Under the Department of Justice’s (DOJ) updated Corporate Enforcement and Voluntary Self-Disclosure Policy (CEP), the practical bargain is now unmistakable. A company can earn extraordinary leniency, including a Declination, but only if it surfaces the facts about individual misconduct early, completely, and credibly. Balt is not simply an FCPA declination story. It is a case study in how modern DOJ enforcement expects compliance, legal, internal audit, and investigations teams to work when misconduct is uncovered.
For years, the DOJ has said that corporate cooperation must be meaningful. Under the new CEP, DOJ has made that concept more concrete and more demanding. The CEP says it is designed not only to drive early voluntary self-disclosure, but also to promote timely enforcement, “including holding culpable individuals accountable.” It also makes clear that a company earns a declination only if it voluntarily self-discloses, fully cooperates, timely and appropriately remediates, and has no disqualifying aggravating circumstances. That is the legal architecture. Balt shows the operating reality.
The Balt matter has become important because it is the first FCPA declination under the Department’s updated CEP. DOJ declined to prosecute Balt SAS after the company self-disclosed, cooperated, remediated, and disgorged $1.2 million. At the same time, the DOJ indicted two individuals, David Ferrera and Marc Tilman, for conspiracy to violate the FCPA, substantive FCPA violations, conspiracy to commit money laundering, and international promotional money laundering. Assistant Attorney General Tysen Duva made the message plain: the resolution demonstrated the value of voluntary self-reporting, and the related indictment demonstrated DOJ’s “unwavering pursuit of culpable individuals.”
That is the bargain in plain English. The company may get mercy. The individuals do not. This is not accidental. The updated CEP expressly says a company fully cooperates when it timely, truthfully, and accurately discloses all relevant facts and non-privileged evidence, including facts gathered in the internal investigation, facts about all individuals involved in or responsible for the misconduct, regardless of status or seniority, attribution of facts to specific sources rather than a generalized narrative, and rolling updates during the investigation. It also requires proactive cooperation, the preservation and production of documents, and the availability of knowledgeable personnel for interviews.
In other words, DOJ is not looking for a company to arrive with a polished memo that says, “We found misconduct, we are sorry, and we fixed it.” DOJ wants the names, the messages, the invoices, the custodians, the timeline, the payment path, and the evidence that ties specific people to specific acts. That is the heart of the new bargain.
Balt is such a useful case study because the individual indictment shows exactly the kind of facts DOJ expects a company to surface. According to the indictment, Ferrera was a senior executive of the U.S. subsidiary, and Tilman owned and operated the Belgian consulting company used in the scheme. Both allegedly stood to gain millions in milestone payments tied to future sales. The indictment further alleges that they conspired from 2017 into September 2023 to bribe a physician employed by CHU Reims, a French state-owned public hospital treated as an instrumentality of a foreign government under the FCPA.
The indictment then lays out the mechanics. Medical Company #2 allegedly used sham consulting agreements, fake invoices, and purported bonus payments to move money to Tilman’s Belgian consulting company, which in turn paid the foreign official through accounts in France. Prosecutors also allege concealment through personal email accounts, encrypted messaging applications, and coded language such as “training,” “bonuses,” and “our friend.” Those are not abstract compliance failures. Those are granular individual facts.
The overt acts alleged in the indictment show why DOJ cares so much about speed and specificity. One 2017 message allegedly said, “Regarding the €€ for our friend, I have a plan.” Another used a private email account for the foreign official and proposed a fake invoice for a two-day sales and marketing session. Ferrera allegedly replied, “That’s acceptable. Please send this to me.” Later communications referenced “No more fake training courses” and described a new bonus as “a CAMOUFLAGE.” The indictment also ties the scheme to specific wire transfers from the United States to Belgium and onward payments into France.
This is the modern FCPA file. It is built from chats, invoices, routing, motive, and attribution. That is why the updated CEP stresses not a general narrative of facts, but facts attributed to specific sources and individuals. The practical implications for compliance and investigations teams are significant.
First, self-disclosure now must be viewed as an investigative decision, not solely a legal one. The updated CEP expressly encourages disclosure at the earliest possible time, even when a company has not completed its internal investigation. It defines voluntary self-disclosure to include reasonably prompt reporting before an imminent threat of government discovery. Balt appears to have done exactly that. The French resolution disclosed that Balt self-disclosed while the internal investigation was still ongoing. That is a critical point because it shows that DOJ is willing to reward a company that comes in before it has all the answers, provided the company follows through with real facts and real cooperation.
Second, cooperation credit is no longer a soft concept. The CEP says a company starts at zero cooperation credit and earns it through specific actions. A company that fails to demonstrate full cooperation at the earliest opportunity may reduce its ability to earn that credit. That should change how legal, audit, and investigations teams think about triage. The early questions are no longer: Did something happen? How much did it cost? The questions are: Who did it? Who approved it? Who benefited? What records exist? What devices hold the communications? Can we preserve them now?
Third, internal investigations must be built for prosecutorial usefulness. Under the CEP, DOJ expects disclosure of overseas documents, provenance, custodians, authors, translations where needed, and even identification of opportunities for the Department to obtain evidence that the company does not possess. If your investigation cannot map the facts to sources, or if your team cannot move quickly across borders, you are not simply conducting a weak internal review. You may be forfeiting declination-level credit.
Fourth, remediation still matters, but it is not enough without individual accountability. The CEP defines timely and appropriate remediation to include root cause analysis, an effective compliance and ethics program, appropriate discipline of responsible employees and supervisors, and proper controls on personal communications and messaging applications. Balt reportedly received credit for separation from Ferrera and Tilman, tailored compliance training for senior management, and remediation of internal control shortcomings. Once again, the lesson is direct. DOJ is not handing out credit for beautiful PowerPoint slides. It is rewarding companies that can show they identified the bad actors, removed them, and strengthened the system in the wake of the failure.
Fifth, the new CEP creates a sharper internal challenge for multidisciplinary teams. Compliance may identify the risk. Legal may control privilege and disclosure strategy. Internal audit may reconstruct the payments. Investigations may chase the communications. But under the new bargain, those functions cannot operate in silos. DOJ expects a company to come forward with a coherent body of attributed facts about individuals. If those teams are not integrated, the company will struggle to earn maximum credit.
This is why Balt should be read as more than a favorable corporate outcome. It is a warning shot and a roadmap. The warning is that DOJ’s focus on individual accountability is real, operational, and evidence-driven. The roadmap is that companies can still earn remarkable leniency if they move quickly, fully cooperate, and help prosecutors build the case against the responsible individuals.
For compliance professionals, that means the old debate is over. There is no longer much room for vague institutional cooperation. Under the updated CEP, the company’s path to leniency runs through facts about people. That is the trade. That is the CEP. Balt is what it looks like in practice.
5 Key Takeaways
- The new DOJ bargain is now unmistakable. Companies earn leniency by surfacing facts about individuals early, completely, and credibly.
- Balt is the proof point. The company received the first FCPA declination under the updated CEP while DOJ simultaneously indicted Ferrera and Tilman.
- Cooperation now means attributed facts, not general narratives. DOJ expects facts tied to specific individuals, sources, documents, and custodians, as well as rolling updates on the investigation.
- Speed is strategic. The CEP encourages self-disclosure even before an internal investigation is complete, and Balt appears to have benefited from doing just that.
- This is a team sport. Compliance, legal, internal audit, and investigations must work as a single, integrated fact-gathering function if a company hopes to earn the maximum CEP credit.
