Manhattan Institute for Policy Research.
Subscribe   Subscribe   MI on Facebook Find us on Twitter Find us on Instagram      


Legal Policy Report

No. 18 February 2014

The Shadow Lengthens:

The Continuing Threat of Regulation by Prosecution

James Copland and Isaac Gorodetski


Center for Legal Policy.

Table of Contents:
Executive Summary
About the Author
I. Quantitative Analysis: Federal DPA and NPA Trends, 2012–13
II. Qualitative Analysis: Key Federal DPAs and NPAs in 2012–13
III. International Perspective: DPAs in the United Kingdom
IV. Assessment and Conclusion

Executive Summary

The last ten years have seen the emergence of a new approach to business regulation and prosecution of wrongdoing in the United States. The U.S. Department of Justice now regularly enters into “deferred prosecution” or “non-prosecution” agreements (DPAs or NPAs) with large corporations, in which companies are paying billions of dollars in fines annually without trial. These agreements are presented as steps short of prosecution of corporations, a step that might drive firms into bankruptcy and disrupt their economic sectors. At the same time, a good case can be made that these agreements suffer from a lack of transparency. Questions naturally arise as to whether attorneys working for the federal government, with minimal to no judicial oversight, are best positioned to change significantly the business practices of individual companies and, indeed, entire industries.

Businesses prefer to enter into DPAs or NPAs rather than face trial, even when the costs of such arrangements are severe, because of the significant capital-market pressures stemming from criminal inquiries (including depressed stock prices and impaired credit) as well as the statutory and regulatory consequences flowing from indictment or conviction—for example, exclusion from government reimbursement or contracts, or the retraction of government licenses vital to a company’s operation. Prosecutors, in turn, prefer to avoid the risk and cost of trial as well as the potentially severe collateral consequences that indictment or conviction can impose on corporate stakeholders, including employees and creditors, as witnessed in the collapse of the large accounting firm Arthur Andersen following its 2002 federal indictment—which was ultimately set aside by the U.S. Supreme Court.

Thus, such arrangements have become commonplace, so much so that they might be characterized as a “shadow regulatory state” over business. The federal government has reached 278 DPAs and NPAs with businesses since 2004, with ten of the Fortune 100 companies operating under such agreements just since 2010. Although the federal government entered into only 17 DPAs and NPAs from 1993 through 2003, it entered into 66 in just the last two years, in which almost $12 billion in total fines and penalties were imposed. Companies in the finance and health-care sectors have been particularly likely to wind up under such agreements, with the finance sector accounting for 13 DPAs and NPAs and the health-care sector accounting for 8 of them in 2012–13. The reach of federal prosecutorial agreements has not stopped at America’s shores: the Department of Justice has asserted authority over hosts of foreign businesses—in some cases, for alleged conduct occurring completely outside the United States.

DPAs and NPAs are notable in that they impose terms on companies that go beyond the fines or incarceration normally associated with criminal punishment and because they go beyond requiring that the companies correct the specific practices alleged to be violations of the law. Instead, these agreements often call for major changes in firms’ internal processes of many types—from training to human resources—based on the apparent assumption that absent such changes, wrongdoing will be more likely to recur. Under DPAs and NPAs, companies have agreed to modify preexisting business practices significantly, by:

  • Implementing training and reporting programs;
  • Changing compensation schemes;
  • Modifying sales and marketing plans;
  • Hiring new, senior “compliance officers” as well as independent “monitors” reporting to the prosecutor; and
  • Firing key personnel, including directors or chief executives.

In many cases, the alleged predicate offenses underlying DPAs or NPAs involve ambiguous facts or strained or novel interpretations of law—interpretations that have remained untested in court, given companies’ pronounced pressure to settle. In addition, DPAs and NPAs regularly cede to prosecutors the sole discretion to determine whether companies are in breach of the agreement’s terms, without judicial oversight or the possibility of appeal.

This report focuses on DPAs and NPAs reached in 2012 and 2013 between prosecutors and four companies: Ralph Lauren, GlaxoSmithKline, Royal Bank of Scotland, and HSBC. These arrangements highlight companies’ difficulty in avoiding potential prosecution, even when they self-report potential violations discovered through robust internal compliance programs. They also highlight the broad social consequences of federal prosecutors’ quasi-regulatory decisions, which include:

  • Limiting companies’ ability to communicate truthful information to the public about pharmaceuticals, with potential life-or-death consequences;
  • Directly influencing trading practices and corporate speech relating to key interest rates and other global financial variables; and
  • Prompting companies to withdraw from developing countries, thus reducing capital formation and opportunity for the world’s poorest populations.

The U.S. practice of entering into DPAs and NPAs with corporations remains anomalous: corporate prosecutions are disfavored or impermissible in other developed nations. In 2013, however, the United Kingdom passed new legislation—the Crime and Courts Act, which introduced DPAs to the British criminal justice system beginning in February 2014. In contrast to U.S. practice, the U.K. rules limit the scope of corporate conduct subject to such arrangements and clearly delineate a transparent process that prosecutors must follow in pursuing DPAs, with significant judicial oversight. The new British rules bear watching as they are implemented, and they offer a potential blueprint for reforming American practice.

About the Authors

James Copland is the director of and a senior fellow with the Manhattan Institute’s Center for Legal Policy, which seeks to develop and communicate novel, sound ideas on how to improve the civil and the criminal justice systems. He oversees the Institute’s web magazine, its Trial Lawyers, Inc. series of publications, and its corporate governance database.

Copland has testified before U.S. Congress and has authored many policy white papers, book chapters, and articles in journals, including the Harvard Business Law Review and the Yale Journal on Regulation, as well as opinion pieces in newspapers, including the Wall Street Journal, National Law Journal, and USA Today. Speaking regularly on civil and criminal justice issues, he has made hundreds of media appearances in outlets including PBS, Fox News, MSNBC, CNBC, Fox Business, Bloomberg, C-SPAN, and NPR; and he is frequently cited in news articles in periodicals such as the New York Times, the Washington Post, The Economist, and Forbes.

In both 2011 and 2012, Copland was named to the National Association of Corporate Directors’ “Directorship 100” list, which designates the individuals most influential over U.S. corporate governance.

Prior to joining the Manhattan Institute, Copland was a management consultant with McKinsey and Company in New York. Earlier, he served as a law clerk for Ralph K. Winter on the United States Court of Appeals for the Second Circuit. He has been a director of two privately held manufacturing companies since 1997 and has served on many public and nonprofit boards, including those for the University of North Carolina at Chapel Hill, Fifth Avenue Presbyterian Church, and the Union Church of Pocantico Hills (NY).

Copland received JD and MBA degrees from Yale, where he was an Olin Fellow in Law and Economics and an editor of the Yale Journal on Regulation. He also earned an MSc in politics of the world economy from the London School of Economics and a BA in economics with highest distinction and highest honors from the University of North Carolina at Chapel Hill, where he was a Morehead Scholar.

Isaac Gorodetski is the deputy director of the Center for Legal Policy at the Manhattan Institute, the managing editor of, and the project manager for the Trial Lawyers, Inc. series of publications. Gorodetski also heads the Center’s state-specific overcriminalization initiative, which seeks to bring the alarming trend of over-expansive criminal codes and regulations to the fore of the public policy debate, and he co-leads the Institute’s NYC21 initiative, which explores the impact of city government’s public policies on Gotham’s economically most vulnerable communities.

Gorodetski received a JD in 2011 from New York Law School, where he was president of the school’s Federalist Society chapter, and a BBA in Economics from Baruch College.


On January 6, 2014, the nation’s largest bank, JPMorgan Chase, entered into a “deferred prosecution agreement” (DPA) with federal prosecutors relating to its having served as a cash depository for Bernie Madoff’s former Ponzi investment scheme.[1] As part of this arrangement, the bank agreed to pay the government $1.7 billion and to “cooperate” with prosecutors for a period of three years. The U.S. Department of Justice (DOJ) agreed, in turn, not to prosecute the company.[2] The New York Times reported that such DPAs are “typically employed only when misconduct is extreme,” such that the arrangement “underscores the magnitude of the case against JPMorgan.”[3]

Contrary to the Times’s assertion, however, DPAs, “non-prosecution agreements” (NPAs), and other arrangements in which companies avoid criminal sanctions by agreeing with federal prosecutors’ demands, without trial, are increasingly common—particularly among financial institutions. Indeed, JPMorgan itself entered into such an agreement in 2011 (involving antitrust allegations and a fine of $228 million),[4] as did Wachovia, now a part of Wells Fargo, in 2010 (involving alleged money laundering and a fine of $160 million).[5] Other financial behemoths entering into federal DPAs and NPAs just since 2009 include insurers General Re[6], Lloyds[7], and MetLife[8]; mortgage giants Fannie Mae[9] and Freddie Mac;[10] and foreign banks ABN Amro,[11] Barclays,[12] Credit Suisse,[13] Deutsche Bank,[14] Royal Bank of Scotland,[15] and UBS.[16]

DPAs and NPAs were unknown before 1993 and virtually unheard of prior to 2004; but over the last decade, the DOJ and other federal agencies have entered into at least 278 such agreements with companies.[17] Corporate fines and forfeitures under these arrangements have totaled $25 billion over the last five years.[18] Since the beginning of 2010, federal DPAs and NPAs have been reached with ten of the 100 largest U.S. companies by revenues, as ranked by Fortune magazine: Archer Daniels Midland, CVS Caremark, Google, Johnson & Johnson, Merck, MetLife, Pfizer, Tyson Foods, and United Parcel Service, in addition to JPMorgan Chase.[19] Over the same period, federal prosecutors have also entered into such arrangements with a plethora of global businesses headquartered outside the United States, including ABB, Alcatel-Lucent, Barclays Bank, Daimler, GlaxoSmithKline, Lufthansa, Royal Bank of Scotland, Total S.A., and Tyco.[20]

Whereas criminal sanctions are normally limited to fines and incarceration, DPAs and NPAs can entail significant changes to companies’ business practices, on top of the hefty “fines” and penalties that companies surrender. Corporate behavioral changes are not limited to correcting the behavior alleged to be criminal; rather, they can entail wide-ranging modifications of business practices presumably intended to prevent a recurrence of the alleged violation. In addition, companies entering into these agreements regularly consent to significant prosecutorial oversight of the terms of the agreement. Such changes to business practice and consent to oversight can be significant, including:

  • The implementation of aggressive training and reporting programs;
  • Changes to compensation;
  • Changes to sales and marketing practices;
  • The hiring of new, senior corporate officials charged with ensuring that the company “complies” with the legal rules that prosecutors believe it must follow;
  • The hiring of independent “monitors” reporting to the prosecutor but empowered to modify the company’s business practices; and
  • The firing of key personnel, including directors or chief executives.

