Yesterday the U.S. Department of Justice (“DOJ”) announced a non-prosecution agreement (“NPA”) with a Hong Kong-based subsidiary of Credit Suisse Group AG arising out of the so-called “princelings” scandals of recent years—the practice of hiring unqualified, but politically-connected, relatives of Chinese officials to garner business from state-owned firms. Per Credit Suisse’s admissions, “bankers discussed and approved the hiring of close friends and family of Chinese officials in order to secure business,” resulting in $46 million “in profits from business mandates with Chinese” state-owned enterprises. As part of the resolution, Credit Suisse agreed to a $47 million criminal penalty, to continue to cooperate with DOJ, and to enhance its compliance program, including adopting additional controls around hiring. In addition, Credit Suisse agreed to pay nearly $25 million in disgorgement and $4.8 million in prejudgment interest to the Securities and Exchange Commission (“SEC”). In its press release, DOJ stated that it was giving Credit Suisse a 15 percent discount from the bottom end of the U.S. Sentencing Guidelines for its cooperation in the investigation, while also (as discussed more below) noting steps the firm did not take that worked to limit the amount of such cooperation credit. While this is hardly the first of the “princelings” cases, it does demonstrate DOJ’s continued commitment to the cooperation framework it laid out in its FCPA Corporate Enforcement Policy (“Enforcement Policy”) late last year.
In an effort to make cooperation credit more transparent and to incentivize self-reporting, the Enforcement Policy documented a framework for penalty reductions in the FPCA context. Importantly, the Enforcement Policy provided specific steps companies must take to receive cooperation credit, including, but not limited to, (i) timely, full, and voluntary self-disclosure, (ii) identifying opportunities for the government to obtain relevant evidence otherwise unknown to it, (iii) disclosing relevant documents and making company personnel available to the government, (iv) undertaking remediation, and (v) paying all disgorgement, forfeiture or restitution. The Enforcement Policy likewise provided quantifiable discounts that companies could obtain if they cooperate. These ranged from full declination in cases where there are no “aggravating circumstances” and a company self-reports and undertakes all other steps enumerated in the Policy, to much more limited credit for lesser cooperation efforts that nonetheless ease the burden of DOJ’s investigation.
Here, DOJ found that Credit Suisse’s cooperation warranted only a 15 percent discount off the penalty amount. Tellingly, DOJ’s press release announcing the resolution highlighted with some granularity those specific metrics under the Enforcement Policy that Credit Suisse met as well as those that it failed to comply with. DOJ noted that Credit Suisse “received partial credit for its . . . cooperation with the criminal investigation,” including making foreign-based employees available for interviews and producing documents located abroad “in ways that did not implicate foreign data privacy laws.” In addition, DOJ did not appoint a monitor because of Credit Suisse’s agreement to enhance its own compliance and reporting program. However, DOJ also noted that Credit Suisse’s credit was only partial because “its cooperation was reactive and not proactive,” it “did not voluntarily and timely disclose the conduct at issue,” and it failed to “sufficiently discipline employees who were involved in the misconduct.”
There are a few notable takeaways from this resolution. The first, and most important, is that—when it comes to FPCA enforcement at least—the DOJ appears to be following the Enforcement Policy. The DOJ has shown over the past several months that it is willing to extend meaningful credit to companies that take concrete steps to cooperate in investigations. However, the most significant credits—including declination of prosecution and a 50 percent reduction in penalties—are, not surprisingly, reserved for those cases in which companies self-report and take all of the applicable actions articulated in the Enforcement Policy. Thus, companies looking to avoid charges entirely (or at least achieve the maximum penalty reduction) need to ensure they fully comply with each element of the Enforcement Policy, broadly including: (i) timely, fully, and voluntarily disclosing the misconduct, (ii) providing DOJ with tangible benefits that it could not necessarily have obtained on its own, (iii) continuing proactively to aid DOJ throughout its investigation; (iv) fully analyzing and remediating the conduct at issue, and (iv) paying disgorgement, forfeiture, or restitution. Even in cases where a company does not self-report, however, it can still obtain meaningful cooperation credit—up to a 25 percent reduction from the low end of the Sentencing Guidelines—by remediating and fully cooperating, including aiding DOJ in ways that reduce its investigative burden, for example, by producing witnesses and documents from jurisdictions where DOJ may itself be unable to obtain such evidence.
Second, in addition to helping companies prevent, detect, and remediate corruption issues, a robust anticorruption compliance program is critical to obtaining a reasonable resolution of a corruption matter, including avoiding the costly and intrusive requirement of a monitor.
Finally, Credit Suisse’s disgorgement payment to the SEC is also noteworthy because it highlights the recent restrictions on the SEC’s ability to obtain a full measure of disgorgement in the wake Kokesh v. SEC. That case found that SEC disgorgement constituted a penalty under 28 U.S.C. § 2462 and was, thus, subject to that statute’s five-year statute of limitations. Per DOJ’s announcement, Credit Suisse is disgorging to the SEC just over half of its ill-gotten gains from the more-than decade-long scheme. By contrast, pre-Kokesh resolutions would have likely included the full amount that could have been disgorged from the entire relevant period. Steve Peikin, co-director of the SEC’s Division of Enforcement, recently testified to Congress about the negative financial impact that Kokesh was having on the SEC’s enforcement program. This case may be the latest example of the effects of the Kokesh decision.
 DOJ Press Release, Credit Suisse’s Investment Bank in Hong Kong Agrees to Pay $47 Million Criminal Penalty for Corrupt Hiring Scheme that Violated the FCPA (July 5, 2008), available at https://www.justice.gov/opa/pr/credit-suisse-s-investment-bank-hong-kong-agrees-pay-47-million-criminal-penalty-corrupt
 For additional discussion of DOJ’s FCPA Corporate Enforcement Policy see The New DOJ FCPA Corporate Enforcement Policy Highlights the Continued Importance of Anti-Corruption Compliance, Cleary Enforcement Watch (Jan. 9, 2018), available at https://www.clearyenforcementwatch.com/2018/01/new-doj-fcpa-corporate-enforcement-policy-highlights-continued-importance-anti-corruption-compliance/
 See NPA, § (f) (finding a “compliance monitor was unnecessary” “based on the state of . . . compliance programs, and . . . agreement” to make specific and regular reports to DOJ), available at https://www.justice.gov/opa/press-release/file/1077881/download.
 137 S. Ct. 1635 (2017).
 In May 2018, Peikin reportedly testified that the agency has been unable to collect over $800 million in disgorgement—an amount equal to approximately 20 percent of the SEC’s ordered disgorgement and penalties in 2016—as a result of Kokesh. See Kokesh and Its Impact on SEC Enforcement, A Year Later, Cleary Enforcement Watch (June 4, 2018), available at https://www.clearyenforcementwatch.com/2018/06/kokesh-impact-sec-enforcement-year-later/