Corporate Criminal Law Is Too Broad—Worse, It’s Too Narrow

Robert Thomas*

Full Article.


Corporate criminal law is built atop the doctrine of respondeat superior, whereby a business organization can be convicted for virtually any crime committed by its employee. Critics have noted for more than a century that this rule of attribution exposes businesses to the prospect of more criminal liability than is either just or efficient—in short, respondeat superior is overbroad. By contrast, virtually no attention has been paid to the fact that this same doctrine is also underbroad; in addition to including too much conduct under its ambit, respondeat superior also captures too little misconduct. However, this formal symmetry belies a deep, substantive asymmetry. The ambition of this project is to show that respondeat superior’s underbreadth problems are—or, at the very least, are becoming—both more serious and more intractable than its overbreadth problems.

There are several reasons to worry about underbreadth more, and at least one reason to worry about overbreadth less, than we do now. First, because the doctrine treats an individual employee’s liability as a predicate to corporate liability, respondeat superior reliably excludes from the criminal law predictable swaths of cases for which, in our ordinary lives, we would be disposed to attribute responsibility to an organization rather than to any individual. Second, respondeat superior is not just generically underinclusive—it’s not failing to capture random instances of wrongdoing—but also becomes less capable of reaching a case even as the normative basis for assigning responsibility to an organization gets stronger. As a result, respondeat superior risks focusing corporate criminal law on peripheral cases of organizational wrongdoing while excluding paradigmatic ones. Third, this disconnect between normative practice and legal doctrine is poised to grow ever starker as machine learning and other algorithmic decision-making processes further confound the criminal law’s attempts to trace corporate misconduct to a single, predicate offender. Fourth and finally, the past three decades have seen laudable, successful efforts to mitigate the risks associated with respondeat superior’s overbreadth. However, those mechanisms ameliorating the problems associated with overbreadth do nothing to manage underbreadth—and, if anything, are likely to make the problems of underbreadth worse.




I. Assessing Overbreadth

A. Respondeat Superior as the Basis for Attribution

  1. A Brief History of an Accidental Doctrine
  2. The Continued Resilience of Vicarious Liability

B. Respondeat Superior’s Longstanding Overbreadth Problem

C. Overbreadth’s Harms Are Manageable and Mostly Managed

  1. Managing Overbreadth Through Criminal Law
  2. Managing Overbreadth Through Corporate Enforcement

II.. Diagnosing Underbreadth

A. Organizational Responsibility as a Target for Attribution

  1. Understanding Organizational Responsibility Outside Corporate Criminal Law
  2. Situating Organizational Responsibility Inside Corporate Criminal Law

B. Why Respondeat Superior Misses Its Target

  1. Respondeat Superior as an Irrelevant Proxy
  2. Respondeat Superior as a Destructive Proxy

III. Evaluating Underbreadth

A. Underbroad in Principle: The Cases Respondeat Superior Leaves Behind

  1. Dispersed Wrongs and Collective Harms
  2. Nonseparable Wrongs and Epistemic Uncertainty
  3. Algorithmic Wrongs and the Future of Governance

B. Underbroad in Practice: The Enforcement Consequences of a Mistargeted Attribution Rule

  1. How Not To Think About Underenforcement
  2. Underbreadth’s Enforcement Pathologies

IV. Reevaluating Overbreadth, Reforming Underbreadth

A. The Standard Wisdom Revisited: Why Underbreadth Might Now Matter More than Overbreadth

  1. Is Underbreadth Worse than Overbreadth?
  2. Is Underbreadth Less Manageable than Overbreadth?

B. Pathways to Reform: Get Rid of Underbreadth or Replace It with Overbreadth

  1. From Vicarious Liability to Direct Liability
  2. From Vicarious Liability to Vicarious Attribution




Theranos Inc. had a rough 2015. In January of that year, Theranos looked set to revolutionize the American health care industry on the back of its signature innovation—a portable blood analyzer, called the Edison—and the brain of its founder—CEO, Elizabeth Holmes.[1] Twelve months later, the company existed in all but name only, its reputation (and $9 billion valuation) devastated as journalists uncovered a series of “massive,” “elaborate,” and “years-long” frauds.[2] For example, Theranos advertised to investors revenues of $100 million when it actually earned only $100,000.[3] It claimed the Pentagon was carrying Edisons into combat zones and aboard medivac helicopters, but that wasn’t true either.[4] Most importantly, Theranos was built on the singular promise that its technology could evaluate instantly, using only a single drop of blood, every condition that traditional blood tests required an entire lab to analyze.[5] But this too-good-to-be-true promise turned out to be . . . well, too good to be true: the Edison never worked, couldn’t work, and yet was used on patients with predictable, and predictably tragic, consequences.[6]

Federal law has long recognized that a business organization—be it a corporation, partnership, or other commercial entity—can be found guilty of a crime.[7] And when it comes to the prospect of criminal liability, Theranos offers a textbook example of fraud.[8] But still, under what conditions is it appropriate to attribute criminal liability to the company itself—as opposed to, say, Holmes, Theranos’s directors, its software engineers or scientists, all or even none of the above? Given that an organization can be charged separate and apart from any individuals within that organization, when should it be?

The doctrine of respondeat superior has, for more than a century, anchored federal criminal law’s response: a business organization can be convicted of virtually any and all crimes that its agent commits while acting within the scope of her employment.[9] It is hard to understate respondeat superior’s role in corporate criminal law: every conviction, plea, and settlement agreement is carried out through, or in the shadow of, this attribution rule.[10] And yet, despite both its longevity and centrality, “there is virtually unanimous agreement” that this doctrine is too broad.[11] Because even assuming that an organization should be held criminally responsible for some misconduct, intuitively no organization seems responsible for all the misconduct that respondeat superior would attribute to it. How plausible is it to say, for example, that the company itself committed a crime carried out by a rogue employee, even when management diligently and aggressively tried to prevent it?[12]Or to convict an organization for crimes committed against the company, for which the business is the only victim?[13] These examples, according to the standard wisdom, speak to a deeper disconnect: the thing that respondeat superior targets, individual liability, is a poor proxy for what corporate criminal law should ostensibly care about—namely, organizational responsibility.[14] As a result, respondeat superior exposes businesses to the prospect of more criminal liability than is either just or efficient.

The standard wisdom about respondeat superior’s overbreadth is correct . . . but it is woefully incomplete. Because owing to the same fundamental disconnect, the doctrine is underbroad as well. And yet, for all the attention respondeat superior’s overbreadth problem commands, its underbreadth has gone virtually ignored.[15] By comparison, the magnitude of respondeat superior’s underbreadth problem, and the harms that it might thereby impose on corporate criminal enforcement, remains underexplored and undertheorized.[16] And while this one-sided attention may be understandable—after all, the criminal law is generally more concerned with overbreadth than its counterpart[17]—here it is nevertheless misplaced. Although it remains a problem that the doctrine of respondeat superior is still too broad, increasingly a more serious, more intractable problem now facing corporate criminal law is that the doctrine is too narrow.

