Welcome to Compliance Hot Spots, our briefing on compliance, enforcement and government affairs. Rod Rosenstein, the No. 2 at Main Justice, is cementing his white-collar legacy. More on that below. Plus: Covington got the call to oversee the NRCC hack that a lot of folks are talking about. Scroll down for Who Got the Work, and our roundup of notable moves and announcements. 

>> What are you watching for in 2019? Any predictions? Feedback and tips are welcome: Contact me at [email protected] or 202-828-0315, and follow me on Twitter @cryanbarber.  

Rod Rosenstein's White-Collar Waves

U.S. Deputy Attorney General Rod Rosenstein will be remembered for his fraught oversight of the Russia investigation and the tension that role created between him and President Donald Trump. But for those paying attention, Rosenstein is not-so-quietly putting his mark on corporate enforcement—and bringing a steady stream of welcome news to the white-collar defense bar.

Rosenstein called on prosecutors to avoid “piling on” when multiple agencies are seeking penalties over the same misconduct. He's furthered policies intended to incentivize self-reporting of foreign bribery, saying there will be a presumption that DOJ will decline to prosecute companies that fully cooperate and take other steps, such as prompting addressing compliance shortfalls. In October, the head of the criminal division, Brian Benczkowski, issued guidance calling for prosecutors to account for the “burdens” of compliance monitors on companies.

Now there's more: Rosenstein last week said the Justice Department is throttling down its “all or nothing” approach to assessing cooperation in corporate investigations, giving prosecutors more flexibility in civil cases to give some credit even when every culpable employee has not been identified. The revised policy, Rosenstein said, came in response to concerns that the “all or nothing” approach can unnecessarily drag out investigations, delaying resolutions “merely to collect information about individuals whose involvement was not substantial and who are not likely to be prosecuted.”

The upshot: Shorter and less expensive investigations for both the Justice Department and companies in its crosshairs.

“For defense lawyers interfacing with the Justice Department and managing internal investigations, the revised policy “gives you a little more comfort in terms of not having to turn over every stone and every rock,” Morgan, Lewis & Bockius partner Zane Memeger, a former U.S. attorney for the Eastern District of Pennsylvania, told me.

“This gives you some comfort in the sense that you don't have to go down to every single salesperson, every single marketing person, to figure out what happened at the lowest levels—conduct that's never going to be something the government is interested in,” Memeger says. “It gives you more flexibility to designing an investigation strategy plan that is more cost-effective.”

>> Still, corners can't be cut. Rosenstein, after all, made clear that holding individuals responsible for corporate misconduct would remain a “top priority.”

The revised policy, Memeger said, “gives you comfort that you don't have to go insane, but you still have to be diligent about the review that you've done, because at the end of the day your credibility matters.

Compliance Roundup: What We're Reading

>> Take some risks: ”Banks that find problems with legacy compliance programs when testing new technology won't necessarily be penalized for prior failures, U.S. regulators said Monday. The pledge, in a statement from multiple U.S. regulatory agencies, comes as authorities encourage lenders to try out new technology and intelligence-gathering methods as they combat evolving illicit-finance threats.” [Wall Street Journal] Comptroller of the Currency Joseph Otting said in a statement: “The OCC is committed to encouraging innovation through our supervisory approach and engagement with banks and thrifts, fintech companies, and others interested in innovation to ensure the safe, sound, and fair operation of the federal banking system.”

>> 'Difference maker': That's the early assessment from a team of lawyers at Orrick, Herrington & Sutcliffe, writing about the Justice Department's new policy on corporate monitors. “It requires prosecutors to carefully weigh the monetary costs, as well as the burdens to a company's operations, in deciding whether a monitor is required as a condition of a negotiated settlement with DOJ and, if necessary, to tailor the scope of the monitorship as narrowly as possible. The policy shift therefore creates opportunities for institutions to potentially avoid the imposition of a monitor if they redouble compliance efforts before winding up in DOJ's cross-hairs. [Corporate Counsel]

>> Getting cozy: ”Democrats campaigned to win back the House. Now lobbyists are campaigning to win over newly elected Democrats.” [Politico]

>> FCPA test: “The Justice Department's prosecution of the 1MDB case illustrates how despite early predictions otherwise, Trump administration enforcement of the Foreign Corrupt Practices Act is alive and well.” [New York Law Journal]

