COVID-19: Senior Officials Comment on the Current State of Enforcement, Expectations, and Context Considerations During the COVID-19 Pandemic

On 20 May 2020, as part of the American Conference Institute’s Anti-Corruption Global Series, senior federal law enforcement officials described how their respective agencies are operating in light of the global pandemic and tried to set expectations for companies as they navigate shifting economic conditions.¹ Their overall message was clear—despite the challenges posed by the pandemic, these agencies remain committed to enforcing the law and holding parties accountable for violations. Although there is no pandemic defense to allegations of fraud or corruption, these officials seemed open to considering the context of the pandemic in evaluating alleged corporate misconduct and claim they will take a reasonable and practical approach given the challenges and disruptions presented by COVID-19. Similarly, with respect to proactive corporate compliance efforts, these officials emphasized the importance of continuing to evaluate risk and the need to maintain effective internal controls despite perhaps tightened budgets and reduced resources. Finally, while the agency officials acknowledged complications in certain aspects of the enforcement process, they made clear that fraud and corruption investigations are moving forward largely unimpeded by COVID-19.

With Some Exceptions, Enforcement Is Business as Usual

Current State of Play

Though access to courts and the ability to conduct in-person interviews are limited, the wheels of justice have not stopped, and federal law enforcement agencies are largely continuing business as usual, pursuing existing enforcement actions and opening new investigations. Indeed, much of the government’s work can be performed remotely, including drafting and issuing subpoenas and search warrants, reviewing documents, and communicating with defense counsel. When possible, the agencies are also leveraging technology and conducting remote interviews of noncritical witnesses, using both teleconferences and secure web-based videoconferencing. Of course, some in-person activities continue. For example, the FBI continues to execute search and arrest warrants.

DOJ representatives noted the challenges of remote interviews where a witness and his/her attorney are unable to be in the same room at the same time. In those instances, separate connections by phone or video and additional breaks may be permissible to allow for private attorney-client consultations. Recognizing that this situation is not ideal for defense counsel, it appears there may be some latitude for delaying certain interviews. Moreover, agencies have delayed interviews of critical witnesses so as not to forgo the benefit of face-to-face meetings where credibility and demeanor are better assessed. Given the possibilities for creative, technology-based workarounds, however, the government will likely apply pressure to move forward in many instances unless counsel presents a strong justification for delay.

Coordinated activities with foreign enforcement agencies may also be delayed; but the communication channels are open, and U.S. agencies continue to secure documents from and otherwise exchange information with their overseas counterparts.

Path Forward

Town hall participants also discussed what the enforcement landscape may look like going forward. As with other crises, the pandemic will likely amplify traditional compliance risks, such as bribery and corruption, securities violations related to insider trading, market manipulation, microcap stock fraud, and fraud in financial statements or other disclosures. The pandemic will also likely introduce certain industry-specific COVID-19-related risks, such as fraud in connection with the distribution of Coronavirus Aid, Relief, and Economic Security (CARES) Act funds and a host of new healthcare fraud schemes.²

In the coming weeks, as states start to lift stay-at-home orders, federal law enforcement activity will likely increase. Such activity will, however, likely occur in phases as federal district courts and regional enforcement offices open in waves across the country, subject to certain local restrictions. As in the past, these agencies will coordinate their activities with other federal and state prosecutors and regulators.

No Pandemic Defense, but Perhaps an Understanding Approach to Enforcement in Some Cases

As enforcement actions proceed, it is clear that the pandemic will not provide an excuse for a company failing to meet its legal and compliance obligations. Nonetheless, a DOJ representative acknowledged, for example, the potential impact of the pandemic when evaluating corrupt intent under the FCPA. Specifically, the official suggested that a payment to a customs official to expedite clearance of personal protective equipment for employees might not satisfy the intent element of a violation and might be an instance where the DOJ would decline prosecution. At a minimum, this example illustrates that the DOJ will attempt to take into account the context for corporate conduct during the pandemic.

These agencies further acknowledge that the current economic crisis arising out of the pandemic may negatively impact a company’s compliance program and resources. In this regard, one DOJ official noted that “these are extraordinary times.” Consequently, to the extent a compliance program is impacted, the DOJ will want to understand the steps a company took to address any challenges and why it was not able to take additional steps. In the end, the DOJ will examine how the company tried to meet its compliance obligations. Indeed, if a violation occurs, the DOJ will not simply accept that a compliance program was ineffective due to the pandemic. The DOJ will need to understand what a company tried to do to maintain effectiveness and why. This underscores the need for careful consideration and documentation before deciding to depart from existing compliance procedures during the pandemic. If a variance from compliance procedure is required during the pandemic, there should be a clear record of the reasons for that variance, along with a justification as to why the changes were commercially reasonable under the circumstances and a plan for further monitoring and/or review after the crisis has subsided.