This Article seeks to reorient a century’s worth of criticism of the attribution rule sitting at the heart of corporate criminal law. The ambition is to lay bare the underappreciated magnitude of respondeat superior’s underbreadth problems; shine a light on the broad array of harms this doctrinal shortcoming brings; and situate those harms against a backdrop of corporate criminal scholarship and practice that have for decades prioritized solving, or at least mitigating, the same doctrine’s overbreadth. Taken together, there are several reasons to worry about underbreadth more, and at least one reason to worry about overbreadth less, than we do now.

To start, respondeat superior excludes large swaths of organizational wrongdoing from the ambit of corporate criminal law. For example, criminal liability cannot be attributed to an organization if different individuals dispersed throughout the organization each committed different elements of the crime.[18] After all, respondeat superior is a rule of vicarious liability: the organization cannot be held criminally responsible unless one single individual can be held criminally responsible.[19] Similarly, respondeat superior precludes liability when individuals’ roles in bringing about some larger wrongdoing cannot be neatly separated out—that is, when it is simply unclear whether or not each element of a crime traces to a single individual.[20] But, in practice, synthesizing individual inputs into an output greater than, and irreducible to, its constituent parts is not just something business organizations occasionally or randomly do—it is what any effective organization is designed to do.[21] As a result, circumstances where organizational wrongdoing is either dispersed or nonseparable likely occur far more frequently than the current doctrine would suggest. And moreover, this trend is accelerating in response to the introduction of machine learning and other algorithmic decision-making processes into corporate governance, which further confound the criminal law’s attempts to trace misconduct back to a single, predicate offender.[22]

The problem here is not just that underbreadth excludes some, or even many, potential cases. More importantly, underbreadth excludes from the reach of federal criminal law paradigmatic instances of organizational responsibility—in other words, precisely the sorts of wrongdoing that the standard wisdom suggests an attribution rule should prioritize. By now, the best evidence in moral philosophy, social psychology, and cognitive science agrees that we routinely blame organizations for their bad behavior in much the same way that we blame individuals for their own misconduct.[23] More to the point, evidence that wrongdoing was dispersed through an organization, or otherwise not easily traceable to discrete individuals inside the organization, is precisely the circumstance where our judgments of organizational responsibility attach most strongly.[24] In other words, the cases that underbreadth excludes are not just any false negatives: the stronger our normative grounds are for assigning responsibility to an organization, the less well-equipped the doctrine is to capture such a case.

Respondeat superior’s underbreadth is by now so ingrained that it can be easy to overlook the extent to which it might contribute to well-known pathologies plaguing corporate criminal enforcement. For one, underbreadth informs why business organizations are so rarely prosecuted in general, as well as why the little enforcement that does occur slants disproportionately toward very small firms rather than large, public companies.[25] In a nutshell, prosecuting corporate crimes is difficult, and a central reason for this difficulty is an attribution rule requiring that every element of the offense cohere in a single individual inside the organization.[26] But for the reasons suggested, this expectation is implausible given how business organizations are designed—especially when it comes to large-scale organizations. For another, by excluding paradigmatic cases of organizational responsibility, underbreadth creates an incentive for prosecutors to pursue high-profile cases in a manner that is pretextual at best and extralegal at worst.[27] These practices would be problematic on their own but are made worse by the fact that, in light of the enforcement challenges underbreadth creates, prosecutors have increasingly come to rely on the company to investigate itself.[28] This has the effect of aligning the interests of prosecutors and managers against the organization’s low-level employees.[29] And, owing to the tendency of underbreadth to apply in cases of paradigmatic organizational wrongdoing, the more suffuse and systematic the wrongdoing, the stronger these perverse incentives become.

Finally, underbreadth’s challenges to the legitimacy of corporate criminal law are, if not more serious than those posed by overbreadth, then at least more intractable. To be sure, respondeat superior remains too broad: the doctrine, viewed in isolation, allows for the possibility of criminal liability detached from any sense of organizational responsibility. But first, mechanisms inherent to the criminal law—prosecutorial discretion being one example, heightened mens rea standards another—operate to constrain the risks attendant to a doctrine that, standing alone, would otherwise criminalize too much conduct.[30] These mechanisms don’t operate in the opposite direction; the criminal law is not designed to expand an otherwise-underbroad attribution rule. And second, appealing to the restraining influence of prosecutorial discretion might admittedly offer cold comfort in many areas of the criminal law.[31] Nevertheless, circumstances unique to the corporate context have over the past two decades produced a practice that is at once wildly divorced from its capacious doctrine and also more responsive by comparison to some of its critics’ longstanding complaints.[32] Again, no such consensus is ever likely to support expanding companies’ prospective liability. In short, although the field of corporate criminal law has proven both able and willing to address respondeat superior’s overbreadth, we have little reason to expect the same will hold for underbreadth.

Taken together, the ambition of this project is to demonstrate that our standard wisdom about respondeat superior fails to appreciate its underbreadth, creating harms that cannot be mitigated in the same way or with the same success as they can for overbreadth. In making the case, this Article proceeds as follows:

Part I briefly surveys the history of respondeat superior within corporate criminal law. It then rehearses, and partially endorses, the settled wisdom: the doctrine of respondeat superior is overbroad. Specifically, the doctrine allows for criminal liability in cases where assigning responsibility to the organization itself fails to match either our moral intuitions or our models of optimal deterrence. Nevertheless, Part I then demonstrates that, despite these doctrinal deficiencies, the consequences attendant to overbreadth are both manageable and have been mostly managed. The difficulties inherent in detecting organizational misconduct, the deep pockets of corporate defendants, the sophistication of the white-collar defense bar, and the bilateral risk posed by collateral consequences all operate to restrict and ameliorate concerns about overbreadth in corporate criminal law.

Part II excavates the foundation of respondeat superior’s underbreadth. The central flaw at the heart of respondeat superior—one that causes the doctrine to be at once too broad and too narrow—is that it treats an individual employee’s liability as a proxy for, and predicate of, organizational responsibility. This commitment turns out to be at once conceptually confused and just substantively wrong. Conceptually, it gets its purchase by conflating two entirely distinct notions of responsibility—in a slogan, the doctrine confuses causal responsibility for criminal responsibility. Substantively, in taking organizational responsibility to derive from some individual’s responsibility, respondeat superior endorses a view that is contrary to the best evidence in moral psychology, cognitive science, and organizational theory—not to mention our ordinary, day-to-day experiences of blaming organizations for their bad behavior.

