What the C-Suite and Board Should Know About the New CCO Certification Requirement from DOJ
U.S. Department of Justice (DOJ) Deputy Attorney General Lisa Monaco presented a new policy at a Securities Industry and Financial Markets Association event that requires chief compliance officers (CCO) to certify that compliance programs have been “reasonably designed to prevent anti-corruption violations.”1 The policy is an outgrowth of a settlement involving US$1 billion in criminal and civil penalties imposed on mining giant, Glencore International AG (Glencore), after it pleaded guilty to bribery and market manipulation charges.2 According to Monaco, this new policy is meant to ensure that CCOs stay in the loop on potential company violations and have the necessary resources to prevent financial crime.3 While the expressed intention of this new policy is to empower CCOs, it has raised concerns about potential liability for CCOs.
Glencore is among the largest companies that dominate global trading of oil, fuel, metals, minerals, and food.4 In 2018, Glencore was subject to a multi-year investigation by the DOJ for violations of the Foreign Corrupt Practices Act (FCPA) and a commodity price manipulation scheme.5 According to admissions and court documents filed in the Southern District of New York, Glencore, acting through its employees and agents, engaged in a scheme for over a decade to pay more than US$100 million to third-party intermediaries in order to secure improper advantages to obtain and retain business with state-owned and state-controlled entities. A significant portion of these payments were used to pay bribes to officials in Nigeria, Cameroon, Ivory Coast, Equatorial Guinea, Brazil, Venezuela, and the Democratic Republic of the Congo.6 Glencore resolved the government’s investigations by entering into a plea agreement (Plea Agreement)7According to the Plea Agreement, Glencore admitted to one count of conspiracy to violate the FCPA.8 Shaun Teichner, the general counsel for the company, told a federal judge in New York that Glencore “knowingly and willingly entered into a conspiracy to violate the Foreign Corrupt Practices Act by making payments to corrupt government officials.”9
Glencore expects to pay about US$1 billion to U.S. authorities, after accounting for credits and offsets payable to other jurisdictions and agencies, and about US$40 million to Brazil.10 A related payment by Glencore to the United Kingdom will be finalized after a hearing next month.11
The Plea Agreement requires that Glencore, among other things: (1) implement two independent compliance monitors, one in the United States and one abroad, to prevent the reoccurrence of crimes; (2) retain a compliance monitor for three years; and (3) have its chief executive officer (CEO) and CCO submit a document certifying to the DOJ’s fraud section that the company has met its compliance obligations (the CCO Certification Requirement or the Certification).12
Why the CCO Certification Requirement Has Raised Concerns
The CCO Certification Requirement has raised concerns in the compliance space over potential increases in CCO liability.13 Specifically, compliance officials worry that this policy transfers corporate liability into potential individual liability for the CCO. The Certification form asks the CEO and CCO to certify that the compliance program has been “reasonably designed” to prevent future anti-corruption violations.14 Critics worry that these new certifications may discourage CCOs from taking jobs at companies that are or may be parties to agreements with the DOJ.15
The DOJ stated that liability will depend on the facts and circumstances of the case but that the new policy is not aimed at going after CEOs or CCOs.16 Assistant Attorney General Kenneth A. Polite Jr. stated, “if there is a knowing misrepresentation on the part of the CEO or CCO, then that could certainly result in some form of personal liability."17 Depending on the circumstances, the DOJ may consider it a breach of the corporation’s obligations under the Plea Agreement if there is either a misrepresentation in one of these certifications or a failure to provide the same.18 Polite added that “the certification memorializes the company’s commitment to take its compliance obligations seriously.”19
Critics question how realistic the CCO Certification Requirement is for large, multinational companies.20 They also question the due diligence required to actually ensure that compliance programs are “reasonably designed,” especially for companies operating in over 50 countries. Would it be realistic to expect a CCO or CEO to keep tabs on compliance across their company with that level of specificity?21
What the C Suite and Board Should Consider Moving Forward
The questions to consider are: (1) where will the expressed policy lead? And (2) how do we best prepare for the Certification?
The DOJ has specifically stated its intention to “prosecute the individuals who commit and profit from corporate malfeasance.”22 Regardless of Monaco’s comments, the Certification appears to create potential for an extension of that policy.
The fact of the policy gives rise to a number of subsidiary questions. Is the Certification, which targets foreign corrupt practices, a harbinger for other such certifications in areas such as health care fraud, defense contractor fraud, money laundering, etc.? And is DOJ gearing toward providing its prosecutors with more tools for individual culpability at the highest corporate levels consistent with its expressed policy?
Moving forward, in-house counsel should work with the CEO and CCO to consider areas of corporate business practices that are specifically subject to compliance programs. They should develop practices including auditing, tracking, training, and reviewing to ensure the programs are “reasonably designed” to prevent future wrongdoing. Further, they should be sure to document their corporate business practices. Obviously, these programs become much more complex when operations include foreign jurisdictions and foreign laws with respect to matters such as privacy and employee rights.
Although this process may not be new to protect corporations from criminal charges, the newly-announced policy will certainly focus the spotlight on CEOs and CCOs in the FCPA context and arguably beyond.
1 Al Barbarino, DOJ Defends New CCO Certifications Amid Industry Worry, LAW360 (May 26, 2022), https://www.law360.com/whitecollar/articles/1496108/doj-defends-new-cco-certifications-amid-industry-worry?nl_pk=bb564918-13cc-4713-ac90-8faaebbc2ead&utm_source=newsletter&utm_medium=email&utm_campaign=whitecollar&utm_content=2022-05-27.
4 Chris Strohm, Chris Dolmetsch & Jack Farchy, Glencore Pleads Guilty to Decade of Bribery and Manipulation, BLOOMBERG (May 24, 2022), https://www.bloomberg.com/news/articles/2022-05-24/glencore-to-appear-in-us-uk-courts-over-resolutions-of-probes.
6 News Release, U.S. Dep’t of Just., Office of Pub. Affs., Glencore Entered Guilty Pleas to Foreign Bribery and Market Manipulation Schemes, (May 24, 2022), https://www.justice.gov/opa/pr/glencore-entered-guilty-pleas-foreign-bribery-and-market-manipulation-schemes.
9 Strohm, supra note 4.
13 Barbarino, supra note 1.
22 News Release, U.S. Dep’t of Just., Attorney General Merrick B. Garland Delivers Remarks Announcing Glencore Guilty Pleas in Connection with Foreign Bribery and Market Manipulation Schemes (May 24, 2022), https://www.justice.gov/opa/speech/attorney-general-merrick-b-garland-delivers-remarks-announcing-glencore-guilty-pleas.
This publication/newsletter is for informational purposes and does not contain or convey legal advice. The information herein should not be used or relied upon in regard to any particular facts or circumstances without first consulting a lawyer. Any views expressed herein are those of the author(s) and not necessarily those of the law firm's clients.