DPAs and NPAs typically state that the prosecutor has sole discretion to determine whether the company has complied with the agreement’s terms, with no possibility for judicial review.

This report focuses on DPAs and NPAs entered into in 2012 and 2013. Part I looks at DPA and NPA trends quantitatively, including the number of such agreements, the level of fines imposed, the alleged crimes committed, and other trends. Part II looks qualitatively at DPAs and NPAs entered into in the last two years between the government and four companies—Ralph Lauren, Royal Bank of Scotland, GlaxoSmithKline, and HSBC—and elucidates policy issues highlighted by these examples. Part III offers an international, comparative perspective by looking at recent reforms establishing DPA practice in the United Kingdom. Part IV concludes and looks to the transparency and oversight framework in the new U.K. law as a template for potential reform of American practice.

Previous Manhattan Institute Research on the Subject

Coauthor James Copland began his study of federal DPAs and NPAs in a 2010 report, Regulation by Prosecution: The Problems with Treating Corporations as Criminals,[21] which explored the broader question of corporate criminal liability in historical and international perspective. That report found that the American practice of holding corporations criminally liable for employees’ actions was relatively novel and “an outlier among Western nations.”[22]

In a 2012 report, The Shadow Regulatory State: The Rise of Deferred Prosecution Agreements,[23] Copland explored how the federal government began entering into such agreements, beginning in 1993, and how the number of DPAs and NPAs exploded after 2004.

In 2012-13, the Manhattan Institute’s Center for Legal Policy published two shorter reports expanding on aspects of this phenomenon: one by Copland and Paul Howard (director of the Institute’s Center for Medical Progress), on federal criminal enforcement applied against pharmaceutical companies’ marketing and communications about drug uses outside those that appear on labels approved by the federal Food and Drug Administration (FDA); [24] and one by criminal defense attorney Paul Enzinna on trends in federal enforcement under the Foreign Corrupt Practices Act (FCPA),[25] a statute underlying a significant percentage of DPAs and NPAs.[26]

I. Quantitative Analysis: Federal DPA and NPA Trends, 2012–13

The number of federal DPAs and NPAs, based on a review of publicly available records,[27] increased markedly beginning in 2005 (ranging, since then, from 20 to 41 agreements annually), and the size of the fines levied under them has also escalated dramatically in recent years (ranging from $2.9 billion to $9 billion annually since 2009). This part of the report outlines such quantitative trends, including the crimes alleged in such agreements, the federal prosecuting divisions and agencies involved, industry trends, and agreement structures.

DPA and NPA Trends: Volume
Since 2005, federal prosecutors “have entered into 20 or more [DPAs or NPAs] annually.”[28] In 2012, the DOJ, its U.S. Attorneys’ Offices, and the Securities and Exchange Commission (SEC) entered into 38 such agreements, the third-highest number on record. The total number of DPAs and NPAs dipped to 28 in 2013 (see chart).

DPA and NPA Trends: Fines and Penalties
Since 2009, the dollar value of DPAs and NPAs has soared.[29] From 2009 through 2011, over $3 billion was collected each year. In 2012, a record $9 billion in fines was imposed, led by $3 billion levied against GlaxoSmithKline and $1.9 billion against HSBC. Just under $3 billion in fines and penalties were levied under federal DPAs and NPAs in 2013 (see chart). With JPMorgan’s $1.7 billion agreement already announced in 2014, the trend of high levels of fines under federal DPAs and NPAs seems certain to continue.

DPA and NPA Trends: Crimes Alleged
DPAs and NPAs involving alleged violations of the Foreign Corrupt Practices Act (FCPA; see box, page 6) are a significant percentage of all such agreements entered into between companies and the federal government, although the percentage of DPAs and NPAs involving the FCPA has fallen from 38 percent in 2010–11 to 25 percent in 2012–13. General fraud allegations—excluding health-care-specific frauds, false statements, public corruption, and violations of the False Claims Act[30] —rose to 28 percent of all cases over the last two years, up from 20 percent in the earlier period. Export- and trade-related allegations increased to 14 percent of all DPA and NPA agreements in 2012–13, and agreements involving alleged immigration offenses and alleged violations of the Food, Drug, and Cosmetic Act[31] each constituted 6 percent of all DPAs and NPAs in the past two years (see chart).

DPA and NPA Trends: Prosecuting Divisions Involved
DPAs and NPAs have most often originated in the Fraud Section of the Criminal Division of the DOJ,[32] including in 11 of 38 federal DPAs and NPAs in 2012 and 11 of 28 in 2013. Whereas the Fraud Section was acting alone in nine of its 11 agreements in 2012, it partnered with another section or a local U.S. Attorney’s Office in nine of the 11 agreements that it reached in 2013—signaling perhaps a shift in practice. U.S. Attorneys’ Offices active in entering into DPAs and NPAs over the last two years have included the Southern District of New York (six agreements), the Eastern District of New York (four), the Eastern District of Virginia (four), and the Southern District of Texas (four).[33] In January 2010, the SEC announced that it would begin to use DPAs and NPAs in enforcement—a departure from its historical practice of limiting itself to civil remedies, given the agency’s lack of independent criminal enforcement authority. The SEC entered into agreements in each of the last two years, including, most recently, an NPA with Ralph Lauren involving alleged FCPA offenses. Also, for the first time, in February 2013, the Antitrust Division entered into a DPA, reaching an agreement with the Royal Bank of Scotland (RBS) over alleged manipulation of the London Interbank Offered Rate (LIBOR). The Ralph Lauren and RBS agreements are discussed in more detail in Part II.

DPA and NPA Trends: Companies Involved
Federal DPAs and NPAs have been most prevalent in the finance and health-care sectors.[34] In 2009–11, a total of 18 agreements involved companies in the financial sector and 11 involved health-care-sector businesses. This trend has generally continued in 2012–13, during which 13 DPAs and NPAs have involved finance companies and 8 have involved health-care companies.

DPA and NPA Trends: Agreement Structure
In 2012–13, 45 percent of federal agreements not to prosecute companies have been NPAs, and the remaining 55 percent DPAs—the identical percentages as in 2010–11. A decrease in prevalence in which corporate monitors were appointed in 2011 (from nine of 40 in 2010 to two of 34 in 2011) suggested that the DOJ may have been “de-emphasizing” such appointments,[35] but the 2011 shift proved anomalous: the government appointed a monitor in nine of 38 agreements in 2012 and nine of 28 in 2013.

II. Qualitative Analysis: Key Federal DPAs and NPAs in 2012–13

In this part of the report, we will focus on four DPAs and NPAs reached between the federal government and companies in 2012–13. These agreements highlight the degree to which such arrangements can substantially modify corporate decision making, and they suggest other issues of policy concern, including: (1) the difficulties that companies face in avoiding prospective prosecution, even when they self-report potential violations discovered through robust internal compliance programs; (2) the degree to which the DOJ can stretch or even flout legal parameters in unilaterally interpreting and enforcing the law; (3) the significant social consequences that can flow from such agreements; (4) the global sweep of the DOJ’s DPA/NPA enforcement regime; and (5) the striking lack of judicial oversight typically present in this practice.

Our first example is a pair of 2013 agreements reached between the government and Ralph Lauren. This example highlights the SEC’s emerging role as a “co-enforcer” with the DOJ of alleged FCPA violations. In addition, the Ralph Lauren NPAs demonstrate the difficulties faced even by those companies that develop aggressive compliance regimes and self-report possible violations. The Ralph Lauren example also highlights the broad scope of federal FCPA enforcement, in which the executive branch is arguably holding companies to account for activities exempted from Congress’s statute, with minimal prospects for judicial review.

Our second example is the 2012 corporate integrity agreement reached between the government and the American subsidiary of GlaxoSmithKline as an NPA-type “side deal” to the company’s guilty plea for promoting “off-label” uses for the company’s drugs. Another example of cross-agency co-enforcement (involving both the U.S. Attorney’s Office for the District of Massachusetts and the Department of Health and Human Services), the agreement makes significant adjustments to the company’s compensation packages, including for senior executives.

Our third example, a 2013 agreement between the government and the Royal Bank of Scotland resolving claims that the bank manipulated its rate submissions that helped determine the London Bank Offered Rate (LIBOR), is the first instance in which the DOJ’s Antitrust Division co-enforced a DPA with the Criminal Division. The agreement also demonstrates the international reach of current criminal enforcement and the broad scope of remedies that the DOJ is prepared to embrace.

Our fourth example involves the 2012 DPA reached between the British bank HSBC and the DOJ’s Criminal Division and two U.S. Attorneys’ Offices. This DPA resolved allegations that the bank had insufficient controls to prevent money laundering and exemplifies the lengths to which financial institutions will go to avoid criminal indictment: the bank removed most of its senior management team, radically restructured managers’ compensation, jettisoned businesses around the globe for fear of inability to comply with legal rules, and agreed to a five-year term of supervision by a corporate monitor reporting to prosecutors. This example also offers a rare case in which a supervising judge exercised oversight: Judge John Gleeson of the Eastern District of New York issued a detailed opinion asserting judicial oversight for the HSBC DPA, even as he approved its onerous terms—in essence, establishing a role for the judiciary in cases in which the government has decided to defer potential corporate prosecutions.

Expanding Enforcement: The Ralph Lauren Company NPAs
Operative Statute: Foreign Corrupt Practices Act (FCPA)
Key Issues: Crediting of corporate compliance, scope of enforcement outside statutory safe harbor

As already noted, the FCPA[36] is a major locus of federal criminal law enforcement. On April 22, 2013, the Fraud Section of the Criminal Division of the DOJ and the SEC entered into separate NPAs[37] with Ralph Lauren Company (RLC)—a well-known publicly traded apparel company—to resolve allegations that it had violated the FCPA.

What Is the FCPA?

