Introduction

Looking Beyond a "Paused" FCPA Enforcement Landscape

President Trump directed Attorney General Pam Bondi to "pause" Foreign Corrupt Practices Act (FCPA) enforcement, barring unique circumstances, in his February 10, 2025 executive order (E.O.). This E.O. and related policy shifts by the U.S. Department of Justice (DOJ) represent the most significant changes to FCPA enforcement since the advent of the modern FCPA enforcement period in the mid-1990s. While the E.O. and other policy memoranda have generated sometimes-bombastic headlines, many questions remain as to the practical effects of these changes for companies, especially amidst an international anti-corruption landscape that has evolved substantially beyond a sole focus on FCPA enforcement. However, the FCPA is still in effect and there continue to be compelling reasons for companies to take appropriate steps to manage ongoing risks for corruption and related fraud and self-dealing, including the business benefits of strong compliance, the prospect of non-U.S. authorities moving to increase their enforcement activity, and a statute of limitations period for FCPA violations that will run well past the current administration. 

We recently discussed the E.O. and other policy changes, and our initial take on how companies should react, in this alert. There are many questions raised by the Trump administration's actions that, for now, remain open. As noted, the FCPA and other laws used to combat corruption (such as anti-money laundering (AML) laws or wire fraud) remain in effect. The E.O. does not create any new legal defenses or exceptions for companies or individuals, and new investigations can still be approved by the attorney general (albeit only in exceptional circumstances for the 180 days following the E.O.). Companies should assess the administration's recent actions in the context of a complex international business and enforcement environment. The exact contours of the pause are still in flux, as shown by the DOJ recently providing mixed messages to the court about whether it would like to proceed in the trial of former Cognizant executives currently scheduled to start this month. 

The FCPA pause is part of a DOJ shift in priorities toward an increased focus on cartels or transnational criminal organizations (TCOs). Even prior to the Trump administration, companies have faced increasing enforcement and civil litigation risks for operations in markets with security concerns, and these risks have significantly increased. We discuss how DOJ's changes in enforcement priorities create increased compliance risks for corporations that might face interactions with cartels or TCOs in this recent alert. 

The path ahead is unclear, but we recap FCPA developments from 2024, including specific enforcement actions during the fourth quarter of 2024, because they offer compliance lessons that remain relevant for companies' understanding of corruption and related risks both during and after the DOJ's "pause."    

New Personnel at the DOJ and SEC

As with every change in presidential administration, new officials have taken the reins at the DOJ and the Securities and Exchange Commission (SEC). On the DOJ side, Pam Bondi, the former attorney general of Florida who has also represented President Trump in past actions, was nominated as U.S. Attorney General and received Senate consent on February 4, 2025. 

The president nominated Todd Blanche as Deputy Attorney General – a key role in managing the DOJ and its cases on a day-to-day level and often the senior policymaker as to DOJ criminal policies – and Emil Bove as Principal Associate Deputy Attorney General. Bove has been the acting Deputy and a key player in the DOJ's push to re-focus enforcement efforts. Both men have experience as former federal prosecutors in the powerful and influential Southern District of New York. After spending time in private practice as white-collar defense lawyers, Blanche and Bove formed a litigation boutique law firm, and most notably, the two lawyers served as defense counsel for President Trump in three high-profile criminal cases brought against him after the 2020 election. Blanche had his Senate confirmation hearing on February 12 and was confirmed by the full Senate on March 5, 2025. 

As of the date of publication, new leaders for the DOJ's Criminal Division and the Fraud Section have not been announced. Glenn Leon remains for the time being as the chief of the Fraud Section. However, the Fraud Section, like other DOJ components, has seen a substantial number of departures over the past year, including by experienced litigators and policy personnel; it is unclear how much of that capacity will be replaced and whether further personnel reductions will occur – for example, through transfers of line prosecutors in the Fraud Section to other areas that are being prioritized by the new administration, such as immigration enforcement and a focus on violent crime. 

One other potentially fundamental change in DOJ enforcement is evidence that the White House and senior DOJ leadership will actively intervene in individual cases, sometimes citing political goals or dynamics. The recent instructions by Acting Deputy Attorney General Bove to the U.S. Attorney's Office for the Southern District of New York regarding the disposition of the case against New York Mayor Eric Adams – which in part focuses on allegations that the mayor received lavish entertainment and travel from the Turkish government in a covert scheme to provide the Turkish government with preferential treatment – provides an example of this potential trend and the issues raised by such intervention. 

On the SEC side, Commissioner Jaime Lizárraga left the Commission on January 17, 2025, and SEC Chair Gary Gensler departed on January 20. The departures have left three Commissioners in place – two Republicans (Commissioners Mark Uyeda and Hester M. Peirce) and one Democrat – Commissioner Caroline Crenshaw, though Crenshaw was not renominated for another term and will be replaced. President Trump appointed Commissioner Uyeda as the agency's temporary Chair on January 21. Commissioner Uyeda's interim appointment will last until a permanent chair is approved via the Senate confirmation process. Acting Chair Uyeda has appointed several interim senior staff, including Samuel Waldon as acting Director of the Division of Enforcement; Waldron had been the division's chief counsel. 

Former Commissioner Paul Atkins, who served from 2002 to 2008, has been nominated to become the permanent Chair of the Commission. As of the date of publication, Senate hearings on Atkins' nomination have not been scheduled, but it is likely that he will be approved. Due to agency rules, another Republican commissioner will be needed to muster the three votes necessary for the SEC to adopt or roll back major rules, although such an addition will likely occur soon. That said, Commissioner Uyeda, with support from Commissioner Peirce, will have the power to modify various SEC policies, including enforcement policies. 

In the short term and as a predictor of likely positions that will be taken by a Republican-dominated SEC over the next few years, it is notable that all of the Republicans, including Atkins, will focus significantly on issues outside of the FCPA itself, including with regard to the treatment of crypto assets; rolling back reporting and other requirements related to so-called "DEI" and other non-financial issues, such as environmental impact reporting; lowering corporate fines due to perceived negative impacts on non-culpable shareholders; and ending what Commissioner Uyeda recently criticized as "regulation by enforcement."  

The last two goals could affect aspects of the SEC's FCPA-related activities. Acting and likely future SEC leadership have criticized the sometimes aggressive definitions of the breadth of the FCPA's accounting provisions taken under the Biden administration; the two current Republican Commissioners have called for a rollback of the "Swiss Army Knife" use of the internal accounting controls provision in various settings. At the same time, Commissioner Peirce recently has supported "[r]estoring the internal accounting controls and disclosure controls and procedures requirements to their important, but limited intended purposes" --  some of which support FCPA-related goals. 

Recent media reports have suggested that the Commission has directed SEC Enforcement Division staff that they must obtain Commission approval for all formal orders of investigation. This reported directive changes recent practice, restoring the model that existed before 2009 and restricting the use of administrative subpoenas. While the SEC has not to date commented publicly on this reported change, the same media sources have suggested that Enforcement Division personnel can still conduct informal investigation inquiries – such as voluntary requests for information – without Commission approval. Most SEC FCPA investigations begin with such informal inquiries, which themselves can involve significant time and resources.

Finally, Commissioners Uyeda and Peirce have also issued recent critiques regarding the operation of the SEC's whistleblower program under Dodd-Frank. In a September 19, 2024 statement related to the SEC's announcement of several awards, the Commissioners said, "[w]e did not support these determinations, but we are unable to explain our reasons because the public final orders determining the awards redact certain information necessary to the explanation." They noted that "[a]s an inadvertent result of these redactions, the legal reasoning in the [relevant] final orders… is immunized from effective public scrutiny." They then discuss their view that the SEC has been "overbroad" in its redaction of whistleblower-related information under the applicable standard – that is, information "which could reasonably be expected to reveal the identity of a whistleblower." Limiting public scrutiny of awards, in their expressed view, undermines the critically important need for "allowing appropriate outside scrutiny" of awards, given that "[m]ost direct participants in the program share a common incentive—to maximize awards." Given this, it is possible that the Commissioners might proceed in the future with revising the award redaction process to allow for more details to be made public.

Looking Back at 2024

2024 continued a DOJ trend that focused as much on new and updated policies as on enforcement matters in the FCPA space, though both the DOJ and SEC matched their 2023 totals in terms of the number of announced corporate enforcement actions. As to cases against individuals, the DOJ exceeded its 2023 results and the SEC charged individuals with FCPA violations for the first time since 2020. However, despite these increases (including a flurry of corporate resolutions in Q4 2024, discussed in detail below) the Trump administration's FCPA enforcement "pause" means there will be a sharp decrease in case numbers for 2025. And the various DOJ policy initiatives are currently under review and may change significantly. Even the signature legislative development of 2024 – passage and amendment of the Foreign Extortion Prevention Act (FEPA) with bipartisan support – has been affected by the DOJ's recent turn targeting cartels and TCOs, and it remains unclear how FEPA and related cases that focus on the "demand" side of bribery will affect corporate interests.

Corporate Enforcement Actions – 2024

As noted, the DOJ and SEC both had levels of enforcement activity involving corporations that was on par with recent years, but well below activity levels from earlier eras. As shown below, the DOJ had eight corporate enforcement actions, while the SEC had six, for a total of 14 resolutions covering 11 companies, which is equal to the 2023 combined total. 

Those totals in the chart combine corporate and individual enforcement. As was the case in 2023, most of the dispositions involved only one of the two enforcers; four cases involved parallel resolutions. There are various reasons for single agency resolutions, including differences in jurisdiction or burden of proof, policy reasons, and the nature of the underlying facts.

Company Name	Agencies	Date	Countries	Total Resolution Amount
SAP SE	DOJ and SEC	1/10/2024	South Africa and Indonesia	More than $220 million (actual amount paid: more than $112 million)
Gunvor Group Ltd	DOJ only	3/1/2024	Ecuador	More than $661 million (actual amount paid: more than $474 million)
Trafigura Group Pte. Ltd.	DOJ only	3/28/2024	Brazil	More than $127 million (actual amount paid: more than $100 million)
Deere & Company	SEC	9/10/2024	Thailand	$9.9 million
Moog, Inc.	SEC	10/11/2024	India	$1.7 million
RTX Corporation/ Raytheon Company	DOJ and SEC	10/16/2024	Qatar	More than $383 million (including related ITAR Part 130 fine)
Telefonica Venezolana, C.A.	DOJ	11/08/2024	Venezuela	More than $85.2 million
BIT Mining Ltd.	DOJ and SEC	11/18/2024	Japan	$10 million
McKinsey and Company Africa (PTY) Ltd.	DOJ	12/05/2024	South Africa	$122.9 million
AAR Corp.	DOJ and SEC	12/19/2024	Nepal and South Africa	More than $55 million

The DOJ also issued a declination with disgorgement (totaling $14.4 million) to Boston Consulting Group in August 2024 in line with the DOJ's Corporate Enforcement and Voluntary Disclosure Policy (CEP). 

One 2024 trend worth noting was an increase in the average size of enforcement actions, compared to the significant downward shift in value in 2023. In 2023, the largest resolution, Albemarle's non-prosecution agreement (NPA) (on which Miller & Chevalier advised the company as co-counsel), was just north of $200 million and the average penalty level was just $42.3 million. By contrast, in 2024, we saw one resolution that cracked the Top 10 FCPA-related penalty list (Gunvor), as seen in these charts:

The Gunvor resolution also made the list of Top 10 largest internationally coordinated resolutions that involved the FCPA:

2024 also featured two other dispositions with penalty and disgorgement levels above $200 million and an additional two with those amounts exceeding $100 million. Indeed, seven of the resolutions in 2024 were larger than the 2023 average. The resulting 2024 average penalty level of $154.1 million is thus one of the highest levels in recent years, as seen in the chart below:

Looking at where illicit payments and related issues occurred as set out in the 2024 resolutions, for the first time in years activity in China was not cited (BIT Mining – previously 500.com – was headquartered in China, but the alleged illicit payments occurred in Japan). The country most cited in 2024 cases was South Africa, which featured in three matters (SAP, McKinsey Africa, and AAR); only one case (Gartner) centered on activities there in 2023. This result was likely based on specific facts in each case, though cooperation with South African enforcement authorities was noted in several public speeches by DOJ personnel in 2024 as part of the DOJ's International Corporate Anti-Bribery Initiative (ICAB), which was formally announced in November 2023. That said, China remains the country most cited in FCPA cases over the years, and it remains possible that the country could receive a renewed focus under this administration (notably, President Trump's first administration pursued a "China Initiative" that included an FCPA focus). Brazil, historically the second largest market involved in enforcement actions, accounted for only one FCPA action in 2024, which perhaps correlates to the changing enforcement environment within Brazil. There were new enforcement actions involving other markets with high levels of enforcement actions, as seen above and in the chart below:

One FCPA monitorship was imposed in 2024 – related to the RTX/Raytheon case. Even without the general FCPA enforcement "pause," given the first Trump administration's policy that scaled back monitorships, it is likely that the RTX/Raytheon monitorship will be the last one for several years. The DOJ has continued to require self-reporting as a usual term for corporate resolutions – though that may change with potential upcoming amendments to the DOJ's CEP and under the FCPA E.O.'s directive that "the Attorney General shall determine whether additional actions, including remedial measures with respect to inappropriate past FCPA investigations and enforcement actions, are warranted and shall take any such appropriate actions... " Relatedly, in 2024 the DOJ continued to include an attachment to various resolutions that requires chief executive officers (CEOs) and chief compliance officers (CCOs) to certify as to the implementation of a resolving company's compliance program at the conclusion of a deferred prosecution agreement (DPA) or similar agreement; again, those requirements might change or fall away under revised future DOJ policies.

Looking forward, one key question for both agencies that remains unclear is what happens when companies or whistleblowers disclose potential FCPA-related wrongdoing. Rules that push public companies toward public disclosures of such issues in securities filings have not changed (and, as we discussed in our alert on the FCPA "pause," relevant medium- and long-term risks remain for companies). There will thus continue to be public knowledge of such issues within companies – knowledge likely to be increased by already announced heightened scrutiny of corporate activities by the media and non-U.S. enforcement authorities. We will continue to track investigations from public disclosures and other open-source media, as well as agency responses, to assess this effect.

Enforcement Actions Against Individuals 

As shown in our first chart above, after a 2023 in which neither the SEC nor the DOJ resolved an enforcement action against an individual, the agencies resolved several cases against individual defendants, including through securing guilty verdicts at trial. The DOJ's numbers related both to resolved actions and individuals charged exceeded the department's annual totals for the rest of the 2020s, while the SEC's numbers, which remained low, saw a slight rebound. All said, as with corporate enforcement, the "pause" in FCPA enforcement will substantially reduce the overall case numbers and potentially cause ongoing cases to be dropped or resolved quickly.

The DOJ concluded eight cases against individuals, including convictions following trials of former Vitol commodities trader Javier Aguilar (who also pleaded guilty to additional charges later in the year) and former Freepoint Commodities executive Glenn Oztemel. The DOJ obtained guilty pleas on various FCPA-related charges from former executives of Stericycle, Maxwell Technologies, Freepoint (Gary Oztemel), AAR, and McKinsey Africa. 

The DOJ also continued to resolve criminal actions against former foreign officials who received bribes or intermediaries involved in payment schemes, mostly using money laundering and conspiracy charges. Notable cases included convictions at trial of Carlos Ramón Polit Faggioni (Polit), the former Comptroller General of Ecuador, and Manuel Chang, the former Finance Minister of Mozambique. The DOJ also entered plea agreements with, for example, a former major in the Venezuelan National Guard, an Argentinian banker, and the Florida-based ex-banker son of Polit. The DOJ also ended its long-running case against Swiss-Portuguese banker Paulo Jorge Da Costa Casqueiro Murta with a plea agreement and a sentence of time served. 

Finally, the DOJ announced several high-profile indictments related to FCPA and related allegations, though the fate of these cases in light of the new Trump administration policies is unclear. Such indictments covered, for example, a former Nigerian state oil company manager, three businessmen associated with voting machine company Smartmatic and a Philippines official, the Chinese former CEO of BIT Mining (formerly 500.cm), and current and former executives and directors of power companies Adani Green Energy and Azure Power Global.  

The SEC finally took direct action based on FCPA charges against individuals for the first time since 2020. The agency charged a former Azure Power director with violating the FCPA anti-bribery provisions in November 2024 and entered an FCPA-based cease-and-desist order (with a monetary penalty) against a former manager at AAR in December 2024. 

