What Two Former Texas U.S. Attorney’s Office Heads Want Business Leaders to Know About DOJ Corporate Enforcement in 2025

As career Department of Justice officials who most recently ran a major Texas U.S. Attorney’s Office before entering the private sector, we have found it an interesting time to talk with corporate executives and others about DOJ’s current enforcement priorities.

The C-suite crowd seems to be letting out a collective sigh of relief at the dawn of a perceived era of decreased enforcement, while compliance officers worry aloud about their businesses moving resources to other parts of the company and letting up on their carefully cultivated “cultures of compliance.” With our decades of experience in the U.S. Attorney’s Office — the part of DOJ that is on the ground in communities throughout the United States, bringing hundreds of cases each day in federal courts — we read the room differently, and we thought it important to share seven reasons why, given what we know, there has never been a more important time to keep your compliance frameworks in place and, if possible, provide even more resources to them.

1. False Claims Act enforcement will fill gaps in FCPA enforcement.  

Corporate executives and even some compliance professionals focus overwhelmingly on the status of Foreign Corrupt Practices Act (FCPA) enforcement activity, sometimes without understanding that the DOJ uses several other laws (and other types of DOJ attorneys) to investigate corporations and executives for a variety of wrongdoing. Chief among these laws is the False Claims Act (FCA), the government’s primary enforcement tool against fraud implicating federal funds. In addition to providing for the government to initiate investigations and litigation to recoup federal funds and penalties, this statute allows private individuals (whistleblowers, also called relators) to sue on behalf of the government and, if successful, capture part of the recovered funds for themselves — as well as their attorneys’ fees.

Contrary to some executives’ understanding, the FCA does not just apply to healthcare companies or to government defense contractors — although if you work at either one, it’s high time for you to buckle down on your compliance program. The FCA applies to any business or entity whose work, directly or indirectly, has a federal funding nexus — which is to say, scores of companies and industries (and, as we have seen recently, universities) that may not consider themselves federal contractors but whose work involves federal money, fees or payments in some way. For example, last year the DOJ announced an FCA settlement with a municipality for $38.2 million, resolving allegations that the city failed to satisfy federal accessibility requirements in building multifamily affordable housing—construction projects that involved HUD funds. In another, an airline agreed to pay $26.8 million to settle claims that it and its subsidiary failed to turn over to the government travel fees that it had collected from passengers entering the U.S. or traveling domestically. Actions like these will increase the FCA’s notoriety in board rooms and compliance groups for years to come.

Last year yielded almost $3 billion in recoveries and almost 1,000 whistleblower suits filed under the FCA — and these numbers do not even count the cases filed under state FCA equivalents. Given this administration’s stated focus on “waste, fraud and abuse” and desire to recoup any funds it can for the federal government, this year might yield an even larger recovery. What’s more, unlike FCPA prosecutors, civil DOJ attorneys who pursue FCA cases are not just in Washington, DC. Rather, they reside in each of the 94 U.S. Attorney’s Offices across the country in “affirmative civil enforcement” sections. In other words, each day, an army of Assistant U.S. Attorneys is looking for FCA cases to initiate and/or join, and the one your whistleblower filed might be next.

2. Criminal prosecution of executives for all manner of corporate misconduct will continue.

On May 12, 2025, the head of the DOJ’s Criminal Division issued a memo emphasizing the federal government’s white-collar crime priorities, and that memo recommitted the DOJ to pursuing white-collar criminal prosecutions — particularly of the individuals within a company who commit wrongdoing — and emphasized 10 different subject-matter priority areas.

The broad wording of the priority areas far exceeded some commentators’ expectations of what the administration’s corporate criminal focus would be. For instance, one area includes “[f]raud that victimizes U.S. investors, individuals, and markets including, but not limited to, Ponzi schemes, investment fraud, elder fraud, servicemember fraud, and fraud that threatens the health and safety of consumers.” This is no different than the types of crimes our U.S. Attorney’s Office prosecuted during the last administration, including a software company founder who defrauded investors of over $65 million, an employee who manufactured false approvals to transmit $3.7 million in company funds to a bank account she controlled and the treasurer of a church’s charitable foundation who directed the foundation to donate $1.4 million to a shell entity he created.

In fact, we expect garden-variety white-collar criminal prosecutions to continue because, as with affirmative civil enforcement attorneys, each U.S. Attorney’s Office has dedicated criminal fraud prosecutors who focus on a variety of traditional fraud offenses. In other words, contrary to some outsiders’ understanding, not all Assistant U.S. Attorneys are swapping out their normal dockets for immigration and drug offenses. And, in fact, border districts with the highest amount of immigration and drug work are getting additional resources so they can handle a larger docket of such cases while allowing other prosecutors to continue with their traditional focuses, including white collar.

Already, U.S. Attorneys’ Offices have signaled that white-collar enforcement will continue. Just in May, the Southern District of New York unsealed an indictment charging the founder of a technology startup with several crimes relating to fraudulent statements to investors, and three individuals — including a corporate executive — entered guilty pleas for insider trading. For companies whose executives are under investigation, this could mean allocating valuable resources to investigate and remediate the executive’s potential misconduct, to deal with governmental authorities in the executive’s prosecution and to defend against shareholder suits, consumer class actions and other litigation flowing from the individual’s misconduct. Thus, enforcement against individuals will continue to pose the danger of a resource drain on companies under this administration.

3. Businesses will pay heavy sums to avoid criminal prosecution.

Relatedly, while some in the corporate world might see the May 12 memo’s focus on prosecuting individuals rather than companies a welcome change, in practice, that has normally been the case. DOJ’s prosecution of executives far outpaced that of corporations even during the Biden administration, including at our U.S. Attorney’s Office — likely for the simple reason that corporations cannot go to jail. The real pain corporations face in any government investigation is monetary. By emphasizing that “civil and administrative remedies directed at corporations” can often address misconduct, the memo makes clear that corporations should still be prepared to pay large sums of money to resolve government investigations or court actions.