The Foreign Corrupt Practices Act creates civil and criminal penalties for businesses and individuals who pay bribes to foreign officials. [38] Enacted in 1977, the FCPA is intended to prevent American-based businesses from gaining a competitive advantage abroad by buying regulations and government contracts. Implicitly, the statute is rooted in American idealism and in the belief that American interests are fostered, in the long run, by the rule of law abroad.

Although the FCPA’s core purposes are noble, its scope, as enacted by Congress, was not without bounds. The statute specifically exempts “facilitating payments” designed “to expedite or secure the performance of a routine governmental action by a foreign official.” [39] Congress’s intent in enacting the FCPA was clearly to deter American companies from buying foreign influence on a large scale—but not to police all foreign bribes potentially paid by U.S. businesses. Given the powerful incentives that businesses have to enter into DPAs and NPAs, however, federal prosecutors have very broadly interpreted the FCPA’s scope—and limited its express exemption—effectively insulating it from judicial review.[40]

After implementing a new internal FCPA compliance policy in early 2010, RLC discovered that the general manager of its subsidiary PRL S.R.L., based in Argentina, had been paying a third-party customs-clearance agency to bribe Argentine customs and other government officials to bypass mandatory paperwork requirements and inspections for imported RLC merchandise that it sold in Argentina.[41] Additionally, PRL S.R.L. had disguised these payments—approximately $580,000 between 2005 and 2009—with fake invoices marked as routine customs expenses and taxes.[42] Within two weeks of discovery, RLC reported the conduct to the DOJ and the SEC. The company fully cooperated with the government in the ensuing investigation while instituting a host of remedial compliance and governance changes, under its own initiative.[43]

The DOJ and the SEC entered into NPAs with RLC to avoid prosecution and enforcement actions, respectively. Despite recognizing and crediting RLC’s self-reporting and extensive cooperation, the government claimed that the company had “failed to devise and maintain a system of internal controls sufficient to provide reasonable assurances” for its Argentine subsidiary.[44]

Under the SEC’s agreement,[45] RLC has to disgorge $593,000 in illicit profits and $141,845.79 in prejudgment interest.[46] The pecuniary penalty was the entirety of the NPA’s real punitive terms, and RLC was even allowed to enter into the agreement without admitting or denying liability[47]—a critical feature, though in this case, the DOJ’s NPA wiped out the SEC agreement’s benefit. The SEC attributed its leniency “to the company’s prompt reporting of the violations on its own initiative, the completeness of the information provided and its extensive, thorough, and real-time cooperation with SEC’s investigation.”[48] The SEC also recognized the company’s numerous remedial measures employed to mitigate the risk of future violations, such as terminating all culpable employees and the customs broker, instituting compliance training, strengthening internal controls and third-party due diligence, and comprehensively enhancing its compliance program.[49] In return for the recognition, RLC also agreed to continue its cooperation with the SEC, to comply with any requests for non-privileged information, and to refrain from making public statements relating to the agreement.[50]

Although the DOJ’s NPA with RLC copiously praised the company for its remedial efforts and self-reporting, the DOJ was not as magnanimous as the SEC. RLC not only had to pay an additional $882,000 penalty but also had to publicly admit wrongdoing[51]—potentially opening the company up to shareholder derivative lawsuits.[52]

The most significant supplemental features of the DOJ agreement, as is characteristic of virtually all of DOJ’s alternative agreements, are the comprehensive governance requirements imposed on the company for a term of two years.[53] Rather than allowing RLC flexibility in maintaining its newly implemented compliance policies that had effectively detected the FCPA violation,[54] the DOJ inserted itself in shaping RLC’s corporate governance. In the corporate compliance section—which is nearly the length of the SEC’s entire agreement—the DOJ directs the frequency at which the company must review its compliance policies, sets the management structure for compliance oversight, requires setting up a separate reporting system dedicated to anticorruption issues, and instructs strict due diligence in the risk assessment of potential new acquisitions.[55]

Adding to the confusion is the special attention that the DOJ’s NPA pays to dictating the terms of compliance training, after acknowledging earlier in the agreement the extensive FCPA training that RLC had already implemented for its employees worldwide.[56] The DOJ’s NPA requires at least three comprehensive reports to be prepared by RLC on the status of its FCPA compliance program,[57] despite evidence throughout the agreement that DOJ has already received a detailed accounting of RLC’s new policies and an open line of communication with the company.[58]

Issue 1. Enforcement Versus Compliance

The DOJ’s and the SEC’s decision to enter into NPAs with Ralph Lauren illustrates a core tension in corporate criminal enforcement: between federal prosecutors’ desire to hold companies to account; and the desire to have companies self-monitor their own behavior and comply with legal norms. In a 2009 report, The Conference Board openly worried that federal prosecutors’ practices were potentially undermining deterrence of lawbreaking by inadequately crediting companies’ preexisting compliance programs: “From an ethics and compliance incentives perspective, publicly recognizing settlement-based programs (but not preexisting ones) in enforcement decisions is hardly optimal. In essence, it sends a message that the companies need not be concerned with compliance/ethics programs until after a violation, and thereby undercuts the important law enforcement policy of deterrence.”[59] In RLC’s case, the company detected the customs-bribery scheme only after implementing its own aggressive compliance regime, and after it rooted out the potential FCPA violations, it quickly self-reported the issue to the government and implemented rigorous remediation policies. Although RLC’s extensive cooperation was a theme of both the DOJ and the SEC NPAs, the agreements do not detail how the company was credited for its extraordinary efforts.

Moreover, the decisions by the SEC and the DOJ to enter into NPAs with RLC would seem to conflict with the government’s 2012 FCPA resource guide, [60] which purported to clarify FCPA enforcement to corporations.[61] In the FCPA guide, the DOJ and the SEC outline declinations—decisions not to prosecute, with no public allegations of wrongdoing or imposition of fines—as a preferable alternative to entering into a DPA or an NPA under various conditions.[62] The guide spells out six examples of declinations, and in comparing those examples with RLC’s self-reporting and remediation efforts, it becomes evident that RLC would seem to be a prototypical candidate for a declination rather than an NPA.[63] Because the DOJ and the SEC failed to articulate reasons why they entered into NPAs with RLC rather than opting for declination, as specified in the recently promulgated guidelines, companies face added uncertainty, which could—as The Conference Board feared—deter some businesses from implementing new compliance programs or reporting the findings of internal investigations to the government.

Issue 2. Stretching the Law

Even though the FCPA’s anti-bribery provisions prohibit the offer, promise, or payment of “anything of value” to a “foreign official” in order to “obtain or retain business,[64] the statute also contains an express exemption for “facilitating payments” designed “to expedite or secure the performance of a routine governmental action by a foreign official”[65] (see box, page 6). The payment scheme in which RLC was implicated in its NPAs—while hardly laudatory—was precisely designed to expedite routine government actions (customs) and not to secure government contracts through quid pro quo payments, the paradigmatic type of corruption that the FCPA was designed to prevent. Given that the FCPA, by its own terms, seems to “establish a line” between these two types of practice—implicitly acknowledging that “[c]orrupt low-level bureaucrats are a fact of commercial life in many countries, and most businesses operating internationally have been solicited for payments to obtain permits, licenses, customs clearances, and the like”[66] —the conduct that RLC self-reported looks to be precisely the type of activity that Congress decided not to entrust to U.S. prosecutors.

Indeed, the Fifth Circuit, in its 2004 decision United States v. Kay,[67] made clear that not all such payments that may “secure a competitive advantage” are deemed within the FCPA’s scope. The Fifth Circuit suggested that an inquiry should be made by courts focusing on the specific facts to determine whether a particular payment was, in fact, to “obtain or retain” business.[68] But RLC—like most other companies under these circumstances—chose to reach an agreement with the government rather than test the application of its interpretation of the statute, such that the SEC and the DOJ were effectively holding the company to account for conduct at least arguably outside the bounds of the statute.[69]

Breaking New Ground: The GlaxoSmithKline “Side Letter” NPA
Operative Statute: Food, Drug, and Cosmetic Act (FDCA)
Key Issues: Public health consequences of criminal sanctions for truthful speech concerning “off-label” drug prescriptions

On July 2, 2012, GlaxoSmithKline LLC (GSK), a U.S.-based subsidiary of the British multinational pharmaceutical and health-care company GlaxoSmithKline PLC, reached an agreement with the U.S. Attorney’s Office for the District of Massachusetts to plead guilty to resolve criminal allegations of drug “misbranding” and failure to report safety data in violation of the Food, Drug, and Cosmetic Act.[70] The aggregate resolution was “unprecedented in size and scope,” according to Deputy Attorney General James M. Cole, as the “largest health care fraud settlement in U.S. history and the largest payment ever by a drug company.”[71] GSK LLC agreed to plead guilty to unlawfully promoting the drugs Paxil and Wellbutrin for “off-label uses” by sponsoring various programs—including Continuing Medical Education lectures, lunches, dinners, and spas—to promote the use of its drug Paxil in children and adolescents and the use of its drug Wellbutrin for weight loss and the treatment of sexual dysfunction, each indication being outside the narrow subset previously approved by the FDA.[72] GSK LLC also agreed to plead guilty to one count of failing to include necessary safety data in reports to the FDA about its Avandia drug.[73] In addition to $1 billion under the plea agreement, GSK LLC agreed to pay $2 billion in civil penalties to the federal government and the states.

What Are “Off-Label” Drug Prescriptions?