Key International Developments

Various countries continued to enforce their own anti-bribery laws, sometimes in conjunction with U.S. authorities and sometimes on their own. The agencies announced dispositions in 2024 involving parallel corporate settlements with or cooperation involving authorities in South Africa (SAP, McKinsey Africa); Switzerland (Gunvor, Trafigura); and Japan (500.com/BIT Mining). SAP also entered a separate agreement with Brazilian authorities for non-related conduct at the end of the year. The U.K., France, Brazil, and Switzerland continued to announce corporate and individual case results throughout the year. And Australia updated its anti-corruption law and issued related corporate compliance guidelines for companies subject to the law's scope that brought the country in line with similar laws and guidance elsewhere.

Looking forward again to 2025, it is possible that non-U.S. authorities may step up enforcement efforts in light of the "pause" in FCPA enforcement. The U.K., for example, will begin enforcement of the Economic Crime and Corporate Transparency Act (ECCTA) in September 2025, giving its authorities another tool in addition to the U.K. Bribery Act to pursue corporate fraud and corruption. The U.K. Serious Fraud Office's (SFO's) current Strategy for 2024-2029 establishes the goal of the SFO being a "proactive, authoritative player in the global and domestic justice system" with the specific goals of "[b]olster[ing] global defences against serious fraud, bribery and corruption" and "[f]ortify[ing] international anti-bribery efforts by building our role within the OECD working group on bribery." As we have discussed, the French Parquet National Financier (PNF) and Swiss authorities have also been active in 2024. That said, none of these agencies have had the same resources and experience (as well as political leverage in international efforts) as the DOJ in the past, so many questions remain as to the potential impact of increased non-U.S. enforcement on multinational companies. 

Review of Q4 2024 Developments

The last quarter of 2024 marked a relative high point in announced FCPA dispositions, with the DOJ and SEC completing nine corporate resolutions involving six companies – a number not seen in a single quarter since the third quarter of 2018, in which there were nine resolutions involving seven companies. With this Q4 boost, the DOJ and SEC ended the year with a total of 14 corporate resolutions involving 11 companies, which matched their 2023 total. 

The fourth quarter also saw continued action related to individuals, including the first formal FCPA charges issued by the SEC against individuals since 2020. Continuing a trend over the past few years, the agencies' charges and convictions targeted both givers and takers of corrupt payments, including foreign officials and their relatives accused of receiving bribes. Most notably, the son of the ex-Comptroller General of Ecuador pled guilty to conspiracy to commit money laundering for actions in support of his father's laundering of bribes; the father, Carlos Ramón Polit Faggioni, was himself sentenced on October 1, 2024 to a decade in prison for taking bribes from Odebrecht and others, following his conviction in April 2024. In December, the DOJ unsealed a guilty plea by a former senior partner at global consultancy McKinsey when announcing a DPA with the consultancy's South African affiliate. In November, the DOJ and SEC charged three senior executives at Indian-based power companies Adani Green and Azure Power with various violations, including one SEC charge accusing a former director of violating the FCPA anti-bribery provisions. Only weeks later, the SEC entered a cease-and-desist order (with a monetary penalty) against a former manager at aviation services company AAR for that individual's violations of the FCPA's anti-bribery and accounting provisions. 

In the U.S. courts, the most notable set of cases have been the litigation surrounding the implementation of the Corporate Transparency Act (CTA), which has faced challenges from multiple plaintiffs related to the law's original deadline for compliance – January 1, 2025. The recent back and forth in the courts has been largely mooted (at least temporarily) by a March 2, 2025 announcement by the Department of Treasury stating that "not only will [the Department] not enforce any penalties or fines associated with the beneficial ownership information reporting rule under the existing [CTA] regulatory deadlines, but it will further not enforce any penalties or fines against U.S. citizens or domestic reporting companies or their beneficial owners after the forthcoming rule changes take effect either." The press release also stated that Treasury "will further be issuing a proposed rulemaking that will narrow the scope of the rule to foreign reporting companies only."  

Finally, there were several notable developments on the international front in Q4 2024, including new guidance from U.K. Home Office on the offense of failure to prevent fraud under the 2023 Economic Crime and Corporate Transparency Act (which we discussed in a separate alert), various new cases in Brazil, and several developments in the European Union (EU) related to the application and scope of attorney-client privilege. 

DOJ and SEC Public Remarks and Updates

Officials from the DOJ and SEC continued to discuss policy matters in public speeches at various events in the last quarter of 2024. However, these speeches and remarks occurred prior to or just after the presidential election, and – as discussed in the 2025 Outlook section above – the enforcement policies discussed in those speeches are now under review at both agencies during the administration's "pause" in FCPA enforcement and likely will be superseded by (per the FCPA E.O.) "updated guidelines or policies, as appropriate, to adequately promote the President's Article II authority to conduct foreign affairs and prioritize American interests, American economic competitiveness with respect to other nations, and the efficient use of Federal law enforcement resources." 

The DOJ's new Corporate Whistleblower Awards Pilot Program, announced on August 1, 2024, and discussed in detail in this separate alert, continued to be a focus of public speeches by DOJ officials. For example, in a speech at the American Bar Association's London White Collar Crime Institute on October 15, 2024, as reported in Global Investigations Review (GIR), Principal Deputy Assistant Attorney General (PDAAG) Nicole M. Argentieri noted that more than 180 reports had been received to date and that the Criminal Division was "exploring these tips and they may inform a decision to expand" the pilot program in the coming months. In a keynote speech on December 5, 2024, delivered at the American Conference Institute's International FCPA Conference, Department Chief Counselor Brent Wible stated that the report count had increased to over 250, "[a]bout 60 of [which] are under close review by our expert team." Wible further noted that the DOJ had "seen reports about potential FCPA violations in non-issuer cases, a gap in other agencies' whistleblower programs that [the pilot program] filled" and that "[w]e are also seeing tips related to corruption in matters where we are already open, and these tips are adding to the information we have from other sources."  

The following day, on December 6, 2024, Principal Associate Deputy Attorney General Marshall Miller delivered the keynote speech at the Practicing Law Institute's White Collar Crime 2024 Program, in which he also discussed the importance of the DOJ's expansion of whistleblower programs, stating that these "have [had] a… track record of success, across decades and under administrations of both parties." Likely messaging the incoming administration, Miller noted that "Jay Clayton, who served as SEC Chair during the first Trump Administration and has been identified as a nominee for U.S. Attorney in the Southern District of New York in the next one, [has publicly stated that] the SEC's successful whistleblower program 'stopped frauds and prevented losses for countless investors.'" Miller also stated that "[Republican] Senator Charles Grassley… and Democratic Senator Elizabeth Warren don't agree on much — but they do agree that 'whistleblower incentive programs are powerful tools to prevent, detect, and prosecute criminal misconduct, wrongdoing, and fraud.'" Despite these statements (and perhaps in line with current SEC Commissioner critiques of certain aspects of the SEC program, as discussed above), it remains to be seen at this point whether the pilot program will continue in its current form under the new DOJ management. 

Both the Wible and Miller speeches had a valedictory tone – discussing the prosecutorial and policy steps that the DOJ has taken in the past few years with regard to FCPA, fraud and corporate criminal matters generally, and recapping again such developments as the updated CEP, the various revisions to the Evaluation of Corporate Compliance Program (ECCP) Guidelines, and work related to expanding international cooperation, including through the DOJ's ICAB initiative, which focused on building ties with other countries' enforcement authorities that have not been traditional partners to the DOJ and SEC's anti-corruption investigations. 

The same themes are echoed in a blog post by now-former PDAAG Argentieri dated November 22, 2024, titled "Transparency in Criminal Division Enforcement," which discussed the Criminal Division's recent policymaking. While covering several initiatives, the post also noted several changes to existing policies during Q4, including a modification of the Compensation Incentives and Clawbacks Pilot Program (introduced in March 2023 and about which the DOJ issued a status report at the same time as the blog post in November 2024) to "award fine reductions not only to companies that recoup compensation from qualifying employees, but also to those that withhold the money from ever being paid'; removal of "significant profit" as an aggravating circumstance under the CEP; and an addition to the CEP stating that "where a company's self-disclosure does not meet the definition of 'voluntary self-disclosure' as articulated in the CEP, but the company has demonstrated that it acted in good faith to self-report the misconduct — and that it fully cooperated and timely and appropriately remediated — prosecutors will [favorably] consider the company's self-disclosure in determining the appropriate resolution." The blog post also noted that the CEP "now makes clear that, to qualify as a voluntary self-disclosure, [a] company must disclose… information about which the department was not already aware" and that "[a]lthough we will consider a company's good faith disclosure of information that — unbeknownst to them — we already knew about under the CEP amendment we're announcing today, a declination with disgorgement will not be available."  

The last of the changes in the blog post is the least likely to survive a more company-friendly DOJ going forward; however, it bears repeating that none of these policies may continue after the fundamental assessments of FCPA enforcement policy under the new administration discussed in the 2025 Outlook section above – a point emphasized on the DOJ's own website, which added a banner to the top of the Argentieri blog post and the various speeches noted above that states, "[t]his is archived content from the U.S. Department of Justice website. The information here may be outdated and links may no longer function."  

We note that now-departed SEC enforcement personnel made similar speeches after the U.S. election – the impact of which on new SEC leadership remains unclear. 

Q4 Corporate Enforcement Actions

As noted, the agencies ended the year with a relative flurry of announced corporate resolutions – nine dispositions involving six companies. With this burst of activity, the agencies managed to equal the number of corporate resolutions for 2023 – for a total of 14 – despite a second quarter without any case conclusions. The cases ranged in penalty levels from $1.7 million (Moog) to over $383 million (Raytheon/RTX) and included – for Raytheon – the first monitorship imposed in an FCPA case since the 2022 Glencore DPA, though with the change in DOJ management under the new administration, this may be the last monitorship for a while. The cases are discussed in detail below. 

Enforcement Actions Against Individuals

There were developments in several announced DOJ cases involving individuals this quarter, including, as noted, announcements of guilty pleas from John Christopher Polit, the son of the former Comptroller General of Ecuador, and former McKinsey partner Vikas Sagar. Previously convicted individuals were sentenced in the fourth quarter, including former oil trader Gary Oztemel, Miami-based businessman Fernando Ardila-Rueda, and John Polit's father, Carlos Ramón Polit Faggioni. Finally, as discussed above and in the relevant articles, the agencies brought new charges against senior executives alleged to have violated the FCPA, including former 500.com CEO Zhengming Pan and a former director of Azure Power, Cyril Cabanes. 

In other news involving individuals, former Unaoil executive Cyrus Ahsani, who was scheduled to be sentenced in November 2024 following his October 2019 guilty plea, requested that the sentencing be delayed until at least March 2025. In an October 7, 2024 filing, Ahsani's counsel noted that he "is cooperating with the Australian Federal Police (AFP) in their ongoing prosecution" of two Australian businessmen and Leighton Offshore as a result of a long-running investigation into foreign bribery known as "Operation Trig."  According to the pleading, Ahsani's testimony is part of his cooperation commitment to the AFP and Ahsani "wishes to continue fulfilling his commitment to the Australian government and have his continued, truthful testimony considered by the Court when it imposes his sentence."  

Pretrial disputes continued in the long-running prosecution of former Cognizant executives Gordon Coburn and Steven Schwartz, which had been scheduled to go to trial in the fall of 2024 but has been repeatedly delayed. In late October, both the DOJ and Cognizant petitioned the court to establish a "procedure" "related to third-party Cognizant's corporate privilege that may arise at trial" – primarily the results of the company's internal investigation involving the defendants. Defendants' counsel responded and opposed the proposed "procedure" and cited previous rulings by the court that Cognizant had effectuated a "significant" waiver of privilege when it disclosed to the DOJ information from its internal investigation into potential FCPA violations. To date, the court has not issued any orders as to this issue, though various filings have occurred under seal. The DOJ has switched its position on whether it intended to move the case forward under the administration's recent FCPA enforcement "pause." In a letter dated February 21, 2025, the DOJ stated that it "intends to proceed to trial [as scheduled]."  However, in a subsequent letter on March 4, 2025, the new acting U.S. Attorney in charge of the case requested "a 180-day adjournment of the trial" "to allow sufficient time for my consideration of the application of [the February 10 E.O.] to this matter." As of the writing of this newsletter, U.S. District Court Judge Michael Farbiarz has not ruled on the government’s request for an adjournment, but did push jury selection from March 5, 2025 to March 17, 2025.

On January 17, 2025, a U.S. court sentenced Manuel Chang, the former Finance Minister of Mozambique who was tried and convicted on August 8, 2024, on two counts related to his obtaining $7 million in bribe payments in exchange for signing guarantees to secure $2 billion in funding for projects to be carried out by Mozambican state-owned companies, to over eight years in prison, according to media accounts. Earlier, in an order dated November 13, 2024, the judge denied Chang's motion for acquittal or retrial. 

More recently, Glenn Oztemel (brother of Gary), who was tried and convicted by a jury on September 26, 2024, of conspiracy to violate the FCPA, conspiracy to commit money laundering, three counts of violating the FCPA, and two counts of money laundering in relation to a Petrobras-related bribery and money laundering scheme involving his former employer, Freepoint Commodities LLC, filed a petition on January 23, 2025, asking the court for acquittal or a new trial. Oztemel argued, in part, that there were "material errors" in the jury instructions that "conflat[ed] the elements of distinct theories of substantive FCPA liability" and that "failed to inform the jury of the statute of limitations requirements for the conspiracy counts."  He also asserted that the "government offered virtually no evidence at trial that Oztemel committed any criminal conduct within the statutory limitations period."  

In another high profile case that in part involved public corruption, on January 29, 2025 a U.S. district judge sentenced former Senator Robert Menendez to eleven years in prison and required him to forfeit $922,188 as a result of Menendez's July 16, 2024 conviction for bribery, conspiracy, and honest services fraud. Two other New Jersey businessmen who were also found guilty in the case received sentences of more than eight and seven years, respectively, in prison, as well as fines well over $1 million. 

Other Indicia of Enforcement Trends, Including Investigation-Related Announcements

Q4 2024 saw the announcement of at least three new corporate FCPA investigations, as well as updates on at least one previously disclosed matter beyond the announcement of a formal resolution with the agencies. 

On October 10, 2024, Swedish defense contractor Saab issued a press release stating that the company had "received a subpoena from the U.S. Department of Justice… request[ing] information about the Brazilian Government's acquisition of 36 Gripen E/F fighter aircraft for its air force" pursuant to a 2014 contract. The company's release notes that Saab was cooperating with the DOJ inquiry, and that "[b]oth Brazilian and Swedish authorities have previously investigated parts of the Brazilian fighter procurement process [and] [t]hese investigations were closed without indicating any wrongdoings by Saab."

On November 27, 2024, media reports noted that Jamaican-headquartered telecommunications company Digicel Group had told creditors that the DOJ had opened an investigation into potential FCPA violations and that the company was cooperating with the probe. Follow-up reports stated that the company "disclosed that the potential violations occurred in a number of jurisdictions and that the outcome of the DOJ's probe could be material to the company's financial condition."  

On December 5, 2024, Methode Electronics disclosed that the company had "received a subpoena from the SEC dated November 1, 2024 seeking documents and information relating to, among other things, the Company's operations in certain foreign countries, certain financial and accounting matters relating thereto, compliance with the [FCPA] and other anti-corruption laws, and material weaknesses in the Company's internal control over financial reporting previously reported in its public filings." The disclosure noted that "[t]he Company is cooperating with the SEC."  

The fate of these and other ongoing investigations remains unclear under new administration policies. 

In other news, on October 29, 2024, Stanley Black & Decker disclosed in an SEC filing that "[t]he Company previously disclosed that it had identified certain transactions relating to its international operations that may raise compliance questions under the [FCPA] and voluntarily disclosed this information to the [DOJ] and [SEC] [and] [r]ecently, the SEC and DOJ informed the Company that they have each closed their inquiries with no action taken against the Company in connection with these matters." The company had disclosed this investigation in its 10K dated February 23, 2023. The disclosure further noted that "[t]he Company is committed to upholding the highest standards of corporate governance and is continuously focused on ensuring the effectiveness of its policies, procedures, and controls [and] is in the process, with the assistance of professional advisors, of reviewing and further enhancing relevant policies, procedures, and controls."

Policy and Legislative Developments

The DOJ's Corporate Whistleblower Pilot Program and updates to the DOJ's ECCP guidance – both launched in Q3 2024 – were the last major initiatives announced by either the DOJ and the SEC in the FCPA space. As noted above, the DOJ tweaked the CEP as indicated by PDAAG Argentieri's November 2024 blog post, but potentially fundamental changes to all of these DOJ policies are likely forthcoming in the wake of the "pause." 

