On October 18, 2022, the Department of Justice (DOJ) announced a guilty plea by Lafarge, S.A., a French building materials company, and its Syria-based subsidiary, for providing material support to designated Foreign Terrorist Organizations. The case represents the first criminal prosecution of a company for providing material support to terrorism and demonstrates that the agency is putting teeth behind its recent pronouncements that that it will prioritize national security-related investigations.

Last year, the DOJ announced that one of the agency’s top priorities was fighting corporate crime, with an enhanced focus on national security issues.  As Deputy Attorney General Lisa Monaco explained, “[c]orporate crime has an increasing national security dimension — from the new role of sanctions and export control cases to cyber vulnerabilities that open companies up to foreign attacks.” In September 2022, the DOJ updated its enforcement guidance, notably confirming that misconduct posing a grave threat to national security will be an aggravating factor in deciding whether to take enforcement action in corporate criminal matters. The Lafarge case and other recent enforcement actions highlight the DOJ’s commitment to these principles and portend heightened focus on prosecuting corporations whose compliance and oversight missteps result in threats to U.S. national security.

In the case against Lafarge, federal prosecutors charged the company and its Syrian subsidiary with conspiring to provide payments to the Islamic State of Iraq and al-Sham (ISIS) and the al-Nusrah Front (ANF). Both ISIS and ANF are designated by U.S. sanctions authorities as Foreign Terrorist Organizations, with which transactions by or involving a U.S. nexus are prohibited. As a nexus, the DOJ alleged that an executive of Lafarge who was a dual French-U.S. national was involved in the misconduct.  In addition, the DOJ noted that other personnel involved used email accounts serviced by U.S.-based providers.  According to the DOJ, the company made payments to local terrorist and other armed groups for permission and security assurances that enabled the company to operate a cement plant in Syria.  The company earned approximately $70.3 million in revenue from the plant between 2013 and 2014.  The company was fined over $777 million in connection with these charges.

This enforcement action should serve as a warning to companies operating in high-risk and war-torn regions, where terrorist organizations may hold significant power and influence.  In certain circumstances, it may be exceedingly difficult — and dangerous — for a business to operate without directly or indirectly interacting with these groups. However, since terrorist groups like ISIS and al-Qaeda are not formal entities that would be included on corporate ownership records, typical compliance mechanisms such as list-based screening may not fully capture the risks of dealing with sanctioned criminal organizations. Companies with business or operations in high-risk regions should take heed and ensure that they have developed targeted compliance processes to mitigate the risk of interacting with entities or individuals associated with such amorphous groups.  Robust training for local personnel and third parties (such as contractors) is also critical to avoiding missteps. 

Where a company knows of or consciously disregards a high probability that terrorist organizations may be involved directly or indirectly in a transaction, its failure to effectively address such risks can result in not only civil penalties but may increasingly prompt significant — and novel — criminal sanctions. As the Lafarge prosecution underscores, global businesses should be taking a close look at their compliance procedures to ensure that they align with the DOJ’s newly stated priorities, including the heightened risk of potentially hidden involvement from sanctioned terrorist organizations.