The FDCA requires drug companies, when seeking FDA approval for new pharmaceuticals, to specify every intended use for that drug; the agency restricts companies from promoting uses for approved pharmaceuticals, after FDA approval, exclusively to those previously approved by the agency. [74] Nevertheless, pharmaceuticals are commonly prescribed by doctors for uses beyond those listed on the label: such “off-label” uses constitute an estimated 21 percent of all prescriptions, 36 percent of all drugs used in intensive-care units, and 79 percent of drugs administered to children in pediatric hospitals.[75] Although these prescriptions are vital to the public health and are supported by publications in peer-reviewed medical journals, they remain off-label because they generally “do not offer sufficient economic payback to warrant full review under the FDA’s 50-year-old system for testing and approving new medicines—a system that requires large, cumbersome, and expensive randomized clinical trials, typically controlled with a placebo or standard of care.”[76] Under FDA rules, drug companies’ promotion of off-label uses for its otherwise FDA-approved pharmaceuticals are considered “misbranding” of drugs misbranded in violation of the FDCA.[77]

In addition to the $3 billion plea deal, GSK LLC and the Office of the Inspector General of the Department of Health and Human Services entered into a five-year “corporate integrity agreement” (CIA), which included stringent provisions requiring GSK LLC to make “major changes to the way it does business.”[78] The GSK CIA includes requirements that the company modify existing—or develop new—reporting systems, employee training programs, management and supervision structures, and other corporate governance mechanisms—features standard in most DPAs and NPAs that necessitate a great deal of resources and time to implement, monitor, and enforce.[79]

In addition, the GSK CIA included significant modifications to the company’s compensation structures.[80] Such provisions are typical in DPAs and NPAs involving alleged drug misbranding: prosecutors intend to improve corporate compliance by realigning the compensation structure of the company’s sales representatives away from volume goals to other factors such as “business acumen, customer engagement, and scientific knowledge about GSK’s products.”[81] In advance of reaching its agreement with the government, GSK had already implemented new pay practices, including a so-called Patient First program and the wind-down of its program paying doctors to speak about the company’s drugs: such payments by the company fell 80 percent between 2009 and 2012,[82] and GSK ultimately became the first major pharmaceutical company to cut off such payments altogether.[83] Notwithstanding these changes, the GSK CIA mandated major changes to senior executives’ compensation through a “financial recoupment program.”[84] Under this program, the agreement requires that “an amount equivalent to up to 3 years of annual performance pay”[85] (“cash bonuses, stock options, and other incentives”)[86] for covered executives—including executives from the parent company GSK PLC—is all at risk of “forfeiture and recoupment” should the prosecutors later determine that an individual executive engaged in or should have known about an employee’s “significant misconduct.”[87] Under this program, GSK may even recoup bonuses from former employees.[88]

Issue 3. Social Costs of the Enforcement Regime

The FDA permits companies to share “scientific” information about off-label drug applications but not “promotional” information, [89] an unclear distinction that has created for pharmaceutical companies “a minefield without a map.”[90] As such, “claims for illicit off-label drug promotion have been among the most commonly asserted Medicaid-fraud allegations in federal enforcement actions.”[91] The government is thus wielding the criminal-law threat as a major regulatory weapon without apparent consideration of the public health, which is likely to be facilitated by the truthful dissemination of information about peer-reviewed applications of pharmaceuticals requiring prescriptions by learned intermediaries. As in the RLC case, the government is pursuing its prosecutorial path without clear legal guidance in the underlying law: companies facing exclusion from Medicare and Medicaid have been unwilling to put the government’s legal interpretations to the test; and individual prosecutions have been rare, typically resolved against the government’s position.

In addition to GSK’s agreement, the federal government has entered into multiple other multibillion-dollar settlements with other drug manufacturers to resolve drug-misbranding allegations, including Pfizer ($2.3 billion), Eli Lilly ($1.4 billion), and Abbott Laboratories ($1.5 billion).[92] What each of those other settlements has in common—other than the alleged criminal conduct and astronomical settlement values—is that no individuals were prosecuted in connection to any of those cases.[93] In GSK’s case, the DOJ accused its general counsel Lauren Stevens of obstruction of justice and making false statements for withholding documents when the FDA was investigating the charges levied under this agreement,[94] but a federal judge dismissed the case with withering criticism of the government’s actions in both the investigation and prosecution.[95]

The widespread nature of corporate drug-misbranding agreements and the absence of any individual criminal indictments for the underlying conduct have largely insulated the government from testing its criminal-law theories in this area. In a major December 2012 decision, the U.S. Court of Appeals for the Second Circuit overturned the federal prosecution of a pharmaceutical sales representative who had communicated truthful information about an off-label drug use, ruling that “criminalizing the truthful off-label promotion of FDA-approved prescription drugs” was an unconstitutional limitation on free speech in violation of the First Amendment.[96]

But no pharmaceutical company is likely to test such theories, given that an adverse judgment could exclude its products from reimbursement under Medicare or Medicaid—effectively, a corporate death sentence.[97] GSK’s “side letter” NPA waiving the federal government’s authority to debar the company from federal reimbursement is common in such agreements[98]—and indicative of the “sword of Damocles” hanging over companies facing potential drug-misbranding prosecution,[99] which all but forces them to accept the government’s proposed terms.

Antitrust Enforcement Shift: The Royal Bank of Scotland DPA
Operative Statute: Sherman Antitrust Act, Wire Fraud Statute
Key Issues: International reach of U.S. Justice, economic policy impact of DOJ oversight

On February 6, 2013, the DOJ’s Antitrust Division partnered with the Criminal Division’s Fraud Section to enter into its first DPA: an agreement with the Royal Bank of Scotland,[100] a financial-services corporation headquartered in Edinburgh, as part of the DOJ’s enforcement efforts related to alleged manipulation of the London Interbank Offered Rate (LIBOR).[101] RBS was charged with wire fraud for manipulating LIBOR rates and price fixing in violation of the Sherman Act[102] for colluding to manipulate those rates with other financial institutions.[103] (The Sherman Antitrust Act of 1890 prohibits any “conspiracy … in restraint of trade or commerce,” including price fixing.)[104]

What Is LIBOR?

The London Interbank Office Rate, or LIBOR, is an average interest rate based on estimates submitted by selected banks of what they would be charged when borrowing from other banks spanning ten currencies and 15 borrowing periods.[105] The LIBOR is published by British Bankers’ Association, a London-based trade association, every business day, based on rates contributed by selected “contributor panels” of banks, depending on currency.[106] The LIBOR serves as the benchmark interest rate for financial markets globally with futures, options, and other financial instruments settled based on the rate; and as a reference rate for consumer lending products such as mortgages, credit cards, and student loans.[107]

As a member of the contributor panels for various currencies, including the Japanese Yen LIBOR and the Swiss Franc LIBOR, RBS traders, from 2006 through 2010, allegedly manipulated RBS’s submissions to push rates in those two currencies in a direction favorable to the bank’s internal trading positions.[108] Pursuant to the DPA, RBS’s Tokyo-based subsidiary, RBS Securities Japan Limited, pleaded guilty to wire fraud for manipulating the LIBOR for the Japanese Yen and entered into a plea agreement that imposed a $50 million criminal penalty.[109] RBS also agreed to pay an additional $100 million in criminal fines[110] along with civil penalties levied by the U.S. Commodity Futures Trading Commission and the U.K. Financial Services Authority, amounting to $325 million and $137 million, respectively.[111]

The “statement of facts” in the RBS DPA—an agreement spanning over 100 pages—contains detailed transcripts of RBS traders contacting the individuals at the bank charged with submitting LIBOR rates, in an effort to request favorable rates based on their trading positions. The DPA also alleges that RBS employees entered into agreements with traders from other banks to move rates.[112] The DOJ alleged that these practices amounted to a collusive scheme in violation of the antitrust laws and that the traders “understood the features of the derivatives products tied to those benchmark interest rates, they understood that to the extent they increased their profits or decreased their losses in certain transactions from their efforts to manipulate rates, their counterparties would suffer corresponding adverse financial consequences with respect to those particular transactions.”[113]

The DOJ’s two-year DPA features a wide array of requirements imposed on the company regarding compliance policies, reporting, and cooperation. The agreement mandates that within 60 days, the company must strengthen its compliance and internal control standards by developing new policies and procedures.[114] Setting out an extensive list of factors to be used in determining the submission of LIBOR rates, along with mandatory supervisory review, the DOJ’s required compliance requirements are supposedly geared to “guarantee” the “integrity” of the rates submitted by RBS.[115]

In addition, RBS is subject to rigorous record-keeping and documentation requirements, including the obligation to record and preserve audio records of the communications of rate submitters, supervisors, and derivatives traders.[116] RBS must arrange for internal and external audits, conduct employee training, and comply with demanding reporting requirements that extend beyond the two-year term of the DPA.[117] The DOJ, as its usual modus operandi, retains sole discretion to determine whether there has been a breach of the agreement—which could even be triggered by the unilateral conduct or statement of an RBS employee.[118] Purportedly to prevent the risk of such a breach, RBS’s DPA requires that any pertinent public statements or press releases by the bank be approved by the DOJ in advance.[119]

Establishing Judicial Review: The HSBC DPA
Operative Statute: Bank Secrecy Act
Key Issues: International/economic development implications of Justice efforts, judicial review

On December 11, 2012, with its U.S. banking license at stake, the London-based HSBC, through its subsidiary HSBC Bank USA and holding company HSBC Holdings, PLC, entered into a DPA with the DOJ Criminal Division’s Asset Forfeiture and Money Laundering Section, the U.S. Attorney’s Office for the Eastern District of New York, and the U.S. Attorney’s Office for the Northern District of West Virginia, for a five-year term.[120] The DPA (and simultaneously filed criminal charges) alleged that HSBC violated the Bank Secrecy Act[121] by failing to maintain an effective anti-money-laundering program, which resulted in at least $881 million in drug-trafficking proceeds of Mexican and Colombian cartels being laundered through HSBC’s U.S. subsidiary.[122] Additionally, the government alleged that HSBC facilitated financial transactions, valued in the aggregate at approximately $660 million, on behalf of countries including Iran, Cuba, Sudan, Libya, and Myanmar in violation of the International Emergency Economic Powers Act[123] and the Trading with the Enemy Act.[124]

In accordance with the agreement, HSBC must forfeit $1.256 billion, a record penalty for a Bank Secrecy Act prosecution, along with $665 million in civil penalties.[125] Most of the comprehensive compliance program detailed in the agreement was already in place prior to the DPA, under the pressure of a looming indictment,[126] most likely in an effort by HSBC leadership to show good-faith cooperation by the company as the government built its case. These self-initiated changes were sweeping, including a significant shake-up of the executive team, involving the replacement of almost all senior management,[127] the decrease and deferral of executive bonuses, and the implementation of a new system tying senior executive bonuses to compliance standards.[128] In addition to a $244 million investment in anti-money-laundering efforts in 2011 by HSBC Bank USA (approximately nine times more than it had spent in 2009), the company dramatically increased staffing devoted to prevent money laundering (from 92 full-time employees and 25 consultants as of January 2010 to approximately 880 full-time employees and 267 consultants as of May 2012),[129] and it made a $700 million “remediation investment,”[130] completely revamping its “Know Your Customer’” system. The company also made other changes to reporting, compliance standards, management structure, and general business practices.[131]

