found during the mergers and acquisitions process. 

The government especially wants to detect misconduct that threatens national security or involves cybersecurity or foreign corruption. But detractors say the new rule could give a free pass to corporate crime. How do businesses know exactly what they should self-report both before and after a deal is done? And, how do they stand to benefit from the new policy? 

Join The Sidley Podcast host and Sidley partner, Sam Gandhi, as he speaks with one of the firm’s thought leaders on these issues — Kenneth Polite. Kenneth is a global co-leader of Sidley’s White Collar Defense and Investigations practice and the former Assistant Attorney General for the Criminal Division of the DOJ. Together, they discuss the DOJ’s new policy for mergers and acquisitions, how various parties across industries are responding, and what companies should know to protect their businesses. 

Executive Producer: John Metaxas, WallStreetNorth Communications, Inc.

Transcript

Sam Gandhi:
What happens when you buy somebody else’s problems? A new policy
from the Department of Justice is encouraging companies to disclose the
misconduct of the companies they buy. The department says it won’t
prosecute businesses that voluntarily report wrongdoing found doing the
mergers and acquisitions process.

The government especially wants to detect misconduct that threatens
national security or involves cybersecurity or foreign corruption. But
detractors say the new rule could give a free pass to corporate crime. So,
how do businesses know exactly what they should self-report, both before
and after a deal is done, and how do they stand to benefit from the new
policy? We’ll find out in today’s podcast.

Kenneth Polite:
There remains very serious consequences if a company does self-disclose.
There could be reputational harm by doing so. This policy doesn’t prevent a
different agency within the United States or a foreign entity from coming
forward and prosecuting or investigating this misconduct. This is where
you’re going to see the needle get moved, a little bit, Sam, is you’re going
to see companies be more specific about their due diligence. They’re going
to be diving in with more resources, both pre- and post-acquisition.

Sam Gandhi:
That’s Kenneth Polite, a global co-leader of Sidley’s White Collar Defense
and Investigations practice, and the former assistant attorney general for
the Criminal Division of the Department of Justice. In today’s podcast, we’ll
discuss the DOJ’s new policy for mergers and acquisitions, how various
parties across industries are responding, and what companies should know
to protect their businesses.

From the international law firm Sidley Austin, this is The Sidley Podcast,
where we tackle cutting-edge issues in the law and put them in perspective for businesspeople today. I’m Sam Gandhi. Hello, and welcome to this edition of the The Sidley Podcast, episode no. 41. Kenneth, great to have you on the podcast.
Kenneth Polite: It’s a pleasure to be here, Sam.

Sam Gandhi: 
Last October, the U.S. Department of Justice launched its so-called mergers and acquisitions safe harbor policy. It’s geared to providing buyers a clear pathway to avoid prosecution when they self-report misconduct, and the DOJ’s Deputy Attorney General, Lisa Monaco, put it this way in public remarks: “Our goal is simple, good companies, those that invest in strong compliance programs, will not be penalized for lawfully acquiring companies when they do their due diligence and self-disclose misconduct.”

So, Kenneth, give us your wide-lens view of this policy. What’s the DOJ hoping to accomplish with it, and what are the main aspects of the policy that could shift behavior on the ground?

Kenneth Polite:
Sure, Sam. So, again, this policy is one that is a continuation of the DOJ’s commitment to improving and increasing voluntary self-disclosures by corporations all in an effort to incentivize those companies to come forward so that they can then prosecute the most culpable individuals that are responsible for the misconduct itself.
The department has announced a number of policies over the last few years. Some of those policies are ones that I announced, myself, to try to incentivize, increase self-disclosures. This is one that is specifically tailored to the M&A policy and M&A due diligence process.

It’s not completely new. The department has had resolutions in this space in the past, but it does give some certainty to the types of benefits that a company can get if it comes forward in this context.

Sam Gandhi: 
What’s the overview of the policy? Meaning, the point is, is that clearly there’s substantial benefits for companies that self-report the misconduct.

What’s the most significant change from before? Why wasn’t this always the policy?
Kenneth Polite: Sure. So, these types of policy announcements are ones, especially in this particular situation, that give some greater clarity and certainty about what exactly the contours of the policy will be. So, for example, this particular policy announced that if a company comes forward, an acquiring company, as part of its due diligence, learns of misconduct by a company that it is acquiring, if it comes forward within six months after the close of the acquisition itself, the company agrees to cooperate with the DOJ’s ongoing investigation and agrees to remediate the misconduct itself, there will be a presumption of a declination of prosecution by the DOJ.

That type of certainty around the timing specifications of this policy are critical. One of the key aspects about this is that the department has focused on recidivism, and this particular policy says if you, acquiring company, come forward, and you self-disclose that misconduct, this particular misconduct will not count against you in the future as part of your recidivism history and your criminal history for future resolution. So, that’s a critical piece of the safe harbor that’s been really welcomed by the marketplace.