Indeed, even as commentators have seized on DOJ’s decision to drop various criminal cases against corporations, the fact of the matter is that these corporations are still on the hook to pay millions or even billions in penalties. In other words, while the charging of criminal offenses against companies will likely decrease, DOJ will continue to make companies “feel the pain” in the way that typically matters most to them — their bottom lines.

4. The Criminal Division whistleblower program is here to stay, and DOJ has expanded its reach. As the May 12 memo also noted, the DOJ’s Criminal Division not only decided to keep the Biden administration’s Corporate Whistleblower Awards Pilot Program — which encouraged whistleblowers to report alleged criminal misconduct in return for a cut of forfeited proceeds — it expanded the program by broadening the language in some of the preexisting subject areas and adding four additional areas in which whistleblowers can submit tips in hopes of receiving remuneration. The new areas include “[v]iolations by or through companies related to trade, tariff, and customs fraud” and any fraud “against, or the deception of, the United States in connection with federally funded contracting or federal programs,” even “where such fraud does not involve health care or illegal health care kickbacks.” If a tip leads to a successful forfeiture exceeding $1 million, the tipster may receive up to 30 percent of the first $100 million and an additional 5 percent on net proceeds between $100 and $500 million.

The expansion of this program dovetails with an ever-growing whistleblower plaintiff’s bar composed of attorneys who are well-versed in this and other whistleblower reward programs (like the SEC’s). These attorneys are happy to navigate clients through all of these reporting channels and help them report to the broadest number of whistleblower programs for which the complaint might be relevant. Taken together, these facts mean that a company must remain vigilant in detecting potential misconduct and listening to and protecting internal whistleblowers so that they will not go outside the company by filing a qui tam lawsuit under the FCA or reporting through a government program.

5. The DOJ’s revised voluntary disclosure guidelines set up a race to report between the whistleblower and the company.

Also on May 12, the Criminal Division issued revised corporate voluntary self-disclosure guidelines that further reinforce “the need for speed” when it comes to companies’ detecting and investigating internal misconduct. Under the revised self-disclosure guidelines, the Criminal Division will decline to prosecute a company for criminal conduct when (1) the company voluntarily self-disclosed the misconduct to the Criminal Division, (2) it fully cooperated with the Criminal Division’s investigation, (3) it timely and appropriately remediated the misconduct and (4) there are no other especially aggravating circumstances as outlined in the memo. Even if the company reported but the report did not qualify as a voluntary self-disclosure because, for example, the company had a preexisting obligation to disclose the misconduct, it is still eligible for a non-prosecution agreement.

These changes make clear that it’s a contest between the company and the whistleblower as to who reports first — and the company’s compliance ducks need to be in a row to ensure it receives and investigates a whistleblower’s report as quickly as possible so it can be in a position to win the race. In fact, the self-disclosure guidelines put this in stark terms by carving out an exception to the Corporate Whistleblower Program, allowing a declination if the whistleblower reports to the company at the same time that he or she reports to DOJ and the company then “self-reports the conduct to [DOJ] within 120 days after receiving the whistleblower’s internal report.”

A caveat: Despite these circumstances, it may not make sense in a given situation for a company to self-report. Whether — and how — to report is a complicated decision that should be made on a case-by-case basis and after engaging outside counsel to help the company determine whether a self-disclosure is advisable or required. But our point here is that, because of this DOJ’s expanded whistleblower guidelines (along with the whistleblower plaintiff’s bar), businesses cannot assume that it’s safe not to report because of a belief that DOJ will never find out about the misconduct due to a lack of investigatory resources dedicated to white-collar issues. And regardless of whether a company ends up deciding to report, it must at least be in the right position to consider reporting — and that means having a compliance system that encourages internal whistleblowing and other ways of detecting potential misconduct in the first place.

6. No matter the administration, DOJ is likely to investigate a company whose allegedly bad conduct becomes front page news.

Although DOJ has recently dismissed some criminal cases — under the FCPA and other statutes — against companies and some executives, those are largely cases that were initiated or escalated under the prior administration. We have not yet seen what the current DOJ’s reaction will be to scandals and other splashy headlines about alleged corporate misconduct that occur during this administration.

But one thing is certain: DOJ is always inclined to garner a beneficial headline by demonstrating in a very visible way that it’s protecting the American people, and that means if the press has uncovered a corporate action that has hurt consumers, investors or others, DOJ is likely to make an example out of that company both for the good press and the deterrence value of that prosecution or large civil settlement.

7. Bad actors in a company can do irreparable damage no matter whether the government intervenes.

Finally, as former DOJ officials who have seen the full spectrum of corporate misconduct from the government side, we can assure you that it’s bad for your business to let up on compliance because it’s a simple inevitability that an employee is doing or will try to do something that will hurt your company monetarily, reputationally or otherwise. Our U.S. Attorney’s Office prosecuted and/or reached civil settlements with scores of employees who did shocking things under the noses of their corporate leadership — including a small-town comptroller who embezzled $16 million from a Texas bakery best known for its fruitcake. And those people in your company might, at this moment — because of the prevailing rhetoric about deregulation and the DOJ letting up on corporate crime — feel emboldened to start or continue their illegal conduct. Don’t let that be your company.

Investing in your compliance program and quickly detecting potential issues are the keys to avoiding bad headlines and high — sometimes crippling — monetary loss either at the hands of the internal perpetrator or the governmental agency investigating the perceived wrongdoing. As two former DOJ attorneys who have seen it all, we promise you that.