White collar defense practitioners have long called for a specific safe harbor for companies in the mergers and acquisition context where they meet the criteria set out by the DOJ. This clarion call was answered in the summer, 2018 when in July 2018, the DOJ announced a revision to the FCPA Corporation Enforcement Policy, specifically around mergers and acquisitions. The new language read:

M&A Due Diligence and Remediation: The Department recognizes the potential benefits of corporate mergers and acquisitions, particularly when the acquiring entity has a robust compliance program in place and implements that program as quickly as practicable at the merged or acquired entity. Accordingly, where a company undertakes a merger or acquisition, uncovers misconduct through thorough and timely due diligence or, in appropriate instances, through post-acquisition audits or compliance integration efforts, and voluntarily self-discloses the misconduct and otherwise takes action consistent with this Policy (including, among other requirements, the timely implementation of an effective compliance program at the merged or acquired entity), there will be a presumption of a declination in accordance with and subject to the other requirements of this Policy.

In announcing the change, then Deputy Assistant Attorney General Matthew Miner, that while the 2012 FCPA Resource Guide did provide some guidance on what may constitute a safe harbor; that word ‘may’ was a “sticking point for corporate management when deciding whether and how to proceed with a potential merger or acquisition. There is a big difference between a theoretical outcome and one that is concrete and presumptively available.”

Three Key Takeaways

  1. The FCPA Corporate Enforcement Policy was amended in 2018 to provide a safe harbor in the M&A context.
  2. Pre and post-acquisition compliance work must be equally robust.
  3. If you find misconduct, report and remediate.