The U.S. government continued to designate foreign officials and others as subject to economic sanctions and visa/immigration restrictions under the Global Magnitsky Human Rights Accountability Act (Global Magnitsky) and other statutory and regulatory authorities for acts of corruption. On December 9, 2024, the Treasury Department sanctioned "28 individuals and businesses involved in a global gold smuggling and money laundering network based in Zimbabwe" led by "Kamlesh Pattni, [who] has facilitated illicit activities by bribing officials, deploying trusted supporters to mask ownership, and weaving a global web of businesses to hide the illicit activities." The press release noted the cooperation of U.K. authorities and sets out the international natures of the illicit network in significant detail. The release also contained a section summarizing the Treasury Department's Global Magnitsky and related anti-corruption efforts for 2024; that section states that in 2024 the Treasury Department's Office of Foreign Assets Control (OFAC) "designated over 100 individuals and entities across more than a dozen countries for these activities, leveraging several Treasury tools and authorities" and that "[s]ince 2021, Treasury has designated more than 500 individuals and entities for corruption and related activities."

Though not directly related to corruption, Treasury and the U.S. Department of State also issued Global Magnitsky and other sanctions in Q4 2024 against persons in Russia, Georgia, Syria, Uzbekistan, and Bosnia and Herzegovina related to human rights violations, cyber-currency scams, and human trafficking activities, many of which are supported through corrupt activities. 

On December 18, 2024, OFAC settled with an unnamed "corporate officer" over allegations that the person involved "executed six payments totaling $45,179 on behalf of a blocked individual [under the Global Magnitsky Human Rights Accountability Act] with knowledge that the individual was sanctioned." The person charged agreed to pay the same amount as a penalty for these transactions. The OFAC release states that the "corporate officer" was the treasurer of a company when the company's CEO was sanctioned under U.S. laws and that the officer "learned of the [Specially Designated National's (SDN's)] designation shortly after it occurred." However, the release notes that the officer "did not seek or obtain information or guidance about the legal implications of the SDN's designation for themselves or the company, nor did [the officer] seek or obtain guidance or authorization from OFAC to continue dealing with the SDN." Thus, the officer made or authorized the six payments in violation of the sanctions as part of "their usual duties." The release discusses OFAC's weighting of various aggravating and mitigating factors, which included the fact that the officer "was aware of the SDN's sanctioned status and acted recklessly by failing to take steps to understand the implications of the SDN's designation" but also "cooperated extensively with OFAC's investigation."

International Developments 

There were several international developments of note this quarter.

As discussed in this separate alert, on November 6, 2024, the U.K. Home Office issued new guidance for companies "on the offense of failure to prevent fraud" under the 2023 ECCTA. The guidance, in part, outlines procedures that organizations can put in place to help them prevent fraud and, in so doing, satisfy the defense available to organizations that had "reasonable procedures in place to prevent fraud" at the time of misconduct subject to the law. The procedures defined by the Home Office cover many of the compliance expectations set forth by the DOJ's ECCP, but the guidance includes both additional and more detailed expectations, particularly to address fraud risk. Although not binding, the guidance provides key insights into what U.K. courts might consider when assessing whether companies satisfy reasonable procedures defense to ECCTA offenses. 

On November 22, 2024, the U.K. SFO stated publicly that Guralp Systems Ltd., a U.K.-based seismic testing company, allegedly had "breached" "the terms of [the company's October 22, 2019] DPA" and that the SFO had "request[ed] a hearing at Southwark Crown Court" on the issue. On January 31, 2025, the court ruled that it had jurisdiction over the dispute over the agreement, allowing the proceedings to proceed toward the SFO's goal of terminating the DPA and reinstating the case. Per the judgment, Guralp had argued that the DPA had already expired prior to the SFO's petition, but the court disagreed. The judgment also clarifies that the basis for the SFO's allegation of a breach lies in a dispute as to Guralp's payment of disgorgement of profits per the DPA's terms. In August 2018, the DOJ formally declined to prosecute Guralp (which at the time was represented by Miller & Chevalier, though the firm does not represent the company related to the U.K. proceedings). 

Also on November 22, the U.K. Foreign Secretary announced new financial sanctions under the Global Anti-Corruption Sanctions Regulations 2021 against "three notorious kleptocrats who have siphoned wealth from their home countries, as well as their friends, families and fixers who helped them." The targeted persons are: "Isabel Dos Santos, the daughter of Angola's former president who systematically abused her positions at state-run companies to embezzle at least £350 million [and who] has been subject to an Interpol Red Notice since November 2022"; "Dmitry Firtash, an infamous oligarch who has extracted hundreds of millions of pounds from Ukraine through corruption and his control of gas distribution and has hidden tens of millions of pounds of ill-gotten gains in the UK property market"; and "Aivars Lembergs, one of Latvia's richest people, who abused his political position to commit bribery and launder money [and who in 2021] was found guilty of 19 charges including extorting bribes, forgery of documents, money laundering, and improper use of office in a court in Riga." The sanctions, which include asset freezes and travel bans, cover associated persons and entities. 

Elsewhere in Europe, there were several legal developments related to attorney-client privilege (and its use in investigations) in three jurisdictions: the Netherlands, France, and the EU. These decisions, overall, reaffirm protections related to the confidentiality of attorney-client communications (at least with regard to external counsel) in these jurisdictions – though as discussed below, questions remain under French law. 

On December 9, 2024, the French PNF announced that a French court had "validated" a convention judiciaire d'intérêt public (CJIP) signed on December 2, with two French nuclear energy companies, Areva and Orano Mining, related to allegations of bribery involving at least one senior official in Mongolia responsible for the award of uranium mining licenses. The announcement noted that Areva agreed to pay a fine of €4.8 million and that Orano agreed to "the implementation of a compliance programme for a three-year period within the ORANO group under the control of the French [Anti-Corruption Agency]… up to a maximum amount of" €1.5 million. The French government maintains significant ownership stakes in both Areva and Orano. 

Most recently, after a multi-week trial in December 2024, a Swiss federal court issued a ruling on January 31, 2025 that commodities trading company Trafigura was guilty of failing to implement required internal controls and related systems during the time period in which bribes were paid in Angola to at least one official of a Sonangol affiliate regarding the award of oil-related contracts. The court ordered the company to pay a penalty of 3 million Swiss francs (approximately $3.30 million) and to forfeit over $145 million in illegally obtained profits. The court also found Trafigura's former Chief Operating Officer, Mike Wainwright, guilty of arranging the payment of bribes and sentenced him to 12 months in prison, together with an additional 20-month suspended prison term; according to media sources, Wainwright has already stated that he will appeal the verdict. The court also found two other individuals – a former Trafigura employee who acted as an intermediary for the payments, and the former CEO of the Sonangol affiliate who received the bribes – guilty of various charges. We will discuss this case in more detail in our next Review after the complete text of the court's judgments is released publicly. The DOJ announced that Trafigura pleaded guilty to an FCPA conspiracy charge in March 2024.

Moving to Latin America, on November 14, 2024, the Brazilian Office of the Comptroller General (CGU) and the Attorney General's Office (AGU) announced a leniency agreement with commodities trader Freepoint Commodities LLC related to allegations of bribery involving Petrobras officials. Under the leniency agreement, Freepoint agreed to pay Reais 132,253,647.32 (approximately $22.6 million) in government fines and reimbursement to Petrobras and to enhance its "compliance and governance policies" as a prerequisite for engaging in new transactions or conducting business operations in Brazil. The leniency agreement follows a December 14, 2023 announcement of a three-year DPA issued to Freepoint by the DOJ for similar corruption violations, which contained provisions allowing for an offset of U.S. fines in the event the company agreed to pay fines to the Brazilian authorities. 

On December 3, 2024, the Comptroller General of the State of Minas Gerais (CGE), the Attorney General of the State of Minas Gerais (AGE), and the Minas Gerais Public Prosecutor's Office (MPMG) in Brazil announced a leniency agreement with SAP Brasil Ltda related to "evidence of illicit practices, in collusion with other companies and state public agents, to defraud the bidding process" for a Minas Gerais State procurement of "an Integrated Human Resources Management system." Under the agreement, the company will pay 66.3 million Reais (approximately $11 million), an amount that includes a fine, disgorgement, and "moral damages" to the State of Minas Gerais. The company will also continue to cooperate with ongoing investigations, having already "collaborated" with the investigation to date. Notably, the announcement states that "CGE conducted a detailed review of SAP Brasil Ltda.'s compliance program and concluded that the company currently has an effective program in place, [though] [t]he company has also committed to continuing to improve and monitor its governance and compliance policies." The Brazilian agreement follows dispositions by SAP with the DOJ and South African authorities in January 2024 involving alleged bribery schemes in other countries.

Earlier in Q4, on September 20, 2024, the CGU and AGU announced the negotiated revision of leniency agreements signed with seven companies related to the massive Lava Jato investigation. Per the announcement, the revision process began when terms of the agreements were questioned by several political parties in Brazil. The announcement states that the CGU and AGU's goals in amending the leniency agreements included "continuity of economic activity, with the preservation and generation of jobs in the construction industry, a strategic sector for national development; the preservation of the public integrity agenda, with the maintenance of current leniency agreements; and the strengthening of the consensus mechanism for overcoming conflicts in the Judiciary." This last goal may be linked to ongoing criticism from the Brazilian Supreme Court (STF) related to allegations of tainted evidence and other issues in the Lava Jato operation that have led to court actions in these cases, including a September 6, 2023 ruling in which an STF judge held that any evidence originating from the leniency agreement signed by Odebrecht in December 2016 is tainted and thus inadmissible in other cases. The CGU/AGU announcement notes that the seven revised leniency agreements will be submitted to the STF for approval. 

On October 10, 2024, the CGU announced that it had "reache[d] 70 [Administrative Accountability Proceedings, or] PARs [with companies], surpassing the previous record of 67 processes judged in 2023." Such PARs cover many types of corporate "illegal acts," including bribery and financial fraud, as well as the filing of false documentation with government authorities – the focus of two of the most recent cases that set the new record. One of the other announced cases, involving the company Dema Participações e Empreendimentos LTDA, alleged that the company "act[ed] as an intermediary in the payment of bribes to public agents of Eletrobras Termonuclear SA… in the public bidding process." Per the public release, "Dema Participações was declared ineligible to bid and contract with the public administration for a minimum period of two years." The CGU announcement notes that this case is part of "Operation Fiat Lux" – "one of the offshoots of Operation Lava Jato."

In Peru, on October 21, 2024, former President Alejandro Toledo was sentenced by criminal court in Lima to 20 years and six months in prison for "the crimes of collusion and money laundering" as a result of his taking bribes from Odebrecht. Toledo was tried after his extradition from U.S. to Peru in early 2023; until his extradition he had been living in exile in California since 2017. The verdict stated that Toledo "colluded with interested parties such as Odebrecht so that, through a bribe of [$35 million], [Odebrecht] was awarded the contract for the construction of sections 2 and 3 of [Peru's] Interoceanic Highway, causing harm to the State." Media sources noted that three other former officials and businessmen were given jail time related to the scheme. Toledo has stated that he will appeal the verdict and sentence. 

Actions Against Corporations

Aerospace and Defense Company Moog Inc. Settles with the SEC for Indian Subsidiary Conduct

On October 11, 2024, New York-based aerospace and defense company Moog Inc. agreed to pay $1.7 million in penalties, disgorgement, and interest to resolve charges that the company violated the books and records and internal accounting controls provisions of the FCPA as a result of bribes paid to Indian foreign officials by its wholly owned Indian subsidiary, Moog Motion Controls Private Limited (MMCPL). 

The SEC's Cease-and-Desist Order (Order) details two primary schemes to obtain business by MMCPL in India and notes other efforts to improperly influence tender processes. In July 2020, MMCPL engaged an agent (referred to as Agent A in the Order) via a "liaison agreement" to assist the company in obtaining a contract with the government-owned Indian railway company South Central Railway (SCR). The Order details that the agent made payments to an SCR employee in order to place MMCPL on a designated supplier list managed by the Research Design and Standards Organization (RDSO), an agency of the Indian Ministry of Railways that "functions as a technical advisor and consultant to the Railway Board with respect to the design and standardization of railway equipment." In return, the agent would receive 10 percent of the value of the contract. The Order notes that, after being placed on the list, MMCPL employees contemplated in engaging in "additional misconduct" in order "to remove [a] competitor from the supply list." MMCPL won the contract in September 2020, and in April 2022 "commission[s]" were paid to the agent and "falsely recorded as legitimate contractor services." 

According to the Order, in May 2021, MMCPL wanted to participate in a public tender for the government-owned Indian aerospace and defense company Hindustan Aeronautics Limited (HAL). Internal employee discussions noted that "bribe payment[s]" in "cash" would be paid to HAL in order to disqualify other competitors and win the bid. In November 2021, HAL awarded MMCPL the contract. According to the Order, money for the bribe was generated through a false invoice from a MMCPL third party (referred to as Distributor B in the Order); the Order notes that the MMCPL finance manager was directed to execute this arrangement after "[v]arious cash generation schemes through inflated and false invoices and connections to other entities were discussed to fund the bribe payment." Distributor B "was not in fact capable" of undertaking the project for which the "fabricated invoice" was prepared. The expense was recorded in MMCPL's books as a "legitimate expense" and "falsely booked" as an expense under the HAL contract. 

The Order details other efforts to "improperly influence tenders," "at times" using Agent A and Distributor B. For example, an employee discussed using Agent A to disqualify a competitor from the supplier list managed by the RDSO in relation to a November 2020 tender; the discussed amount of the bribe was one percent of the relevant contract value. 

As a result of the conduct described in the Order, the SEC imposed a total fine of $1,683,815, including a civil penalty of $1,100,000, disgorgement of $504,926 (the amount of "unjust" profits related to the improper activities), and prejudgment interest of $78,889.

The Order notes that Moog cooperated with the investigation. Specifically, Moog initially reported the misconduct to the DOJ and provided the SEC "with facts developed during its own internal investigation," as well as "subsequently" providing the SEC with key documents and witness statements. The Order details that Moog also engaged in remediation efforts, including by "terminat[ing] the employees and third parties involved in the misconduct," enhancing controls related to third party payments, and improving certain elements of its compliance program. For example, the Order highlights that Moog "increased the frequency of its audits and monitoring of distributor and intermediary activities" and "increased training of employees on anti-bribery issues and tender specific procedures."
 
Key Takeaways

• Culture and Management Tone Named as a Cause of Violations: In addition to "deficient internal accounting controls," the Order emphasizes that the culture at MMCPL created an environment that allowed for the conduct to occur, and that the weak tone at the top was a root cause of the misconduct. Specifically, "[e]mployees freely discussed their misconduct, which reflected a prevailing culture to win business at any cost, including improper means. The widespread misconduct at MMCPL reflected a breakdown in internal accounting controls, training, compliance, and tone at the top of the subsidiary." Indeed, the Order relies heavily on quotes from internal correspondence among employees where they discussed the efforts to win tenders, use of third parties to funnel funds to government officials, and a desire to remove competitors through improper payments. The subsidiary's finance manager was aware of the actual nature of various payments and was in a position to be "directed" to make them by other MMCPL employees. The Order also highlights that unique market entry challenges may have also contributed to employees' willingness to engage in misconduct. 
• DOJ Disclosure: The Order highlights Moog's disclosure to the DOJ as a key element of Moog's cooperation. Notably, public records and filings do not indicate whether the DOJ has or is currently conducting an investigation of the company for the conduct. 
• No FCPA Bribery Charge: As with the SEC's August 25, 2023 settlement with 3M, detailed in our Autumn Review 2023, the SEC did not charge Moog with violating the FCPA's anti-bribery provisions despite stating that MMCPL bribed Indian officials "to win business" and "cause[d] public tenders in India to favor Moog's products and exclude competitors." While the exact reasoning for the decision is not clear, the SEC in its press release hints at the message other companies should take from the resolution, specifically that it "highlights the need for issuers operating internationally to have appropriate compliance and internal accounting controls over third parties and third-party payments, as weaknesses in those systems heighten corruption risk[.]"

