DOJ Announces Safe Harbor for Acquirers Who Disclose Pre-Acquisition Misconduct

On October 4, 2023, Deputy Attorney General (DAG) Lisa O. Monaco announced the Department of Justice’s (DOJ) new safe harbor policy for voluntary self-disclosures made in connection with mergers and acquisitions (Safe Harbor Policy).  Following other announcements from DOJ over the past two years aimed at encouraging voluntary self-disclosures, the Safe Harbor Policy was adopted because DOJ does not want to “discourage companies with effective compliance programs from lawfully acquiring companies with ineffective compliance programs.”  Through this new policy, DOJ is aiming to incentivize acquirers to timely disclose misconduct discovered during the M&A process (including pre-closing diligence and post-closing integration).

The Basics

• In order to qualify for the Safe Harbor, an acquiring company must disclose the identified misconduct of the acquired company within six months of the closing date, regardless of whether the misconduct is discovered pre- or post-acquisition.  The acquiring company must then remediate the misconduct within one year of the closing date.
• DOJ prosecutors may extend these deadlines based on a “reasonableness analysis” that assesses the specific facts, circumstances, and complexities of a particular deal.
• If the acquirer (1) timely and voluntarily discloses criminal misconduct in accordance with the Safe Harbor Policy, (2) cooperates with the subsequent investigation, and (3) proceeds with appropriate remediation, restitution, and disgorgement, the acquirer will receive the presumption of a declination (i.e., a presumption that DOJ will not criminally prosecute the case).
• National security. DAG Monaco emphasized that if an acquirer identifies misconduct presenting a national security threat, or ongoing or imminent harm, the acquirer should not wait until the deadline to self-disclose.

Other Details

• Treatment of the acquired company. Absent aggravating factors, the acquired company may also qualify for self-disclosure benefits, potentially including declination, if the acquiring company makes a voluntary self-disclosure within the Safe Harbor period.  However, the Safe Harbor Policy is clear that the presence of aggravating factors at the acquired company will not affect the acquirer’s ability to take advantage of the Safe Harbor Policy and receive a declination.
• Recidivist analysis. A self-disclosure under the Safe Harbor Policy will not play a part in any recidivist analysis of the acquiring company either at the time of disclosure or in the future.  This means that misconduct subject to a proper disclosure will not be considered in any future analysis of repeat misconduct.
• The Safe Harbor Policy only applies to criminal misconduct identified in an arms-length M&A transaction.  It does not apply to civil merger enforcement, misconduct already known by the public or by DOJ, or misconduct otherwise required to be disclosed under applicable law.

Key Takeaways

• Due diligence. Acquiring companies should prioritize effective due diligence in the M&A process in order to put themselves in a position to take advantage of the Safe Harbor Policy.  Acquirers will remain subject to potential full successor liability if they fail to identify and disclose misconduct that could have otherwise fallen within the Safe Harbor.  Further, to the extent deal dynamics limit pre-acquisition diligence, acquirers should prioritize prompt post-closing diligence in order to identify relevant misconduct and potentially avail themselves of the Safe Harbor.
• Timely disclosure. Acquiring companies should be mindful of the tight timelines required to qualify for the Safe Harbor.  Six months can pass quickly after deal closing as acquiring companies integrate new businesses, and DOJ’s expectation for full remediation within one year of closing will require close attention within another short period of time.  Acquirers should consider self-disclosure as soon as reasonably practicable following the discovery of an acquired company’s misconduct.
• Communication and cooperation. As noted above, DOJ may extend the tight deadlines in the Safe Harbor Policy considering the circumstances of an individual deal.  Therefore, to the extent that an acquirer wishes to make use of the Safe Harbor, it should disclose, communicate, and cooperate early with DOJ in order to potentially extend the deadlines.
• Post-close remediation. The Safe Harbor’s one-year timeline accentuates the importance of post-close remediation of compliance gaps detected during diligence, whether through the institution of new policies and procedures or prompt incorporation of the acquired company into its new parent company’s existing compliance regime. 
• Continued Emphasis on Disclosure. DOJ has long rewarded companies for implementing robust compliance practices and self-reporting misconduct.  The implementation of the policy follows DAG Monaco’s memorandum instructing each component of the Department of Justice that prosecutes corporate crime to publicly share its policies on corporate voluntary self-disclosure, revisions to the Criminal Division’s Corporate Enforcement Policy, and implementation of the nationwide United States Attorneys’ Offices Voluntary Self-Disclosure Policy.  Companies should continue to closely examine the systems they have in place for detecting and reporting misconduct to ensure they will be able to comply with the Safe Harbor.
• Potential Issues for Government Contractors. In the government contracts context, this Safe Harbor could apply to a wide array of fraud issues that have been criminally prosecuted such as false certifications of small business size or status, other false certifications, kickbacks, overbilling, and product substitution.  However, acquirers should be mindful that, as announced, this Safe Harbor would apply only to criminal prosecution and would not necessarily protect a contractor from civil enforcement, suspension and debarment, or other agency-specific penalties or consequences.