Part III spells out the legal implications of this disconnect between normative practice and legal doctrine. First, it identifies two classes of cases that respondeat superior is most likely to exclude—dispersed wrongs and nonseparable wrongs—and then demonstrates that these classes are both commonplace and, in light of technological innovations, likely to become even more so. Next, Part III canvases the costs of underbreadth on corporate criminal enforcement. Unsurprisingly, underbreadth can lead to underenforcement. But moreover, it can also incentivize prosecutors to enforce the law pretextually; employers to scapegoat their own employees; and both sides to embrace expensive, ineffective compliance reforms unlikely to address the source of misconduct.

Part IV resituates our understanding of overbreadth in light of the lessons learned about underbreadth. The real problem with respondeat superior is that, by relying on individual liability as a proxy, it aims the attention of corporate criminal law away from core, paradigmatic kinds of organizational wrongdoing and toward peripheral cases in which an organization’s wrongdoing happens to cohere in a single individual. In doing so, the doctrine happens to be too broad: it captures cases at the periphery but also beyond it. But the more fundamental concern should be that the doctrine is barely aimed at organizational responsibility in the first place. In other words, it’s a problem that respondeat superior is overbroad but a bigger problem that it is underbroad. Finally, Part IV closes by considering two implications for doctrinal reform. In particular, it suggests managing respondeat superior’s underbreadth problem the same way that corporate criminal law has managed the doctrine’s shortcomings to date: by converting the doctrine’s underbreadth problem into, ironically, an overbreadth problem.

I.  Assessing Overbreadth

The core idea behind respondeat superior—namely, that an organization’s liability derives from the liability of a single, predicate individual offender—has remained mostly unchanged since first adopted into the federal criminal law of corporations.[33] And for almost as long, the settled wisdom has been that this approach to attribution creates liability in cases where assigning responsibility to the organization itself violates either our moral intuitions or our models of optimal deterrence.

However, the settled wisdom, if descriptively accurate, is overblown. In part because of decades of sustained criticism, the status quo has been to sand down considerably the otherwise sharp edges of this legal doctrine. As a result, it is now the case that overbreadth concerns about the doctrine of respondeat superior pose a continuing, but ultimately manageable, obstacle for the broader practice of corporate criminal law.

A.    Respondeat Superior as the Basis for Attribution

The federal doctrine underlying corporate criminal law was born in 1909 almost by accident,[34] and yet it has proven remarkably durable in the century‑plus since.

  1. A Brief History of an Accidental Doctrine

The idea that a corporation could commit a crime existed well before respondeat superior settled at the heart of the federal criminal law of corporations. By the turn of the twentieth century, state courts had already spent decades grappling with how to adapt traditional elements of the criminal law to apply to corporate persons.[35] Meanwhile, Congress had been explicitly criminalizing corporate misconduct since at least the Sherman Antitrust Act of 1890,[36] and the Supreme Court had already considered a corporation’s criminal procedural protections under the Fourth and Fifth Amendments.[37]

Nevertheless, it wouldn’t be until New York Central & Hudson River Railroad Co. v. United States that the Supreme Court would for the first time affirm Congress’s constitutional authority to create a criminal statute applicable to corporate persons.[38] In explaining how a corporation could commit a crime under the Elkins Act—that is, how a legal entity could be interpreted to have acted and acted intentionally—the Court leveraged respondeat superior principles taken from tort and agency law:

[T]he act of the agent, while exercising the authority delegated to him . . . may be controlled, in the interest of public policy, by imputing his act to his employer . . . . [W]e see no good reason why corporations may not be held responsible for and charged with the knowledge and purposes of their agents, acting within the authority conferred upon them.[39]

The Supreme Court did not pull respondeat superior from the ether. Congress, it turns out, had embedded this rule of attribution, without explanation, into the Elkins Act.[40] As such, New York Central didn’t announce a new blanket rule for assigning organizational responsibility as much as it read off the liability attribution rule provide by a duly enacted statute.[41]

Nevertheless, in the years immediately following, lower courts expanded the doctrine of respondeat superior far beyond the Elkins Act.[42]In doing so, federal courts generally applied New York Central’s version of vicarious liability to other statutes irrespective of any independent statutory basis for doing so.[43] By 1943, the Supreme Court would survey these lower-court decisions and conclude that “legal understanding and practice had rendered” the need for an explicit legislative statement “superfluous for holding a corporation criminally liable.”[44] In an act of judicial bootstrapping, the Court thereby ratified lower courts’ embrace of respondeat superior as a generic rule for attributing criminal liability to a corporation.[45] Respondeat superior thus became something like federal criminal common law—a brooding, omnipresent rule of attribution substituting for legislative silence.

  1. The Continued Resilience of Vicarious Liability

Now over a century later, the broad contours of respondeat superior remain virtually unchanged since New York Central, save for one major caveat. Originally, and consistent with traditional agency principles, the doctrine allowed for attribution only after two conditions were met: that the individual committed the predicate offense while “within the scope of [her] employment” and that the agent acted with the intent to benefit the entity.[46] Over the past century, however, courts have consistently treated the intent‑to‑benefit requirement as a hypothetical inquiry: what matters is whether an organization could have benefited from an employee’s conduct in any way, rather than whether it did in fact benefit.[47] The practical upshot has been to “interpret[ ] the element ‘for the benefit of the corporation’ almost out of existence.”[48] The broad contours of this modern approach to respondeat superior thus largely enshrine the attribution rule in its original form while making it slightly easier for prosecutors to leverage individual predicate offenders as a means of reaching the responsible organization.

A handful of attempted reforms bear mention briefly only to reaffirm the doctrine’s resilience through this period. First, academic critics have long sought to get rid of respondeat superior entirely, replacing it with a direct liability alternative that more accurately tracks what this Article refers to as organizational responsibility. Although the terminology differs across accounts, the underlying normative concept that organizational responsibility is meant to pick out is, at this point, commonplace to discussions of corporate criminal law and collective responsibility more generally.[49] Peter French is generally credited with developing the first modern account of organizational responsibility, according to which a corporation’s “internal decision structure” creates the conditions under which the organization can be understood to be morally responsible.[50] Since then, several efforts have been made to refine, deepen, or rework entirely this general framework.[51]

Over the years, several accounts have sought to develop and operationalize a theory of organizational responsibility as it applies specifically to corporate criminal law.[52] Most prominent among these attempts are Brent Fisse’s “reactive fault” model,[53] Pamela Bucy’s “corporate ethos” account,[54] and Bill Laufer’s comparative culpability approach.[55] The particulars of all these accounts differ in ways that don’t impact the discussion here. What matters is they share the starting premise that an attribution rule for criminal liability needs to be responsive to the organization’s systemic role in bringing about the misconduct in question.[56] In other words, criminal liability should be attributed to an organization, instead of just to an individual within that organization, only when the organization itself is somehow to blame for the criminal misconduct. Both these accounts and the notion of organizational responsibility underlying them will receive substantial attention beginning in Part II. But for now, it suffices to note that a direct-liability attribution rule has yet to dislodge respondeat superior as the attribution rule within the doctrine of corporate criminal law—although, as will be seen, these accounts have meaningfully influenced the practice of corporate criminal enforcement.[57]

Second, attempts to shrink the reach of respondeat superior, rather than replace it outright, have nevertheless proved equally unsuccessful. Early courts sought to restrict the scope of respondeat superior by allowing only a firm’s officers, and not just any of its employees, to serve as the predicate individual offender for purposes of corporate liability.[58] This approach was eventually endorsed by the Model Penal Code, which restricted the reach of vicarious liability to “high managerial agent[s].”[59] Under this approach, most instances of criminal liability continued to attach vicariously when the original wrongdoer was sufficiently highly placed in the organizational structure but not otherwise.[60] Although most states adopted this approach,[61] at the federal level, the Model Penal Code ultimately failed to dislodge the prevailing, more capacious respondeat superior doctrine.