RTX and Subsidiary Raytheon Resolve FCPA and Related Export Control Violations with SEC and DOJ, Agreeing to Retain Compliance Monitor and Pay More than $383 Million  

On October 16, 2024, the DOJ and SEC announced that they finalized agreements with U.S. defense contractor and "issuer" RTX Corporation (RTX) and its wholly owned subsidiary Raytheon Company (Raytheon) related to previously disclosed legal matters including allegations of (1) foreign bribery and related export control violations regarding business in Qatar, and (2) major government fraud and Truth In Negotiations Act (TINA) violations related to sole source contracts with the U.S. government. The companies agreed to pay approximately $383 million to the DOJ and SEC to resolve the FCPA-related allegations related to business in Qatar, with additional amounts to be paid relating to the allegations of government fraud. In parallel, Raytheon and the DOJ also announced a civil settlement of related False Claims Act litigation, with Raytheon agreeing to pay $428 million for knowing or acting with deliberate ignorance or reckless disregard to the fact that it failed to disclose accurate, complete, and current cost or pricing data regarding its costs on numerous government contracts between 2009 and 2020 and that its certifications to the government about its proposed costs were inaccurate. 

Two DPAs with the DOJ were announced in an October 16, 2024 press release. One DPA  – dated October 16, 2024, and filed in the Eastern District of New York – included two conspiracy counts, one for conspiracy to violate the FCPA, and a second conspiracy to violate the Arms Export Control Act (AECA), specifically the Part 130 requirements of the ITAR (FCPA DPA). We focus on the FCPA DPA below. Related to the same conduct in the FCPA DPA, RTX agreed to an administrative order (SEC Order) with the SEC, agreeing to a civil fine, disgorgement, and interest of just over $100 million. A second DPA – dated October 16, 2024, and filed in the District of Massachusetts - alleged that Raytheon "engag[ed] in two separate schemes to defraud the Department of Defense… in connection with the provision of defense articles and services, including PATRIOT missile systems and a radar system." Raytheon agreed to pay a criminal penalty of more than $146 million. Both DPAs and the SEC order require that Raytheon retain an independent compliance monitor for three years.
 
These resolutions followed an announcement in August 2024 of an agreement between RTX and  Directorate of Defense Trade Controls (DDTC) regarding export control violations, with RTX agreeing to a civil penalty of $200 million and committing to use half of that amount to fund compliance enhancements and the appointment of an external Special Compliance Officer. 

The allegations regarding transactions in Qatar go back to roughly 2012, or in the case of the SEC Order, back to the "early 2000s." In April 2020, Raytheon and United Technologies Corp – both longstanding public companies trading on the New York Stock Exchange (NYSE) –merged, with Raytheon Company shares ceasing to be traded publicly, and the United Technologies entity changing its name to Raytheon Technologies Corp. Just prior to the merger, in Raytheon's 10-K filed on February 12, 2020, Raytheon noted that the SEC had issued a subpoena to the company in 2019 in connection with company and joint venture (JV) contracts "in certain Middle East countries since 2014." According to press reports, the investigation followed litigation in California involving a third party used by Raytheon in Qatar. Raytheon Technologies Corp. disclosed in May 2020 that the DOJ had also initiated an investigation during the first quarter of 2020, and later disclosed in October 2020, that the SEC had issued a second subpoena. The corporate announcements that year noted cooperation with the authorities. In 2023, the company changed its name to RTX Corporation, combining the pre-merger trading symbols RTN and UTX.

Use of Contracts for "Sham Defense Studies" to Make Improper Payments in Qatar and Related ACEA/ITAR Violations  

The FCPA DPA and SEC Order address an alleged scheme involving payments to third parties in Qatar affiliated with a government official there (or multiple officials, per the SEC Order), without any services being provided. The SEC Order also highlights an agency relationship with a member of the Qatari royal family, emphasizing concerns about potential corruption for payments that over time exceeded $30 million and a lack of measures to ensure that services were provided under the agency agreement. 

The FCPA DPA focuses on the conduct of five Raytheon employees. It alleges that Raytheon employees entered into transactions between 2012 and 2016 with a "high-ranking official" of the Qatar Emiri Air Force (QEAF) using different entities affiliated with the foreign official, making payments of nearly $2 million to secure profits of more than $36 million. In particular, the FCPA DPA focuses on efforts to gain business under four "additions" to a contract between a Raytheon entity and the Gulf Cooperation Council (GCC). According to the FCPA DPA, Raytheon and the foreign official at issue agreed to increase the scope of the relevant contracts to include various studies; Raytheon then subcontracted with entities affiliated with the foreign official to acquire the studies, although ultimately Raytheon personnel, not the subcontracted entities, prepared the materials. Raytheon's personnel also tried to enter into a teaming agreement with one of the same entities for another contract to funnel bribes to the foreign official in order to receive the foreign official's assistance to help Raytheon win the contract with QEAF, although this contract ultimately did not go forward. 

The FCPA DPA states that Raytheon personnel used personal email accounts to communicate with the foreign official, sending draft contracts and other materials to the foreign official as well as coaching the official and another representative on how to pass Raytheon's due diligence process. The DPA alleges that the transactions were initially contemplated using a construction company, but then the official at issue organized new companies intended to be specific to the defense industry. The Qatari entity then submitted false and incomplete information during the due diligence process, "fail[ing] to disclose… [the official's] involvement or ownership stake." To obscure the connection, the official began to use an alias (in emails and some corporate documents for the entities); meanwhile the Qatari third party also provided documents to Raytheon showing that the official, in his QEAF position, had received and approved the reports. Raytheon paid the Qatari entity $975,000 in 2014 for three studies under the contract. 

Payments for the second contract allegedly followed a similar pattern. According to the FCPA DPA, the contract scope was amended late in the process to include a requirement for studies, and Raytheon employees used personal email accounts to liaise with the QEAF official and other representatives to assist a second entity to pass due diligence and conclude an agreement with Raytheon. Raytheon paid this second entity $950,000 for another three studies under this second contract in 2017. 

The SEC Order states that the third parties involved in the studies were majority owned by a member of the Qatari royal family – specifically, someone who was "an immediate family member of the current Emir of Qatar." The SEC indicates that there were two Qatari military officials affiliated with the entities involved in the payments for "sham defense studies." The SEC Order also details that, despite apparent efforts noted in the FCPA DPA to conceal official connections, Raytheon's due diligence process did identify one of the military officials as a shareholder of one of the suppliers, but "no action was taken to resolve the issue." In addition to detailing various other red flags and the use of personal email accounts, the SEC also emphasizes Raytheon employees used personal computers and phones as well as off-channel communications to communicate with the Qatari third parties and foreign officials. 

The DOJ alleges that "as a result of the bribery scheme, Raytheon earned approximately $36.7 million in profits from the four additions to the GCC Contract… and expected to earn over $72 million more, had the [contract related to a teaming arrangement] come to fruition." The SEC ordered disgorgement of $37 million, as detailed below. 

The FCPA DPA also details that the AECA and ITAR Part 130 required Raytheon to apply for export licenses for the services covered by the relevant contracts and that Raytheon should have "inform[ed] DDTC whether Applicant or its Vendors… had paid, offered, or agreed to pay political contributions, fees or commissions in connection with the sale or transfer of a defense article or defense service," with an aim to "prevent 'improper influence' in those sales." Raytheon did not disclose the payments at issue. The FCPA DPA's statement of facts alleged that four of the Raytheon personnel involved in the payments to the third parties knew of these obligations under AECA and ITAR (through trainings and other communications) and – in some cases – sent emails to other employees encouraging them to be aware of the obligations. Consequently, other Raytheon personnel submitted false information with the export licenses, without knowledge that the relevant certification was false. The involved Raytheon personnel allegedly also coached the Qatari entity on submitting false certifications to Raytheon. 

Raytheon "Failed to Obtain Proof that Services Were Provided" and "Made Unsupported Payments" to the Agent 

In addition to covering the contracts for studies as summarized in the FCPA DPA, the SEC Order also summarized an agent relationship in Qatar, flagging various concerns. First, the SEC detailed how the agent is a "cousin of the Qatari Emir, at times advised the Emir on financial matters, and was a member of the Qatari Council of the Ruling Family." The SEC never explicitly declares the agent to be a foreign official under the FCPA, but states that "[f]or years, [Raytheon] relied on a poorly drafted two-page opinion that [the agent] was not a government official, despite the agent being a royal family member and a member of the Council of the Ruling Family."  

Second, the SEC Order notes various additional red flags related to the agent and the commercial relationship, including the following: he had no military experience; the agent was required to exercise only "best efforts" to help Raytheon develop relationships and good will with the Qatari military; the agent did not in fact help with "the few substantive tasks that were itemized in the agreements"; the agent did not need to submit invoices to Raytheon for payments; Raytheon did not require reports on the agent's activities as a condition for payment until 2019 (over a decade after retention of the agent); Raytheon personnel believed the agent could represent Raytheon only because the Emir had granted an exception to a prohibition against such companies using sales representatives (without inquiries into whether the agent "engaged in corruption to obtain the exception"); a company employee ghost-wrote a report for the agent regarding what work the agent had performed; the Qatari country manager was considered the agent's "handler, controlling all access" to the agent, and "untouchable"; when required to submit information under the company's "compliance and due diligence program," the agent's submissions were "chronically late"; the company knew that the agent was interacting with officials on the company's behalf, but company personnel did not know "the names or titles of the government officials" or what happened during the meetings; and more. The SEC also notes that the Raytheon country manager for Qatar would sometimes ghost-write communications for the agent in disputes with Raytheon, and that other Raytheon personnel were aware of this fact. The SEC further details how various internal controls did not halt or reduce payments, with financial limits being "raised or manipulated" to accommodate payments to the agent, and with internal sign-offs "represent[ing] the epitome of a paper program." 

The SEC Order notes these red flags and quotes a Raytheon compliance employee stating that "we basically accepted to live with" the red flags. The SEC notes that "numerous Raytheon employees raised concerns regarding red flags of high corruption risk," but these employees were "overruled by management, who allowed the contracts with [the agent] to be extended." The SEC concludes that "[t]ime and time again, managers and employees raised concerns over red flags of corruption regarding the agent," but "the relationship… continued unchecked." Moreover, "any attempt to gather information about what [the agent] was doing through the activity reports was a meaningless, check-the-box exercise that neither enhanced compliance efforts nor mitigated corruption risks." The SEC noted that the company paid the agent more than $30 million, including $17 million in March and April 2020, "in an effort to exit the relationship quickly," without disclosing the "known corruption concerns and amounts paid" to the SEC "until new management became aware following the merger that created RTX and [new management] determined to cooperate fully with the [SEC's] investigation." The SEC notes that Raytheon credited the agent with assisting in contracts worth more than $5.8 billion, including five contracts between 2015 and 2020 worth $3.2 billion. 

Penalty Calculations, Cooperation and Remediation 

For the FCPA conspiracy count, the DOJ calculated a criminal penalty of $230,400,000 and forfeiture amount of $36,696,068. However, the DOJ agreed to offset the forfeiture amount by $7,400,090 (approximately 20 percent) based on the agreement to disgorge profits to the SEC, making the DOJ FCPA-specific total $259,335,978. The DOJ also imposed a criminal fine of $21,904,850 for the ACEA/ITAR-related conspiracy violation, bringing the DOJ total for that DPA to $281,600,828. 

Meanwhile, the SEC and RTX agreed to the following: disgorgement of $37,400,090, prejudgment interest of $11,786,208, and a civil penalty of $75,000,000, for a total of $124,186,298. However, the SEC agreed to reduce the civil penalty (based on the DOJ's criminal fine) by $22.5 million, bringing the SEC Order total to $101,686,298. 

Overall, RTX and Raytheon agreed to pay $361 million to the DOJ and SEC for the FCPA resolutions, and nearly $383 million including the ACEA/ITAR fine. The DOJ did not give the company voluntary disclosure credit because it did not voluntarily and timely disclose to DOJ the underlying conduct. The DOJ did give Raytheon the full two-point deduction under the Sentencing Guidelines in calculating the culpability score, but noted that "in the initial phases of the investigation, prior to [and] in or around 2022, the Company was at times slow to respond to the [DOJ's] requests and failed to provide relevant information in its possession; for example, the Company withheld relevant, material information from the government and gave incomplete and misleading presentations regarding the nature and scope of a relevant third-party intermediary relationship." Raytheon did receive cooperation and remediation credit of 20 percent. For cooperation, the DOJ cited providing factual information obtained through its internal investigation, facilitating interviews, "proactively" sharing evidence that the DOJ did not already know, and "engaging experts to conduct financial analyses." Similarly, the SEC noted that "[a]fter a period of uncooperativeness and following the merger, Raytheon provided significant cooperation under new management, who also hired new outside counsel." The SEC also noted that "new management also took steps to remediate, including terminating employees involved in the misconduct, some of which were still working with the company despite their known roles in the misconduct."  

Regarding FCPA-specific remediation, the DOJ noted that Raytheon added subject matter experts and enhanced its training and communications while taking multiple efforts to reduce third party risk – "recalibrating third party review and approval processes to lower… risk tolerance," "implementing data analytics over third parties, and enhancing controls over sales intermediaries." The SEC included similar points, while also noting that RTX improved its anticorruption risk assessments. 

Compliance Monitorship and Other Measures 

Under both DPAs and the SEC Order, Raytheon and RTX are required to retain an independent compliance monitor(s) for a three-year term, as well as to continue to implement enhancements to its compliance and ethics program.

Key Takeaways

• Updated Disclosure Requirements Covering FEPA: DOJ DPAs in the FCPA space have long contained disclosure provisions for the term of the agreement that require the relevant companies to affirmatively disclose any evidence or allegations of violations of the FCPA of which they become aware. For the first time, Raytheon's DPA required the company to "promptly report" "any evidence or allegation of conduct that may constitute a violation of the FCPA anti-bribery or accounting provisions or the Foreign Extortion Prevention Act ("FEPA")..." (emphasis added). This disposition was the first since FEPA was amended on July 30, 2024, and this language has since been included in later DOJ dispositions with McKinsey Africa and AAR (as discussed elsewhere in this Review). 
• DOJ Increased the FCPA DPA Fine Based on Prior Conduct: In calculating the base fine for the DPA's FCPA-related count, the DOJ started with a base fine of $150 million that far exceeded the profits subject to forfeiture/disgorgement. Additionally, the DOJ chose to use the fine at the 20th percentile within the Sentencing Guidelines range, which also increased the fine. In the DOJ's "Transparency in Criminal Division Enforcement" blog post dated November 22, 2024, the then-Assistant Attorney General gave further insight into the DOJ's approach to the penalty calculation, noting that "starting at the bottom of the Guidelines range would have understated the totality of Raytheon's criminality [and] [a]s we explained in the relevant considerations section of the agreements, we therefore calculated the penalty starting above the bottom of the Guidelines range in each of the two DPAs to account for the company's culpability in multiple criminal violations." In the FCPA DPA, however, the DOJ states that the company "has no prior criminal history" and instead specifies several "civil or regulatory enforcement actions."  
• Compliance and Internal Controls Evasion: The DOJ and SEC summaries note various controls that Raytheon had in place to prevent FCPA or AECA violations. For example, there were third-party due diligence systems designed to vet new third parties, and the SEC notes the existence of "caps on commissions to third parties" and different efforts to gain information about the Qatari agent's activities. However, the DOJ and SEC resolutions summarize the employees' efforts to circumvent these controls, such as Raytheon employees coaching a third party on what information to provide during the due diligence process or having Raytheon personnel "ghost write" activity reports and other communications on behalf of the Qatari agent. The SEC also notes that Raytheon employee would "raise or manipulate" the payment caps for third parties to make the payments to the Qatari agent. Moreover, there are various instances described in the DOJ and SEC resolutions in which Raytheon personnel submitted inaccurate or incomplete information to other company personnel whose purpose was to review transactions. These resolutions show the importance of culture, and in particular culture "at the middle," a relatively recent point of increased emphasis for the DOJ. Under the DPA, Raytheon has agreed to "ensure that mid-level management throughout its organization reinforce leadership's commitment to compliance policies and procedures," which is now a standard obligation in DPAs. 
• Lack of Clarity Regarding the Legal Significance of Royal Family Status: The SEC resolution highlights the relationship between third parties and royal family members in Qatar, indicating that this is a significant red flag, but ultimately the SEC's public documentation does not provide much clarity on whether the agency believes mere family membership is sufficient to make such persons "foreign officials" under the FCPA. The FCPA DPA does not identify any royal family connections in summarizing the relevant facts, which suggests that the DOJ continues to follow the approach taken in Opinion Procedure Release 12-01 (Sept. 18, 2012), in which the DOJ determined that royal family membership does not create a "per se" assumption of foreign official status and that various case-by-case factors should be weighed. The SEC notes that the third parties used for the "sham" reports were majority-owned by a member of the Qatari royal family who was "an immediate family member of the current Emir" and that the Qatari agent was a "cousin of the current Qatari Emir" who "at times advised the Emir on financial matters" and "was a member of the Qatari Council of the Ruling Family." Both the DOJ and SEC appear to focus any violations of the FCPA's anti-corruption provisions on payments to the employees of the Qatari military rather than the royal family members. The SEC does note that the company "relied on a poorly drafted two-page opinion that Qatari Agent was not a government official, despite the agent being a royal family member and a member of the Council of the Ruling Family, who at time advised the Emir on finances before he became Emir." However, the public documents do not provide any more details regarding the stated flaws in this analysis. That said, the SEC's partial focus on the agent's role in advising on financial issues and sitting on a formal governing council suggest that the agency's approach may well be in line with the DOJ's focus on additional factors beyond family relationship in determining "foreign official" status. 

