Skip to content

Menu

LexBlog, Inc. logo
NetworkSub-MenuBrowse by SubjectBrowse by PublisherJoin the NetworkGet StartedSubscribeSupport
Contact Us
Search
Close

NSD Flags Its Role as the Front Door for National Security-Related Voluntary Self-Disclosures Under the New Department-Wide Corporate Enforcement Policy

By Samuel H. Chang, David A. Last, Rahul Mukhi, Chase D. Kaniecki & Christopher Kavanaugh on April 1, 2026
Email this postTweet this postLike this postShare this post on LinkedIn

Table of Contents

  • Summary of the Press Release
  • Practical Implications for Companies Facing Potential National Security Violations
  • Key Takeaways
  • Conclusion

On March 30, 2026, the Department of Justice’s National Security Division (NSD) issued a press release reinforcing that companies seeking to voluntarily self-disclose criminal violations of national security laws—including export control and sanctions laws, and foreign investment and foreign telecommunication laws—should report those disclosures directly to NSD.[1] The announcement follows the Department of Justice’s (DOJ) March 10, 2026 release of its first-ever Department-wide Corporate Enforcement Policy (CEP), which established a unified framework for how DOJ evaluates corporate voluntary self-disclosures, cooperation, and remediation across all DOJ components, except the Antitrust Division.[2]

Link to Summary of the Press Release Summary of the Press Release

NSD’s press release signals that NSD is staking out its position as the primary intake point for self-disclosures involving criminal violations of a broad swath of national security-related offenses—areas where companies often look to other agencies, such as the Department of the Treasury’s Office of Foreign Assets Control (OFAC), the Department of Commerce’s Bureau of Industry and Security (BIS), the Federal Communications Commission (FCC), or the Committee on Foreign Investment in the United States (CFIUS). The press release also suggests that other DOJ components may similarly declare their purview over certain voluntary self-disclosures, likely along the lines of the Justice Manual’s approval, consultation, and notification requirements.

  • NSD as the Central Reporting Channel for National Security Violations. NSD’s press release makes clear that the Division views itself as the appropriate recipient of voluntary self-disclosures for criminal violations spanning export control laws, including the Export Control Reform Act (ECRA) and the Arms Export Control Act (AECA), sanctions laws, including the International Emergency Economic Powers Act (IEEPA), provision of material support to or financing of foreign terrorist organizations, and criminal violations in connection with CFIUS and the Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector (Team Telecom). Within these categories, NSD repeatedly emphasizes preventing the unlawful export of sensitive goods and services and unlawful transactions with sanctioned countries and designated entities, suggesting the Division’s prioritization of these types of violations. Notably, NSD omitted mention of the new DOJ’s Data Security Program and Bulk Data Rule, which is also an IEEPA offense, and raises the question of whether—and to what extent—DOJ is investigating and enforcing potential criminal violations of the rule.
  • Alignment with the Department-Wide CEP. The announcement underscores that NSD’s former voluntary self-disclosure policy, the Enforcement Policy for Business Organizations, announced in 2016 and updated periodically, has now been replaced by the Department-wide CEP. The CEP, released in March, established for the first time a single, consistent framework governing how all DOJ components—including all 93 U.S. Attorney’s Offices and divisions of “Main Justice,” with the exception of the Antitrust Division—evaluate voluntary self-disclosures, the quality of a company’s cooperation, and the adequacy of its remediation efforts.[3] NSD’s press release also provides a potential reference point for companies to identify the appropriate DOJ component for voluntary self-disclosures under the new CEP.[4]

Link to Practical Implications for Companies Facing Potential National Security Violations Practical Implications for Companies Facing Potential National Security Violations

The announcement raises important strategic considerations for companies navigating potential violations. Historically, a company that discovered an apparent sanctions violation might have self-disclosed to OFAC, and a company that uncovered an export control issue might have gone to BIS. NSD’s press release makes clear that, where criminal liability is at stake, companies should be engaging directly with NSD—potentially in addition to, rather than instead of, the relevant regulatory agency. Companies should carefully and thoroughly weigh the available benefits of the CEP and self-disclosure to NSD against the risks and burdens of engaging with an additional enforcement body, and should seek counsel with experience across these agencies.

