Cleary Gottlieb Discusses Significant Developments in DOJ Enforcement Priorities

The Justice Department’s enforcement agenda has been recalibrated to mirror the new administration’s law‑and‑order agenda, placing a premium on crimes that intersect with national security and economic stability. By publishing a White Collar Enforcement Plan that enumerates ten high‑impact sectors—ranging from healthcare fraud and customs evasion to digital‑asset schemes—the DOJ signals a broader, data‑driven targeting strategy. This approach not only expands the scope of potential investigations but also underscores the agency’s intent to leverage corporate compliance as a frontline defense. As a result, businesses operating in these domains must anticipate heightened scrutiny and allocate resources accordingly.

The revised Corporate Enforcement and Voluntary Self‑Disclosure Policy (CEP) marks a decisive shift toward rewarding transparency. Companies that promptly disclose violations and implement remedial actions can now expect a definitive declination, rather than a mere presumption, provided no aggravating factors exist. Parallel to this, the newly issued FCPA guidelines prioritize cases that threaten U.S. national interests, such as ties to cartels, money‑laundering networks, or state‑owned enterprises. This alignment of foreign‑bribery enforcement with broader security concerns raises the stakes for multinational firms, compelling them to integrate geopolitical risk assessments into their anti‑corruption programs.

Practically, the DOJ’s focus on trade and customs fraud, sanctions, export controls, and the Bulk Data Rule demands a holistic compliance architecture. The Trade Fraud Task Force’s recent actions against MGI International illustrate how even routine duty‑avoidance can trigger criminal exposure if not self‑reported. Likewise, the agency’s willingness to grant declinations for export‑control breaches, as seen with the Universities Space Research Association, highlights the tangible benefits of early cooperation. Companies should therefore fortify internal reporting mechanisms, conduct regular risk scans of data transfers, and train personnel on emerging digital‑asset regulations to mitigate exposure and preserve operational continuity.