On March 2, Ericsson, the Swedish networking and telecommunications company, reported that the Department of Justice (DOJ) has accused the company of violating its 2019 Deferred Prosecution Agreement (DPA) by failing to comply with the DPA’s affirmative disclosure obligations — highlighting the importance of internal investigations and potential self-disclosures to a monitor and/or DOJ while under a DPA — particularly as DOJ refocuses on corporate enforcement.
In December 2019, Ericsson paid over $1 billion to resolve DOJ and Securities and Exchange Commission (SEC) Foreign Corrupt Practices Act (FCPA) investigations into the company’s payment of bribes to government officials in Djibouti, China, Vietnam, Indonesia, and Kuwait, between 2000 and 2016, to win business from state-owned telecommunications company customers. The resolution included a three-year DPA, which required, among other things, that Ericsson continue to cooperate with DOJ in any ongoing investigations and prosecutions relating to the conduct, self-disclose “any evidence or allegation of conduct that may constitute a violation of the FCPA,” enhance its compliance program, and retain an independent monitor for three years. As with all DPAs, failure to “completely perform or fulfill each of the company’s obligations under the agreement” constitutes a breach, and subjects the company to federal criminal prosecution. DOJ has sole discretion to determine whether a breach occurred.
In October 2021, Ericsson issued a press release disclosing that DOJ had accused it of breaching the DPA “by failing to provide certain documents and factual information,” and that Ericsson would have the opportunity to respond in order to explain the nature and circumstances of the breach and the actions the company had taken to remediate the situation.
Last week, Ericsson issued another press release stating that DOJ had informed the company that a disclosure made before executing the DPA about its investigation into conduct in Iraq between 2011 and 2019 was insufficient, and that the company breached the DPA by failing to make subsequent disclosures related to that investigation since signing the DPA. DOJ’s accusations came on the heels of the International Consortium of Investigative Journalists’ publication of the “Ericsson List” — an investigation based on leaked internal reports compiled by Ericsson’s compliance department related to suspicious payments that were made to sustain business in Iraq and possible payments to Islamic State terrorists.
In its press release, Ericsson described its belief that the situation described in media reports related to its conduct in Iraq was “covered by Ericsson’s 2019 internal investigation,” which “could not identify that any Ericsson employee was directly involved in financing terrorist organizations.” Nonetheless, the company stated that as a result of the investigation, several employees were terminated or disciplined, third-party relationships were terminated, and the company prioritized Iraq for enhanced compliance training and processes.
It is rare for DOJ to accuse a company of breaching a DPA (even when the company self-discloses additional compliance issues which arose during the DPA), but since October 2021, when Deputy Attorney General Lisa Monaco announced changes to corporate enforcement policies, including DOJ’s commitment to considering prior corporate misconduct when evaluating corporate resolutions, it has now done so at least twice.
DOJ’s claims that Ericsson breached its DPA underscore how critical it is for companies to remain cognizant of DPA affirmative disclosure obligations related to post-resolution conduct, as well as pre-resolution conduct, of which DOJ is potentially unaware. Companies subject to DPAs and monitorships should remain vigilant in promptly and thoroughly investigating evidence or allegations of misconduct, and in self-disclosing that conduct to the monitor and/or DOJ as required by the DPA.