If You Give a Mouse a Cookie: Ongoing Regulatory Monitoring Increasing in Federal and State Non-Compliance Resolution

Earlier this year we highlighted the growing trend of regulators asserting continuing post-investigation control over the operations of companies accused of compliance failures. At the state level, we highlighted a deal reached between the California Department of Industrial Relations (DIR) and Zenefits, a privately-held health care brokerage firm, in which the DIR agreed to forgive half of a $7 million fine in exchange for continuing audits to evaluate future compliance with state regulations.

At the federal level, we’re seeing the same trend. As a new report shows, in 2016 the Department of Justice entered more Deferred Prosecution (DPA) or non-prosecution agreements (NPA) than in any year since 2011 (excluding the Swiss bank common NPA of 2015). DPAs and NPAs avoid company criminal convictions, but often come with onerous and intrusive restrictions on a company’s ongoing operations. The authors of the new report state, “the vast regulatory powers that the government assumes over businesses through DPAs and NPAs have no statutory authorization and would never be permissible remedies in a court of law,” including:

• “Firing key employees, including chief executives;
• Hiring new corporate officers and setting up new company departments and board committees;
• Hiring “independent” corporate monitors who are given broad investigatory and oversight powers but report to the government;
• Modifying compensation plans; and
• Modifying sales and marketing practices.”

The report points out that in 2016, for the first time, a majority of DPAs and NPAs required that the company under investigation embed a “corporate monitor” in their organization. These third-party monitors, who are required to report to federal regulators but are paid for at company expense, are responsible for assessing and monitoring corporate compliance with the terms of the DPA or NPA. However, they are also tasked with reporting any misconduct they uncover, not just wrongdoing associated with the subject of the DPA or NPA. Moreover the imposition of corporate monitors is not just limited to public companies. As far back as 2011 the privately-held home nursing care company Maxim Healthcare Services, Inc. entered into a DPA was forced to hire an independent monitor selected by federal law enforcement, in addition to paying $150 million in civil and criminal penalties.

Given the growing state and national trend of strings-attached prosecution agreements for both private and public companies accused of wrongdoing, ongoing government oversight and monitoring may be becoming an inevitable fact of life.