The DPA also features terms that have become almost boilerplate. HSBC must retain an independent compliance monitor for the entire five-year term at the company’s expense, to be approved by the DOJ.[132] The DOJ will also require regular reporting from the monitor and have the sole discretion in deciding disputes or reporting difficulties between the company and the monitor.[133] Though there are confidentiality protections, the DOJ can override those protections if it determines that “disclosure would be in furtherance of the Department’s discharge of its duties and responsibilities or is otherwise required by law.”[134] The compliance requirements in the aggregate reveal that the DOJ retains control over the work of the monitor, with the sole discretion to make any changes or demands with regard to HSBC’s compliance, without much regard for shareholder value or ordinary business practices. This broad discretion retained solely by the DOJ is a recurring element in the HSBC agreement, appearing in terms that govern information requests, determine a breach of the agreement, and determine whether to extend the agreement, among other terms.[135]

Issue 4. The Global Sweep of Enforcement

The RLC and other FCPA-based NPAs and DPAs demonstrate the global sweep of modern U.S. prosecutorial enforcement—in some cases, targeting foreign subsidiaries of foreign companies for foreign bribes, on the flimsiest of jurisdictional links to the United States[136]—but perhaps no case exemplifies this trend more than the DOJ’s DPAs with RBS and HSBC. RBS is 82 percent owned by the British government, and although some controls have been put into place to mitigate the effect of the monetary penalty on taxpayer funds, the DOJ is nevertheless effectively regulating an entity owned by a foreign sovereign.[137] In the HSBC case, the DOJ in essence offered the bank a Hobson’s choice between losing its license to practice as a bank in the U.S. and pulling out of hosts of emerging-market countries—exerting a dramatic influence over the course of global development policy.

In the RBS case, the DOJ justifies its jurisdiction by citing the impact of the LIBOR scandals on U.S. investors.[138] The LIBOR affects financial products owned by U.S. counterparties such as asset-management companies, insurance companies, universities, and nonprofits, which thus may have been affected by the alleged rate manipulation.[139] Even if this real economic impact is sufficient to create a jurisdictional basis for DOJ involvement, the sweep of the RBS DPA—including prior restraints on speech and aggressive record keeping and oversight by American prosecutors—is striking in the context of a bank mostly owned by an allied world power with permanent United Nations Security Council status. Such is particularly the case in light of recent British reforms giving the U.K. government power to enter into its own DPA agreements, even retroactively (see Part III, infra).[140]

In addition, precisely because of LIBOR’s impact on international business transactions, the DOJ’s aggressive oversight of interest rates embedded in hosts of commercial contracts is cause for concern. Though it is doubtless problematic that a critical interest rate like LIBOR may have been manipulated for profit by a rate-providing bank, oversight of such concerns would seem better suited to the U.S. Treasury and Federal Reserve, as well as the U.K. and European monetary authorities, rather than criminal and antitrust lawyers in the U.S. Department of Justice. Putting a critical international monetary-policy instrument under the forceful regulatory thumb of government lawyers with limited financial and economic expertise could involve systemic risks and should be grounds for caution.

In the HSBC case, the bank’s most significant changes lie in what the company won’t be doing: HSBC’s U.S. subsidiary has exited 109 correspondent relationships for risk reasons. Since January 2011, HSBC has sold 42 businesses, and the bank has completely withdrawn from nine countries (including Iraq) and adopted a new, more rigorous, set of guidelines assessing the risks of doing business in particular countries.[141] Under these guidelines, the bank has abandoned an array of business activities in parts of Asia and Latin America where “knowing your customer” is expensive and not always conclusive,[142] and it has decided not to enter high-risk countries such as Myanmar and Angola, despite encouragement from those countries’ respective governments.[143] Big global banks like HSBC are necessary partners for unconnected local lenders and fill critical gaps in economically undeveloped regions,[144] but in light of the DOJ’s criminal-enforcement regime, the risks for such banks are now outweighing the potential benefits in many of the world’s poorest nations.

Issue 5. (The Lack of) Judicial Oversight

Federal agreements not to take companies to trial on criminal charges are notable for their lack of judicial oversight—an omission highlighted in the exception in the HSBC case, in which the supervising judge, John Gleeson of the Eastern District of New York, issued a striking decision asserting his supervisory authority. In a December 20, 2012, hearing to approve the DPA[145]—typically a pro forma affair—Judge Gleeson decided not to rubber-stamp the agreement. Instead, he instructed the parties to submit arguments articulating the proper role of the court with regard to DPAs.[146] With the DOJ understandably loathe to relinquish its authority and HSBC anxious to move forward, both parties argued that the court’s actual supervisory discretion was severely cabined: both parties contended that the judge’s singular role was to grant a delay to the Speedy Trial Act[147] to exclude the requirement that the trial must start within 70 days of the date that prosecutors bring charges.[148]

On July 1, 2013, Judge Gleeson approved the agreement but not before asserting his judicial authority to oversee its terms. In the 20-page opinion, he agreed with the government’s argument that there was no explicit authority for the Court to accept or reject DPAs pursuant to the Federal Rules of Civil Procedure or U.S. Sentencing Guidelines, but he invoked an inherent “supervisory power” of the Court, citing numerous precedents to support the assertion of authority.[149] Though Gleeson acknowledged that the decision to prosecute or to enter an NPA was in the absolute discretion of the DOJ, he explained that DPAs were different:

The government has chosen neither of those paths. Rather, it has built into the DPA with HSBC a criminal prosecution that will remain pending (assuming all goes well) for at least five years. Just as a non-prosecution agreement is perceived as a public relations benefit to a company, perhaps the filing and maintenance of criminal charges was intended to produce a public relations benefit for the government. But for whatever reason or reasons, the contracting parties have chosen to implicate the Court in their resolution of this matter. There is nothing wrong with that, but a pending federal criminal case is not window dressing. Nor is the Court, to borrow a famous phrase, a potted plant. By placing a criminal matter on the docket of a federal court, the parties have subjected their DPA to the legitimate exercise of that court’s authority. [150]

Gleeson observed that DPAs infringe on the rights of criminal defendants and pose significant risks. “[I]t is easy to imagine circumstances in which a deferred prosecution agreement, or the implementation of such an agreement, so transgresses the bounds of lawfulness or propriety as to warrant judicial intervention to protect the integrity of the Court,”[151] wrote the judge, citing earlier agreements that had required companies to waive attorney-client privilege and work-product protections, as well as the Fifth and Sixth Amendment rights of their employees.[152] Gleeson’s opinion further noted that prosecutors might improperly allocate remediation funds or make nepotistic corporate monitor appointments,[153] and he emphasized that judicial oversight was especially necessary, given that that corporate defendants facing a DPA would be very unlikely to “rais[e] a purported impropriety,” given the risk that speaking up might derail the agreement with the government.[154]

III. International Perspective: DPAs in the United Kingdom

As exemplified by the DPA and NPA examples in Part II—involving two British banks, a British pharmaceutical company, and the foreign actions of a foreign subsidiary of a U.S. company—the U.S. government’s corporate criminal enforcement regime has global scope. Although many European nations’ laws do not permit criminal prosecutions of corporate entities in any form,[155] the U.K. in the 1950s passed laws permitting companies to be prosecuted criminally.[156] Just last year, the U.K. passed the Crime and Courts Act,[157] which introduced DPAs to the British criminal justice system.[158] Slated to take effect in February 2014,[159] the new British DPA rules borrow from—and, in notable ways, are distinct from—those developed over the past two decades of American practice.[160]

In the U.K., corporate criminal prosecutions are limited by the “identification principle,”[161] which requires that prosecutors prove both an element of intent (mens rea) and that the intent was attributable to someone representing the “directing mind and will of the company.”[162] Although the structural definition of a DPA and its key components under the new U.K. rules track the U.S. model,[163] the U.K. legislation permits prosecutors to enter into DPAs only with corporations, partnerships, or unincorporated associations, not with individuals.[164] The U.K.’s new DPA authority is also limited in scope, applying only to the essentially economic crimes listed in the law’s Schedule 17, such as fraud, bribery, and money laundering—as opposed to U.S. practice, in which DPAs are regularly entered into to resolve environmental or health infractions and a host of other substantive offenses.[165] The new U.K. rules also limit the DPA tool to prosecutors; civil enforcement agencies are not permitted to enter into DPAs with companies.[166]

The new U.K. DPA Code of Practice sets out a two-stage test to determine whether a DPA is appropriate in the given circumstances.[167] First, in the evidentiary stage, prosecutors must evaluate whether they have enough evidence that the corporation has committed a crime to justify continuing an investigation into the conduct.[168] Second, in the “public interest” stage, prosecutors must determine that “public interest would be properly served” by entering into a DPA rather than prosecuting a corporation, taking into account a list of factors provided by the Code, including “the risk of harm to the public, to unidentified victims, shareholders, employees and creditors and to the stability and integrity of financial markets and international trade,” the risk of debarment from entering into government contracts, and the corporation’s cooperation with the investigation.[169]

In contrast to the general practice in the U.S., the U.K. DPA law requires robust judicial review in every major phase of the DPA process.[170] First, negotiations between prosecutors and the company must be well documented; no offer or concession may be excluded from this requirement. After negotiations are initiated, prosecutors must apply to the court[171]—at a preliminary hearing held in private—for a declaration that entering into a DPA with the company is “likely to be in the interests of justice” and the “proposed terms of the DPA are fair, reasonable and proportionate.”[172] The presiding judge—one of a limited pool selected to adjudicate DPAs[173]—must not only approve or reject this application but offer reasoning to the parties for the decision.[174]

If the court approves the preliminary application, prosecutors and the company are then free to finalize all the terms of the DPA, after which they must resubmit it to the court for consideration.[175] At a final hearing, which may also be held in private,[176] prosecutors must seek a declaration that the DPA “is in the interests of justice” and that its terms “are fair, reasonable and proportionate.”[177] The DPA is not effective until the judge approves the application and articulates the reasons for the decision, in open court.[178] The prosecutors must then publish the DPA, the court’s preliminary declaration and its reasoning, and the court’s final declaration approving the DPA with reasoning.[179] Any subsequent modifications to the DPA or any finding of breach requires the court’s permission, and the court again must make its decisions public and apply the same two-step test as in the initial hearings.[180] At the completion of the DPA term, the prosecutor must then send notice to the Crown Court that it will not prosecute the company and then publish this declination along with details of the company’s compliance.[181]

In terms of sanctions, the U.K.’s new DPA law expressly ties monetary penalties to the fine that a court would levy on the company if it pleaded guilty to the offense.[182] Sentencing guidelines provide ranges for prosecutors to refer to when negotiating these penalties, relying—similar to U.S. practice—on metrics of harm and culpability.[183] Additional guidelines specify that these fines could be supplemented with compensation for victims of the corporate wrongdoing and the payment of prosecution costs among other possible disbursements; yet the company would also be eligible to receive a one-third discount for entering into the agreement, similar to the U.K law governing plea deals.[184] The provisions allowing for the appointment of a corporate monitor are also defined, with the court involved in supervising the selection process, which the company must lead at its own expense.[185] The company and prosecutors must provide a detailed work plan for the corporate monitor’s responsibilities in the first year and a general outline for the entire term, which must be approved by the court.[186]

IV. Assessment and Conclusion

With little fanfare, over a period spanning only a decade, the widespread use of DPAs and NPAs has emerged as the new normal in federal regulation of business—what might be deemed a “shadow regulatory state.” Government attorneys—often only a few years out of law school—have been prompting major shifts in business practices to some of our nation’s largest companies—indeed, entire industries—based on vague criminal laws, with minimal congressional guidance or judicial oversight.