Third, efforts to expand respondeat superior beyond its framework tying corporate liability to a single employee have also fizzled. Shortly after New York Central, sporadic judicial efforts sought unsuccessfully to decouple vicarious liability from its individual predicate offender requirement, widening attention instead to “the acts of all its agents,” especially their “combined knowledge and conduct.”[62] This expanded conception of corporate mens rea received renewed scholarly attention at the end of the twentieth century in response to United States v. Bank of New England.[63] Bank of New England was initially read to endorse the proposition that a court may aggregate beliefs held by multiple employees when no single employee’s belief suffices to give rise to criminality, but several employees’ beliefs, when considered together, could satisfy mens rea.[64] However, a few years later, the First Circuit sitting en banc rejected the notion that it had created such a doctrine.[65] And in recent years, only a handful of district courts have entertained the possibility of a so-called “collective knowledge” doctrine.[66]Meanwhile, several circuits have since rejected, albeit in dicta, the collective knowledge doctrine outright.[67]

In short, respondeat superior appeared almost by accident in 1909 as the basis for attributing criminal liability to a corporation. Little has changed since. Over the years, the doctrine has evolved slightly into a more maximalist, but still fundamentally individualistic, doctrine for attributing criminal liability to a corporation. Crucially, respondeat superior preserves the core of its traditional formulation, which makes entity liability necessarily derivative of (virtually any) individual liability.

B.    Respondeat Superior’s Longstanding Overbreadth Problem

Almost immediately upon its introduction into corporate criminal law, and consistently over the century-plus since, respondeat superior has been criticized for being unjustifiably broad.[68] Critics tend to frame their arguments either through a deontic, justice-oriented perspective, or else through a deterrence-centric, economic perspective. Regardless of the framing, the basic complaint remains the same: the criminal law should attribute liability only under conditions where it is reasonable to assign responsibility for wrongdoing to the organization itself. And, whatever this account of organizational responsibility turns out to look like, it shouldn’t include certain types of cases. But, the criticism goes, respondeat superior does include those cases, which makes it overbroad.

Overbreadth is widely understood to be a bad thing: it is disfavored in legal systems generally,[69] especially so with respect to the criminal law.[70] But asserting that a rule like respondeat superior is disfavored for being overbroad is one thing; Part II considers the harder question of when that rule is overbroad. But at least for now, an exhaustive account of what makes responsibility attributions apt isn’t necessary in order to identify circumstances when they are not.[71] Consider briefly three specific examples of employee misconduct that critics identify as evidence showing that respondeat superior is overbroad.

First, respondeat superior does not reward an organization’s generalized efforts to police or prevent employee misconduct. Recall that respondeat superior licenses attribution of criminal liability to an organization solely by reference to a predicate individual offender; it matters only that an individual committed a crime, and that she was within in the scope of her employment when she did.[72] Put starkly, “a corporation’s efforts to prevent such conduct are irrelevant.”[73] As a result, no matter how aggressively a company invests in internal compliance, monitoring, and oversight functions—and no matter how successful these interventions turn out to be in most circumstances—the company can still be held criminally liable if any misconduct slips by.

Critics have long complained specifically about the absence of any consideration of compliance efforts by the rule of attribution.[74] From a deontic perspective, this absence is troublesome because it reflects the extent to which respondeat superior disregards whether the organization is culpable for the misconduct.[75] From a deterrence perspective, the absence of a due diligence defense fares little better. Respondeat superior does not reward diligent compliance efforts: uncovered evidence of employee misconduct provides grounds for organizational liability regardless of the organization’s role in uncovering and reporting the predicate individual offender.[76] Indeed, respondeat superior may actually be counterproductive: the breadth of exposure to liability, coupled with an absence of any reasonable due diligence defense, incentivizes companies to underinvest in their compliance efforts.[77] Investing in compliance, after all, makes it more likely that a company will uncover employee wrongdoing.[78] However, respondeat superior does not reward the diligent company more than the complacent one; the doctrine attributes liability to each without distinction.[79] Why then spend the extra resources when liability is the same, and the likelihood of detection only increases when the company has spent money surfacing wrongdoing that might otherwise have gone undiscovered?[80]

Second, respondeat superior is overbroad to the extent that the doctrine attributes organizational responsibility for crimes committed by “rogue employees.” Whereas worries about compliance are focused on the organization’s general efforts to comply, these cases concern particularized efforts by the firm to prevent specific misconduct. But again, under respondeat superior, any and all conduct by the organization is irrelevant to determining whether attribution is apt.[81] Illustrating this point, courts have previously affirmed corporate criminal liability in cases where either individual misconduct occurred notwithstanding an explicit policy prohibiting this behavior[82] or where the employee acted despite explicit instruction to the contrary.[83] In such cases, the overbreadth criticism is even more straightforward. From a deontic perspective, whatever the organization can be said to be criminally responsible for, it shouldn’t include actions by employees that the organization itself actively sought to prevent. There really are, it turns out, rogue employees and bad apples.[84] Similarly, respondeat superior is “totally ineffectual as a deterrent” in these circumstances.[85] Deterrence presumes that the conduct to be deterred is within the actor’s power to control. Accordingly, holding a corporation responsible for conduct that it has proved unable to control does not—by definition, cannot—deter.[86]

Third and finally, respondeat superior is overbroad because it attributes criminal liability to the organization in some cases where the employee’s crimes were committed against the organization itself. For example, an employee who embezzles funds away from her employer is, by definition, committing a crime while acting in the scope of her employment.[87] Yet, in a handful of cases, courts have recognized that the employee’s conduct could be construed as being within the company’s interest.[88] For example, in United States v. Sun-Diamond Growers of California, an employee siphoned funds from her employer and shared them with a friend and coconspirator—who happened also to be a local politician.[89] On this basis, the organization was convicted of political bribery, with the D.C. Circuit reasoning that, despite the seeming absurdity of the outcome, the doctrine of respondeat superior compelled the result.[90] Again, whatever conditions one thinks give rise to organizational responsibility, surely being a victim of crime cannot be one of them. To that point, it is a general norm of the criminal law that victims should not be prosecuted for crimes committed against them.[91] Likewise, there is no compelling reason for the state to deter companies from being exploited by their own employees; the exploitation is incentive enough.

