Principal Associate Deputy Attorney General Marshall Miller Delivers Remarks at the New York City Bar Association Compliance Institute

Remarks as Prepared for Delivery

Thank you for that generous introduction. It's great to be home in New York.

The leaves are changing. The Yankees are in the World Series. And we're here to talk about corporate criminal enforcement.

It doesn't get any better than this.

Today, I'm honored to be here to take stock of the Department's programmatic overhaul of corporate criminal enforcement in recent years, to discuss how that overhaul is designed to empower compliance programs and professionals, and to take a look around the corner to what's ahead.

There's an old adage, laced with irony and sometimes attributed to an ancient Chinese curse: "May you live in interesting times." Over the past few years, we at the Justice Department - indeed, all of us in America - have been on the receiving end of that adage. We all, truly, are living in interesting times.

The volatility and rate of change in the geopolitical landscape and the world economy can be head-spinning: here a regional armed conflict, there a natural disaster, and everywhere transformative leaps in technology.

Perhaps the opportunities seem greater than ever - but so, certainly, do the risks.

And one key area where risks have spread and morphed is in the field of corporate crime.

Corporate crime, of course, is not new. But it's constantly evolving. So, we must skate to where the puck is going, not to where it's been.

To meet the moment, over the past few years, the Department has engaged in an overhaul of our corporate criminal enforcement program by modernizing and adapting.

We've done that by emphasizing clarity, consistency, and transparency in our policies.

We've done that by increasing the consequences for bad actors - whether individual or corporate - and by providing new incentives for good corporate citizenship and investments in compliance.

And we've done that by recalibrating and surging resources to address today's corporate crime threats - and tomorrow's.

In doing so, we've created a clear roadmap of the Department's expectations for every CEO, General Counsel, Board Member, and Chief Compliance Officer who's navigating a fast-changing world and must mitigate risk and stay on the right side of the law.

* * *

Let me start with the balance of consequences and incentives - where we've increased punishment for bad actors and enhanced incentives for ethical corporate behavior.

To be clear, when it comes to corporate criminal enforcement, Job #1 is individual accountability.

Corporate crime hurts real people - and corporate crimes are committed by real people.

So the Department's top priority in corporate criminal enforcement is holding individuals accountable.

Accountability not only promotes fairness, it also drives deterrence.

We've empowered our prosecutors to focus on the worst offenders committing the biggest crimes, no matter how high they rank on the corporate org chart - no matter how challenging and time-consuming the case.

This approach is resource intensive. Prosecuting the most important cases against the most sophisticated wrongdoers requires breaking down complex criminal schemes, understanding cutting-edge markets and technology, and analyzing terabytes of data.

So we've adapted enforcement policies to promote swift individual prosecutions.

We've given good actors more avenues to help us go after the bad guys - through innovative whistleblower programs and consistent, transparent, and predictable voluntary self-disclosure policies.

And we've made clearer than ever before what we expect from companies cooperating with government investigations to accelerate investigations of wrongdoers.

This updated approach has generated real returns, with timely convictions of: the CEOs of the world's two largest cryptocurrency platforms - FTX and Binance; the CEO and the COO of Theranos;

Prosecuting the most culpable individuals is not only the right thing to do, it has the greatest deterrent impact by changing behavior and preventing misconduct.

To increase accountability and deterrence, we've also clarified the rules of the road for corporate enforcement.

In prior years, a disjointed, patchwork Department approach to key tools like whistleblowing, voluntary self-disclosure, and monitor selection limited their effectiveness.

When corporate misconduct was detected, the benefits of whistleblowing or self-reporting to the Justice Department were often opaque and unpredictable.

The Department's response seemed to depend on which office or even which prosecutor was assigned to the case.

Without written, public policies across most of the Department, self-reporting seemed like a roll of the dice without even a sense for the odds.

It was time for change.

Over the past few years, we've moved methodically to establish a very different paradigm -- one with consistent, transparent, and predictable rules of the road.

For the first time, every Justice Department component has a published Voluntary Self-Disclosure policy that sets forth exactly what a company needs to do to self-report misconduct - and what a company can expect if they do so.

For the first time, incentive compensation systems are assessed and upgraded as part of every Criminal Division resolution, because compensation systems can either promote compliance or reward risky - sometimes criminal - behavior.

And companies that claw back compensation from executives involved in wrongdoing can reduce penalties by the amount of those clawbacks, providing new incentives to make wrongdoers - not innocent shareholders - pay the price.

