On June 14, KBM Group LLC (“KBM”) entered into a 30-month DPA with the U.S. Attorney`s Office for the District of Colorado and the DOJ CPB to clarify allegations that it sold millions of consumer information to individuals and businesses involved in older fraud schemes.  The Department of Justice asserted that KBM sold consumer lists to direct mail scam schemes that invited consumers to false “sweepstakes” and “astrology” prompts.  A district court earlier this year approved a similar agreement between the DOJ and Epsilon Data Management LLC to settle parallel allegations.  The court approved the KBM DPA on June 29.  According to the guilty plea, uniCredit Group banks will pay fines totaling approximately $1.3 billion. The agreement, which was approved by the court, provides that UCB AG collects $316,545,816 and pays a fine of $468,350,000. UniCredit SpA, the parent company of UCB AG and UCB BA, has agreed to ensure that the obligations of UCB AG and BA are fulfilled. As part of a coordinated settlement, the UniCredit group companies have also entered into agreements with the Office of Foreign Assets Control (“OFAC”), the Federal Reserve Board (“Federal Reserve”) and DFS under which they will pay additional fines of approximately $660 million. Specifically, UniCredit has agreed to pay approximately $611 million to OFAC, which is partially covered by payments to the DOJ and the Federal Reserve; approximately $158 million to the Federal Reserve; and $405 million in DFS.  Finally, UCB AG pleaded guilty in a New York State court to violating New York State law and agreed to recover $316 million under a settlement with the Manhattan District Attorney`s Office (“DANY”).  The Department of Justice agreed to credit up to $468,350,000 in payments related to competing decisions with the Federal Reserve, DFS and DANY for the criminal fine, which is the total amount of the penalty.  “Here, Zurich Life Insurance Co.
and Zurich International Life Ltd. developed life insurance and annuity contracts that were consistent with the jurisdictions outside the United States in which they were sold. The DPA imposed a total fine of $520,650,432, including a fine of $9,520,000 that Ericsson was willing to pay on behalf of Ericsson Egypt. The total penalty reflects a total discount of 15% from the lower end of the fine range of the U.S. Sentencing Guidelines.  Ericsson also settled a related SEC investigation by agreeing to pay $458,380,000 in levies and $81,540,000 in pre-conviction interest.  The financial obligations imposed on Ericsson for a total amount of approximately USD 1.1 billion make it the third largest FCPA agreement to date. Ericsson`s DPA is the largest agreement of 2019 (measured by the total value of the U.S.
dollar) that requires an independent compliance monitor. The group has members worldwide and in all of the firm`s national offices and relies on more than 125 lawyers with extensive government experience, including more than 50 former federal officials and prosecutors and public servants, many of whom have served at a senior level in the Department of Justice and the Securities and Exchange Commission. as well as former non-U.S. residents. Enforcer. Joe Warin, a former federal prosecutor, is co-chair of the group and has been a U.S. consultant for Siemens` Compliance Monitor and FCPA compliance controller for Alliance One International. Previously, he served as a monitor for Statoil in a DOJ and SEC enforcement action. He co-authored the law journal`s groundbreaking article on NPAs and DPAs in 2007.
M. Kendall Day is a group partner and a former case attorney who spent 15 years at the Department of Justice and held the highest position of his career as Acting Assistant Deputy Attorney General in the CRIMINAL Division of the Department of Justice. In addition, the two agreements noted above include a provision for the ongoing monitoring and review of the Corporation`s compliance programs. The June 2020 guidelines emphasize that organizations` risk assessments should be based on “continuous access to operational data and information across all functions,” rather than simply providing a “snapshot in time.”  Epsilon`s DPA provides for “regular reviews and testing” of the company`s compliance policies, while SAP NPA provides for the ongoing maintenance and improvement of its internal controls.  In accordance with the preceding sections, each of these provisions is factual: Epsilon must verify its protection of consumer data; and SAP, its export control and sanctions compliance programs.  For more analysis on ODA for mobile telesystems and other FCPA-related agreements, see Gibson Dunn`s 2019 year-end fcPA update. . . .