In short, respondeat superior sweeps in more conduct than is needed. Irrespective of how one characterizes this problem, the doctrine’s broad reach serves neither to reinforce the criminal law’s aim of holding a corporation responsible for the things it, rather than a rogue employee, did wrong nor to deter future criminality by incentivizing the corporation to invest in detection and prevention. As such, respondeat superior is overbroad.

C.    Overbreadth’s Harms Are Manageable and Mostly Managed

Overbreadth presents real problems for corporate criminal law to solve; the world would be better off if the criminal law’s principal rule of attribution hewed more closely to the conduct the criminal law intends to circumscribe. Nevertheless, for all their potential harms, the overbreadth concerns attendant to respondeat superior are overstated because other considerations, both within the criminal justice system and outside it, have conspired to ameliorate the harms anticipated by the doctrine.

  1. Managing Overbreadth Through the Criminal Law

Inasmuch as respondeat superior’s overbreadth is a problem, it is not a problem limited to corporate criminal law. Lots of criminal laws sweep in too much conduct; the phenomenon of doctrinal overbreadth is neither new to the criminal law nor unique to the organizational context.[92] This observation is not an endorsement: depending on one’s priors, overbreadth is either a bad, very bad, or disqualifyingly bad feature of our criminal justice system.[93] However, insofar as overbreadth pervades the modern criminal law more generally, it means that other tools are available, as part of the broader criminal justice system, to help ameliorate the injustice here. Two in particular bear mention.

First is mens rea. Vicarious criminal liability is not strict liability in that the former requires that some predicate individual offender commit every element of the underlying offense.[94] As a result, the underlying criminal statute’s mens rea requirement thus offers a check against the breadth of corporate criminal liability’s attribution rule. In particular, a stringent mens rea element offers what Sam Buell has described as an “underbreadth setoff against overbreadth.”[95] Indeed, this function of mens rea as a limiting constraint motivated recent efforts at criminal justice reform, even if those reforms have not yet produced a systemic scaling up of mens rea requirements in federal criminal law.[96] Still, and efforts at criminal justice reform notwithstanding, white-collar crimes already tend to require satisfying a more stringent mens rea element than do many other areas of the criminal law.[97] The iniquitous potential of vicarious entity liability can thus be further mitigated by the stringency of the initial mens rea inquiry.[98] Conversely, if the mens rea element of the underlying crime is unduly enfeebled, then this presents a generic criminal law problem rather than one unique to the corporate context. Put differently, the harm arising from respondeat superior is derivative of the original sin.

Second is prosecutorial discretion. The normative argument in defense of prosecutorial discretion—as opposed to the idea that it is simply a byproduct of resource constraints—is that the practice provides a non-doctrinal corrective to the inevitable overbreadth of criminal doctrines.[99] Put simply, prosecutors can, and should, decline to push the boundaries of the doctrine.[100] And while appealing to the merits of prosecutorial discretion might scan as naïve or unduly rosy with respect to other areas of the criminal justice system,[101] it has had real purchase in the specific context of corporate crime. Beginning in the late 1990s, prosecutors have gone to great lengths not just to disclaim the full scope of their authority, but also to supplant their plenary authority with detailed guidelines and standards approximating something akin to organizational responsibility.[102] On the one hand, these guidelines are adopted unilaterally: nervous corporate counsel are correct in noting that the specter of a more capacious respondeat superior doctrine looms behind prosecutorial forbearance.[103] On the other hand, in no other area of the criminal law does the federal government feel compelled to commit publicly to detailed guidance about how it exercises its discretion.[104] To this point, many observers now agree that, notwithstanding the enduring status of respondeat superior, the practice of corporate criminal law “is no longer ruled by existing principles of vicarious liability.”[105]

  1. Managing Overbreadth Through Corporate Enforcement

Regardless of how troubling the doctrine of respondeat superior may be in the abstract, structural features of the political economy surrounding the practice of corporate criminal law should ameliorate the concerns of the prior section. Several features inform this assertion.

First, as just mentioned, federal prosecutors have for now over two decades renounced the doctrinal advantage respondeat superior affords them. The government’s renunciation is not purely altruistic. Unsurprisingly in light of its clients, the corporate bar is well-funded, well-trained, and well‑connected.[106] Representative of this external pressure’s influence is the Justice Department’s voluntary abandonment of a mid-2000s practice banning employee indemnification.[107] During this period, prosecutors would pressure corporate defendants to refrain from paying the exorbitant legal bills of company insiders who were being prosecuted, often with the corporation’s assistance to the government.[108] However, amidst heavy lobbying, the Justice Department rescinded this practice on the stated rationale that barring employee indemnification implicated concerns about the individuals’ Sixth Amendment right to counsel.[109] Plausibly this was the right and just result. Still, public defenders would be right to observe that this rationale amounts to providing white‑collar defendants a constitutional right to expensive, private counsel.

Second, even assuming the availability of the advantages that respondeat superior brings to the government, still it remains the case that corporate crime is just difficult to prosecute. For one, as suggested above, compared to other criminal defendants, corporate defendants are extremely well-armed.[110] For another, corporate wrongdoing can be hard to detect because the victims, while very real, are not frequently visible in a manner that connects the harm done back to the organization.[111] And even where the fact of misconduct is salient, it turns out to be difficult for the government to identify the requisite individual predicate offender without recruiting the corporation’s assistance.[112] This complicated relationship between prosecutors and corporate insiders will turn out to matter for the upcoming discussion of underbreadth,[113]but for now it helps to inform the Justice Department’s strategic unwillingness to press the advantage offered by respondeat superior to the fullest.

Third, critics of corporate criminal law have recently complained that the impact of so-called collateral consequences—in particular, regulatory sanctions that attach upon conviction—makes corporate criminal law an especially harsh, uniquely unfair enforcement regime. Some have gone so far as to argue that the mere threat of indictment, much less an actual conviction, promises existential harm to a company.[114] Now first, this alarmism turns out to be false (or at least seriously suspect) as an empirical matter,[115] to say nothing of being broadly dismissive of how destructive modern collateral consequences are to individual defendants.[116] But second, if criminal liability hangs a sword of Damocles over some corporate defendants, that sword hangs over prosecutors too.[117] The risk of existential collateral consequences, if overstated, is a real concern for both sides: the corporation for its own sake, the Justice Department for its long-term reputation—and, by extension, the shorter-term reputation of its prosecutors.[118] Federal regulators in the past decade have made the challenge for prosecutors worse by increasing defendants’ uncertainty about the impact of collateral consequences. For example, the SEC no longer will include a waiver of the worst collateral consequences as part of a criminal settlement, nor will it even inform the corporation before settlement whether a waiver is likely to be granted.[119] Instead a corporation must wait until after the settlement is adopted to request a waiver and take its chances. One of many consequences of regulators’ reluctance, then, is to raise the stakes on prosecutors at the charging stage.

