Streamlined DOJ Resolutions: Declinations, NPAs, and DPAs Explained — EnforceMintz

Department of Justice (DOJ)’s revised Corporate Enforcement Policy (May 2025) expands incentives for voluntary self-disclosure and clarifies pathways to NPAs and DPAs — critical for companies facing enforcement risk.

KEY POINTS:

• Expanded voluntary self-disclosure policy creates opportunities. DOJ’s revised Corporate Enforcement Policy offers a clear path to declinations for companies that voluntarily self-disclose misconduct, cooperate fully, and remediate promptly.
• NPAs and DPAs are increasingly accessible. Even when voluntary self-disclosure criteria are not met, companies demonstrating cooperation and remediation may secure non-prosecution agreements or deferred prosecution agreements, often with favorable terms such as reduced penalties and no compliance monitors.
• Health care industry is seeing early resolutions. Recent cases show DOJ’s willingness to offer streamlined resolutions in health care fraud investigations, even without full voluntary self-disclosure credit, provided companies show good faith efforts and compliance improvements.
• Strong compliance programs are critical. Robust compliance systems and early engagement with DOJ significantly improve the chances of obtaining favorable outcomes. Companies should act quickly after discovering misconduct to maximize benefits under DOJ’s evolving enforcement framework.

This article is part of EnforceMintz: Healthcare Enforcement Trends in 2025 & 2026 Outlook, a series exploring key developments and practical strategies for health care organizations navigating enforcement risks. Read more articles from EnforceMintz to stay current on enforcement trends and compliance strategies.

DOJ enforcement has changed in several significant respects under the Trump administration. However, one key policy initiative championed under President Biden’s DOJ — incentivizing voluntary self-disclosure (VSD) of misconduct — not only remains viable but also has been considerably expanded to bolster the current administration’s goals.[1]

Key Changes in the Revised CEP

On May 12, 2025, DOJ’s Criminal Division issued a revised Corporate Enforcement and Voluntary Self-Disclosure Policy (the Revised CEP).[2] The Revised CEP explains that, absent particular aggravating circumstances, DOJ will decline to prosecute a company for criminal conduct when the company (1) voluntarily self-discloses its misconduct to DOJ’s Criminal Division, (2) fully cooperates with the ensuing investigation, and (3) timely and appropriately remediates the misconduct.

This position is more generous than the previous version of the CEP, which offered only the intentionally more vague presumption of a declination to prosecute. Under the Revised CEP, even when aggravating circumstances are present, prosecutors retain discretion to recommend a declination based on a company’s cooperation and remediation. In 2025, VSD resulted in declinations in multiple settings, including Foreign Corrupt Practices Act (FCPA) and market manipulation cases.[3]

The Revised CEP is consistent with a Criminal Division memorandum that also was issued on May 12, 2025, which emphasizes the core tenets of “focus, fairness, and efficiency” in corporate enforcement. When evaluated together, the availability of swift corporate resolutions for those who take notice and make effective use of DOJ’s guidance comes clearly into focus.

Beyond VSD: NPAs and DPAs Explained

While a VSD declination may be the most expedient outcome, it is not the only pathway to a favorable resolution. For example, in so-called “Near Miss” cases, the Revised CEP explains that companies ineligible for a VSD declination may nevertheless be able to obtain a Non-Prosecution Agreement (NPA).[4] In such cases, the Criminal Division will:

• provide an NPA (absent particularly egregious or multiple aggravating circumstances);
• allow an NPA term length of less than three years;
• not require an independent compliance monitor; and
• provide a reduction of 75% off the low end of the US Sentencing Guidelines fine range.

Even in cases that do not satisfy the “Near Miss” criteria, prosecutors retain discretion to determine appropriate resolutions, including with respect to form, term length, compliance obligations, and monetary penalty. As an example, companies that demonstrate a commitment to cooperation and remediation can also receive a Deferred Prosecution Agreement (DPA).[5]

Given the Trump DOJ’s commitment to efficiency in conducting investigations and reaching reasonable resolutions, NPAs and DPAs may prove more obtainable than ever for corporate actors who earnestly approach the negotiating table and appeal to applicable policy principles.

Health Care Enforcement in Action

In the health care industry context, early evidence demonstrates the availability of both NPAs and DPAs. For example, in August 2025, Troy Health, Inc. (Troy Health) entered into an NPA with DOJ to resolve a criminal investigation into an alleged health care fraud and identity theft scheme. As summarized in DOJ’s press release, Troy Health used artificial intelligence and automation software to “illegally obtain Medicare beneficiary information” and then “fraudulently enroll beneficiaries into its Medicare Advantage plans” without their consent.

