Inside DOJ’s new cyber fraud initiative
The Department of Justice (DOJ) recently announced the launch of the Civil Cyber-Fraud Initiative, which will use the False Claims Act (FCA) to prosecute cybersecurity-related fraud by government contractors and grant recipients. The main features and takeaways of this new initiative are discussed below.
- The initiative aims to hold accountable entities or individuals who endanger US information or systems by (1) knowingly providing deficient cybersecurity products or services, (2) knowingly distorting their cybersecurity practices or protocols, or (3) knowingly violating obligations to monitor and report cybersecurity incidents and breaches.
- The initiative will use the FCA – which “is the government’s primary civilian tool to repair false claims for federal funds and property involving government programs and operations” – to prosecute cybersecurity-related fraud by government contractors and grant recipients. The FCA includes a unique whistleblower provision that “allows private parties to help the government identify and prosecute fraudulent conduct and participate in any recovery and protects whistleblowers.” . . retaliation.
- The creation of the initiative “is the direct result of the comprehensive cybernetic examination underway of the ministry, ordered by the Deputy Attorney General of Monaco last May”. The review is “aimed at developing concrete recommendations to improve and expand” DOJ’s efforts against cyber threats.
- The initiative will be led by the Commercial Litigation Division of the DOJ Civil Division, Fraud Section, but DOJ will work closely with other federal agencies, subject matter experts and its enforcement partners. of law across government.
Key points to remember
In 2019, a federal district court first reported that cybersecurity compliance by government contractors could be the subject of FCA legal action (see United States ex rel. Markus v Aerojet Rocketdyne Holdings, Inc.). In December 2020 and February 2021, DOJ officials publicly pointed out that cybersecurity-related fraud is an area where we may see increased FCA activity in the near future. Looking back, these events and remarks predicted the formation by the GM of the Civil Cyber-Fraud Initiative, which is perhaps the most significant development to date regarding the DOJ’s increased focus on cybersecurity fraud. .
This new initiative strongly suggests that the Department of Justice will initiate and intervene in more lawsuits against the FCA involving allegations that government contractors and grant recipients failed to meet contractual and other legal requirements relating to the FCA. cybersecurity. Therefore, government contractors and grant recipients would be advised to review and strengthen their cybersecurity compliance, education and reporting practices.