DOJ Declines Prosecution of Company Following Voluntary Self-Disclosure and Cooperation in Export Control Matter

Companies developing sensitive technology that is critical to U.S. national security will mitigate damage if they react quickly in cooperation with the government when that technology is illegally diverted.

The U.S. Department of Justice (DOJ) has announced that it has declined to prosecute the Universities Space Research Association (USRA) after the organization self-disclosed violations of U.S. export control laws to the DOJ that arose from the unauthorized actions of a former employee. The employee, who was responsible for export compliance, unlawfully exported controlled aviation software to Beihang University in China—an entity listed on the Commerce Department’s Entity List. The employee also misappropriated tens of thousands of dollars in funds from software sales. The employee pled guilty to willfully violating the Export Administration Regulations and was sentenced to 20 months in prison, but USRA’s swift move to acknowledge and address these problems demonstrated that it was not complicit in the employee’s actions.

USRA uncovered the misconduct in response to an inquiry by the National Aeronautics and Space Administration (NASA), prompting USRA to launch an internal investigation. After notifying the DOJ directly a few days after discovering the employee’s actions, USRA cooperated throughout the government’s investigation and undertook significant remedial measures regarding its internal controls and compliance program. These included disciplining a supervisory employee for inadequate oversight, enhancing internal controls and compliance programs, and compensating the government for both the embezzled funds and lost time.

Tangible Benefits of Self-Disclosure and Cooperation

The DOJ’s decision to decline prosecution was informed by the Principles of Federal Prosecution of Business Organizations and the NSD Enforcement Policy for Business Organizations. Both establish a presumption of non-prosecution for companies that voluntarily self-disclose, fully cooperate, and undertake appropriate remediation, absent aggravating circumstances. In this instance, the DOJ exercised its discretion to decline prosecution, marking only the second time such a decision has been made under the NSD Enforcement Policy.

Implications

This outcome demonstrates the essential role of strong export control compliance programs within organizations. Ensuring that employees receive comprehensive training and that there is consistent oversight is fundamental to maintaining compliance with all applicable regulations. When potential violations are identified, it is crucial for organizations to act quickly and decisively to reduce risks and reinforce their commitment to regulatory compliance. In this instance, USRA was able to show that the employee acted alone and without authorization. Compliance programs that are consistently audited and improved can strengthen an argument that the breach was the work of a rogue employee.

The Trump Administration has announced its intention to enforce export control laws vigorously. Commerce Department Secretary Lutnick has called for greater fines and enforcement of export control violations and commits to focus in particular on violations involving China, particularly in sensitive areas such as the semiconductor sector. As enforcement agencies intensify their scrutiny of export control issues, organizations should prioritize the regular assessment and enhancement of their compliance frameworks. Taking a proactive approach enables the early identification and resolution of vulnerabilities, helping to prevent violations before they occur. If potential breaches are detected, organizations should consider voluntary self-disclosure, cooperate fully with investigative authorities, and implement corrective actions. 

These measures are vital for managing legal and reputational risks and can significantly improve the prospects of achieving positive outcomes in enforcement proceedings.

Key Takeaway Points

• Conduct frequent reviews and updates of compliance frameworks to stay ahead of evolving risks and regulatory requirements.
• Deliver thorough and ongoing training to employees to foster a culture of compliance and awareness.
• Address potential violations promptly through voluntary disclosure, full cooperation with authorities, and timely remediation.

This memorandum is a summary for general information and discussion only and may be considered an advertisement for certain purposes. It is not a full analysis of the matters presented, may not be relied upon as legal advice, and does not purport to represent the views of our clients or the Firm. Greta L. Nightingale, an O’Melveny partner licensed to practice law in the District of Columbia; Sid Mody, an O’Melveny partner licensed to practice law in Texas; David J. Ribner, an O’Melveny partner licensed to practice law in the District of Columbia and New York; Jim Bowman, an O'Melveny partner licensed to practice law in California; Mark A. Racanelli, an O'Melveny partner licensed to practice law in New York; and Hannah V.L. George, an O'Melveny associate licensed to practice law in the District of Columbia, contributed to the content of this newsletter. The views expressed in this newsletter are the views of the authors except as otherwise noted.

© 2025 O’Melveny & Myers LLP. All Rights Reserved. Portions of this communication may contain attorney advertising. Prior results do not guarantee a similar outcome. Please direct all inquiries regarding New York’s Rules of Professional Conduct to O’Melveny & Myers LLP, 1301 Avenue of the Americas, Suite 1700, New York, NY, 10019, T: +1 212 326 2000.