As shown in the case studies examined in this report, federal prosecutors regularly insist on significant changes to business practice. Changes to compensation practices can reach the most senior executives, and entire management teams have been replaced to placate prosecutorial demands.

Businesses operating in this environment tend to face a minefield without a map. Companies cannot afford to test novel or strained interpretations of the law in court, owing to the staggering collateral consequences from conviction (which include loss of bank licenses, debarment from federal contracting, or exclusion from federal reimbursement), which affords prosecutors broad discretion to interpret what constitutes a crime, without judicial review. Moreover, the government almost always drafts DPAs and NPAs to vest in prosecutors the sole discretion to determine whether the company has breached the agreement[187] —which companies can ill afford to challenge, even when the government is applying vague or ambiguous compliance terms like “rigorous,” “appropriate,” or “adequate.”

Complicating the ability of companies to comply with the law, the use of DPAs, NPAs, and similar agreements by the federal government has spread to new divisions within the DOJ (notably, the Antitrust Division, as shown in the RBS agreement) and has become well entrenched with the SEC and the Department of Health and Human Services (as shown, respectively, in the RLC and GSK agreements). The overlapping jurisdictions all seeking to regulate corporations through the threat of prosecution subject businesses to multiple—and, in some cases, conflicting—interpretations of legal rules. As in the Ralph Lauren example, aggressive compliance programs and self-reporting of potential violations do not insulate companies from prospective prosecution—even when prosecutors’ published guidelines would seem to signal that a decision to seek a DPA or an NPA is not appropriate.

Prosecutors’ decisions in this area can have broad impacts beyond those on companies and their owners. Some are obvious, including collateral consequences for employees, creditors, and other stakeholders—the very concerns that, in part, encourage the federal government to enter into such agreements on a widespread basis in the first place. Others are more systemic, including those touched upon in this report, including:

  • Effects on the public health, given that prosecution of truthful speech about pharmaceuticals, administered only through prescription or administration by learned intermediaries, limits the spread of beneficial and potentially lifesaving drugs;
  • Effects on world markets, such as the decision to oversee a major foreign-owned bank’s interest-rate submissions, with potential impacts on hundreds of thousands of debt instruments and monetary markets worldwide; and
  • Effects on global development, such as stringent “customer knowledge” standards that alter risk-benefit profiles for major international financial institutions and encourage them to exit, in whole or part, from poor developing-world countries, starving those populations of capital.

In each of these cases, serious policy issues are at play. There is a strong policy need to police market manipulation, money laundering, and bribery. That said, there is strong reason to question the competence of government prosecutors with little business experience or economic training to assess the economic and social impacts of their effectively regulatory judgments.

There is a strong case for limiting prosecutors’ ability to enter into corporate DPAs or NPAs in cases involving predicate offenses committed by senior business officials, for ensuring that companies are properly credited for preexisting compliance programs, and for scaling back statutory collateral consequences that effectively force companies to acquiesce to prosecutors’ demands.[188] Beyond such substantive limitations on DPA practice, there is a strong case for procedural reforms to ensure greater transparency and oversight over the DPA process. A notable feature of U.S. criminal law enforcement as applied to businesses is that it lacks transparency and vests almost exclusive authority with prosecutors. With strict procedural guidelines, mandated transparency, and required judicial oversight, the U.K.’s new DPA rules offer an alternative that U.S. policymakers would be wise to consider. It is too soon to observe the effects of the transparency and oversight provisions at the center of the U.K. DPA, but we should watch the U.K. process as it plays out—with an eye on the impact on companies’ share value, profitability, and public reputation.[189]

As was the case with HSBC before Judge Gleeson, in many—if not most—individual cases, a company is likely to prefer to avoid judicial oversight: the company has reached a settlement agreement that it deems acceptable under the circumstances, and there is risk that the judge might deem its terms too lenient. Indeed, at the heart of Gleeson’s opinion was a concern that corporations are getting off too easy, a sentiment shared by other federal judges recently challenging other federal DPAs and government enforcement actions, such as Terrence Boyle in North Carolina[190] and Judge Jed Rakoff in New York.[191]

Overall, however, our critique of the federal DPA process does not hinge on a belief that it treats corporations too harshly—though, in particular instances, such as off-label drug promotion, that is almost certainly the case. Yet if one were to believe as a normative matter that the government generally is not doing enough to regulate large corporations, the DPA process may be part of the problem. Complex regulatory questions are not best left to the unilateral judgment of prosecutors outside the public eye.



