In recent years, the Department of Justice has expanded its corporate criminal enforcement efforts and implemented voluntary self-disclosure policies to combat corporate crime and incentivize a company culture of compliance and proactive response to misconduct. The DOJ’s M&A Safe Harbor Policy, announced in October 2023, is the agency’s most recent part of this effort and encourages companies to disclose misconduct discovered during the merger or acquisition of a target company.

Safe harbor

Under the policy, acquiring companies that comply with the safe harbor requirements will benefit from a presumption of a declination of prosecution by the DOJ for disclosed misconduct and will avoid the threat of successor liability for misconduct at acquired entities. The policy requires a company to self-disclose to the DOJ wrongdoing that it discovered at the company it acquired within six months of the transaction closing regardless of when the misconduct was discovered. It also requires a company to cooperate with the DOJ during any investigation, and remediate the misconduct within one year of the closing and engage in appropriate forfeiture, restitution and disgorgement. 

Several companies have benefited from this policy, including Safran, which obtained a declination after disclosing bribery payments that were made to win Chinese government contracts, and Corsa Coal Corporation, which disclosed bribes used to obtain contracts from a state-owned Egyptian company.

A hypothetical

Although there are not yet many real-world examples of the effect of this policy, a hypothetical may be helpful. Take a hospital that is acquiring medical practices that provide services to Medicare patients. Normally, the hospital would push for a 90-day closing and rush its due diligence process, especially if the practice principals represent that the practice is fully compliant with healthcare laws. 

Considering the policy, the hospital took the following steps: it improved its due diligence and post-closing integration efforts to better identify potential violations of healthcare laws such as Medicare fraud, anti-kickback laws and the self-referral Stark law. Further, the hospital engaged healthcare compliance experts and auditors that compared patient charts with billing and reviewed these records for compliance with medical necessity, as well as proper backup documentation, coding and compliance with fee schedules. Further, the hospital closely analyzed the relationship that the practices had with referral sources. This took the form of reviewing all consulting agreements, related vendor relationships, gifts made by the practices and their marketing initiatives. The hospital also improved its post-closing integration process by scheduling healthcare compliance training with all the practices’ management and employees.  

If misconduct such as billing fraud, kickback payments, or self-referral is discovered, the hospital planned to rely on its compliance and audit teams to further investigate the issues, maintain detailed records of the investigation and engage legal counsel to analyze the risks and benefits of disclosure to the DOJ.

Takeaways  

In this hypothetical, the hospital implemented practical considerations that other non-healthcare companies can also adopt.

First, the hospital prioritized and redesigned its compliance considerations in the M&A process. It ensured it was conducting thorough due diligence that extended beyond traditional document review and diligence phone calls. The hospital conducted thorough compliance due diligence by identifying higher-risk activities, relationships and transactions, evaluating gaps or weaknesses in the target company’s compliance program and ensuring it had sufficient time to obtain the necessary information from the practices, conduct thorough diligence procedures, and address any unexpected issues that arose. The hospital also involved legal, compliance and audit teams that were engaged during the due diligence process both prior to closing and during post-closing integration. 

Second, the hospital implemented a stronger post-closing integration and compliance plan and policy that included training the acquired entity’s management and employees, thoroughly investigating issues discovered and maintaining detailed records of uncovered issues.

Conclusion

The DOJ’s policy, the potential advantage of prosecutorial declination and avoiding successor liability are compelling reasons for acquiring companies to incorporate compliance due diligence into their M&A deal process. However, the effect of this policy on the deal market is still unclear. As such, in navigating this policy, companies should work closely with interdisciplinary advisors who are experienced both in implementing due diligence and integration procedures and the complexities of DOJ corporate criminal enforcement policies.