Skip to Main Content
Our Commitment to Diversity

DOJ Incentivizes Voluntary Self-Disclosure in New Safe Harbor Policy for Mergers and Acquisitions

Date: 16 October 2023
US Policy and Regulatory Alert

On 4 October 2023, Deputy Attorney General (DAG) Lisa Monaco announced a new US Department of Justice (DOJ) Safe Harbor Policy for voluntary self-disclosure made in connection with mergers and acquisitions (M&A).1 Under the new policy, companies that timely and voluntarily self-disclose criminal misconduct uncovered during their pre-acquisition due diligence or during the integration of the newly acquired entity will receive the presumption of a declination of prosecution from the DOJ. To qualify under this new policy, companies must self-disclose misconduct they uncover within six months from the date of closing, cooperate with the DOJ during their investigation, and undertake full remediation within one year from the date of closing. The policy, however, does not apply to misconduct that was otherwise required to be disclosed by law, publically known, or already discovered by or disclosed to the DOJ. The policy does not affect civil merger enforcement.

In making her announcement, DAG Monaco emphasized how “corporate executives need to redouble time and attention to compliance programs, compensation programs, and diligence on acquisitions. Failing to do so can have dire consequences for companies, shareholders, and our nation.”2


The new M&A Safe Harbor Policy is the latest example of the DOJ’s continuing efforts to encourage companies to voluntarily self-disclose. In September 2022, DAG Monaco announced new corporate compliance guidelines requiring all DOJ components to review or to draft and publish a written policy on the expectations and benefits of self-disclosure.3 Similarly, in January 2023, the DOJ extended the application of its FCPA Corporate Enforcement Policy (CEP) 

to include all corporate criminal matters handled by the DOJ’s Criminal Division.4 Under the CEP, if a company voluntarily self-discloses, fully cooperates, and timely and appropriately remediates, there is a presumption of a declination to prosecute, absent certain aggravating circumstances.5 The new M&A Safe Harbor Policy builds on these recent updates to the CEP.

Key Highlights from the Safe Harbor Policy

In outlining how “[g]ood corporate governance and effective compliance programs can shield companies from enormous financial risks and penalties,”6 DAG Monaco explained the following scope and conditions of the Safe Harbor policy:


To qualify for the policy, the acquiring company must voluntarily self-disclose misconduct within six months of the acquisition’s closing date. This six-month deadline applies regardless of whether the misconduct was identified prior to or after acquisition. A company that fails to self-disclose misconduct within the six-month safe harbor may face potential successor liability for that misconduct. However, the six-month period does not apply when companies uncover misconduct related to national security or involving ongoing or imminent harm.7 In such cases, companies are expected to self-disclose upon discovery.


The acquiring company must fully remediate misconduct within one year from the date of closing and make restitution and disgorgement payments where applicable.

Flexibility and Reasonableness

While the policy sets baseline timeframes for self-disclosure and remediation, it emphasizes a “reasonableness analysis.” This analysis allows for flexibility in extending deadlines based on the specific circumstances of individual transactions, acknowledging that not all M&A deals are alike.

Aggravating Factors

The presence of aggravating factors at the acquired company, such as an executive’s involvement in misconduct or longstanding or pervasive misconduct, will not affect the acquiring company’s ability to receive a declination.

Recidivism Analysis

Misconduct disclosed under the policy will not factor into the DOJ’s recidivism analysis for the acquiring company, both at the time of disclosure or in the future.

Scope of Application

The policy is limited to misconduct discovered during “bona fide, arms-length M&A transactions” and does not encompass conduct that is already publically disclosed, known to the DOJ, or otherwise required to be disclosed. Additionally, it does not impact civil merger enforcement.

Department-Wide Application

The policy is designed to be applied department wide, ensuring consistency in its implementation across various DOJ components. Each component will tailor the policy to fit its unique enforcement mandates while adhering to the overarching guidelines.

Implications and Recommendations

The M&A Safe Harbor policy offers important incentives to acquiring companies to disclose misconduct and avoid prosecution. Companies, however, should proceed with caution to ensure they are taking the steps necessary to discover misconduct early in the transaction in order to be eligible for the policy’s benefits. To ensure maximum benefit from the new Safe Harbor provisions, companies engaging in M&A transactions should design and maintain robust corporate compliance programs that enable them to:

  • Conduct thorough risk-based due diligence on potential new business acquisitions;
  • Ensure that the acquiring company’s code of conduct and compliance policies and procedures regarding the FCPA and other applicable laws apply as quickly as is practicable to newly acquired businesses or merged entities;
  • Train the directors, officers, and employees of newly acquired businesses or merged entities;
  • Conduct a risk-based audit of all newly acquired or merged businesses as quickly as practicable; and
  • Disclose misconduct discovered as part of its due diligence of newly acquired entities or merged entities.8

Companies should keep in mind that even when the DOJ chooses to decline prosecution, it will still require disgorgement and restitution where appropriate.9 Companies should also be aware that the policy is not binding on other US enforcement or regulatory authorities.10 Accordingly, self-disclosed misconduct could be pursued by other federal agencies or by foreign, state, or local authorities.

How the DOJ will apply the policy and what implications this new guidance will have on the existing voluntary self-disclosure framework remains to be seen, and we continue to monitor updates to the revised DOJ policies. Our White Collar Defense and Investigations group includes former high-level DOJ officials from the Criminal Division and US Attorney’s Offices throughout the country who have deep experience in all aspects of DOJ investigations and enforcement actions. For more information regarding this client alert, do not hesitate to contact the authors or other members of our White Collar Defense and Investigations group.

We acknowledge the contributions to this publication from our associates Sophia A. Khan and Pedro J. Rosario Cintrón

See “Deputy Attorney General Lisa O. Monaco Announces New Safe Harbor Policy for Voluntary Self-Disclosures Made in Connection with Mergers and Acquisitions,” (Oct. 4, 2023) (hereinafter Monaco Safe Harbor Announcement), available at


See “Deputy Attorney General Lisa O. Monaco Delivers Remarks on Corporate Criminal Enforcement,” (Sept. 15, 2023), available at

See “Assistant Attorney General Kenneth A. Polite, Jr. Delivers Remarks on Revisions to the Criminal Division’s Corporate Enforcement Policy,” (Jan. 17, 2023), available at

Aggravating circumstances include involvement by executive management of the company in the misconduct, a significant profit to the company from the wrongdoing, egregiousness or pervasiveness of the misconduct within the company, or criminal recidivism.

Monaco Safe Harbor Announcement.


See US Dep’t of Justice, A Resource Guide to the U.S. Foreign Corrupt Practices Act (2d ed.), available at


10 Id.

This publication/newsletter is for informational purposes and does not contain or convey legal advice. The information herein should not be used or relied upon in regard to any particular facts or circumstances without first consulting a lawyer. Any views expressed herein are those of the author(s) and not necessarily those of the law firm's clients.

Return to top of page

Email Disclaimer

We welcome your email, but please understand that if you are not already a client of K&L Gates LLP, we cannot represent you until we confirm that doing so would not create a conflict of interest and is otherwise consistent with the policies of our firm. Accordingly, please do not include any confidential information until we verify that the firm is in a position to represent you and our engagement is confirmed in a letter. Prior to that time, there is no assurance that information you send us will be maintained as confidential. Thank you for your consideration.

Accept Cancel