On March 10, 2026, the Department of Justice released its first-ever department-wide Corporate Enforcement and Voluntary Self-Disclosure Policy (the CEP). Notably it supersedes all DOJ component-specific and US Attorney’s Office-specific corporate enforcement policies currently in effect, except for antitrust policies. Both the terms of the policy and the decision to issue it are particularly notable.
The general terms under the CEP
Compared to historical standards, the terms of the policy are quite favorable to corporations. Under Part I of the CEP, the Department will decline to prosecute a company that:
- voluntarily self-discloses misconduct to an appropriate Department criminal component;
- fully cooperates with the Department’s investigation;
- timely and appropriately remediates the misconduct; and
- has no aggravating circumstances related to the nature and seriousness of the offense, the egregiousness or pervasiveness of the misconduct, the severity of harm, or corporate recidivism.
All declinations under Part I will be made public, and companies must pay all disgorgement, forfeiture, and restitution resulting from the misconduct.
Part II of the CEP addresses “near miss” scenarios in which a company fully cooperated and remediated but either made a good-faith self-report that did not technically qualify as a voluntary self-disclosure and/or had aggravating factors warranting a criminal resolution. In such cases, the Department will provide a non-prosecution agreement with a term of fewer than three years, will not require an independent compliance monitor, and will offer a substantial fine reduction off the low end of the US Sentencing Guidelines fine range.
Notable nuances
First, surprisingly, the CEP still provides avenues for reporting credit even if the DOJ knows about the misconduct from a whistleblower. However, in this situation, the self-report must come “as soon as reasonably practicable.” This means if you become aware of misconduct—and any employee knows about it as well—you may be up against the clock, as your employee may have a financial incentive to report the conduct directly to DOJ.
Second, while the CEP contains standard language about not giving companies any enforceable right if they believe the policy is applied incorrectly, any outcome under the policy must be approved by the Assistant Attorney General for the relevant Division and/or the United States Attorney for the relevant district. This will likely enable counsel to get an audience at or near that level of leadership if they feel the policy has not been followed.
The continued centralization of enforcement with main justice leadership
The release of a single, department-wide CEP is the latest and most concrete step in a broader trend of Main Justice asserting policy authority over areas traditionally within the province of the individual United States Attorneys’ Offices. For most of the Department’s history, the 94 US Attorneys’ Offices exercised significant independent judgment in setting enforcement priorities, negotiating corporate resolutions, and determining what credit to extend for voluntary self-disclosures and cooperation.
This new policy greatly constricts each individual office’s latitude toward corporations. By mandating a single framework that supersedes all component-specific and USAO-specific policies, Main Justice is limiting the discretion of individual Assistant US Attorneys in corporate criminal matters. Indeed, this appears to be the goal. Last December, Deputy AG Todd Blanche noted that a unified policy will “help provide certainty and transparency regardless of the specific prosecutors involved in the investigation.” Notably, just last month, the US Attorney’s Office for the Southern District of New York released its own corporate disclosure policy for financial crimes. This now appears to be superseded, certainly insomuch as it is more stringent than the CEP.
This trend did not begin with the CEP. Over the last year, Main Justice has taken an increasingly active role in directing the work of the US Attorneys’ Offices through policy memoranda, charging guidelines, and the curtailment of monitorships—areas where individual offices previously exercised broad autonomy. Classic examples of this are issuing the Digital Assets Memorandum in April 2025, which required senior Justice Department approval to charge certain financial crimes in digital asset cases and the significant curtailing of previously approved FCPA cases.
Bottom line
Companies should monitor closely how the new policy is implemented and immediately retain experienced outside counsel at the first sign of impropriety to fully take advantage of this new policy.
For more information on the content of this alert, please contact your Nixon Peabody attorney or the authors of this alert.