  1. Deferred Prosecution Agreement, U.S. Att’y SDNY, Re: J.P. Morgan Chase Bank, N.A. (Jan. 6, 2014), available at DPA Packet (Fully Executed Exhibits).pdf.
  2. Id.
  3. See Jessica Silver-Greenberg & Ben Protess, JPMorgan Chase Nears a $2 Billion Deal in a Case Tied to Madoff, N.Y. TIMES (Jan. 5, 2014), available at
  4. Press Release, U.S. Dep’t of Justice, Manhattan U.S. Attorney And FBI Assistant Director-In-Charge Announce Filing Of Criminal Charges Against And Deferred Prosecution Agreement With JPMorgan Chase Bank, N.A., In Connection With Bernard L. Madoff’s Multi-Billion Dollar Ponzi Scheme (Jan. 7, 2014), available at
  5. Press Release, U.S. Dep’t of Justice, Wachovia Enters Into Deferred Prosecution Agreement: Bank Agrees to pay $160 Million (Mar. 17, 2010), available at
  6. Press Release, US Dep’t of Justice, General Reinsurance Corporation Enters into Agreement Resolving Its Role in Fraudulent Reinsurance Transaction with AIG (Jan. 20, 2010), available at
  7. Press Release, U.S. Dep’t of Justice, Lloyds TSB Bank Plc Agrees to Forfeit $350 Million in Connection with Violations of the IEEP Act (Jan. 9, 2009), available at
  8. Press Release, US Dep’t of Justice, Metlife Enters Agreement to Resolve Investigation in Connection with Improper Payments Made to San Diego Insurance Broker (Apr. 15, 2010), available at
  9. Non-Prosecution Agreement, U.S. Securities and Exchange Comm., Re: Fannie Mae Non-Prosecution Agreement (Dec. 2011), available at
  10. Non-Prosecution Agreement, U.S. Securities and Exchange Comm., Re: Freddie Mac Non-Prosecution Agreement (Dec. 2011), available at
  11. Press Release, U.S. Dep’t of Justice, Former ABN Amro Bank N.V. Agrees to Forfeit $500 Million in Connection with Conspiracy To Defraud the United States and with Violation of the Bank Secrecy Act (May 10, 2010), available at
  12. Press Release, U.S. Dep’t of Justice, Barclays Bank PLC Agrees to Forfeit 298 Million in Connection with Violations of the International Emergency Economic Powers Act and the Trading with the Enemy Act (Aug. 18, 2010), available at
  13. Press Release, U.S. Dep’t of Justice, Credit Suisse Agrees to Forfeit $536 Million in Connection with Violations of the IEEP Act and NY State Law (Dec. 16, 2009), available at
  14. Press Release, U.S. Att’y SDNY, Deutsche Bank to Pay to Resolve Federal Tax Shelter Fraud Investigation (Dec. 21, 2010) available at
  15. Press Release, U.S. Dep’t of Justice, RBS Securities Japan Limited Agrees to Plead Guilty in Connection with Long-Running Manipulation of Libor Benchmark Interest Rates (Feb. 6, 2013), available at [hereinafter “RBS Press Release”].
  16. Press Release, US Dep’t of Justice, UBS Enters into Deferred Prosecution Agreement (Feb. 18, 2009) available at
  17. U.S. Gov’t Accountability Office, GAO-10-110, DOJ Has Taken Steps to Better Track Its Use of Deferred and Non-Prosecution Agreements, but Should Evaluate Effectiveness 16 (Dec. 2009), available at; Gibson Dunn, 2013 Year-End Update on Corporate Non-Prosecution Agreements (NPAs) and Deferred Prosecution Agreements (DPAs), Jan. 7, 2014, available at [hereinafter “Gibson Dunn Year-End 2013”].
  18. Gibson Dunn Year-End 2013, supra note 17.
  19. University of Virginia School of Law, Federal Organizational Prosecution Agreements, (last visited on Feb. 19, 2014).
  20. Id.
  21. James R. Copland, Regulation by Prosecution: The Problems with Treating Corporations as Criminals, Manhattan Inst. For Pol’y Res., Civ. Just. Rep. No. 13 (Dec. 2010), available at
  22. See id.
  23. Copland, The Shadow Regulatory State: The Rise of Deferred Prosecution Agreements, Manhattan Inst. For Pol’y Res., Civ. Just. Rep. No. 14, (May 2012), available at
  24. Copland and Paul Howard, Off-Label, Not Off-Limits: The FDA Needs To Create a Safe Harbor for Off-Label Drug Use, Manhattan Inst. For Pol’y Res., Issue Brief No. 15 (Jan. 2013) available at
  25. Paul Enzinna, The Foreign Corrupt Practices Act: Aggressive Enforcement and Lack of Judicial Review, Create Uncertain Terrain for Businesses, Manhattan Inst. For Pol’y Res., Issue Brief No. 17 (Jan. 2013) available at; Foreign Corrupt Practices Act, Pub. L. No. 95-213, 91 Stat. 1494 (codified as amended at 15 U.S.C. §§ 78-dd-1, (2010).
  26. See id.; see also Copland, supra note 23, at 4.
  27. See Gibson Dunn Year-End 2013, supra note 17, at 2, 3.
  28. See id. at 2, 3.
  29. See id. at 3.
  30. See id, at 3; False Claims Act, Pub. L. 99-562, 100 Stat. 3153 (codified as amended at 31 U.S.C. §§ 3729 3733 (2006).
  31. See Gibson Dunn Year-End 2013, supra note 17, at 4; Federal Food, Drug, and Cosmetic Act, Pub. L. No. 75-717, 52 Stat. 1040 (1938).
  32. See Gibson Dunn Year-End 2013, supra note 17, at 4.
  33. Three of the agreements entered into by the U.S. Attorney’s Office for the Southern District of Texas involved alleged immigration offenses.
  34. See Gibson Dunn Year-End 2013, supra note 17.
  35. See Copland, supra note 23, at 5.
  36. 15 U.S.C. § 78dd-1; This agreement marks only the second time that the DOJ and SEC entered into an alternative agreement with the same company over the same alleged conduct since its first instance in a 2011 FCPA case against Tenaris, see Gibson Dunn, 2013 Mid-Year Update on Corporate Non-Prosecution Agreements (NPAs) and Deferred Prosecution Agreements (DPAs), Jul. 9, 2013, available at [hereinafter “Gibson Dunn Mid-Year 2013”].
  37. Non-Prosecution Agreement, U.S. Dep’t of Justice, Re: Ralph Lauren Corporation (Apr. 22, 2013), available at Lauren DOJ Non-Prosecution Agreement.pdf [hereinafter “Ralph Lauren DOJ NPA”]; Non-Prosecution Agreement, U.S. Securities and Exchange Comm., Re: Ralph Lauren Corporation (Apr. 22, 2013), available at [hereinafter “Ralph Lauren SEC NPA”].
  38. 15 U.S.C. § 78dd-1.
  39. 15 U.S.C. § 78dd-1(b), 78dd-2(b), 78dd-3(b).
  40. See Enzinna, supra note 25.
  41. Ralph Lauren DOJ NPA, supra note 37; see also Ralph Lauren SEC NPA, supra note 37.
  42. Id.
  43. Id.
  44. Id.
  45. Ralph Lauren SEC NPA, supra note 37; Press Release, U.S. Securities and Exchange Comm., SEC Announces Non-Prosecution Agreement With Ralph Lauren Corporation Involving FCPA Misconduct (Apr. 22, 2013), available at (“The NPA is the first that the SEC has entered involving FCPA misconduct. NPAs are part of the SEC Enforcement Division's Cooperation Initiative, which rewards cooperation in SEC investigations.”) [hereinafter “Ralph Lauren SEC Press Release”).
  46. Ralph Lauren SEC NPA, supra note 37.
  47. Id.
  48. Ralph Lauren SEC Press Release, supra note 45.
  49. Id.
  50. Id.
  51. RLC’s shares closed down 1.9% on the day the NPAs were made public, Ralph Lauren Resolves FCPA Enforcement Action via Double NPAs Based on Subsidiary Conduct in Argentina, FCPA Professor (Apr. 23, 2013),
  52. See Id.; see also Philip Urofsky, The Ralph Lauren FCPA Case: Are There Any Limits to Parent Corporation Liability?, BLOOMBERG LAW, May 15, 2013,; see also Ralph Lauren Enforcement Action Commentary—Hits and Misses, FCPA Professor (Apr. 29, 2013),
  53. See Ralph Lauren DOJ NPA, supra note 37.
  54. See Ralph Lauren SEC NPA, supra note 37.
  55. See Ralph Lauren DOJ NPA, supra note 37 at §B4-B7.
  56. See id. at §B-4.
  57. See id. at §C.
  58. See Ralph Lauren DOJ NPA, supra note 37.
  59. See Ronald E. Berenbeim & Jeffrey M. Kaplan, Ethics and Compliance Enforcement Decisions — the Information Gap, in Executive Action Series, at 3 (The Conference Board, Ser. No. 310, June 2009).
  60. U.S. Dep't of Justice & U.S. Securities & Exchange Comm., A Resource Guide to the U.S. Foreign Corrupt Practices Act, (Nov. 14, 2012), available at [hereinafter “FCPA Guide”].
  61. See Covington & Burling LLP, The Ralph Lauren Case: Inadequate Rewards For Exemplary Corporate Cooperation, (Apr. 26, 2013), available at - The Ralph Lauren Case.pdf.
  62. See FCPA Guide, supra note 60, at 75.
  63. See FCPA Guide, supra note 60, at 77-79; see also Ralph Lauren SEC NPA, supra note 37.
  64. 15 U.S.C. § 78dd-1(a)(1)(B), (2)(B), 3(B).
  65. 15 U.S.C. § 78dd-1(b), 78dd-2(b), 78dd-3(b).
  66. See Enzinna, supra note 25.
  67. 359 F.3d 738 (5th Cir. 2004).
  68. See Enzinna, supra note 26, at 3-4.
  69. Even if the scheme described in RLC’s NPAs were sufficiently large so as to fall outside the FCPA’s “facilitating payments” exception, it is far from clear that the company itself could have been held liable for its subsidiary’s actions. Under traditional doctrine, parent companies can be prosecuted criminally only if “they order, authorize or assist someone else to violate the anti-bribery provisions, or if they conspire to violate those provisions,” Urofsky, supra note 52; DOJ Criminal Resource Manual, 1018 Prohibited Foreign Corrupt Practices, available at In its 2012 Resource Guide, however, the DOJ determined that a parent company could be held liable for its subsidiary’s criminal wrongdoing under traditional agency principles. FCPA Guide, supra note 60, at 27. Given that RLC’s internal investigation turned up only one FCPA violation among its many subsidiaries worldwide—without any evidence presented that it was aware, willfully ignorant or a participant in the criminal conduct—it would seem to be a strict respondeat superior standard for which RLC was held to account. Such agency principles are routinely applied in SEC civil enforcement actions, but whether the DOJ can correctly apply them in a corporate criminal context will be difficult to test, given the prevalence of DPA and NPA enforcement rather than actual criminal trials.
  70. Federal Food, Drug, and Cosmetic Act, Pub. L. No. 75-717, 52 Stat. 1040 (1938); Press Release, U.S. Dep’t of Justice, GlaxoSmithKline to Plead Guilty and Pay 3 Billion to Resolve Fraud Allegations and Failure to Report Safety Data (July, 2012), available at [hereinafter “GSK Press Release”].
  71. See GSK Press Release, supra note 70.
  72. Id.
  73. Id.
  74. See id; see also Federal Food, Drug, and Cosmetic Act, supra note 70.
  75. See Copland & Howard, supra note 24, at 2.
  76. Id.
  77. See GSK Press Release, supra note 70.
  78. Id. (“The plea agreement and CIA include novel provisions that require that GSK implement and/or maintain major changes to the way it does business.”).
  79. See Corporate Integrity Agreement, Office of Inspector General of the U.S. Dep’t of Health and Human Services, Re: GlaxoSmithKline LLC (July 2, 2012), available at [hereinafter “GSK CIA”].
  80. See Liam T. O’Connell and Steven D. Lickstein, Executive Compensation At Risk: Government Prosecutors Unveil New Enforcement Method in Recent GlaxoSmithKline Healthcare Fraud Settlement, Nutter McClennen & Fish LLP (Aug. 15, 2012),