Taken together, there are a variety of reasons not to worry especially about respondeat superior’s overbreadth. That’s not to say there is no problem: defendants are right to complain. Nor does it mean reformers have been wrong or mistaken to call attention to respondeat superior’s overbreadth; plausibly this sustained, critical attention has helped to blunt meaningfully the otherwise sharp edges of this formal attribution rule. All the same, some of the grounds for concern are not problems unique to respondeat superior but instead derive from overbreadth concerns pervasive to our modern criminal justice system. And moreover, over the past two decades circumstances unique to the corporate context have produced a practice that is at once wildly divorced from the capacious doctrine and also more responsive by comparison to some of its critics’ longstanding complaints. As a result, it is now the case that overbreadth concerns about respondeat superior pose a modest, or at least manageable, worry to the function of the broader practice of corporate criminal law.

II.  Diagnosing Underbreadth

Attention to the traditional problem of respondeat superior as overbroad has crowded out attention to a potentially more serious, and more intractable, problem: respondeat superior is too narrow, excluding obvious cases of organizational wrongdoing while capturing genuine cases only incidentally. Worse, these omitted cases are not just any false negatives: the stronger the basis is for assigning responsibility to an organization, the less well-equipped the doctrine is to assign it.

In laying the foundation for this critique, the entirety of which occupies the remainder of the Article, Part II establishes two core points. First, our ordinary, day-to-day social practices reveal a robust, discernible practice of holding organizations responsible for their misconduct. But second, respondeat superior is poorly calibrated to select for apt cases of organizational wrongdoing. This is because the thing that respondeat superior targets, individual liability, bears at best no more than a glancing similarity to the thing that corporate criminal law ostensibly cares about, which is organizational responsibility.

A.    Organizational Responsibility as a Target for Attribution

Criticizing a doctrine for being underinclusive—or, for that matter, overinclusive—implies some independent account of which cases the doctrine should include in the first place. So, how broad should the doctrine be, exactly? What cases should respondeat superior capture?

Following the overbreadth literature, this project uses the concept of organizational responsibility as its touchstone: attribution of criminal responsibility to an organization is apt when conditions are such that we would be disposed to blame the organization, rather than its individual members, for the underlying misconduct.[120] Put another way, when it comes to deciding whether to assign criminal responsibility to either an individual or an organization, the attribution rule employed inside of the criminal law should roughly track the attribution rule that already exists outside it.

  1. Understanding Organizational Responsibility Outside Corporate Criminal Law

Put aside the criminal law for a moment—and really, any consideration of the law. When it comes to our daily lives, we blame organizations for their bad behavior all the time.[121] In ordinary life, no one would be confused if you blamed Amazon for a late delivery; praised Southwest for its generous cancellation policies; lamented Chick-fil-A for its anti-gay lobbying practices; celebrated Apple for its racial equity initiatives; or decried Nestle for its turning a blind eye to child exploitation.[122] There is nothing mysterious or esoteric behind this observation that we routinely attribute praise and blame to organizations as part of our everyday normative practices.[123] Indeed, given the prevalence of organizations in the modern world, it might well be difficult to imagine navigating our everyday lives without engaging in this way of understanding our social world.[124]

Importantly, we engage this normative social practice in predictable ways. By now, ample research into our moral psychology reflects that we appear to be comfortable attributing responsibility to group agents in much the same way, and through much of the same mental architecture, as we blame other individuals.[125] On this point, psychologists have long used the concept of “entitativity” to distinguish groups that are “conceived to be a coherent entity,” for which “an abstracted impression of the group is formed in a similar manner to the formation of impressions of individuals.”[126] High‑entitativity groups are reliably seen as single agents for purposes of ascribing deliberate and intentional conduct[127] as well as normative responsibility judgments.[128]

At this point, our ordinary practices cannot be explained away as loose talk that somehow is meant to refer not to the companies themselves but instead to specific or hypothetical individuals inside the company.[129] Granted, sometimes this view is correct: there are occasions when what looks like judgments praising or blaming an organization should actually be understood as judgments about the individuals inside that organization rather than the organization itself.[130] For example, we might accuse Theranos of lying to its investors—but, if pressed, clarify that we really meant just that its CEO Elizabeth Holmes lied to investors.[131] However, the strong claim—viz., that organizational responsibility judgments are all and always a semantic shorthand for some complicated claim about individuals—cannot be squared with the weight of evidence concerning judgment formation, which confirms that we routinely conceive of organizations as single agents indistinguishable, in this respect, from individuals.[132] Our practices of blaming organizations are distinct and discernible from those blaming members within organizations. And as to the former, our attributions of organizational responsibility are most likely to attach in circumstances where the organization is perceived to be acting as a tight‑knit, cohesive, unified agent.

For-profit commercial enterprises, owing to a combination of pressures from legal doctrines and competitive market forces, turn out to be reliably perceived as just such highly entitative agents.[133] Indeed, business organizations are not just capable of acting in this sort of cohesive, integrated way—synthesizing individual inputs into an organizational output greater than its constituent parts is core to what they are designed to do.[134] Just to name a few successes: business organizations excel at overcoming bounded rationality constraints faced by individual actors,[135] at coordinating the production of nonseparable outputs by teams of individuals,[136] at leveraging the wisdom of crowds,[137] and at establishing nested hierarchies to dramatically improve the speed and accuracy of decision-making processes.[138]

The upshot of this discussion is that the practices surrounding our normative judgments do not meaningfully vary when the objects of those judgments are organizations—and, particularly, commercial corporations—as compared to when the objects are individuals. Our tendency to blame organizations appears to be socially and biologically hard-wired, and corresponds to the degree we perceive the wrongs in question stemming from a cohesive, tightly integrated unit.[139] It should come as no surprise, then, that we blame business organizations for their misconduct, particularly where the harm at issue seems most naturally attributed to the group agent rather than to a discrete, identifiable set of specific members inside the organization.

  1. Situating Organizational Responsibility Inside Corporate Criminal Law

The central framework going forward operates on this premise sketched above, which is that our normative social practices should provide a standard against which to evaluate respondeat superior’s success as an attribution rule. But appealing to normative social practices has struck some as dubious, akin to replacing criminal justice with mob rule.[140] Before moving ahead, then, it is worth responding to two objections that skeptics have raised about the relevance of organizational responsibility to corporate criminal law, with an eye towards clarifying the scope and especially the limits of this approach for the purpose of evaluating respondeat superior.