In sum, there is no pandemic defense, but there may be some leeway with respect to what constitute commercially reasonable, risk-based compliance measures in a time of severe economic hardship that the agencies will take into consideration when exercising prosecutorial discretion. While appeals to prosecutorial discretion historically offer little comfort to companies and their defense counsel, DOJ representatives indicated that the agency does not intend to be unreasonable or place undue burdens on companies during an already burdensome time. Accordingly, a company that needs to alter or downsize its compliance function or divert resources away from proactive compliance measures should be prepared to provide a reasonable, risk-based justification for such decisions if it hopes to benefit from agency discretion if a violation is later discovered. Justifications should focus on the following key areas.

Resource Allocation

Companies facing budget shortfalls and furloughs should carefully consider how such circumstances impact the compliance function. Companies should be thoughtful in how they will continue to meet legal and compliance obligations and potentially document how those obligations will be met in light of reduced resources.

Identification of Suppliers

As companies face pressure in their supply chains, there will be certain limitations on how and when companies assess their suppliers and other business partners. Companies should undertake commercially reasonable, risk-based measures, with the understanding that “reasonableness” may have new meaning in the current crisis situation. Any variance from standard onboarding procedures or pre-transaction due diligence should be documented and supplemented by enhanced monitoring and testing as soon as practicable after the crisis has passed.

Evaluation of Risk Profiles and Internal Controls

In the context of the pandemic, a company’s risk profile may understandably shift due to unique market and workforce pressures. As a company’s risk profile changes during the crisis, internal controls should be adapted to account for enhanced risk in new areas (e.g., the new regulatory environment created by the CARES Act) and perhaps decreasing risk in other areas. Resources may reasonably be shifted away from certain lower-risk areas, but such decisions should be based on careful planning and justified by a documented risk assessment and restoration plan.

Retention of Ephemeral Messages

Companies should be mindful that in remote work environments, ephemeral messaging platforms such as WeChat and WhatsApp may be more widely used. Companies are expected to consider this situation in advance of a compliance problem, develop a policy and/or procedure for such use, and plan for reasonable protection, retention, and collection of such ephemeral data as necessary if such platforms are permitted to be used for work-related communications. Though the agencies would not indicate exactly how a company should preserve and collect such data, the message was clear that a company should be able to provide a thoughtful explanation for its approach.

Internal Investigations

Companies should continue to pursue appropriately scoped internal investigations, including conducting document and financial analyses and remote interviews of noncritical witnesses. Although certain witness interviews may need to be postponed until in-person interviews can be safely conducted to better assess credibility and veracity, companies should continue to push forward with respect to internal investigations to the extent possible. The enforcement authorities all agreed that in-person interviews are vastly preferred to videoconferencing, but in the current context of social distancing, videoconferencing with noncritical witnesses via secure technologies may be the best available option. In light of technology-based alternatives, the pandemic is not an excuse for summarily suspending critical and/or time-sensitive investigative steps.

Cooperation and Self-Reporting

The enforcement agencies continue to encourage companies to self-report potential misconduct early, even before the full extent of such conduct is understood. Early self-reporting enables companies to understand the agencies’ interests in the matter and to factor those interests into the internal investigative steps. The pandemic is not anticipated to change the incentive structure for cooperative companies, and the agencies will work with companies on a case-by-case basis where on-the-ground conditions require companies to seek additional time to respond to requests or delay production of an overseas witness for an interview in the United States. In short, companies choosing to hide behind the pandemic with respect to delayed disclosure or cooperation may not receive full cooperation credit from the authorities even as the crisis continues.

Conclusion

Enforcement activities and investigative processes continue largely unimpeded by COVID-19. Though the pandemic may impact the types of cases these agencies pursue or the manner in which they are pursued, it is largely business as usual (applying workarounds as may be necessary and appropriate). Furthermore, a so-called “pandemic defense” will not apply. Consequently, companies should be proactive in undertaking commercially reasonable, risk-based initiatives, to: (i) assess and account for new risks and changed circumstances, (ii) identify available resources, and (iii) monitor, test, and enhance internal controls to meet the new pandemic-based challenges.