>> Taxing: ”U.S. companies won some concessions from the Internal Revenue Service following proposed regulations that would soften the blow of a new foreign tax—but the rules didn't go as far as the business community had hoped.” [Bloomberg]

>> 'Never been so afraid': “We're seeing increases in phishing, hacking, all types of nefarious attacks” on her firm and its independent contractor advisors, said Andrea McGrew, chief legal and compliance officer at USA Financial.“It's a terrifying world to live in.” [ThinkAdvisor]

>> What the disclosures show: ”President Donald Trump's three wealthiest Cabinet members took in tens of millions of dollars last year, including from divesting holdings to avoid conflicts of interest, according to disclosure filings released by the administration.” The report focused on Education Secretary Betsy DeVos, Treasury Secretary Steven Mnuchin and Commerce Secretary Wilbur Ross. [Politico]

Who Got the Work

>> The boxing phenom Floyd Mayweather had Reed Smith partner James Sanders and Richard Wright, of Wright Marsh & Levy, in his corner as he resolved allegations that he failed to disclose payments for promoting investments in initial coin offerings. Among the earnings Mayweather (above) failed to disclose was a $100,000 payment from Centra Tech Inc., which the Securities and Exchange Commission accused of making a fraudulent ICO. Mayweather agreed to pay $600,000 to resolve the SEC's charges, and D.J. Khaled—represented by Charles Spada of Lankler Siffert Wohl—paid $150,000 to put similar allegations to rest.

>> “The House GOP campaign arm suffered a major hack during the 2018 election, exposing thousands of sensitive emails to an outside intruder, according to three senior party officials. The National Republican Congressional Committee reportedly hired Covington & Burling and Mercury Public Affairs to oversee the response to the breach. [Politico]

>> A Washington-based team from Norton Rose Fulbright, representing a physicist named Valentin Gaponstev and his publicly-traded company IPG Photonics Corp., sued the U.S. Treasury Department on Monday. The complaint in Washington challenges the Treasury's listing of Gaponstev on a list of Russian oligarchs. The Norton Rose team includes Michael Edney, chairman of the firm's white-collar defense team, and Stephen McNabb, head of the firm's international trade practice.

>> Julie Myers Wood chief executive of the monitoring firm Guidepost Solutions, was formally approved Monday as the monitor for CVS's acquisition of Aetna. Wood will oversee the sale of Aetna's independent prescription drug plan business—a condition of the Justice Department's approval of the merger deal. Her appointment got complicated: A judge in D.C. was peeved by CVS moving ahead with the acquisition while the deal is under his review. “Who knows where this is going. No one knows,” U.S. Judge Richard Leon said. “And you all are treating this like a rubber stamp operation.”

Notables Moves & Announcements

>> Jina Choi, director of the U.S. Securities and Exchange Commission's San Francisco regional office, is set to leave her post after more than 16-plus years at the agency, my colleague Ross Todd reports at The Recorder. Choi has led the San Francisco office since 2013. Under her watch the agency brought actions against Tesla, Theranos, Yahoo and other big companies.

>> Veteran white-collar defender Eric Bruce has joined Freshfields Bruckhaus Deringer as a partner in Washington. Bruce had led the white-collar practice at Kobre & Kim and held a top role in the firm's Washington office before being approached by Freshfields to expand its white-collar practice, my colleague Dan Packel reports.

>> “Nat Beuse, a long-time official at the National Highway Traffic Safety Administration (NHTSA) overseeing vehicle safety research, is the latest federal official to join the private sector's effort to commercialize self-driving vehicles,” Reuters reports.

>> Byron McLain has joined Foley & Lardner's government enforcement defense and investigations practice as a partner in Los Angeles. McLain jumped to the firm from the U.S. Attorney's Office for the Central District of California, where he most recently served as deputy chief of the general crimes section.

>> Mayer Brown's Britt Miller, co-leader of the firm's antitrust practice, has been named partner-in-charge of the firm's Chicago office. Matthew Ingber, a trial lawyer who represents financial and tech companies, was named partner-in-charge of the firm's New York office. Read the full announcement here.

>> “Raj Date, the former deputy director and acting head of the Consumer Financial Protection Bureau, has joined the online lending software provider Numerated Growth Technologies as an adviser and investor,” according to American Banker. Read Numerated's announcement here.