To start, skeptics have objected to the relevance of our normative practices, at least with respect to organizational responsibility. On this view, the social practice just described is a moral mistake: organizations are simply not proper objects for our judgments of praise and blame and so should not be treated as such.[141] This critique differs from the prior suggestion that we don’t actually lodge judgments of praise and blame against organizations, which concerned whether in fact we have the judgments that it turns out we do.[142] At issue here is a question about our judgments’ metaphysical status—that is, whether our judgments concerning organizations accurately track the contours of the moral landscape. Put sharply, the skeptic’s charge is that it is impossible for an organization ever to be the kind of moral agent capable or worthy of being blamed; therefore, they should not be blamed; therefore, the fact that we do happen to blame organizations in our daily lives is an embarrassing normative mistake, and not one that we or the law ought to take seriously.[143]

This foundational skepticism merits two quick responses—one about the argument itself and one about its relevance to an inquiry into attribution rules. First, on the merits, taking on board the skeptic’s rejection of organizational responsibility requires one to accept both unsettled metaphysical commitments about the nature of moral judgments—what philosophers characterize as “metaethical” claims—and also an unreasonably tight connection between these high-level, metaethical commitments and the content of our moral judgments. However, there’s no particular reason, deriving from inquiry into organizational responsibility itself, to accept the metaphysical commitments underlying this particular metaethical skepticism.[144] To this point, arguably the most influential modern view concerning the nature of moral responsibility—namely, P.F. Strawson’s theory of reactive attitudes—explicitly rejects the need for any such deeper, metaphysical grounding beneath our normative practices.[145] Indeed, if anything, the fact that the skeptic’s metaethical views would require that we disclaim large portions of our ordinary normative practices should provide, by itself, ground to question those views in the first place.[146] Moreover, there is little reason to be confident that somehow resolving the nature of our moral judgments in the skeptic’s favor would bear directly on the content of those judgments of organizational responsibility.[147] To that point, even skeptics about morality itself—not just with respect to organizations but in general—don’t deny that we have a practice of praising and blaming, or that those practices should be taken seriously in the ways we structure our day-to-day lives.[148]

Second, inquiries into the metaphysics of blame have their place, but—the brief tangent above notwithstanding—the instant discussion of attribution rules is not it. To the extent that skepticism about organizational responsibility is worth engaging, it bears on a question beyond the scope of what is at issue here: the normative and conceptual justification for having an institution of corporate criminal law in the first instance. Plenty of ink has been spilled already attempting to extend standard criminal law justifications to organizations: some focus on deterrence,[149] while others emphasize the need for expressive condemnation,[150] retribution,[151] rehabilitation,[152] or incapacitation.[153] And, of course, others see no justification for the practice, casting it as anachronistic, conceptually misguided, or worse.[154] For that matter, there is widespread disagreement even about what kind of justification we should be looking for here: some think that an ultimate answer will depend on features of moral philosophy, while others seek an economic story, and others still a fundamentally political justification.[155]

The relevance of organizational responsibility to the instant discussion is no more than this: to the extent that we are to have an institution assigning responsibility to organizations alongside individuals—that is, taking as given that corporate criminal law is to exist—we should desire for that institution to broadly track our normal practices of assigning responsibility.[156] To be sure, despite a consensus that organizational responsibility is broadly the right target for a rule of attribution, there is little consensus when it comes to the deeper, first-order question about what—if anything—grounds the concept of organizational responsibility itself.[157] But the former consensus still obtains irrespective of what lies beneath our normative practices. So, for example, we should expect that an institution of corporate criminal law treats organizations as if they can be held responsible—even if it turns out that they cannot.[158] And if it turns out the skeptic is right that they cannot, that is a reason to jettison the entire institution rather than a reason to criticize any specific attribution rule within the institution. To put the point slightly differently, the claim of this Article is that our normative practices provide a reliable set of cases toward which an institution interested in holding organizations criminally responsible would be aimed if such an institution were defensible. This claim is entirely compatible with the skeptic’s view that, on first principles concerning the moral status of corporate agents, no such institution turns out to be defensible.

Related to this foundational skepticism is a concern not about the grounds but instead the content of our responsibility judgments. What sorts of corporate misconduct or organizational bad behavior ought to be criminalized—and what role should our organizational responsibility judgments play in drawing these contours? Clearly the two should not be co‑extensive: the criminal law does, or at least should, criminalize only a subset of blameworthy behaviors. For that matter, neither should we naively accept the content of our responsibility judgments as sufficient grounds to license criminal punishment. After all, the content of our folk attributions—whether leveled at an organization or an individual—are subject to any number of systemic biases, which the criminal law should not endorse or exacerbate.[159] To this point, many rightly worry these days about whether we have too much criminal law—either in the sense that there are too many criminal laws[160] or in the sense that the laws we have fail to distinguish wrongful behavior from innocent commercial activity.[161] And, with respect to corporations specifically, questions about the content of the criminal law extend to programmatic inquiries regarding what aspects of ordinary, substantive criminal law should apply to corporations.[162] For example, should the criminal law that applies to individuals be extended en masse to commercial entities as is the case in federal law, or should instead there be corporate‑specific crimes?[163]

As was the case with justification, this Article cannot engage all of these questions about the content of corporate criminal law if there’s any hope to make progress on the attribution challenges attendant to respondeat superior. As such, this project takes both the fact and the existing prohibitions of our federal criminal law as a given, focusing only on respondeat superior’s role as a trans-substantive doctrine of attribution.[164] This is because whatever the content of those criminal prohibitions turns out to be, there remains a further question to be asked regarding misconduct that occurs in a corporate setting—namely, whether responsibility for that misconduct is best attributed to the entity or instead to some individuals within the entity. For example, recognizing that Wells Fargo’s well-documented account-forging scandal was wrong, one still might ask whether it is also criminal—that is, whether the misconduct falls within the strictures of some specific criminal prohibition, and moreover whether it should.[165] But the fact of the matter is that the criminal law does already regulate the misconduct at issue in Wells Fargo’s case.[166] And to the extent that it does, there’s still a distinct question whether this misconduct should be attributed to the company itself, to employees of the company, or both.

In short, both the grounds for, and the content of, corporate criminal law are important, deserving topics in their own right—and for that reason cannot also be the subject of this Article if any progress is going to be made on the problem at hand. More to the point, we don’t need a resolution of these foundational issues to motivate the problems with respondeat superior. As the next section indicates, and as was the case with overbreadth, a comprehensive account is unnecessary to diagnose the doctrine’s underbreadth.

B.    Why Respondeat Superior Misses Its Target

Our social practice is clear: we routinely judge corporations to be responsible for their misconduct. Equally clear is that there is a gap between the set of circumstances in which we are inclined to blame organizations for bad behavior and the instances in which the criminal justice system is able, much less interested, to convict those organizations. The content of the criminal law accounts for some portion of this gap. But beyond this, and of interest here, respondeat superior picks out an even narrower subset: those cases where all elements cohere in a single individual.