Sam Gandhi:
Is this policy requiring companies to affirmatively root out this misconduct? Is it just an incentive to do so, or do you think that the DOJ’s going to go harder after people who don’t report that misconduct, and it turns out the misconduct is unveiled later?
Kenneth Polite: I think part of what it is trying to incentivize, Sam, is (1) for companies to come forward and self-disclose, but (2) goes to one of the points that you’re raising, which is it’s trying to incentivize companies to invest in doing proper, thorough, due diligence to find and hopefully remediate this type of misconduct, in and of itself, regardless of whether the company makes the decision to come forward.

It’s an encouragement for companies to truly invest in doing that type of due diligence, that type of remediation of misconduct that it finds, regardless of whether the DOJ gets involved. I think the question around whether they would be hit harder if they later come forward, or the DOJ finds out about misconduct, that’s a risk that some companies have to take.

If you make the decision not to self-disclose, and later on, a whistleblower comes forward or some other individual comes forward and shares this information with the DOJ, there will be scrutiny about it, but hopefully if you’ve made those affirmative steps to remediate the misconduct when you originally found it, the department will take those efforts under consideration in deciding and forming the final resolution.

Sam Gandhi:
So, everyone’s not exactly a fan. Immediately after the policy was unveiled, Senator Elizabeth Warren of Massachusetts fired off a letter to the Attorney General Merrick Garland and said that it would reduce competition and encourage corporate crime. What do you make of that statement, and how is the business community responding to the new guidance?

Kenneth Polite:
I’m familiar with the statements that came from Senator Warren, as well as some other organizations, critical of this policy, suggesting that it would lead to greater leniency for corporate America, and more specifically for Senator Warren suggesting that it was anti-competitive. It was contrary to some of the antitrust efforts that this administration was taking on.

My view of that is it was a bit overblown in terms of its criticism. With that said, the DOJ certainly is taking that criticism to heart. Shortly after Deputy Attorney General Monaco announced this safe harbor policy, for example, her principal deputy made a speech essentially augmenting, adding to the safe harbor policy by saying, look, we’re going to ensure that any particular information that we learn as part of this policy, it has to come through an arm’s-length transaction. And to ensure that’s the case, all of this information is now going to be vetted by both the National Security Division as well as by the Antitrust Division to ensure that we’re not competing with some of the administration’s antitrust priorities.

Those are additional layers of review for these types of self-disclosures, which I think are, in the long term, making it more difficult or will make it more difficult of a decision for a company to come forward and self-disclose under this policy.

Sam Gandhi:
And how are companies responding to that?

Kenneth Polite:
Two ways. One, I think we get a lot of inquiries from companies, a lot of our clients that are … as we’re seeing M&A activity pick up, right now, there’s a lot of questions about, listen, tell us a little bit about how this policy is working in practice, what are the potential benefits, what are the consequences, what are the downsides of it?
You know there remains very serious consequences if a company does self-disclose. There could be reputational harm by doing so. This policy doesn’t prevent a different agency within the United States or a foreign entity from coming forward and prosecuting or investigating this misconduct.

It doesn’t protect the company for civil liability, for example. So, it’s still very significant consequences from coming forward and making a voluntary self-disclosure, but companies are seeing and hearing what the department is saying in this space.
And they want to make sure that they are doing everything they can to make sure that they have a robust due diligence process, regardless of whether they are ultimately going to make the decision to come forward and self-disclose. It’s making them ask questions about how thorough that due diligence process must be to achieve the type of remediation that’s necessary.

Sam Gandhi:
You’re listening to The Sidley Podcast. We’re speaking with Sidley thought leader Kenneth Polite about the parameters of the DOJ’s new safe harbor policy for M&A and how the business community is responding. The new policy comes as the number of big agreements resolving criminal cases against companies that have national security implications have doubled since last year, according to Deputy Attorney General Monaco. “National security compliance risks are widespread; they are here to stay; and they should be at the top of every company’s compliance risk chart,” she said.
Kenneth, how do you see this policy making an impact on those very dangerous real-world risks? How might that work on the ground?

Kenneth Polite:
Sam, it’s important to keep in mind that national security and anti-corruption issues have been intertwined for this administration since the very beginning. It’s also important to keep in mind the background of the deputy attorney general. She formerly headed up the National Security Division for the Department of Justice.
So, this is an area that is deeply rooted in the prioritization of both this administration and the leadership of the DOJ, right now. It’s part of the reason why you’re starting to see more significant resolutions, particularly in those areas that affect national security, right — cybersecurity, tech issues, trade compliance, for example.

And this policy is one, just to be clear, it’s not limited to any particular industry. It cuts across all of the department’s work, across all divisions, and across all components, but you are seeing the department train its resources on specifically this area of cybersecurity, tech, defense sector, that touch upon and impact national security interests in particular.