Link to Key Takeaways Key Takeaways

Companies with operations touching export-controlled goods or technology, sanctions-restricted jurisdictions or parties, CFIUS mitigation agreements, or Team Telecom obligations should take note of NSD’s announcement and consider the following steps:

  • Review internal compliance programs and escalation protocols to ensure that potential national security-related violations are investigated and flagged for assessment of whether a voluntary self-disclosure to NSD is appropriate—in addition to any disclosure that may be made to the relevant regulatory agency. 
  • Review the specific requirements and expectations of NSD under the CEP, including the timelines and substantive elements that DOJ considers in evaluating whether a disclosure qualifies for the declination of prosecution, a Non-Prosecution Agreement, or other favorable treatment under the CEP, and engage experienced advocacy and guidance where appropriate. 

Link to Conclusion Conclusion

NSD’s press release is an indication that NSD intends to be a central player in the corporate enforcement landscape and views itself as the appropriate front door for companies seeking to self-disclose potential violations of national security laws. Companies operating in regulated sectors should consider this when devising their compliance, internal investigation, and disclosure strategies.

This article was prepared with contributions from Cleary associates, Joie Goodman and Emily Janikowski.

[1] Press Release, “Reporting Voluntary Self-Disclosures of Violations of National Security Laws Under the Department-wide Corporate Enforcement Policy” (March 30, 2026), available at https://www.justice.gov/opa/pr/reporting-voluntary-self-disclosures-violations-national-security-laws-under-department-wide.

[2] Press Release, “Department of Justice Releases First-Ever Corporate Enforcement Policy for All Criminal Cases” (March 10, 2026), available at https://www.justice.gov/opa/pr/department-justice-releases-first-ever-corporate-enforcement-policy-all-criminal-cases. For further detail, see also Cleary Gottlieb Steen & Hamilton LLP, DOJ Releases First Department-Wide Corporate Enforcement Policy (Mar. 13, 2026), available at https://www.clearygottlieb.com/-/media/files/alert-memos-2026/doj-releases-first-department-wide-corporate-enforcement-policy.pdf (hereinafter, “Cleary Alert on CEP, dated March 13”). 

[3] The CEP is organized into three parts: (i) guidance on obtaining a declination under the CEP, (ii) guidance on DOJ’s approach to a “near miss” voluntary self-disclosure or presence of aggravating factors; and (iii) guidance on how DOJ will approach resolutions in other cases. While NSD’s former policy similarly encouraged companies to voluntarily self-disclose to NSD violations of ECRA, AECA, and IEEPA, the CEP further incentivizes corporate self-disclosure by guaranteeing more significant benefits. See Cleary Alert on CEP, dated March 13.

[4] See Cleary Alert on CEP, dated March 13.

Photo of David A. Last David A. Last

David A. Last’s practice focuses on government and internal investigations, including defending companies and individuals in a wide range of high-stakes domestic and international enforcement actions and trials with a particular focus on Foreign Corrupt Practices Act (FCPA) matters.

Read more about David A. LastEmail
Photo of Rahul Mukhi Rahul Mukhi

Rahul Mukhi’s practice focuses on criminal, securities, and other enforcement and regulatory matters as well as on complex commercial litigation.

Read more about Rahul MukhiEmail
Photo of Chase D. Kaniecki Chase D. Kaniecki

Chase Kaniecki’s practice focuses on international trade and national security matters, including CFIUS and global foreign direct investment, economic sanctions, export controls, customs, and trade remedies.

Read more about Chase D. KanieckiEmail
Photo of Christopher Kavanaugh Christopher Kavanaugh

Chris Kavanaugh’s practice focuses on enforcement and litigation, including high-stakes trials, government and internal investigations, white-collar criminal defense, False Claims Act, and crisis management.

Read more about Christopher KavanaughEmail
  • Posted in:
    Administrative and Regulatory
  • Blog:
    Cleary Foreign Investment and International Trade Watch
  • Organization:
    Cleary Gottlieb Steen & Hamilton LLP
  • Article: View Original Source

Call us at 1-800-913-0988 or email sales@lexblog.com.

Facebook LinkedIn Twitter RSS
  • About LexBlog
  • The Field We Built
  • Our Beliefs
  • Our Team
  • Contact LexBlog
  • Disclaimer
  • Editorial Policy
  • Terms of Service
  • Get Started
  • Publishing Solutions
  • Compass
  • Submit a Request
  • Support Center
  • System Status
Copyright © 2026, LexBlog, Inc. All Rights Reserved.
Law blog design & platform by LexBlog LexBlog Logo