For the first time, all independent compliance monitors across the Department must be chosen under consistent, published selection processes and based on the application of public and transparent factors.

And for the first time, the Justice Department instituted a Department-led whistleblower program with clear incentives for dropping a dime on corporate crime.

Today, individuals and companies know when, where, and how to "do the right thing," to borrow a phrase from my fellow Brooklynite Spike Lee.

We've also broadened the gap between the benefits an ethical company can access and the penalties a compliance-flouting company faces.

Investing in compliance and practicing good corporate citizenship should be the clear product of basic arithmetic - not some complex calculus problem with too many unknown variables to solve.

We aim to empower General Counsels and Chief Compliance Officers to make a simple and powerful business case to boards and C-suites: the case for investing in compliance programs, for calibrating compensation plans to promote compliance and deter wrongdoing, and for swiftly reporting detected misconduct to Justice Department.

As Deputy Attorney General Lisa Monaco put it in connection with the ground-breaking prosecution of TD Bank earlier this month: "If the business case for compliance wasn't clear before - it should be now."

* * *

Let me take a few minutes to delve deeper into the Department's new whistleblowing and voluntary self-disclosure paradigm.

First, whistleblowing. We know it works. Whistleblower reports to the government lead to prosecutions and civil enforcement actions. Internal reports help companies address misconduct before it gets out of hand.

But gaps in whistleblower reporting opportunities left whole areas of corporate criminal misconduct unaddressed, with potential whistleblowers lacking a clear reporting path and a clear reason to blow the whistle.

So this year, the Justice Department launched a two-part whistleblower program - with different rules and incentives for whistleblowers not involved in the criminal activity they're reporting and for those who were.

For whistleblowers not involved in the reported misconduct, Deputy Attorney General Monaco launched the first-ever Department whistleblower awards program - aimed at building on successful programs at the Securities and Exchange Commission and Commodity Futures Trading Commission.

The awards program is based on a simple premise: if an individual helps the Department discover corporate misconduct - otherwise unknown to us - then that person would qualify to receive a percentage of the resulting forfeiture.

This program not only incentivizes individuals to step forward, it puts pressure on companies to do the same - because a company can still qualify for voluntary self-disclosure credit if it reports the conduct within 120 days of the whistleblower report to the Department.

Now, by its very terms, this awards program doesn't apply to individuals who were meaningfully involved in the criminal conduct itself. For that, we've launched whistleblower non-prosecution pilots in the Criminal Division and many of our most active U.S. Attorneys' Offices.

Those offices are offering non-prosecution agreements to certain individuals involved in misconduct who report previously undiscovered wrongdoing.

In the same way a company could receive a declination, individuals with knowledge of misconduct can do the same - by stepping up, owning up, and helping us prosecute the most serious wrongdoers.

All this fits seamlessly with the newly clear, transparent, and cross-Department approach to voluntary self-disclosures by companies, instituted at Deputy Attorney General Monaco's direction.

Voluntary self-disclosures drive successful criminal prosecutions of culpable individuals. They speed money back to victims and disgorge ill-gotten gains. They bring misconduct to a halt and tighten compliance programs with added government oversight.

So, where a company voluntarily self-discloses misconduct previously unknown to the Department - absent aggravating circumstances and after remediation, disgorgement, and victim compensation - it can avoid a guilty plea or indictment.

And such a voluntary self-disclosure to the Criminal Division can also qualify a company for the presumption of a declination of prosecution.

Early signs indicate these newly consistent and transparent programs are working.

Corporate voluntary self-disclosures to the Criminal Division are increasing every year, with more than twice as many last year as compared to 2021.

In the first few months of the Justice Department's whistleblower awards program, we've already received more than 200 tips.

And U.S. Attorneys' Offices report that individual voluntary self-disclosures have resulted in promising ongoing investigations.

Notably, the programs complement each other, setting up a virtuous cycle.

As the Deputy Attorney General has said, "when everybody wants to be first in the door, no one wants to be second" - regardless of whether you're an innocent whistleblower, a potential defendant looking to minimize criminal exposure, or an audit committee chair at a company where the misconduct took place.

Our approach also involves increasing punishment for companies that are repeat bad actors or who flout compliance.

Calibrating a successful program of incentives and consequences requires increasing the penalties for corporate entities that aren't getting the message.

And we've moved out on that as well.

Egregious corporate conduct demands a stiff punitive response.

