DOJ Issues First Post-Pause FCPA Corporate DPA

Note: This article is written for general informational purposes and is not legal advice. It summarizes public information about the DOJ’s first post-pause FCPA corporate deferred prosecution agreement and what it may mean for companies, compliance teams, and executives operating across borders.

The Department of Justice has sent a message that the Foreign Corrupt Practices Act did not go on a permanent vacation. After a high-profile pause in FCPA enforcement, the DOJ’s corporate anti-bribery machine has restarted with a case that is both familiar and freshly instructive: a telecommunications company, a complex joint venture, alleged payments to foreign officials, and compliance lessons with enough moving parts to make any general counsel reach for coffee.

The first post-pause FCPA corporate DPA involves Comunicaciones Celulares S.A., doing business as TIGO Guatemala, a subsidiary of Millicom International Cellular S.A. The company entered into a two-year deferred prosecution agreement to resolve allegations that it participated in a long-running scheme to bribe Guatemalan officials. The resolution required more than $118 million in total payments, including a $60 million criminal penalty and $58,198,343 in administrative forfeiture.

That is the headline. The deeper story is more useful: the DOJ is still enforcing the FCPA, but it is doing so through a newly sharpened lens. Serious bribery, alleged links to narcotrafficking proceeds, individual misconduct, foreign government influence, and corporate cooperation all sit at the center of this case. In other words, the DOJ has not tossed the FCPA into a filing cabinet labeled “maybe later.” It has narrowed the spotlight and pointed it at higher-impact cases.

What Happened in the TIGO Guatemala FCPA Case?

TIGO Guatemala was a mobile and fixed telecommunications provider operating in Guatemala. During the relevant period, it was part of a joint venture structure involving Millicom and a local shareholder. According to the DOJ’s filings, from about 2012 through June 2018, TIGO Guatemala participated in a bribery scheme involving payments to Guatemalan government officials, including members of Congress or people connected to their security teams.

The alleged purpose was straightforward, if deeply problematic: obtain favorable government action and protect business advantages. Prosecutors said the payments helped secure support for legislation and policy outcomes that benefited TIGO Guatemala, including advantages tied to telecommunications business in the country.

The DOJ’s description of the conduct was not about small gifts, travel courtesies, or awkward business dinners with suspiciously expensive appetizers. The government described a widespread and systematic scheme involving monthly cash payments. Even more significantly, some cash allegedly used to fund bribes came from laundered narcotrafficking proceeds. That detail is one reason this case fits neatly into the DOJ’s revised FCPA priorities after the enforcement pause.

Why the “Post-Pause” Label Matters

In February 2025, the Trump administration ordered a pause and review of FCPA enforcement. The policy shift raised a big question in the anti-corruption world: Would the DOJ substantially retreat from foreign bribery cases, or would it simply become more selective?

The June 2025 FCPA guidelines answered that question with a “more selective, but still active” approach. The DOJ directed prosecutors to focus on cases that directly implicate U.S. national interests, harm fair competition, involve serious misconduct, or connect to cartels and transnational criminal organizations. The guidelines also emphasized speed, individual accountability, and avoiding unnecessary burdens on lawful business operations.

The TIGO Guatemala DPA is important because it shows how those policy priorities may work in real life. This was not a low-dollar facilitation-payment case. It involved alleged bribery of lawmakers, concealment, a long time span, significant business benefits, and a narcotrafficking-related money trail. For prosecutors working under the new framework, that is not a gray area. That is a flashing neon sign reading, “This still matters.”

The Deferred Prosecution Agreement Explained

A deferred prosecution agreement, or DPA, allows the DOJ to file criminal charges while agreeing to defer prosecution if the company meets specific obligations. Think of it as a strict probationary agreement for a corporation: pay penalties, cooperate, improve compliance, report back, and avoid further trouble. If the company complies, the government may later dismiss the charges.

In this case, TIGO Guatemala accepted responsibility for the conduct described in the statement of facts. The company agreed to cooperate with ongoing and future investigations, enhance its compliance program, strengthen internal controls, and report periodically to the DOJ. Millicom, while not a defendant, also agreed to certain obligations under the agreement.

The DPA term is two years, shorter than the three-year term often seen in corporate FCPA resolutions. The DOJ also declined to impose an independent compliance monitor. That matters because monitorships can be expensive, intrusive, and administratively demanding. Avoiding one is not a small perk; it is a major compliance outcome.

Why TIGO Guatemala Received Cooperation Credit

The DOJ gave the company and Millicom credit for cooperation and remediation. The government pointed to several actions, including collecting and organizing large volumes of information, conducting forensic data work in relevant countries, making foreign-based employees available for interviews in the United States, giving detailed factual presentations, and identifying key documents, including Spanish-language materials.