Spanish "Issuer" Telefónica Venezolana Gets Three-Year DPA for Venezuelan Currency Auction Scheme

On November 8, 2024, the DOJ announced that it had entered into a three-year DPA with Telefónica Venezolana C.A. (Telefónica Venezolana), the Venezuelan subsidiary of the Spanish-headquartered telecommunications company Telefónica S.A. (Telefónica), a U.S. "issuer," based on one count of conspiracy to violate the FCPA's anti-bribery provisions related to a scheme to bribe Venezuelan officials to grant Telefónica Venezolana "preferential access to U.S. dollars in a government-sponsored currency auction." Pursuant to the DPA, Telefónica Venezolana will pay more than $85.2 million in penalties. Telefónica Venezolana and Telefónica also "agreed to enhance their compliance program where necessary and appropriate, and to report to the government regarding remediation and implementation of their enhanced compliance program."

The DOJ alleged that officers, employees, and agents of Telefónica Venezolana "knowingly and willfully conspired" to bribe high-ranking Venezuelan officials to rig a 2014 government currency auction, permitting Telefónica Venezolana to exchange billions of Venezuelan bolívars for U.S. dollars. Since the mid-2000s, to protect against capital flight and "support the value of the Venezuelan bolívar," the Central Bank of Venezuela has maintained "strict currency controls" that fix exchange rates and limit how many bolívars companies can exchange. Telefónica Venezolana has long been a leading telecommunications provider in Venezuela, and the company collects most of its payments from customers in bolívars. However, the government's currency restrictions made it difficult for Telefónica Venezolana to purchase equipment from two international suppliers who required payment in U.S. dollars. Telefónica Venezolana needed this equipment to update its outdated network and keep up with competition in the telecommunications market.

The statement of facts in the DPA notes that, around 2013, Venezuela started hosting government-run currency "auctions" at which domestic companies in key industries could apply to be selected to exchange high quantities of bolívars for U.S. dollars at favorable rates. The DOJ's investigation of bribery allegations involved one of these auctions that was held in August 2014 specifically for the telecommunications industry. According to the DPA, two high-level Venezuelan officials leaked information about the upcoming auction to a senior executive at Telefónica Venezolana (unnamed by the DOJ, but media sources have indicated that this individual likely was then-Chief Executive Pedro Cortez, who left the company in July 2024), informing him that Telefónica Venezolana would only be successful at the auction if it paid them a "commission," "implying that the commission would personally benefit" two foreign officials involved with the auction.

Subsequently, according to the DOJ's Information, the Telefónica Venezolana executive conspired with the two unnamed equipment suppliers to fund the "commission," with the suppliers making approximately $28.9 million in payments to another intermediary and a Panamanian-based "shell company" (using sham consulting and "network integration" agreements), with the payments "intended, at least in part, to benefit Venezuelan government officials." Telefónica Venezolana "covered the cost of the bribes by agreeing to purchase equipment from [the two suppliers] at inflated prices, using the U.S. currency obtained in the auction." The intermediaries used these finds "commingled with other funds" in part to pay for lavish expenses for foreign officials and their families, including a "lavish vacation" costing over $500,000 and "$605,000 on luxury watches and jewelry." The Information states that, as a result of the corrupt payments, Telefónica Venezolana was permitted to exchange the equivalent of $110 million U.S. dollars at the August 2014 auction, which constituted roughly 65 percent of the funds the Venezuelan government awarded at the event. 

The public documents note that Telefónica Venezolana acted as an "agent" of Telefónica (via "control, oversight" and appointment of senior executives) and that the participating individuals "utilized and caused the use of means and instrumentalities of interstate commerce to communicate with each other and others regarding the scheme" – including "personal, U.S.-based email accounts." The Information also states that the "conspirators also routed corrupt payments totaling more than $22 million into and out of correspondent bank accounts at financial institutions in New York, New York."

In determining the terms of the DPA, the DOJ noted that the company did not receive any credit for voluntary disclosure. The DOJ considered Telefónica Venezolana's cooperation, noting that, among other things, the company made "regular factual presentations to the [DOJ] based on the information [gathered in the company's] internal investigation"; "navigat[ed] foreign data privacy and related laws" to "produc[e] a significant number of documents" and document translations where needed; and "voluntarily [made] employees based [in other countries] available for interviews in the United States." The DPA noted, however, that "in the initial phases of the [DOJ's] investigation, the [c]ompany failed to timely identify, collect, produce, and disclose certain records and important information, which affected investigative efforts by the [DOJ] and reduced the impact of the [c]ompany's cooperation."  

The DOJ also credited Telefónica Venezolana with "timely" remediation because the company, in part, terminated and disciplined involved employees; "strengthen[ed] its anti-corruption compliance program by building and empowering an independent compliance function"; "overhaul[ed] its review and approval process for transactions with non-standard pricing" and ensuring compliance function approval for all such transactions; and "strengthen[ed] processes for vetting, engaging and monitoring third parties, including implementing additional controls concerning payments to third parties through a proprietary software tool." The DOJ's analysis of these and other positive and negative factors resulted in "a discount of 20 percent off the 5th percentile of the otherwise-applicable Sentencing Guidelines fine range" – a lower discount than companies in some other recent enforcement actions. 

The DOJ press release on the case noted the assistance of authorities in Panama, Switzerland, and Luxembourg – the last two likely involving information on financial transactions involving the intermediaries and entities linked to the bribe recipients. 

Key Takeaways

• "Second Strike" for Telefónica: This DPA is the second FCPA-related disposition involving an affiliate of the Spanish issuer in the past five years. In May 2019, as we discussed in detail here, Telefônica Brasil S.A. entered a cease-and desist order with the SEC, agreeing to pay a civil money penalty of $4.13 million to settle FCPA accounting provisions charges related to the purchase of tickets for the 2014 World Cup held in Brazil and other football events for over 100 government officials. Brazilian employees had provided the tickets despite company policies prohibiting gifts to officials and the SEC had maintained that Telefônica Brasil lacked proper internal accounting controls to implement the policy properly. While the actions underlying the Venezuelan case likely occurred prior to the compliance program improvements initiated by Telefónica around the 2019 resolution, for the more recent case the DOJ, per stated policy, weighed the 2019 settlement in its determination of DPA terms and penalties. 
• Importance of an Empowered and Independent Compliance Function: One of the remedial actions for which Telefónica Venezolana is credited in the DPA is "strengthening its anti-corruption compliance program by building and empowering an independent compliance function, appointing a Chief Compliance Officer with direct access to the Audit Committee of the Board of Directors, and investing in additional compliance resources throughout its global operations." This emphasis aligns with the September 2024 updates to the ECCP, which augmented preexisting guidance about resource allocation and access to compliance functions. The ECCP inquires whether compliance personnel have access to data and the ability to leverage it, and here, the DOJ credited Telefónica Venezolana with making progress on this front by giving its new Chief Compliance Officer direct access to the Audit Committee.
• Currency Instability and Managing Actual Corruption Risks Faced by Individual Businesses: The corruption at issue in this resolution stemmed from limited access to currency conversion, spurred by attempts under the Chávez government to stabilize the Venezuelan bolívar. Venezuela has long struggled with currency fluctuation and capital flight, and these economic challenges generate unique corruption risks. The Telefónica Venezolana resolution provides an important reminder of the ever-present need for companies to tailor compliance programs to the risk factors specific to the countries/regions where they operate—and to constantly monitor the climate for evolution of those risks.

BIT Mining Settles FCPA Violations with DOJ and SEC; Former CEO Indicted

On November 18, 2024, the DOJ and SEC announced that BIT Mining Ltd. (BIT Mining), formerly 500.com Limited (500.com), had agreed to settle investigations by the DOJ and SEC in relation to FCPA violations involving the company's operations in Japan between 2017 and 2019. BIT Mining entered into a three-year DPA with the DOJ and agreed to pay a $10 million criminal penalty, of which the DOJ would credit $4 million against the civil penalty imposed by the SEC's Cease-and-Desist Order. On the same day, the DOJ also unsealed an indictment filed on June 18, 2024, against BIT Mining's former CEO, Chinese national Zhengming Pan.

Alleged Bribery Scheme in Japan

Now a cryptocurrency mining company incorporated in the Cayman Islands, during the relevant time period, BIT Mining operated as 500.com—an online sports lottery company with its principal place of business in Shenzhen, China and publicly traded securities listed on the NYSE and NASDAQ. 

In early 2017, 500.com created a wholly owned subsidiary in Japan to pursue an opportunity to develop and open an integrated resort (IR). According to the DPA, 500.com offered and paid approximately $1.9 million in bribes to Japanese officials, directly and through certain consultants, between 2017 and 2019 in order to win the bid to open an IR in Japan; however, the SEC's Cease-and-Desist Order states that the illicit payments amounted to approximately $2.5 million. The difference appears to have resulted from additional consulting payments that 500.com allegedly paid to two consultants for no legitimate deliverables from August 2017 to September 2019. Both the DOJ and SEC stated that 500.com hired consultants to target and bribe government officials in Japan on behalf of the company and entered into sham agreements to justify large wire transfers for services never provided. 

The bribes included cash and wire transfers, as well as extravagant trips, gifts, and entertainment, including private jet travel, a ski trip, gambling chips, shopping sprees, sex workers, meals, and five-star accommodations. Notably, the DOJ stated that 500.com, as an issuer, used "mails and means and instrumentalities of interstate commerce corruptly" in furtherance of the bribery scheme, including through paying certain bribes in U.S. dollar via a USD denominated account or through a U.S. correspondent bank and filing Sarbanes-Oxley certifications electronically through SEC servers located in New Jersey. 

500.com recorded the bribe payments as legitimate expenses in its books and records, with descriptions such as "IR research and reports" and "Management expense advisory fees." Notably, despite the bribery scheme, 500.com ultimately was not awarded a bid to open an IR in Japan, and its offices were raided by Japanese authorities. Further, as noted by the SEC, prosecutors in Tokyo charged the Japanese officials and 500.com's consultants for accepting or paying bribes. 

BIT Mining's Settlements with the DOJ and SEC 

In its resolution with the DOJ, BIT Mining entered into the DPA in connection with charges of "one count of conspiracy to violate the anti-bribery and books and records provisions of the FCPA and one count of violating the books and records provisions of the FCPA" and agreed to pay a criminal penalty of $10 million. According to the DPA, the appropriate criminal penalty under the U.S. Sentencing Guidelines for BIT Mining was $54 million, but the penalty was reduced because BIT Mining demonstrated its inability to pay. BIT Mining was not required to pay any forfeiture because DOJ was unable to trace any proceeds to the alleged offenses. As part of the DPA, BIT Mining agreed to continue to (1) cooperate with the DOJ in any ongoing or future investigations, (2) improve its compliance program, and (3) report to the DOJ on the implementation of compliance and remedial measures for the duration of the DPA. The DPA does not require a monitor. 

BIT Mining received credit for voluntarily producing documents, financial data, and information from its internal investigation. It is worth noting that the evidence relied on by the DOJ included WeChat and text messages, including voice messages, which were likely produced by BIT Mining. Nevertheless, DOJ noted that the company's cooperation was "reactive and limited in degree and impact." The DOJ also noted that BIT Mining engaged in timely remediation, which included increasing the Board's "governance and oversight of compliance risks and audit findings," improving its compliance policies and enhancing compliance trainings and communications, incorporating compliance consideration in senior management's performance reviews, performing periodic risk assessments, and "transitioning its business model to an industry that presents a lower corruption risk and reducing its presence in high risk regions."

In its settlement with the SEC, BIT Mining consented to the finding that "it violated the anti-bribery, recordkeeping, and internal accounting controls provisions of the FCPA." It also agreed to pay a civil penalty of a $4 million (which would be credited towards the $10 million penalty imposed by the DOJ) and "to cease and desist from committing or causing any violations and any future violation."

We discuss the related indictment of former 500.com CEO Zhengming Pan below. 

Key Takeaways

• Reduction in Penalty Due to Inability to Pay: As noted above, DOJ reduced the criminal penalty significantly from $54 million to $10 million in accordance with its policy due to BIT Mining's inability to pay. On October 8, 2019, DOJ's Criminal Division issued a Memorandum on Evaluating a Business Organization's Inability to Pay a Criminal Fine or Criminal Monetary Penalty to "provide guidance and an analytical framework" for making an inability-to-pay assessment. The DOJ considers various factors when assessing whether an organization has demonstrated an inability to pay, including the reasons behind its current financial condition, alternative sources of capital, possible collateral consequences, and restitutions to victims. A more detailed Inability-to-Pay Questionnaire is attached to the Memorandum. In this case, DOJ was satisfied that BIT Mining demonstrated an inability to pay the full amount, which was independently verified by the DOJ "with the assistance of a forensic accounting expert." 
  
  Despite the reduction in penalty, this case serves as a stark reminder of the severe consequences that a company may face and significant costs it may incur when it attempts to obtain or retain business through foreign bribery. Here, 500.com never won a bid or otherwise entered the IR market in Japan despite paying $1.9 million to $2.5 million in bribes, but it had to pay approximately five times of that amount in penalties, in addition to the investigation and compliance costs.
• Navigating Foreign Law While Cooperating with DOJ: DOJ encourages companies to provide "full cooperation" to its investigations as laid out in its Corporate Enforcement and Voluntary Self-Disclosure Policy. Full cooperation entails, among others, timely "disclosure of all non-privileged facts relevant to the wrongdoing at issue" and "voluntary preservation, collection, and disclosure of relevant documents and information relating to their provenance." However, this requirement has becoming increasingly challenging when an investigation involves data in China due to a series of complex local national security and data regulations. In this case, although the DOJ found BIT Mining's cooperation "reactive and limited in degree and impact," it gave credit to the company for voluntarily producing data from "foreign countries, while navigating some foreign data privacy and related criminal laws." The DOJ has made it clear that if a company's disclosure of data is prohibited or limited "due to data privacy, blocking statutes, or other reasons related to foreign law, the company bears the burden of establishing the existence of such a prohibition or restriction and identifying reasonable and legal alternatives" to help the DOJ "preserve and obtain the necessary facts, documents, and evidence for its investigations and prosecutions."
• Prosecutions in Japan: The SEC referenced the parallel enforcement action in Japan in its Cease-and-Desist Order. Notably, two Japanese officials were convicted in 2021 of accepting bribes, and three consultants (two Japanese nationals and one Chinese national) pleaded guilty in Tokyo District Court to paying bribes on behalf of 500.com. One executive of a tour company also pleaded guilty to conspiring with two of the consultants in the bribery scheme.
• Indictment of Chinese National and Resident: Although the FBI stated that the indictment against Pan "highlights the FBI's commitment to holding individuals accountable for illegal conduct," it remains unclear whether Pan, a Chinese national and resident, will be subject to U.S. jurisdiction to face trial.

McKinsey Africa Settles with DOJ Over Misconduct in South Africa

On December 5, 2024, McKinsey and Company Africa (PTY) Ltd. (McKinsey Africa), a wholly owned subsidiary of global consulting firm McKinsey & Company, Inc. (McKinsey), agreed to pay more than $122 million to resolve a U.S. investigation regarding the company's alleged misconduct in South Africa. Specifically, McKinsey Africa entered into a three-year DPA with the DOJ and agreed to pay a criminal penalty of $122.9 million in connection with the filing of a criminal information in the Southern District of New York to resolve charges involving one count of conspiracy to violate the anti-bribery provisions of the FCPA for its conduct in South Africa. In addition, on December 6, 2024, McKinsey Africa entered into a resolution with South Africa's National Prosecuting Authority (South Africa NPA) resulting in a criminal penalty of R1.1 billion (approximately $55 million) to end a parallel investigation related to the same conduct. Further to the terms of the DPA, the DOJ agreed to credit McKinsey Africa up to $61.4 million toward the amount paid by the company to South African authorities.

