7 April 2026

DOJ National Security Division issues guidance on voluntary self-disclosures under Department-wide Corporate Enforcement Policy

Written by:Christine Daya Nathaniel Edmonds Christian Ford Nicholas Klein David Stier Lindsey Dieselman Caroline Olsen

On March 30, 2026, the United States Department of Justice (DOJ)’s National Security Division (NSD) issued a press release outlining how companies may make voluntary self-disclosures (VSDs) of potential criminal violations of US national security laws under DOJ’s first-ever Department-wide Corporate Enforcement Policy (CEP). The guidance follows DOJ’s March 10, 2026 announcement of the CEP, which was discussed in detail in DLA Piper’s recent client alert.

Background

The CEP applies to all corporate criminal matters handled by DOJ, with the exception of antitrust violations, and supersedes all component-specific and US Attorney’s Office-specific corporate enforcement policies previously in effect. The policy, as described by DOJ, is designed to ensure consistency across all US Attorneys’ Offices and all DOJ components, as well as encourage companies to voluntarily disclose misconduct, cooperate with investigations, and take prompt remedial actions. Under the CEP, DOJ will decline to prosecute companies that satisfy these criteria, absent certain aggravating circumstances.

The new guidance from NSD explains how the CEP applies in the context of national security matters and provides practical direction on where and how companies may submit VSDs that touch upon national security issues.

Overview of the NSD guidance

The NSD guidance reiterates that, under the CEP, companies are expected to direct disclosures to the “appropriate component of the Department,” while also clarifying that a good-faith disclosure to one component will continue to qualify if the matter is later referred to another. Consistent with NSD’s existing practice, the guidance directs companies to submit VSDs concerning potential criminal violations of US national security laws to NSD’s dedicated email inbox, with the company name included in the subject line. Because all resolutions within the Division’s remit require approval by the Assistant Attorney General (AAG) for NSD, this structure aims to ensure that all national security-related matters are reviewed by personnel under the supervision of the ultimate decision-maker.

The guidance clarifies the scope of matters subject to NSD’s enforcement authority and states that “companies are encouraged to voluntarily self-disclose to NSD any potential criminal violations” relating to matters conducted, handled, or supervised by the NSD AAG. It highlights that, in addition to violations of the US government’s primary export control and sanctions regimes – including the International Traffic in Arms Regulations, the Export Administration Regulations, and sanctions administered by the Office of Foreign Assets Control (OFAC) and the Department of State – NSD’s remit also encompasses other national security-related laws, including:

Laws prohibiting material support to or financing of foreign terrorist organizations (FTOs)
Criminal violations involving the Committee on Foreign Investment in the United States (CFIUS)
Matters involving the Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector (Team Telecom)

A non-exhaustive list of national security statutes falling under NSD’s supervision is set out in Section 9-90.020 of DOJ’s Justice Manual.

Key takeaways

NSD remains the central intake point for national security-related VSDs. Companies identifying potential criminal violations of export controls, sanctions, FTO dealings, or other national security laws are directed to submit VSDs to NSD’s dedicated inbox rather than solely to a local US Attorney’s Office or relevant regulatory agencies. This approach aligns with the CEP’s stated objective of promoting greater uniformity and predictability across DOJ components and reflects NSD’s role in overseeing national security matters.

The CEP likely supersedes the prior NSD Enforcement Policy for Business Organizations. As discussed in DLA Piper’s prior alert, the CEP supersedes all component-specific corporate enforcement policies. This supersession likely includes the NSD’s prior VSD policy, which provided specific benefits for export control and sanctions matters as well as a presumption of declination for companies that self-disclosed, cooperated, and remediated without aggravating factors. The NSD guidance does not address whether any elements of that prior policy will continue to apply.
Good-faith disclosures to other DOJ components may still qualify under the CEP. The CEP provides that a company making a good-faith disclosure to one DOJ component may still receive VSD consideration if the matter is later referred to another appropriate component. The CEP also clarifies that disclosures made solely to federal regulatory agencies, state or local authorities, or civil enforcement agencies generally do not qualify, although good-faith disclosures to such entities “may qualify if appropriate under the circumstances,” based on the facts and at DOJ’s discretion. As a result, companies that have previously reported potential national security-related violations to other DOJ components, including local US Attorneys’ Offices, or only to regulatory bodies, such as the Directorate of Defense Trade Controls, OFAC, or the Bureau of Industry and Security, may consider whether a VSD to NSD is appropriate where potential criminal conduct is implicated.

Disclosure timing remains a key consideration. The guidance underscores that timing continues to be a relevant factor in the voluntary self-disclosure analysis. Companies are also tasked with developing sufficient information to support a meaningful disclosure, balanced against the risk that delays could affect timeliness or result in the government becoming aware of the misconduct through other means.

The guidance reflects the breadth of NSD’s national security enforcement remit. By expressly referencing matters involving FTOs, CFIUS, and Team Telecom, the guidance highlights the range of national security-related criminal conduct within NSD’s jurisdiction. These references illustrate that NSD’s enforcement responsibilities extend beyond traditional export control and sanctions matters to other criminal laws affecting, involving, or relating to national security, consistent with the Justice Manual and the CEP.

DLA Piper stands ready to assist companies in navigating internal and government-facing investigations, enforcement actions, and compliance matters. For more information, please contact the authors.