The DOJ also credited remedial measures taken after Millicom acquired full ownership and control of TIGO Guatemala in 2021. Those measures included a root-cause analysis, risk assessment, personnel changes, new management and compliance leadership, improved third-party onboarding, transaction monitoring, data analytics, automated continuous monitoring, testing of more than 250 transactions, and a policy for ephemeral messaging.

The compliance headcount detail is especially striking. The DOJ noted that Millicom significantly expanded and resourced its global compliance program over a 10-year period, including growing dedicated compliance headcount by 800%. That is not a cosmetic upgrade. That is the corporate equivalent of replacing a garden hose with a fire suppression system.

Why the Company Did Not Receive a Declination

The case also shows the limits of voluntary self-disclosure. Millicom initially disclosed misconduct in 2015, and the DOJ later closed its first investigation in 2018. However, prosecutors reopened the matter in 2020 after developing new evidence from sources other than TIGO Guatemala and Millicom. The DOJ said the new evidence revealed that the conduct was broader than initially known, continued during and after the first investigation, and involved narcotrafficking proceeds used to generate cash for some bribes.

Because of those facts, TIGO Guatemala did not qualify for a declination or a more favorable “near miss” resolution under the Criminal Division’s Corporate Enforcement and Voluntary Self-Disclosure Policy. Instead, the company received credit under the policy’s discretionary resolution framework. The result was still meaningful: a 50% reduction from the bottom of the applicable U.S. Sentencing Guidelines fine range.

The lesson is subtle but powerful. Self-disclosure can help, but it is not magic dust. A company cannot simply disclose a slice of misconduct, discover later that the loaf was larger, and expect full credit as if the whole bakery had been reported from day one. The DOJ will look at timing, completeness, cooperation, remediation, and whether aggravating facts remain.

What the Case Signals About DOJ FCPA Enforcement

The first post-pause FCPA corporate DPA suggests several practical enforcement signals. First, the DOJ is likely to prioritize cases involving serious bribery schemes rather than borderline conduct. Second, Latin America may remain an area of close scrutiny, especially where corruption intersects with organized crime, narcotics trafficking, money laundering, or strategic infrastructure. Third, joint ventures remain a major FCPA risk area because ownership does not always equal control.

The joint venture point deserves special attention. Millicom held a majority stake during the relevant period but lacked operational control, according to public materials. That distinction became central to the narrative. In high-risk markets, a company may own enough of a business to suffer consequences but not enough to access records, discipline employees, control third parties, or stop questionable payments. That is a painful middle seat: responsible enough to be exposed, powerless enough to be surprised.

The DOJ’s approach also underscores the continuing importance of individual accountability. The revised guidelines tell prosecutors to focus on individuals who engaged in criminal misconduct rather than vague corporate blame. Companies should expect prosecutors to ask who approved payments, who ignored red flags, who controlled cash, who managed intermediaries, and who benefited from the misconduct.

Compliance Lessons for Companies

1. Joint Venture Control Must Be Real, Not Decorative

Companies entering joint ventures in high-risk jurisdictions should negotiate practical compliance rights. These may include audit access, books-and-records visibility, approval rights over high-risk payments, control over government-facing intermediaries, mandatory anti-corruption training, investigation cooperation clauses, and termination rights for misconduct. A compliance clause that cannot be enforced is just a nice paragraph wearing a tiny legal hat.

2. Data Analytics Are Now a Compliance Expectation

The DOJ highlighted data analytics and automated monitoring. That means modern anti-corruption compliance is no longer limited to annual training, policy PDFs, and a hotline poster in the break room. Companies should use payment analytics, vendor risk scoring, duplicate invoice detection, round-dollar payment reviews, high-risk jurisdiction monitoring, and transaction testing to find red flags before prosecutors do.

3. Ephemeral Messaging Needs a Policy and a System

Messaging apps are a recurring headache in corporate investigations. The TIGO Guatemala resolution shows that the DOJ continues to care about whether companies can preserve, review, and analyze business communications, including ephemeral messages. A policy alone may not be enough. Companies need training, employee acknowledgments, retention controls, and practical enforcement.

4. Self-Disclosure Must Be Prompt and Complete

Voluntary self-disclosure remains valuable, but companies should approach it carefully. The best disclosure strategy is not “tell the DOJ something and hope the rest stays buried.” It is to investigate quickly, preserve evidence, disclose known facts, update the government as new facts develop, and avoid creating the impression that the company managed the truth like a public relations campaign.