As described in greater detail below, on December 5, 2024, the DOJ also unsealed the guilty plea of Vikas Sagar, a former senior partner at McKinsey, who pled guilty to conspiracy to violate the anti-bribery provisions of the FCPA on December 16, 2022 for his role in the alleged misconduct contained in the DPA's Statement of Facts and the criminal information. 

McKinsey Africa did not receive voluntary disclosure credit pursuant to the DOJ's CEP; however, the company received cooperation credit. The DPA notes that such cooperation included "(i) immediately and proactively cooperating from the inception of the [DOJ's] investigation; (ii) making numerous factual presentations to [the DOJ]" based on information collected through the company's internal investigation; "(iii) collecting, reviewing, and producing voluminous records, including those located abroad, in response to requests from [the DOJ]; (iv) promptly reporting the discovery of document-deletion efforts by the McKinsey partner involved in the conduct found during its internal investigation, taking additional investigative steps to uncover information and evidence regarding those efforts, and producing such information and evidence to [the DOJ]; (v) reporting, in real time, newly discovered information and documents"; "(vi) tracing complex internal accounting money-flows and currency exchange-information in response to requests from [the DOJ]; (vii) preserving, collecting, and producing… documents located abroad, and engaging a third-party forensics consultant to analyze key electronic devices" and producing the results of that analysis to the DOJ; "(viii) collecting and producing to [the DOJ] personal email and bank account information of the McKinsey partner involved in the conduct"; "(ix) engaging with [the DOJ] in response to a deconfliction request to preserve the integrity of [the DOJ's] investigation; and (x) making company officers and employees available for interviews."

 As a result of its cooperation, "timely remedial measures," commitment to "continuing to enhance compliance program and internal controls," absence of prior criminal history and civil settlements, and the company's resolution with the South Africa NPA, McKinsey Africa received a 35 percent reduction off the fifth percentile of the applicable fine range based on the U.S. Sentencing Guidelines. 

McKinsey Africa avoided the imposition of a monitor "based on [McKinsey Africa's] and McKinsey's remediation and the state of their compliance program" as well as the company's and McKinsey's "agreement to report" further to the DPA's Attachment D – or "Enhanced Compliance Reporting Requirements" – described in greater detail below. 

According to the DPA and criminal information, from 2012 to 2016, McKinsey Africa, through Sagar who acted "for and on behalf of McKinsey Africa" as a senior partner working in McKinsey's office in Johannesburg, South Africa, "agreed with others to bribe foreign officials in South Africa to obtain and retain business for McKinsey and McKinsey Africa" and its local corporate partners, Company 1 and Company 2. The alleged scheme involved efforts by McKinsey Africa, Company 1, Company 2, and two South African businesspersons (identified by the DOJ as "CC 1" and "CC 2") who acted as intermediaries to obtain lucrative consulting contracts from two South African state-owned companies – Transnet CO Ltd. (Transnet), a company that "operated as the custodian of South Africa's ports, rails, and pipelines" and Eskom Holdings SOC Ltd. (Eskom), South Africa's public power utility operator. According to the DPA, McKinsey Africa and its co-conspirators "(a) obtained sensitive confidential and non-public information from Transnet and Eskom through CC 1, CC 2, and others regarding the award of consulting contracts; and (b) submitted proposals for multi-million-dollar consulting contracts to Transnet and Eskom on behalf of McKinsey Africa" and Company 1 and Company 2, "knowing that a portion of the proposed consulting fees from the contracts would be used to pay bribes" to foreign officials at Transnet and Eskom. 
 
Bribery Scheme Involving Transnet 

The relevant document state that, further to South Africa's Broad-Based Black Economic Empowerment Act of 2003 and related policies (collectively, the BBBEE program) McKinsey Africa's "ability to obtain contracts with Transnet depended, in part, on McKinsey Africa's engagement of certain local South African subcontractors as BBBEE program partners." To conduct business with Transnet and other state-owned entities, McKinsey Africa, "agreed to split the fees that were payable on contracts for which it partnered with South African companies." In practice, this meant that McKinsey Africa's clients would "pay a portion to McKinsey Africa and a portion directly to McKinsey Africa's BBBEE partner." 
  
In 2011, Sagar began meeting with Foreign Official 1 – a former acquaintance of Sagar and a "high-ranking official and board member at Transnet with responsibility over procurement and contracting" – to obtain business from Transnet. According to the DPA, in 2012, Foreign Official 1 "suggested to Sagar that McKinsey Africa engage Company 1 as its BBBEE program partner for future consulting engagements at Transnet," to which Sagar agreed. Following a meeting facilitated by Foreign Official 1 in the second half of 2012 between Sagar and representatives of Company 1, Sagar "exercised his influence" to "encourage the selection of Company 1 as McKinsey Africa's BBBEE partner for consulting work at Transnet." McKinsey Africa ultimately selected Company 1 in late 2012. 

Around the same period, the DPA states that Foreign Official 1 also introduced Sagar to CC 1 – a South African businessperson "with no apparent connection to Transnet"—indicating that CC 1 "would serve as Sagar's intermediary for communications with Foreign Official 1 relating to McKinsey Africa's contracts with Transnet." Consistent with Foreign Official 1's instruction, CC 1 "acted as Sagar's primary point of contact regarding McKinsey Africa and Company 1's efforts to obtain consulting contracts from Transnet, and the division of fees between McKinsey Africa and Company 1." According to the DPA, "Sagar understood" that a portion of the fees would be "to or for the benefit of CC 1 and Foreign Official 1." Moreover, "[i]n return for the bribes, Foreign Official 1 acted as McKinsey Africa's 'inside man' at Transnet, providing confidential, inside information from Transnet through CC 1 and orchestrating the award of multiple lucrative contracts to McKinsey Africa" for numerous years. 

The DPA notes that Sagar and CC 1 took various steps "to avoid detection" of these activities. Specifically, Sagar and CC 1 held meetings outside of McKinsey Africa or Transnet offices at "coffee shops, restaurants, and other locations" in Johannesburg and "limited their use of written communications over the course of the scheme." Moreover, "when they did correspond via email, they often used personal email addresses rather than Sagar's McKinsey email address." 

Through Sagar, McKinsey Africa also "received sensitive non-public information from Transnet" via CC 1, including "inside information regarding McKinsey Africa's competitors for contracts and Transnet's decision-making for such contracts." According to the DPA, CC 1 "advised Sagar as to the identities of potential competitors for consulting contracts that McKinsey Africa sought at Transnet and provided advance assurances that McKinsey Africa" would be awarded a consulting contract related to the acquisition of locomotives. Sagar also "shared confidential McKinsey Africa information and work product with CC 1 regarding the work that McKinsey Africa sought to conduct at Transnet and its proposed engagement with Company 1." 

The DPA also notes that, over time and at "CC 1's urging – which Sagar understood to be coming from Foreign Official 1" the division of fees between McKinsey Africa and Company 1 shifted such that Company 1 received an increasing amount, "even though Company 1's contributions to the work being done for Transnet diminished." Furthermore, according to the DPA, through Sagar, McKinsey Africa submitted proposals for "multi-million-dollar consulting contracts" to Transnet with the understanding that "a portion of the consulting fees from the contracts would be used to pay bribes to Foreign Official 1." 

In addition to Sagar, the DPA notes that other McKinsey Africa personnel "whom Sagar did not advise of the bribery scheme" also participated in preparing Transnet (and later Eskom), "[r]equests for [p]roposals and internal memoranda that justified the award of contracts without a public tender process." According to the DPA, these efforts were designed to "prevent McKinsey Africa's competitors from competing fairly for awards of contracts."  

Bribery Scheme Involving Eskom 

The DPA details a similar scheme involving Eskom which began in around 2015 when "multiple Transnet executives who had worked with McKinsey Africa transitioned to leadership positions at Eskom" and CC 2 informed Sagar of CC 2's plan to spin off Company 2 as a new consulting entity. As with Transnet, McKinsey Africa also sought to obtain consulting contracts at Eskom, with Sagar joining McKinsey Africa's client service team for Eskom. Moreover, from approximately 2015 until approximately 2016, Sagar "continued to work with CC 1 and CC 2, with the understanding that the bribery scheme at Transnet would continue at Eskom."

According to the DPA, Company 2 replaced Company 1 as McKinsey Africa's BBBEE corporate partner vis a vis Eskom, with Foreign Official 2 replacing Foreign Official 1 as the recipient of the bribes. Moreover, CC 1 continued to work on McKinsey Africa's behalf "to orchestrate the award of contracts to McKinsey Africa" in exchange for a portion of the fees paid to Company 2 and Foreign Official 2. The DPA also highlights communications between Sagar and Foreign Official 2, which "focused heavily on the proposed fee split between McKinsey Africa and [Company 2], insisting that fees be split 50/50." CC 1 and personnel from Company 2 also pressured Sagar to an even fee split. For example, Company 2 personnel in November 2015 emailed Sagar's McKinsey's business and personal email addresses, copying CC 1 and CC 2, "(i) requesting proof that fees from the engagement would be subject to a '50/50' fee split and (ii) noting that CC 1 needed such proof in advance of setting up a meeting with key Eskom executives." Sagar replied "using his personal email address, copying CC 1, and attaching a confidential internal McKinsey Africa spreadsheet showing a near-50 percent split for Company 2 from the project," which amounted to "hundreds of millions of U.S. dollars in projected revenue." Again, the DPA states that Sagar's knowledge and understanding that "a portion of the contract split for Company 2 would be paid to Foreign Official 2 in exchange for Eskom awarding the contract to McKinsey Africa" and Company 2. Eskom ultimately awarded the contract to McKinsey Africa in approximately December 2015. 

Notably, the DPA states that McKinsey Africa began working with Company 2 on the Eskom contract before it had completed its due diligence process on Company 2. McKinsey Africa ultimately "rejected Company 2 as a BBBEE partner" following Company 2's failure to adequately respond to McKinsey Africa's due diligence inquiries in approximately March 2016. Moreover, although McKinsey Africa notified Eskom that it would not engage Company 2 as its BBBEE partner, the company "continued to work alongside Company 2 at Eskom, until Eskom notified McKinsey Africa in June 2016 that the contract would be terminated." McKinsey Africa also terminated its engagement with Company 1 following public reports "regarding the involvement of a recently departed Company 1 executive in a scandal, and linking the Company 1 executive to politically exposed persons." 
 
One likely basis for DOJ jurisdiction over these activities was the fact that Sagar met a "senior executive of Eskom and others" in New York City to "discuss the Company's work under the contract in furtherance of the bribery scheme" on October 5, 2016. McKinsey Africa's work for Eskom ended shortly thereafter in approximately November 2016. 

Key Takeaways

• Enhanced Compliance Reporting Requirements: As noted above, like other corporations subject to resolutions involving DPAs, McKinsey Africa and its parent, McKinsey, are subject to compliance reporting requirements most commonly known as "Attachment D: Compliance Reporting Requirements." It is notable that the parent company agreed to take on additional compliance obligations as part of the disposition – including program enhancements at the global level. In addition, McKinsey Africa's DPA with the DOJ appears to contain more stringent reporting requirements than some prior cases, specifically with respect to periodic meetings with the DOJ during the DPA's three-year term. McKinsey Africa's Attachment D – titled "Enhanced Compliance Reporting Requirements" – provides for regular meetings with the DOJ within 30 days after submitting each report and "at least quarterly, and more frequently" if "deem[ed] appropriate" and in the DOJ's "sole discretion." As we have discussed previously, the DOJ regularly uses DPAs and NPAs to update its standard compliance program standards and other obligations, including as to reporting of issues, over time. Time will tell whether the more structured meeting requirements here are unique to this matter or will be used in future dispositions. 
• BBBEE- and Eskom-Related Corruption and DOJ-South Africa NPA Cooperation: This case represents another in a line of FCPA-related cases involving the use of third parties within the scope of the BBBEE initiative. Most recently, in May 2023, U.S. consulting firm Gartner, Inc. settled with the SEC for $2.46 million overpayments using a BBBEE partner company related to a contract with the South Africa Revenue Service. Other cases include the December 2022 ABB disposition with the DOJ and SEC and a 2015 SEC resolution with Hitachi in which the SEC found that Hitachi selected BBBEE partners as vehicles for political influence. Like the McKinsey Africa disposition, the ABB and Hitachi cases also involved contracts with Eskom, as did the January 2024 case involving SAP. The DOJ press release for the McKinsey Africa case noted the multiple recent instances of cooperation between the DOJ and the South Africa NPA, which is part of the DOJ's ICAB-driven cooperation efforts (which are discussed in the Introduction section above). 
• Involvement of Senior Leadership: As noted above and discussed in greater detail below, the DPA and criminal information highlights the role Sagar – a former senior partner at McKinsey who worked in McKinsey Africa's Johannesburg office – played in the bribery scheme involving Transnet and Eskom. Specifically, in various sections, the DPA states that acts in furtherance of the company's conspiracy to bribe foreign officials in South Africa occurred "through Sagar." The DPA also notes instances in which Sagar "exercised his influence within McKinsey Africa" in connection to the company's selection of Company 1 and "received sensitive non-public information" ostensibly to aid McKinsey Africa in the preparation of Requests for Proposals. The fact that Sagar, a senior member of leadership was involved in misconduct underscores the importance of "conduct at the top." 

U.S. Aviation Services Company AAR Enters into DOJ NPA, SEC Settlement Over Bribery Schemes in Nepal and South Africa

On December 19, 2024, the DOJ and the SEC announced FCPA anti-bribery resolutions with AAR CORP. (AAR), a U.S. "issuer" providing aviation services, based on allegations of two separate bribery schemes to obtain business with state-run airlines in Nepal and South Africa. The SEC Order (Order) also found that AAR violated the FCPA's books and records and internal accounting controls provisions. AAR entered into an 18-month NPA with the DOJ and settled with the SEC, agreeing to pay over $55 million in penalties, administrative forfeiture, and disgorgement/prejudgment interest. 

On the same day, the SEC settled with Deepak Sharma, a U.K. citizen and "former high-level employee of an AAR subsidiary," for his involvement in both schemes. The SEC charged Sharma with violating the anti-bribery provision of the FCPA and causing AAR to violate the accounting provisions of the FCPA. Both Sharma and Julian Aires, a U.S. citizen and third-party agent of AAR who participated in the South Africa scheme, pleaded guilty to conspiracy to violate the anti-bribery provisions of the FCPA earlier in 2024, as reported in our 2024 FCPA Autumn Review. The SEC ordered Sharma to pay nearly $185,000 in disgorgement and prejudgment interest, $130,835 of which was deemed satisfied by forfeiture in conjunction with his DOJ guilty plea. Sharma and Aires are awaiting sentencing for their guilty pleas. 

Nepal Bribery Scheme

The Nepal AAR scheme occurred between 2015 and 2018, when, according to the Order, Sharma "orchestrated and implemented a bribery scheme to win a contract for the sale to Nepal Airlines of two Airbus A330 aircraft valued at approximately $210 million." The SEC and DOJ alleged that Sharma, whom the DOJ characterized as an agent of AAR, obtained an unpublished draft of the request for proposal (RFP) for the aircraft contract from an official of Nepal Airlines, a state-owned airline and the flag carrier for the government of Nepal. Sharma was able to tailor the RFP to ensure AAR would win the contract. The enforcement agencies alleged that Sharma then orchestrated a scheme involving multiple third-party agents to pay "commissions" to various helpers, including a Hong Kong-based company that was engaged by AAR despite due diligence red flags—such as indicators that the company had no relation to the aviation industry and would receive an unusually high commission rate. The scheme employed intermediaries and multi-layered transactions to obfuscate these payments. These efforts included backdating an agreement to grant one agent an $8 million commission, then creating a new company to receive payments when the designated recipient's bank blocked the transaction. According to the DOJ and SEC, Sharma knew that a portion of these payments to the third parties would be paid to Nepali officials as bribes, including to the official who had initially shared the AAR RFP with him.

The Order concludes that "AAR failed to devise and maintain internal accounting controls related to vendor management and accounts payable sufficient to provide reasonable assurances that AAR personnel were adhering to AAR's Global Anti-Corruption Policy and its procedures regarding the retention of and payments to third-party agents." The SEC found that AAR was unjustly enriched by $6 million as a result of this scheme.