So multinational companies like LaFarge, TD Bank, and Binance have pleaded guilty to egregious crimes involving material support for terrorism, money laundering conspiracy, and sanctions violations, respectively - with combined penalties of almost $7 billion.

Penalties also are levied to deter future misconduct. So, when a company breaks the law a second time or violates the terms of a prior resolution, we've made sure they pay a far steeper price.

Powerful companies like Boeing and Ericsson have experienced that approach in action - pleading guilty to charges that stemmed from recidivist conduct or violations of deferred prosecution agreements.

Corporate criminal charges and guilty pleas are no longer "specials" for certain customers -they're now on the main, everyday menu.

Today's overhauled corporate enforcement program at the Justice Department means clearer and more transparent policies; predictable benefits for whistleblowers and incentives for companies that voluntarily self-disclose; and a far bigger gulf between the criminal outcomes for good and bad actors.

All of it adds up to a clear business case for investing early and often in compliance.

* * *

I also want to highlight our surge of resources to address the dramatic expansion of corporate crime risks related to national security and emerging technology.

In returning to government some two and a half years ago, I was struck by how often our corporate criminal investigations now implicate the country's national security interests.

The crimes vary - from sanctions violations to money laundering to material support for terrorism.

The corporate defendants range across industry - from construction and shipping to agriculture and telecommunications.

And the national security risks run the gamut - from money laundering for Russian interests to trafficking in Iranian crude oil to sanctions evasion to support the North Korean nuclear program.

To meet the moment, the Department has surged resources to address the challenge.

We've surged prosecutors into the Criminal Division's Bank Integrity Unit, which prosecutes violations of the Bank Secrecy Act - including the recent, groundbreaking conviction of TD Bank.

We've added more than 25 white collar prosecutors and a Chief Counsel for Corporate Criminal Enforcement to our National Security Division to inject energy and expertise in corporate enforcement.

We've launched extraordinarily successful enforcement initiatives, involving Main Justice components, U.S. Attorneys' Offices, and partner law enforcement agencies, to address particularly dangerous national security threats: initiatives like Task Force KleptoCapture, which has brought criminal charges against 100 individuals and entities who violated Russia-related sanctions or export controls - and seized, restrained, or obtained forfeiture orders against more than $650 million in assets. And initiatives like the Disruptive Technology Strike Force, which is laser focused on keeping the most sensitive technologies out of the world's most dangerous hands, charging two dozen complex and high-impact cases since its launch last year.

Every company's legal and compliance functions should sit up and take note: national security risks are not only here - they're accelerating.

And they're being supercharged by emerging technologies like artificial intelligence.

* * *

Now you might ask: what should compliance professionals be doing today to prepare for tomorrow?

As you may know, we recently updated the Criminal Division's guidance on evaluating corporate compliance programs - known as the ECCP - in part to ensure that companies are focused on mitigating risks associated with the use and misuse of AI and other emerging technologies.

Now, the ECCP doesn't tell companies how to design and implement their compliance programs. Instead, the guidance poses questions that companies should be asking themselves throughout the compliance program life cycle - from design to execution.

The Justice Department's overhauled corporate criminal enforcement program places a particular premium on certain questions that executives and board members need to be asking:

• Have we empowered our compliance leaders and invested sufficiently in our compliance program, given our risk profile and today's geopolitical landscape?
• Do we have effective internal detection and reporting systems and robust internal investigative capabilities - so we can avail ourselves of voluntary self-disclosure opportunities?
• Have we designed compensation systems that promote compliance and enable clawbacks or escrowing of incentive comp?
• Have we assessed risks associated with national security and emerging technologies and taken appropriate steps to mitigate them?
• If a company finds itself on the wrong side of a Department investigation tomorrow, the company's posture may well depend on how its leadership answers those questions today.

I want to close by speaking directly to the compliance leaders here today.

Thank you for the work you do every day to promote compliance in companies across America and around the globe.

It's not always easy to be the voice of compliance in the room.

But when you do your jobs effectively, you not only serve your clients well, you protect our nation.

At the Justice Department, our overhaul of corporate enforcement should empower you - along with other compliance-promoting corporate leaders - with stronger tools and greater sway to advocate for investment in compliance; to advance ethical behavior; to detect, deter, and report corporate misconduct; to defend against emerging national security and AI-related threats; and ultimately to promote good corporate citizenship.

We look forward to continuing our work with all of you on this important effort.

Thank you, once again, for being here today.

Public link

Please use the above public link if you want to share this noodl on another website.