And just to give you a little bit of detail about that, the National Security Division has now received a budget to hire about 25 new prosecutors, specifically to focus on corporate resolutions that affect national security interest, and this particular policy, this M&A policy, falls squarely within the ambit of the work of those prosecutors, going forward.

Sam Gandhi:
Are there any kind of materiality requirements there? You know, a small company that invests in another small company in, say, China, in technology, is that going to get reviewed by the DOJ, no matter what? Are they only looking at the big transactions, or are they looking at every transaction?

Kenneth Polite:
It’s a great question, Sam. I think the thing to keep in mind is that the DOJ has limited resources. It’s not going to be able to look at each and every transaction that implicates this particular policy.

If a company, a very small company, is acquiring another small company, but it touches upon some aspect of misconduct in that target company, is that necessarily going to get the attention of the department, even if it comes forward to the department’s attention from a whistleblower?

Maybe not, but I will tell you that if you have situations, if you have M&A transactions, if you have misconduct that touches upon some of the most sensitive areas and priorities of national security interests, you touched on Russia, you touched on China, those are the types of circumstances that even if the transaction itself is very small, the department’s interest could be piqued.

Sam Gandhi:
I’m going to ask you to take out your crystal ball, here, and tell us a view in terms of whether companies are going to actually change what they’ve been doing. Has it affected behavior, and are companies actually going to boost voluntary disclosures in response to this policy?

Kenneth Polite: 
If I had to predict, Sam, I think this is still going to be a situation where a lot of companies are going to look at the pluses and minuses of this particular policy and say, you know, look, we are interested in understanding the contours of it, but ultimately, the downsides are too high.

There’s too much risk that we’re going to face, reputational harm. We might get sued by our shareholders. We may have another agency in this other part of the globe that may come after us for the same conduct, even if we get a pass from the DOJ, that department of justice resolution may take years to ultimately be reached. And we’re going to be spending millions of dollars in investigation and the like to actually reach that resolution.

So, I think, ultimately, companies may still say I’m not going to come forward and self-disclose, but what this policy is also going to do, and I think this is where you’re going to see the needle get moved, a little bit, Sam, is you’re going to see companies be more specific about their due diligence.

They’re going to be diving in with more resources, both pre- and post-acquisition. They’re going to be clearer about the timelines of integration, particularly on the compliance side, and they’re going to be looking at ways that if they do find that type of misconduct, or something that looks astray in that compliance space, that they’re going to take the steps to remediate it, separate and apart if they decide to ultimately disclose that to the DOJ. So, I think that’s where you’re going to see the needle being moved a bit.

Sam Gandhi:
And so, as we wrap up this podcast, I’m going to ask you, now that the policy has rolled out and people have had a little bit of time to absorb the particulars, what are the questions that clients are asking you, and what are the issues that they are posing to you, and what’s the advice you’re giving them?

Kenneth Polite:
The questions that a lot of companies are struggling with, right now, are around is this particular misconduct that we have found out about, that we have allegations about, (1) can we do a targeted investigation to figure out if there’s real issues there?

And then (2), is there a real risk that the department is going to find out about this from individuals that are involved, other companies that are involved, whistleblowers that are involved? If there is a real risk that the department is going to find out about this, anyway, then perhaps we make the decision to make a voluntary self-disclosure.
Separate and apart from that, though, as they’re evaluating those potential consequences about whether to come forward or not, the companies are asking questions about, well, what can we do, what should we do to document this process, what should we do to remediate this and make it clear that we took all best efforts to ensure that this misconduct was properly addressed as part of this due diligence process?

Sam Gandhi: 
This has been a great rundown of the new policy, Kenneth. I appreciate you being on the podcast. Thanks.

Kenneth Polite: 
Sure. Thanks again, Sam.

Sam Gandhi:
You’ve been listening to The Sidley Podcast. I’m Sam Gandhi. Our executive producer is John Metaxas and our managing editor is Karen Tucker. Listen to more episodes at Sidley.com/SidleyPodcast, and subscribe on Apple Podcasts or wherever you get your podcasts.

This presentation has been prepared by Sidley Austin LLP and Affiliated Partnerships (the Firm) for informational purposes and is not legal advice. This information is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. All views and opinions expressed in this presentation are our own and you should not act upon this information without seeking advice from a lawyer licensed in your own jurisdiction. The Firm is not responsible for any errors or omissions in the content of this presentation or for damages arising from the use or performance of this presentation under any circumstances. Do not send us confidential information until you speak with one of our lawyers and receive our authorization to send that information to us. Providing information to the Firm will not create an attorney-client relationship in the absence of an express agreement by the Firm to create such a relationship, and will not prevent the Firm from representing someone else in connection with the matter in question or a related matter. The Firm makes no warranties, representations or claims of any kind concerning the information presented on or through this presentation. Attorney Advertising - Sidley Austin LLP, One South Dearborn, Chicago, IL 60603, +1 312 853 7000. Prior results do not guarantee a similar outcome.