South Africa Bribery Scheme

According to the SEC, between January 2016 and February 2020, a South African agent of AAR "bribed South African government officials to obtain a contract for an AAR subsidiary to provide aftermarket aviation services to South African Airways Technical," a state-owned subsidiary of South African Airways. According to the DOJ and SEC resolutions, the scheme developed following repeated failed bids by AAR on South African aviation contracts, which prompted a then-AAR executive to seek connections with South African Airways Technical (SAAT)'s Chairperson and Head of Procurement. The head of procurement nudged AAR's executive toward selecting aviation services company JM International as its BBBEE partner. Acquiring a BBBEE partner is generally required to contract directly with the South African government, pursuant to a government policy designed to redress the harms of apartheid by promoting the participation of Black people in the South African economy. 

When SAAT issued a bid request, Julian Aires (president of JM International) and a colleague met with SAAT's head of procurement and agreed that, in exchange for the head of procurement ensuring that AAR won the bid, JM International and three South African Airways officials would share in the contract proceeds. One of the officials provided Aires with confidential information regarding competitors and bid scoring, which Aires shared with Sharma and other AAR employees. AAR submitted its bid with JM International as its BBBEE partner and won the contract. According to the DOJ and SEC, Sharma, Aires, and Aires' colleague facilitated the payment of bribes to three different South African officials by way of "success fees" and "commission payments" totaling $5.4 million. The SEC found that AAR was unjustly enriched by more than $17 million as a result of this scheme.

Resolution and Remediation

In granting AAR an NPA, the DOJ credited AAR pursuant to the Criminal Division CEP with proactively reporting its misconduct before learning the DOJ was aware of it and cooperating extensively with the DOJ's investigation. The DOJ noted that AAR provided information obtained through its internal investigation, including forensic analysis of electronic evidence, such as mobile device imaging and "decrypting recovered chat messages." The NPA also credits AAR with timely and appropriate remediation, which included reducing its use of international sales agents; enhancing onboarding and vetting of third parties; "implementing a compliance risk assessment program"; and "beginning to roll out a messaging application retention tool." Accordingly, AAR's criminal monetary penalty reflects a 45 percent reduction off of the applicable guidelines sentence. However, AAR failed to earn credit for voluntary self-disclosure, because media outlets in both Nepal and South Africa had already published articles casting suspicion on the relevant transactions, and a whistleblower had reported allegations regarding the Nepal scheme to the DOJ twelve days before AAR self-reported.

The Order cites largely similar factors as the DOJ in explaining its resolution, also crediting AAR with self-reporting its misconduct after learning about press reports regarding potential corruption stemming from the Nepal scheme; implementing remedial measures; and cooperating with the SEC's investigation. In addition, the Order mentions that AAR "separat[ed] from employees… who inadequately responded to red flags" and has "undertaken an analysis of its compliance program and continues to make improvements utilizing anticorruption risk assessments, data analytics, internal audits, and internal accounting controls related to third-party management."

Key Takeaways

• Spotlight on the Airline Industry: AAR is one in a long line of DOJ and SEC resolutions that have involved the airline industry—a trend that dates back to the beginning of the modern era of FCPA enforcement. U.S. enforcement authorities have long tackled foreign bribery involving state-run airlines, such as in the SEC's 2008 settlement with Con-way Inc., which punished two shipping subsidiaries for bribing airline officials for preferential treatment on state-owned aircraft in the Philippines. More recently, as we covered in our FCPA Autumn Review 2022, Brazilian airline GOL—Brazil's second largest domestic airline—resolved investigations by the DOJ and SEC for FCPA violations in connection with a scheme that included bribing politicians regarding legislation that would lower the aviation fuel tax. The staggering enforcement against aerospace manufacturer Airbus SE, covered in depth in our FCPA Spring Review 2020, involved global schemes to bribe government officials as well as non-governmental airline executives to obtain business deals. In Miller & Chevalier's data set, which tracks known FCPA investigations by industry since 2010, the aviation industry ranks eighth, with a total of 13 investigations.
• Consistent Enforcement Related to South Africa: AAR serves as yet another example of the wave of recent resolutions that have involved activity in South Africa. These include SAP SE, which faced one of 2024's highest total penalties in its agreements with the SEC and DOJ, as well as parallel enforcement by the South Africa NPA. Furthermore, in one of the final resolutions of 2024 (also discussed in this Review), McKinsey's South African subsidiary resolved bribery allegations with the DOJ—which again involved a coordinated resolution with South African prosecutors. Interestingly, the DOJ and SEC did not coordinate AAR's resolution with South African authorities and did not reference cooperation with South Africa in the press releases announcing the resolutions.
• Emphasis on Data Access: In crediting AAR with cooperation involving "proactively preserving, imaging, and conducting extensive forensic analysis of key electronic evidence," the DOJ's NPA specifically praised AAR for mobile imaging, document recovery, and decryption of chat messages. Furthermore, in crediting AAR's remedial efforts, the DOJ cited that AAR was "beginning to roll out a messaging application retention tool." This discussion of data access reinforces the DOJ's recent pronouncements regarding ephemeral messaging and other mobile data being valuable sources of evidence. Recent DOJ policy statements and speeches, as well as the September 2024 ECCP updates, have emphasized the importance of being able to access such data, and AAR was accordingly credited with having taken data-oriented measures in conjunction with the DOJ's investigation and its compliance program enhancements.
• DOJ Gives "Significant Weight" to Self-Reporting: The DOJ's NPA states that although AAR did not receive credit for voluntary disclosure per the CEP or U.S. Sentencing Guidelines, the DOJ gave "significant weight" to its self-reporting of misconduct. The NPA states that this factor contributed not only to the form of the resolution, but also to the NPA's duration and the penalty amount, which, as previously mentioned, was a 45 percent discount off of the applicable sentence. This "weight" aligns with the DOJ's heightened emphasis on self-reporting through recently announced amendments to the CEP. As announced by Former Principal Deputy Assistant Attorney General Argentieri in a November publication, these revisions provide that prosecutors will consider companies' good faith self-reporting in determining the form, penalty, and length of term – even if such disclosure does not meet the policy definition of "voluntary self-disclosure" required to qualify for a declination.

Actions Against Individuals

DOJ Unseals Guilty Plea of Former Senior Partner of McKinsey for Conspiracy to Violate the FCPA

As noted above, on December 5, 2024, the DOJ unsealed the guilty plea of Vikas Sagar, a former senior partner at the global consulting firm, McKinsey & Company, Inc. (McKinsey) who pled guilty to one count of conspiracy to violate the anti-bribery provisions of the FCPA on December 16, 2022, for his role in the alleged misconduct that gave rise to McKinsey's wholly owned African subsidiary, McKinsey and Company Africa's (PTY) Ltd, (McKinsey Africa) resolution with the DOJ. 

According to the one-count criminal information filed in the Southern District of New York, Sagar – an "employee and agent" of McKinsey, Indian national, lawful permanent resident of the U.S., and resident of South Africa – was a "domestic concern" as defined by the FCPA. As a partner working in McKinsey Africa's Johannesburg office, the criminal information states that Sagar "agreed with others to bribe foreign officials" at two state-owned companies in South Africa, Transnet and Eskom, "to steer business and award consulting contracts to [McKinsey Africa]" and its local South African partners, Company 1 and Company 2.

In furtherance of the bribery scheme set forth in McKinsey Africa's DPA with the DOJ, Sagar "and his co-conspirators… (a) obtained confidential and non-public information from Transnet and Eskom" through two South African businesspersons, CC-1 and CC-2, "and others, regarding the award of consulting contracts; (b) submitted proposals for multi-million-dollar consulting contracts to Transnet and Eskom on behalf of [McKinsey South Africa] and its partner firms, [Company 1 and Company 2], knowing that a portion of the proposed consulting fees from the contracts would be used to pay bribes to" two foreign officials from Transnet and Eskom (Foreign Official 1 and Foreign Official 2, respectively); "(c) drafted portions of Transnet's and Eskom's requests for consulting bids and internal memoranda justifying the non-use of public-tenders in an effort to exclude [McKinsey Africa's] competitors and improperly influence the award of contracts to [McKinsey Africa] and its partner firms; and (d) deleted emails and files to destroy evidence of the scheme." 

Specific examples of "overt acts" in furtherance of the conspiracy contained in the criminal information state that between 2012 and 2016, Sagar:

• Submitted "proposals for multi-million dollar consulting contracts relating to Transnet's management of coal, manganese, iron ore, and a new multi-product pipeline, on behalf of [McKinsey Africa] and its partner firm, [Company 1]." 
• Sent two emails in February 2014 and November 2015 to CC-1 "attaching an internal [McKinsey Africa] document regarding the proposed split of Transnet and Eskom consulting fees between [McKinsey Africa] and Company 2."
• "Discussed concerns related to a potential impending audit of [McKinsey Africa's] contracts with Transnet and Eskom and the risk that the audit would reveal [McKinsey Africa's] practice of drafting portions of Transnet's and Eskom's requests for consulting bids and internal memorandum" with other McKinsey Africa employees. Specifically, Sagar and other McKinsey Africa employees discussed "the need to delete documents in advance of the audit" resulting in the deletion of emails and other electronic files by Sagar between approximately May 2016 and July 2016.
• Met other McKinsey Africa employees, an Eskom employee, and "others" in New York City on approximately October 5, 2016 "to discuss the performance of a contract that [McKinsey Africa] had obtained through the payment of bribes to a South African official." 

Sagar also agreed to forfeiture of property, "representing the amount of proceeds traceable to the commission" of the FCPA violation for which he pled guilty.

Son of Former Ecuadorian Official Pleads Guilty for Role in Bribery Scheme

On November 7, 2024, former Miami banker John Christopher Polit (John Polit) entered a plea agreement with the DOJ, pleading guilty to one count of conspiracy to commit money laundering, in connection with an international bribery scheme. John Polit had been scheduled to go to trial in November 2024. The scheme involved John Polit's father, Carlos Ramón Polit Faggioni (Carlos Polit), the former Comptroller General of Ecuador. As previously reported, Carlos Polit was convicted in April 2024 for his role in soliciting and receiving bribes from the Brazilian construction company Odebrecht S.A., allegedly paid for fine exemptions, and accepting a bribe from a businessman to obtain contracts with Ecuador's state-owned and controlled insurance company, Seguros Sucre S.A. As part of his guilty plea, John Polit admitted to laundering funds from the Odebrecht and Seguros Sucre bribery schemes into the Southern District of Florida. John Polit admitted to facilitating the receipt of funds from the Odebrecht scheme through intermediary companies in Panama. He also admitted to receiving the funds from the Seguros Sucre scheme directly into a South Florida account he controlled, concealing the transaction with a fraudulent invoice.

John Polit was originally scheduled to be sentenced on January 30, 2025, but sentencing was delayed by agreement of both sides until April 30, 2025. Under the plea agreement, he faces a maximum 10-year sentence and is required to forfeit approximately $16.5 million. His father was sentenced in October 2024 to 10 years imprisonment followed by three years of supervised release, and was also ordered to forfeit the same $16.5 million; on that point, the plea agreement states, "[t]he United States agrees that it cannot collect a total of more than $16.51M from the Defendant and co-defendant Carlos Roman Polit, who has been convicted and sentenced in" the Carlos Polit case.

Connecticut-Based Businessman Sentenced for Money Laundering

Connecticut businessman Gary Oztemel was sentenced in October 2024 to two years of probation and a forfeiture of $301,575 for his role in a $30.5 million bribery scheme. Oztemel pled guilty in June 2024 to money laundering, and as part of his plea agreement, admitted to paying bribes to foreign officials at Brazil's state-owned oil enterprise, Petróleo Brasileiro SA (Petrobras). The bribes were made in exchange for information that assisted one of Oztemel's companies, and two Connecticut-based trading companies, in obtaining and retaining business with Petrobras. 

Oztemel's plea agreement stipulated a Federal Sentencing Guidelines range of 21 to 27 months for his offense, including application of the zero-point-offender reduction. Oztemel advocated for a sentence of probation, emphasizing his cancer prognosis and treatment needs, age, lack of criminal history, and limited involvement in the bribery scheme. The government sought a sentence in the guidelines range, but consistent with the terms of the plea agreement, did not object to a downward departure based on Oztemel's medical condition. The government disputed Oztemel's characterization of his role in the scheme, noting that although Oztemel's role diminished over the eight years of the scheme, Oztemel actively participated in the bribery for several years, never abandoned the conspiracy, and continued to receive corrupt payments throughout.

As previously covered, Oztemel's brother, Glenn Oztemel, was convicted of seven counts in September 2024 for his role in the bribery and money laundering scheme, including FCPA violations, money laundering, and conspiracy offenses.

Miami Businessman Sentenced to Time Served After Plea Agreement for FCPA Charges

After a series of postponements, Miami-based businessman Fernando Ardila-Rueda (Ardila) was sentenced on October 19, 2024, in a foreign-bribery scheme seven years after he entered a plea agreement. Ardila pled guilty to one count of violating the FCPA, and a related conspiracy charge, in October 2017. According to the 2017 DOJ press release, Ardila admitted to conspiring to pay bribes and other things of value to purchasing analysts at the Venezuelan state-owned energy company Petroles de Venezuela S.A. (PDVSA). The bribes were paid in exchange for assistance in obtaining and retaining energy contracts with PDVSA. According to the August 2017 information, Ardila was the minority owner of certain U.S.-based energy companies that supplied equipment and services to PDVSA and served as the sales director for several of these companies. 

Ardila was sentenced to time served. Consistent with his plea agreement, the court also ordered Ardila to forfeit nearly $4.5 million. The sentencing memoranda and Ardila's plea agreement have been sealed. Ardila's business partner and majority owner of the relevant companies, Abraham Jose Shiera Bastidas, entered into a plea agreement for his role in the bribery scheme, and was sentenced to prison for 12 months in October 2022.

BIT Mining CEO's Indictment in FCPA Investigation from June 2024 Unsealed 

On November 18, 2024, the DOJ announced the unsealing of a June 18, 2024 indictment from a federal grand jury in the District of New Jersey charging Chinese national Zhengming Pan, the former CEO of 500.com (now known as BIT Mining) and a Chinese national, with FCPA and related violations for his alleged role in a bribery scheme. Specifically, the indictment charges Pan with one count of conspiracy to violate the FCPA's anti-bribery and internal accounting controls provisions, one count of violating the FCPA's anti-bribery provision, and one count of falsifying books and records under the FCPA. The announcement of Pan's indictment occurred in conjunction with DOJ and SEC announcements of corporate dispositions with BIT Mining, which are discussed in detail in the article above. 

According to the indictment, from approximately 2017 to December 2019, Pan and his co-conspirators paid "approximately $1.9 million" to Japanese public officials and consultants to assist the company with its goal of entering the IR market in Japan. According to the indictment, various consultants routed bribe payments to Japanese public officials "with Pan's knowledge, authorization, and at his direction." The consultants allegedly paid relevant officials in cash and falsely invoiced the company. Per the indictment, through 500.com, Pan also offered and "caused" the company to offer and fund gifts, luxury travel, and entertainment to officials, including trips on a private jet, luxury goods, and casino chips.

The indictment also alleges that Pan recorded bribe payments in company records as if they were legitimate payments while knowing otherwise. For example, 500.com contracted with a consulting company to pay for "integrated resort research and reports," which were never drafted. According to the indictment, the purpose of these sham consulting contracts was to create access to company funds to pay bribes to Japanese public officials. 

Since payments that were intended to be used for bribes were allegedly routed through the United States, Pan was charged under the FCPA's bribery provision. Additionally, the indictment charges Pan with willfully falsifying 500.com books and records, including by submitting two falsified CEO certifications for the company's 20-F filings that violated section 302 of the Sarbanes-Oxley Act. 

As of the date of publication, the U.S. has not secured custody of Pan. 

SEC and DOJ Charge Adani Green and Azure Power Executives in Multi-Million Dollar Bribery Scheme in India

On November 20, 2024, the SEC charged Chairman Gautam Adani and Executive Director Sagar Adani of Adani Green Energy Ltd.'s (Adani Green's) Board of Directors with a violation of Section 17(a) of the Securities Act of 1933 (Securities Act) and a violation of Section 10(b) of the Securities Act and associated Rule 10b-5. These broad general anti-fraud provisions cover, for example, fraudulent misrepresentations related to the sale of securities and insider trading, among other aspects. The SEC also charged each individual with one count of aiding and abetting of each of the alleged violations above. In a separate complaint filed the same day, the SEC charged Cyril Cabanes, a Board Director of U.S. issuer Azure Power Global Ltd. (Azure), with violating the anti-bribery provisions of the FCPA. Notably, the charge represents the first time since 2020 that the SEC has formally charged an individual with an FCPA violation. 