5. Remediation Should Address Root Causes

The DOJ wants to see more than employee discipline. It wants to know why the misconduct happened, how the company changed, and whether similar conduct can happen again. Root-cause analysis, third-party control upgrades, leadership changes, compliance independence, risk-based training, and transaction monitoring all matter.

Why This DPA Matters Beyond Telecommunications

Although the case involves a telecom provider, its lessons apply far beyond the telecommunications industry. Any company operating in markets where government permissions, licenses, customs approvals, tax decisions, procurement contracts, infrastructure rights, or regulatory approvals are critical should pay attention.

The bribery risks are especially high when business success depends on a small circle of public officials. Spectrum rights, mining concessions, port access, energy permits, public tenders, defense contracts, medical procurement, and construction approvals can all create pressure points. When those pressure points combine with weak internal controls and powerful local partners, the FCPA risk can rise quickly.

The post-pause enforcement environment may be more targeted, but targeted does not mean gentle. It means the DOJ may spend fewer resources on marginal cases and more energy on cases it believes involve major misconduct, national interests, organized crime connections, or substantial competitive harm. Companies should not mistake a narrower enforcement lens for a blindfold.

Practical Experience: What Compliance Teams Should Take From the First Post-Pause FCPA Corporate DPA

From a practical compliance perspective, the TIGO Guatemala DPA feels less like a one-off enforcement story and more like a field manual written in prosecutor ink. The first experience-based lesson is that control gaps in joint ventures are not theoretical. They become real when a parent company cannot access documents, cannot compel employees to cooperate, and cannot force a local partner to remediate. In boardrooms, “lack of operational control” may sound like a technical governance issue. In an FCPA investigation, it can become the plot twist that makes everything harder.

Companies with joint ventures should treat anti-corruption rights as business-critical terms, not legal decorations added at the end of negotiations. Before entering a venture, compliance teams should ask blunt questions: Who approves government-facing payments? Who controls bank accounts? Who selects lobbyists, consultants, customs brokers, lawyers, or fixers? Who can suspend a vendor? Who can preserve emails and messaging data? Who can interview employees? If the answer is “our partner, mostly,” the company should assume it may one day have to explain that arrangement to prosecutors.

The second lesson is that early self-reporting can help, but it does not freeze the facts in amber. A company that discloses misconduct should continue investigating with discipline and humility. The first report to the DOJ is rarely the final chapter. New documents appear. Former employees talk. Payment trails get reconstructed. Local media, whistleblowers, subpoenas, and foreign authorities can all add new layers. Smart companies keep updating their understanding instead of treating the initial disclosure like a completed homework assignment.

The third lesson is that remediation must be visible, measurable, and tested. Prosecutors are not impressed by a new policy if nobody can show whether it works. Training attendance, transaction testing, vendor rejection rates, hotline trends, due diligence files, audit findings, and discipline records all help prove that compliance is operating in the real world. In the TIGO Guatemala matter, the DOJ credited transaction testing, data analytics, monitoring, compliance headcount growth, and direct reporting lines. That is a clear hint: evidence beats slogans.

The fourth lesson is about messaging platforms. Many companies still handle business chats as if disappearing messages are a productivity feature with no legal downside. That is risky. Compliance teams should know which apps employees use, whether business records are preserved, how exceptions are handled, and whether employees understand the rules. A beautifully written policy nobody follows is not a control; it is office wallpaper.

The final experience-based takeaway is cultural. Bribery schemes often survive because they become routine. Monthly payments, familiar intermediaries, trusted executives, and “that is how it works here” explanations can normalize misconduct. A strong compliance program interrupts that comfort. It asks annoying questions. It blocks payments. It escalates red flags. It makes powerful people document decisions. That may not make compliance the most popular department at the party, but it can keep the company out of a DPAor at least help it earn credit if something goes wrong.

Conclusion

The DOJ’s first post-pause FCPA corporate DPA is more than a single anti-bribery resolution. It is a signal that FCPA enforcement remains alive, but more focused on serious misconduct that fits the Department’s revised priorities. The TIGO Guatemala case shows that cooperation, remediation, and compliance investment can materially improve outcomes. It also shows that voluntary disclosure has limits when the full scope of misconduct later proves broader, more serious, or tied to aggravating facts.

For companies operating internationally, the message is practical: do not wait for a subpoena to discover how your business really works. Review joint ventures. Test third-party controls. Preserve business communications. Use data analytics. Document remediation. And when misconduct appears, respond quickly and completely. In the post-pause FCPA era, the DOJ may be more selectivebut when it moves, it still moves with teeth.