  81. See id.; see also GSK CIA, supra note 79, at 32.
  82. See Sue Pelletier, Docs, Say Good-Bye to GSK Promotional Speaking Gigs (Dec. 18, 2013),
  83. See Katie Thomas, Glaxo Says It Will Stop Paying Doctors to Promote Drugs, NY TIMES (Dec. 16, 2013), available at
  84. See O’Connell & Lickstein, supra note 80; GSK CIA, supra note 79, at 32, Appendix E.
  85. See GSK CIA, supra note 79, at 32, Appendix E.
  86. See O’Connell & Lickstein, supra note 80; GSK CIA, supra note 79, at 32, Appendix E.
  87. See GSK CIA, supra note 79, at 32, Appendix E.
  88. See id.
  89. Copland & Howard, supra note 24, at 3.
  90. Id.
  91. Id. (citing Z. P. Qureshi et al., Enforcement Actions Involving Medicaid Fraud and Abuse, 1996–2009, Archives of Internal Medicine 171, no. 8, 785–87 (2011)).
  92. See O’Connell & Lickstein, supra note 80.
  93. See Katie Thomas and Michael S. Schmidt, Glaxo Agrees to Pay $3 Billion in Fraud Settlement, NY TIMES (July 2, 2012), available at
  94. Thomas Sullivan, DOJ Failed Case Against GSK Staff Lawyer Lauren Stevens: Lessons Learned, POLICY AND MEDICINE (Jan. 25, 2012),
  95. Id.
  96. See United States v. Caronia, 703 F.3d 149 (2d Cir. 2012).
  97. See Copland & Howard, supra note 24, at 4.
  98. See Gibson Dunn, 2012 Mid-Year Update on Corporate Deferred Prosecution Agreements (DPAs) and Non-Prosecution Agreements (NPAs), July 10, 2012, available at [hereinafter “Gibson Dunn Mid-Year 2012”].
  99. See Tom Braithwaite, DoJ holds ‘sword of Damocles’ over HSBC, FINANCIAL TIMES (Dec. 11, 2012), available at
  100. See RBS Press Release, supra note 15; Deferred Prosecution Agreement, U.S. Dep’t of Justice, Re: Royal Bank of Scotland PLC (Feb. 5, 2013), available at [hereinafter “RBS DPA”].
  101. The DOJ has entered into agreements with other financial institutions relating to LIBOR manipulation allegations such as Barclays, UBS, Rabobank and others along with ongoing investigations likely to result in additional alternative agreements. See Christopher Alessi and Mohammad Aly Sergie, Understanding the LIBOR Scandal, COUNCIL ON FOREIGN RELATIONS (Dec. 5, 2013),
  102. Sherman Antitrust Act, ch 647, 26 Stat. 209 (1890) (codified as amended at 15 U.S.C. §§ 1-7 (2005)).
  103. RBS DPA, supra note 100.
  104. Id.; 15 U.S.C. §§ 1-7.
  105. See RBS Press Release, supra note 15.
  106. RBS DPA, supra note 100, at SoF 2-3 (“Once each Contributor Panel Bank has submitted its rate, the contributed rates are ranked. The highest and lowest quartiles are excluded from the calculation, and the middle two quartiles are averaged to determine the LIBOR rate.”).
  107. See RBS Press Release, supra note 15; see also RBS DPA, supra note 100, at SoF 2.
  108. See RBS DPA, supra note 100, at SoF 7-9.
  109. Id.
  110. Id.
  111. See RBS Press Release, supra note 15.
  112. See RBS DPA, supra note 100, at SoF 7-9.
  113. See RBS DPA, supra note 100, at SoF 40.
  114. Id. at 40 & 48.
  115. Id. at 41.
  116. See Id. at 46.
  117. See Id. at 47.
  118. Id. at 13-15.
  119. Id. at 17.
  120. Press Release, U.S. Dep’t of Justice, HSBC Plc. and HSBC Bank USA N.A. Admit to Anti Money Laundering and Sanctions Violations, Forfeit $1.256 Billion in Deferred Prosecution Agreement (Dec. 11, 2012), available at [hereinafter “HSBC Press Release”]; Deferred Prosecution Agreement, U.S. Dep’t of Justice, Re: HSBC Bank USA, N.A. and HSBC Holdings, PLC (Dec. 11, 2012), available at [hereinafter “HSBC DPA”].
  121. Bank Secrecy Act of 1970, Pub. L. 91-508, 84 Stat. 1114 (codified as amended at 12 U.S.C. §§ 1829b, 1951-1959 and 31 U.S.C. §§ 5311-5332 (2006)).
  122. HSBC Press Release, supra note 120.
  123. International Emergency Economic Powers Act of 1977, Pub. L. No. 95-223, 91 Stat. 1626 (1977) (codified as amended at 50 U.S.C. §§ 1701-07 (2005)).
  124. Trading with the Enemy Act, Pub. L. No. 65-91, 40 Stat 411 (1917) (codified at 50 USC App §§1 44 (2006)); HSBC Press Release, supra note 120.
  125. HSBC Press Release, supra note 120.
  126. See HSBC DPA, supra note 120, at 4-9; see also Gibson Dunn Mid-Year 2013, supra note 36.
  127. HSBC Press Release, supra note 120.
  128. Id.
  129. HSBC DPA, supra note 120, at 5-9.
  130. Id.
  131. See Id. at 4-7; see also HSBC DPA Press Release, supra note 120.
  132. see HSBC DPA, supra note 120, at 15-17 & Attachment B.
  133. Id.
  134. Id. at B-11; Justin O’Brien, Who Really Controls HSBC Post-Deferred Prosecution, UNIV. OF NEW SOUTH WALES,
  135. see HSBC DPA, supra note 120, at 18-24.
  136. see Enzinna, supra note 25, at 2-3.
  137. see Olivia Dixon, The long tail of the LIBOR scandal: RBS settlement opens the gate to civil penalties, UNIVERSITY OF SYDNEY (Feb. 8, 2013), (“RBS has confirmed that the financial impact of the settlement will be cushioned through recouping £300 million from a reduction in pay and bonuses of approximately 1,500 senior staff in its global markets division. Third, the fine fell short of expectations.”).
  138. see RBS DPA, supra note 100, at 38.
  139. Id.
  140. U.K. Crime and Courts Act, 2013, c. 44, § 45, sch. 17, Part 3, Para. 39 (1).
  141. see HSBC DPA, supra note 120, at 6-9.
  142. see Patrick Jenkins, HSBC mindful of sharp edges on its ‘sword of Damocles,’ FIN. TIMES (Sept. 16, 2013), available at
  143. Id.
  144. See Id.
  145. DPAs are often approved by judges on the day the DPA is agreed to, see Douglas Gillison, HSBC Judge, Reluctant to Bless Settlement, Explores Court’s Role, MAIN JUSTICE (Mar. 29, 2013), available at
  146. United States v. HSBC Bank USA, N.A., No. 12-CR-763 slip op. at 2 (EDNY July 1, 2013), available at [hereinafter "HSBC opinion."].
  147. Speedy Trial Act of 1974, Pub. L. No. 93-619, 88 Stat. 2076 (codified as amended at 18 U.S.C. § 3161 (2006)).
  148. Id; see HSBC opinion, No. 12-CR-763 slip op. at 4-6.
  149. HSBC opinion, No. 12-CR-763 slip op. at 6-8.
  150. Id. at 9-10.
  151. Id. at 11.
  152. Id. at 11-12.
  153. Id. at 12-13.
  154. Id. at 11.
  155. See Copland, supra note 21.
  156. See Sara Sun Beale & and Adam G. Safwat, What Developments in Western Europe Tell Us about American Critiques of Corporate Criminal Liability, 8 BUFF. CRIM. L. REV. 89, 105 (2004).
  157. U.K. Crime and Courts Act, 2013, c. 44.
  158. U.K. Crime and Courts Act, 2013, c. 44, § 45, sch. 17; see UK Legislation Permitting Deferred Prosecution Agreements Is Approved, Steptoe & Johnson LLP (Apr. 29, 2013), [hereinafter “Steptoe Newsletter”].
  159. see Peter Luscombe and Carter Backer Winter, Deferred prosecution agreements are on the way, Financial Director (Oct. 30, 2013), available at
  160. See Sentencing Guidelines Council, Reduction in Sentence for a Guilty Plea: Definitive Guideline (2007), available at [hereinafter “U.K. Sentencing Guidelines”]; see also Serious Fraud Office & Director of Public Prosecutions, Crime and Courts Act 2013: Deferred Prosecution Agreement Code of Practice (2013), available at [hereinafter “U.K. DPA Code”]; see also Criminal Procedure Rule Committee, Deferred Prosecution Agreements (2013), available at
  161. See The Crown Prosecution Service, Corporate Prosecutions, (last visited on Feb. 23, 2014); see also Gibson Dunn Mid-Year 2013, supra note 36; see also Samuel Rubenfield, U.K to Release Guidance on Deferred-Prosecution Agreements, WALL ST. J. (June 26, 2013), available at
  162. See The Crown Prosecution Service, supra note 161; see also Gibson Dunn Mid-Year 2013, supra note 36. An exception to the U.K.’s identification principle is its rules involving bribery, which were recently modified in 2010, see Steptoe Newsletter, supra note 158(citing Section 7 (1) Bribery Act 2010 Failure of commercial organization to prevent bribery. “A relevant commercial organization (“C”) is guilty of an offence …if a person (“A”) associated with C bribes another person intending to obtain or retain business for C…But it is a defence for C to prove that C had in place adequate procedures…”).
  163. U.K. Crime and Courts Act, 2013, sch.17, pt. 1, para. 1-2, & 5.
  164. U.K Crime and Courts Act, 2013, sch.17, pt. 1, para. 4 (1).
  165. See Steptoe Newsletter, supra note 158.
  166. U.K. Crime and Courts Act, 2013, sch.17, pt. 1, para. 3 (1).
  167. U.K. DPA Code, supra note 160.
  168. Id.
  169. Id.
  170. See Gibson Dunn Mid-Year 2013, supra note 36.
  171. Id; The senior first instance criminal courts in England and Wales.
  172. UK Crime and Courts Act, 2013, sch.17, pt. 1, para. 7 (1); U.K. DPA Code, supra note 160 (“What terms are fair, reasonable, and proportionate will be determined on a case by case basis.).
  173. See Steptoe Newsletter, supra note 158.
  174. U.K. Crime and Courts Act, 2013, sch.17, pt. 1, para. 7 (2).
  175. U.K. Crime and Courts Act, 2013, sch.17, pt. 1, para. 8.
  176. U.K. Crime and Courts Act, 2013, sch.17, pt. 1, para. 8 (5).
  177. U.K. Crime and Courts Act, 2013, sch.17, pt. 1, para. 8 (1).
  178. U.K. Crime and Courts Act, 2013, sch.17, pt. 1, para. 8 (3) & 8 (6).
  179. U.K. Crime and Courts Act, 2013, sch.17, pt. 1, para. 8 (7).
  180. U.K. Crime and Courts Act, 2013, sch.17, pt. 1, para. 9 & 10.
  181. U.K. Crime and Courts Act, 2013, sch.17, pt. 1, para. 11.
  182. U.K. Crime and Courts Act, 2013, sch.17, pt. 1, para. 5 (4); U.K. DPA Code, supra note 160, at 15.
  183. U.K. Sentencing Guidelines, supra note 160, at 17 & 68.
  184. U.K. DPA Code, supra note 160, at 15; Gibson Dunn Mid-Year 2013, supra note 36.
  185. U.K. DPA Code, supra note 160, at 12-13.
  186. Id.
  187. See Gibson Dunn Mid-Year 2013, supra note 36; see also Copland, supra note 23, at 2 & 13.
  188. See Copland, supra note 23, at 9-13.
  189. See Jonathan Pickworth et. al., Deferred prosecution agreements: a powerful new tool for UK prosecutors? Dechert LLP (May 3, 2013),
  190. See “A Pending Federal Criminal Case Is Not Window Dressing; Nor Is the Court…A Potted Plant”, FCPA Professor (July 23, 2013),; see also Mark A. Miller and Andrew George, What does the HSBC ruling mean for DPAs? Baker Botts LLP (Nov. 11, 2013),
  191. See Kara Scannell, Top judge criticizes DoJ for not holding individuals accountable, FIN. TIMES (Nov. 12, 2013), available at

The Manhattan Institute, a 501(c)(3), is a think tank whose mission is to develop and disseminate new ideas
that foster greater economic choice and individual responsibility.

Copyright © 2015 Manhattan Institute for Policy Research, Inc. All rights reserved.

52 Vanderbilt Avenue, New York, N.Y. 10017
phone (212) 599-7000 / fax (212) 599-3494