In its complaints, the SEC alleged that the Adanis and Cabanes participated in a bribery scheme in India stemming from a solar energy project that Azure and Adani Green secured in India in 2019. Under this contract, the companies would build manufacturing plants for solar power components, and the Solar Energy Corporation of India (SECI) – "a public sector entity and… arm of Indian central government" – would purchase solar power from them, with a plan to sell the power to Indian states and state electricity distribution companies (DISCOMs) through Power Supply Agreements (PSAs). Various Indian state governments and DISCOMs refused to contract with SECI, however, because the company's solar power price was above market rate, rendering the Azure and Adani Green contracts essentially worthless unless SECI could enter into the PSAs for solar power with the Indian state governments. 

The SEC alleges that, as a result, the Adanis orchestrated a bribery scheme to pay public officials in India to facilitate the signing of PSAs with SECI, offering "massive bribes" as "incentives" to Indian state government officials to sign PSAs with SECI. The SEC complaints state that, "through their personal involvement and promises to pay or payment of a total of hundreds of millions of dollars of bribes to them, the [Adanis] finally obtained agreements from some DISCOMs to enter into Power Supply Agreements with SECI."  The complaints further allege that "Adani Green executives kept track of the bribes, creating and maintaining multiple internal records of bribes that had been paid or promised to numerous Indian states and Indian state officials to induce them to cause the Indian states to buy renewable energy from SECI."

At the same time, Adani Green's management committee authorized Adani Green to issue debt securities to raise up to $750 million. According to the SEC, in its offering circulars, Adani Green made misleading statements, such as, "we win our [contracts] through [a] transparent and competitive tender processes conducted by the central and state governments of India." Additionally, the subscription agreement for the notes that Adani Green was selling to investors stated that Adani Green's executives were not engaged in bribery and suggested that they had an effective anti-bribery program. At least $175 million of these notes were sold to investors located in the U.S., resulting in what the SEC alleges to be materially fraudulent statements being made to investors tied to the offer and sale of securities. 

The complaint against Cabanes states that, by at least the spring of 2022, Cabanes had knowledge of the Adani Green bribery scheme and the promises made by Azure personnel to fund a portion of the bribes to Indian officials. Cabanes allegedly engaged in multiple communications with "Azure executives" regarding aspects of the scheme and took steps himself to "advance" the payment of Azure's share of the alleged bribes (consisting of millions of dollars) to Indian officials to secure the PSAs. Specifically, the complaint alleges that Cabanes sent messages on WhatsApp to further the authorization of these bribe payments while in the United States. Cabanes also allegedly "participated in efforts with the Azure Chairman [of the Board] to conceal information about the Bribery Scheme from the Azure Board of Directors and Azure's attorneys, among others." The SEC thus has charged Cabanes with violations of the FCPA's antibribery provisions. 

On the same day, November 20, 2024, the DOJ unsealed and announced a "five-count criminal indictment" (filed with the court on October 24, 2024) in the Eastern District of New York that charges Cabanes, Ranjit Gupta, Saurabh Agarwal, Deepak Malhotra, and Rupesh Agarwal with conspiracy to violate the FCPA. The indictment also charges Gautam Adani, Sagar Adani, and Adani Green CEO Vneet Jaain with conspiracy to commit securities fraud, conspiracy to commit wire fraud, and securities fraud (related to the 2021 bond offering). Finally, the DOJ also has charged Cabanes, Saurabh Agarwal, Deepak Malhotra, and Rupesh Agarwal with conspiracy to obstruct justice, allegedly by altering or destroying records. These charges are connected to the bribery scheme and security fraud described in the summary of the SEC complaints above. Criminal forfeiture allegations were tied to each count and its respective defendants. 

On November 21, 2024, the Adani Group issued a media statement stating that the allegations by the DOJ and SEC are "baseless and denied." The same day, Azure Power released a statement noting that the company "has cooperated with [the DOJ and SEC] and it will continue to do so."

International Developments

European Developments Related to Attorney Client Privilege

The last quarter of 2024 witnessed legal developments related to attorney-client privilege (and its use in investigations) in three jurisdictions: the Netherlands, France, and the EU. These decisions largely reaffirm protections related to the confidentiality of attorney-client communications in these jurisdictions – though as discussed below, questions remain under French law. 

The Netherlands

On November 5, 2024, the Netherlands Public Prosecution Service (OM) entered into a settlement agreement with a Dutch investment firm, Box Consultants B.V. (Box Consultants), and their law firm, Stibbe, to resolve a civil suit resulting from the OM's "Castor" criminal investigation into the asset management firm. According to a press release about the settlement, the OM acknowledged that it improperly sought to obtain evidence in the form of email communications between the investment firm and their attorneys, agreed to compensate the parties for legal fees, and formally terminated all criminal proceedings against the investment firm. 

The OM first initiated a criminal investigation into Box Consultants in 2013. In 2015, as part of its investigation, the OM requested email communications data from a third-party host, which included email communications between the target of the investigation and his attorneys at Stibbe. The Stibbe attorneys claimed that those communications should be protected under their right to refuse to testify as lawyers whose clients would expect that their communications remain confidential. In October 2023, the OM ceased its investigation, citing its own mishandling of confidentiality issues in a press release, "because the right to communicate freely with a person bound by confidentiality, such as a lawyer, notary or doctor, is of great importance." 

On March 12, 2024, the Supreme Court of the Netherlands clarified the intersection between attorney-client communications and the right to refuse to testify. The OM cited this decision in its press release announcing the recent settlement. The court's decision reinforced the principle under Dutch law that certain persons, -- lawyers, doctors, clergy, and notary -- cannot be forced to testify about information gained through their professional practice where there is an assumption of confidentiality. Furthermore, the court outlined procedural safeguards for requesting and reviewing confidential communications that the OM must follow; processes that the settlement suggests OM did not occur in the agency's investigation of Box Consultants. These include obligations on the prosecution to avoid infringing on confidentiality triggered by a reasonable suspicion that that evidence may contain confidential communications and involving a neutral magistrate to assess whether the right to refuse to testify was properly invoked based on the evidence at issue. 

In the release announcing the settlement, a chief prosecutor from the OM stated that this case "led to a recalibration of the handling of material entitled to refuse to testify," and that moving forward, the OM will seek to balance "both the interests of the right to refuse to testify and the social interest of effective detection and prosecution."

France

On September 24, 2024, the French Court of Cassation, the highest court in France, issued a decision effectively limiting the scope of attorney-client privilege, or, in French terms, professional secrecy. The court rejected a company's arguments that certain attorney-client communications should have been protected from seizure in an antitrust enforcement raid. 

As set out in the court's decision, in June 2021, the French Competition Authority, or Autorité de la Concurrence, conducted a surprise search and seizure of documents at an unnamed company's offices under Article L. 450-4 of the French Commercial Code, which governs the procedures for document seizures during an antitrust investigation. During this early morning raid, the agency seized paper and digital files, among which were attorney-client communications. 

The company argued that the seizure of these communications violated protections of attorney-client privilege under Article 66-5 of the French Law No. 71-1130. However, the lower court, the Versailles Court of Appeals, approved the search and seizure of the communications, and the Court of Cassation upheld that ruling. The Court of Cassation reasoned that the relevant communications were not related to "exercise of the rights of the defen[s]e," meaning the communications did not relate to the client's legal defense in the context of a criminal case, and thus were appropriately subject to seizure by the French Competition Authority under relevant authorities. The Court of Cassation added that the company was responsible for identifying which communications it considered privileged in order for the lower court judge to review the company's privilege designations.

The extent of the relevant privilege protection under this ruling appears to be narrow and subject to document-by-document analysis, with professional secrecy only being applied to communications involving outside counsel (privilege does not apply to the communications of in-house lawyers under French law) that specifically relate to criminal case defense, as opposed a larger category of general legal advice. This position is somewhat at odds with broader attorney-client privilege protection in other jurisdictions and should be accounted for in any multinational investigation involving French authorities – though the impact may be affected by a new European Court of Justice opinion.

European Union 

Two days after the French decision, on September 26, 2024, the Court of Justice of the European Union (ECJ) issued a ruling reaffirming that protection of the attorney-client privilege is a broad principle under Article 7 of the European Union Charter of Fundamental Rights (EU Charter). 
    
In June 2022, in coordination with Spanish tax authorities, a Luxembourg tax authority requested information from a Luxembourg law firm related to legal services it provided to a Spanish company. The law firm claimed that this information was privileged attorney-client communications, and the ECJ ultimately agreed. 

Article 7 of the EU Charter recognizes that "everyone has the right to respect for his or her private and family life, home and communications." The ECR interpreted Article 7 to mean that "a legal consultation by a lawyer in matters of [corporate] law falls within the scope of the enhanced protection of communications between a lawyer and his client," "regardless of the area of law to which it relates." The decision noted further that, "Article 7 of the Charter guarantees the secrecy of legal advice given by a lawyer, as to its existence and content [and] thus] persons who consult a lawyer may reasonably expect that their communications will remain private and confidential and, except in exceptional circumstances, have confidence that their lawyer will not disclose to anyone, without their consent, that they are consulting him."

France is a member of the EU and a signatory of the EU Charter. It remains to be seen how the French authorities will apply the ECJ ruling in light of the inconsistent principles discussed in the Court of Cassation case above, but the ECJ ruling could provide support for companies that wish to challenge the French authorities on these issues. 

Brazil-CGU-AGU Sign Leniency Agreement with Commodities Company Freepoint LLC

On November 14, 2024, Freepoint Commodities LLC (Freepoint), a U.S. commodities trading company headquartered in Stamford, Connecticut, entered into a leniency agreement with the Brazilian Office of the Comptroller General (CGU) and the Brazilian Attorney General's Office (AGU) under the Brazilian Clean Company Act. According to the official release, the alleged criminal activity covered under the leniency agreement occurred between 2012 and 2018, during which time Freepoint used intermediaries to pay bribes to public officials "for the purpose of obtaining privileged information, in order to gain advantages in the purchase of oil and derivatives and sale operations with state-owned company Petrobras." 

According to the leniency agreement, Freepoint agreed to (i) pay Reais 132,253,647.32 (approximately $22.6 million) in government fines and reimbursement to Petrobras; and (ii) enhance its "compliance and governance policies" as a prerequisite for engaging in new transactions or conducting business operations in Brazil.

The public announcement from the Brazilian authorities acknowledged that the investigation resulting in the leniency agreement involved significant cooperation between Brazilian and U.S. authorities focused on tackling "transnational corruption." Indeed, the leniency agreement follows the announcement on December 14, 2023 of a three-year DPA issued to Freepoint by the DOJ for similar corruption violations. That DPA is covered in detail in our FCPA Winter Review 2024. Under the U.S. DPA, Freepoint agreed to pay a criminal penalty of $68 million and an administrative forfeiture of $30.5 million. In recognition of the then-ongoing Brazilian investigation, the DOJ agreed at the time of the DPA's announcement to require an immediate payment by Freepoint of only two-thirds of the criminal penalty (i.e., $45,560,000). The DOJ agreed to offset the remaining amount in the event Freepoint agreed to a resolution with the Brazilian authorities related to the same bribery scheme within a year of the DPA's effective date. The timing of the leniency agreement – eleven months after the DOJ DPA – appears to support a conclusion that this offset will accrue to Freepoint's benefit. 

The CGU-AGU release notes that, "[w]ith the signing of this agreement, since 2017, the CGU and the AGU have signed 30 agreements with companies investigated for engaging in harmful acts provided for in" applicable laws, including the Clean Companies Act. Under these agreements, companies have agreed to pay "more than R$18.7 billion [slightly over $3 billion] to the public coffers" in Brazil. 

Miller & Chevalier Recent Publications and Podcasts

Podcasts

EMBARGOED! is intelligent talk about sanctions, export controls, and all things international trade for trade nerds and normal human beings alike, hosted by Miller & Chevalier. Each episode will feature deep thoughts and hot takes about the latest headline-grabbing developments in this area of the law, as well as some below-the-radar items to keep an eye on. Subscribe for new bi-monthly episodes so you don't miss out: Apple Podcasts | Spotify | Amazon Music | YouTube

Upcoming Speaking Engagements

03.10.2025	SCCE 13th Annual European Compliance & Ethics Institute (Ann Sultan)
03.10.2025	Enforcement of Cross-Border Laws Under Trump (James Tillen, John Davis, Manuel Levitt, Julia Herring, Aditi Patil, and Katie Cantone-Hardy)
03.18.2025	The Anti-Bribery & Corruption Forum 2025 (James Tillen)

Recent Publications

03.03.2025	Trade Compliance Flash: ICTS and Connected Vehicle Regulatory Actions Signal Further Scrutiny, Restrictions (Timothy O'Toole, FeiFei Ren, Caroline Watson, Melissa Burgess, Manuel Levitt, Annie Cho, Rebecca Tweedie)
02.21.2025	DOJ to Target Trade Violations under the False Claims Act (Richard Mojica, Joshua Drew, Bradley Markano)
02.12.2025	Lexology – Panoramic: Anti-Bribery & Corruption 2025: Global Overview and United States Chapter (James Tillen, Leah Moushey, Katie Cantone-Hardy, Ian Herbert, Jesse Schwab)
02.12.2025	Proceed with Caution: While FCPA Enforcement is Paused, Fraud and Bribery Risks Remain (John Davis, James Tillen, Josh Drew, Kathryn Cameron Atkinson, William Barry, Matteson Ellis, Maria Elena Lapetina, Leah Moushey, Ann Sultan, Daniel Patrick Wendt)
02.11.2025	Trump Administration Focus on DEI Programs Raises Potential for Criminal and Civil Enforcement Actions, False Claims Act Liability for Companies and Individuals (Katherine Pappas, Ann Sultan, Alejandra Montenegro Almonte)
02.10.2025	Actions by the Trump Administration Increase the Risk for Corporations Interacting with Cartels (Kathryn Cameron Atkinson, William Barry, John Davis, Joshua Drew, Matteson Ellis, Laura Ferguson, Ian Herbert, Nate Lankford, Maria Elena Lapetina, Jeffrey Lehtman, Leah Moushey, James Tillen)
02.06.2025	FCPA Settlement Spotlights Continued Risks for Multinational Corporations in India (Daniel Solomon, James Tillen, Sandeep Prasanna)
02.05.2025	Cos. Must Prepare For Heightened Trade Enforcement Risks (Richard Mojica and Joshua Drew)
01.30.2025	Designation of Cartels as FTOs Creates Heightened Risks for Companies Operating in Latin America (Matteson Ellis, Laura Ferguson, Timothy O'Toole, James Tillen)
01.28.2025	Trade Compliance Flash: Lacey Act Compliance in 2025: Enforcement Highlights from 2024 and the Year Ahead for Importers of Wood Products (Daniel Patrick Wendt, Flora Pierce, Richard Mojica)
01.22.2025	Trade Compliance Flash: Trump Administration's Trade Policy E.O. Directs Sweeping Trade Review, Reserving Possibility of Tariff Modifications (Richard Mojica, Peter Kentz, Franco Jofré)

---

Editors: James G. Tillen, John E. Davis, Daniel Patrick Wendt, Ann Sultan, Alexandra Beaulieu

Contributors: Katie Cantone-Hardy, Nicole Gökçebay, Julia M. Herring, Manuela Jaramillo,* Therese J. Kuester, Aditi Patil, FeiFei (Andrea) Ren, Ricardo Rincón, Jesse Schwab

*Visiting law clerk

---

The information contained in this communication is not intended as legal advice or as an opinion on specific facts. This information is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. For more information, please contact one of the senders or your existing Miller & Chevalier lawyer contact. The invitation to contact the firm and its lawyers is not to be construed as a solicitation for legal work. Any new lawyer-client relationship will be confirmed in writing.

This, and related communications, are protected by copyright laws and treaties. You may make a single copy for personal use. You may make copies for others, but not for commercial purposes. If you give a copy to anyone else, it must be in its original, unmodified form, and must include all attributions of authorship, copyright notices, and republication notices. Except as described above, it is unlawful to copy, republish, redistribute, and/or alter this presentation without prior written consent of the copyright holder.