Although Troy Health did not receive VSD credit, DOJ explained that multiple factors warranted an NPA, including:

• efforts made to provide DOJ with all relevant known facts;
• acceptance of responsibility (including, among other measures, self-reporting a batch member enrollment issue to the Centers for Medicare & Medicaid Services (CMS) before DOJ was aware of the issue)[6];
• extensive and timely remedial measures taken;
• commitment to the continued enhancement of compliance and internal control programs;
• absence of prior criminal history or regulatory actions; and
• commitment to cooperation with federal agencies in any ongoing investigations.

However, DOJ further stated that “particularly during the early phase of the Department’s investigation, Troy [Health] failed to preserve and produce certain documents and evidence in a timely manner and, at times, took actions that were inconsistent with full cooperation.” This statement indicates that Troy Health did not fully satisfy the criteria for a declination or the “Near Miss” criteria for an NPA. Despite the presence of some conduct inconsistent with full cooperation, DOJ nevertheless agreed to an NPA, thus highlighting the increased availability of streamlined resolutions under the current administration.

In August 2025, DOJ entered into a DPA with Kimberly-Clark Corp. (Kimberly-Clark) resolving a criminal charge relating to the company’s sale of adulterated MicroCool surgical gowns. DOJ’s press release stated that a company employee “conducted fraudulent testing on Kimberly-Clark’s MicroCool gowns to avoid having to submit a premarket notification to the U.S. Food and Drug Administration (FDA) after Kimberly-Clark made a change to the gowns.” In total, the company sold approximately $49 million worth of adulterated gowns to customers in the United States and abroad.

The DPA requires ongoing cooperation with and disclosures to DOJ, the implementation of a compliance and ethics program, and ongoing reporting with respect to remediation and implementation of compliance measures. DOJ stated that the company did not voluntarily and timely self-disclose its misconduct, but it nevertheless received full credit for cooperation. Cited examples of the company’s cooperative conduct include:

• meeting requests from the government promptly;
• making regular factual presentations and updates to the government; and
• producing extensive documentation, including documents located in foreign jurisdictions.

While neither resolution originated with VSD, DOJ still utilized its discretion to offer relatively favorable outcomes. VSD clearly can lead to declinations for companies willing to move quickly. But these resolutions highlight that even when VSD is not an option, a commitment to cooperation and remediation may nevertheless result in beneficial corporate resolutions, particularly for those companies that can demonstrate a true commitment to implementing effective compliance systems.

As DOJ continues to devote significant resources to health care industry enforcement efforts, health care companies should continue to monitor developments in this space. On September 18, 2025, Acting Assistant Attorney General Matthew R. Galeotti delivered remarks at the Global Investigations Review Annual Meeting, where he cited these resolutions as evidence of DOJ’s steadfast focus on “root[ing] out health care fraud.” He signaled “an emerging focus on corporate enforcement in this space” and previewed that “even more health care fraud–related corporate resolutions [should be expected] in the coming months.”

Conclusion

DOJ’s VSD initiative is expanding to serve the current administration’s priorities. Now is a strategic time to consider self-reporting as soon as possible after misconduct is discovered.

However, even absent the availability of a declination stemming from VSD, other forms of resolution such as NPAs and DPAs may be available for those who demonstrate a commitment to cooperation and remediation.

ENDNOTES:

[1] Our prior analysis of VSD-related policy guidance issued under the Biden administration can be found here.

[2] Our more detailed analysis of the Revised CEP can be found here.

[3] In the civil False Claims Act (FCA) context, while the Revised CEP does not apply, Section 4-4.112 of the Justice Manual similarly encourages self-disclosure, cooperation, and remediation. Unlike the Revised CEP, the Justice Manual provides few concrete details regarding the incentives offered for self-reporting, but in practice FCA settlements following self-disclosures tend to utilize lower multipliers and thus result in decreased financial penalties.

[4] In an NPA, the government agrees not to file criminal charges against the defendant, provided that the defendant satisfies criteria contained within the agreement.

[5] In a DPA, the government files criminal charges against the defendant, but holds prosecution of those charges in abeyance until the defendant satisfies enumerated criteria.

[6] Self-reporting to CMS is not sufficient to satisfy the Revised CEP’s definition of VSD, which states: “The company must disclose to the Criminal Division, but the company may also qualify if it made a good faith disclosure to another office or component of the Department of Justice and the resolution includes the Criminal Division.” Here, the disclosure to CMS was characterized as cooperation and acceptance of responsibility.

Get early access to Part 2 of EnforceMintz

The next edition of EnforceMintz — our annual False Claims Act Statistical Year In Review — will analyze trends in FCA cases using data from DOJ’s recently released annual report on FCA settlements and judgments.

Notify Me About Part 2

Subscribe To Viewpoints