Respondeat superior is a bad attribution rule because it selects individual responsibility as a proxy for organizational wrongdoing.Respondeat superior, after all, is a rule of vicarious liability: the corporation cannot be held criminally responsible unless some individual can be held criminally responsible. As a result, the doctrine presupposes a dubious assertion about the interplay between individual responsibility and organizational responsibility that, if anything, gets the relationship between these two concepts backwards. Because first, organizational responsibility and individual responsibility are analytically distinct judgments, which can operate independently of each other. And second, to the extent these distinct sorts of judgments do happen to interact, evidence of an individual’s responsibility tends to undermine, rather than reinforce, organizational responsibility.

  1. Respondeat Superior as an Irrelevant Proxy

What does it mean to say that individual responsibility and organizational responsibility operate independently of each other? To ground the discussion, consider two instances of clear, acknowledged organizational wrongdoing. First, British Petroleum (“BP”) was convicted of seaman’s manslaughter for causing the 2010 Deepwater Horizon explosion, which killed eleven workers and produced the largest oil spill in history.[167] This disaster was the tragic, and tragically predictable, culmination of years of “systematic failures in risk management” powering BP’s infamously lax “safety culture.”[168] For example, over the five years prior, federal regulators assessed BP with 760 “egregious [or] willful” workplace safety violations, amounting to ninety‑seven percent of all violations industrywide.[169] And during this same period, at just one of BP’s refineries, thirty other workers were killed in four separate accidents.[170] More to the point, all four accidents traced to inadequate safety equipment and lax procedures that BP knew about, was under judicial order to correct, and yet chose not to address.[171] Second, consider the Pacific Gas & Electric Company’s (“PG&E”) admission that, in November 2018, it started what was then the deadliest wildfire in California history.[172] This weeks-long conflagration, now known ominously as “the Camp Fire,” killed eighty-five people and came less than a year after a separate wildfire, started by PG&E, killed forty-seven people.[173] These were not isolated, unpredictable incidents: similar to BP, PG&E systematically disregarded known safety concerns about its equipment and procedures, which produced 1,500 fires in the previous six years.[174] In the case of the Camp Fire, PG&E hadn’t inspected the equipment that started the fire for more than fifteen years—and this despite the fact that the equipment had been manufactured during the Woodrow Wilson administration.[175]

Hopefully, these facts more than suffice to motivate the intuition that BP itself is to blame for the Deepwater Horizon Spill, and PG&E is responsible for the Camp Fire—conclusions that both organizations admit in their guilty pleas.[176] But notice that whether these companies are perceived to be at fault—or more precisely, whether members of society are disposed to judge the company itself as being responsible—is not dependent on our being able to identify, or even there being, some individual who we first judge to be at fault for the same misconduct. Indeed, it should strike us as implausible to say that any such judgment that we might entertain about BP or PG&E is conditional on there being at least one employee responsible for the same conduct. In other words, whether or not some specific individual could be identified who also committed the same wanton disregard for human safety does not preclude our judging that BP or PG&E did something wrong. To the extent that viewing a description of the malfeasance gives rise to a judgment that the company did something wrong, that judgment is at most insensitive to the identification of any one individual inside the corporation committing the wrong.

Two clarifications are worth making here. First, pointing out that organizational and individual responsibility are analytically independentof each other is not the same as saying that they are exclusive of each other. It may well be an apt description of some misconduct that the corporation is to blame for some harm and also some individual is to blame for her role in contributing to that same harm. To continue with BP as an example, there really were individuals who plausibly committed all elements of the crimes—principally, seaman’s manslaughter—for which BP pleaded guilty.[177]

But just as organizational and individual responsibility need not be exclusive of each other, neither must they always travel together: it’s a purely contingent, empirical matter whether in a given circumstance both judgments simultaneously bear out. Rather, to say the two are independent of each other is to say that coming to a judgment that an organization did something wrong does not require first judging that some discernible individual inside the organization did something wrong. In the words of philosopher Margaret Gilbert, “What does the blameworthiness of the collective’s act imply about the personal blameworthiness of any one member of that collective? From a logical point of view, the short answer is: nothing.”[178] Yet a tight connection between organizational responsibility and individual responsibility is precisely what respondeat superior requires of corporate criminal law. The fundamental flaw of respondeat superior is that it treats organizational responsibility as necessarily derivative of an individual’s responsibility for the same misconduct. Respondeat superior thus stipulates to a particular grounding relationship between individual responsibility and organizational responsibility, according to which the criminal law should concern itself with the latter only in circumstances where the former is present.

Second, the independence of organizational responsibility from individual responsibility can be easy to miss because there is an important, but crucially distinct, notion of responsibility for which the former might reduce to the latter. The confusion here stems from a semantic ambiguity—common to both the law and everyday discourse[179]—between responsibility as a factive, causal concept and responsibility as a normative or legal judgment.[180] Causal responsibility may be necessary for culpable responsibility,[181] but certainly it does not suffice: that you wore an Ohio State jersey into the Michigan stadium on game day might explain why someone threw a drink on you, but it doesn’t mean you deserved it.

When it comes to organizational behavior, it is conceivable that there exists some level of description for which the organization’s causal role in bringing about a state of affairs can be eliminated, redescribing the event solely by reference to the behaviors of individuals within the organization.[182] Put another way, an organization’s conduct, and thus its misconduct, may be reducible (at least in principle) to a complicated description that appeals only to individual agents’ causal contributions. Indeed, that such a level of description is accessible—and worth accessing, even if only partially—is a central premise underlying methodological individualism, commitment to which remains a hallmark of many social sciences.[183]

Many find this reductive view of organizational behavior intuitively appealing—how else could organizations act except through individuals? However, it bears emphasizing that the simplicity of this idea belies the fact that such a reduction would be “infinitely more complicated” to carry out than first appears.[184] It would not suffice, for example, to describe only the specific events in question, but will further be “necessary to analyse the rules and conventions binding men together in collectives into statements about individual behaviour, attitudes, and dispositions.”[185] A complete accounting even of discrete events like the Deepwater Horizon spill or the Camp Fire would be unimaginably complicated: for example, redescribing the persistent, pervasive disregard for safety that shaped contemporaneous employees’ behaviors would have to be accounted for by reference to the entire past lineage of individuals’ participating in and contributing to what is otherwise captured by terms like corporate culture.[186]

More importantly, accepting the metaphysical promise of this sort of reducibility does not settle the further, separate normative question—and treating it like it does amounts to trading on distinct notions of responsibility. Supposing that a causal description comprised entirely of individual contributions could exist does not negate the existence of a separate description of that event, which does appeal to the organization’s agential status; more to the point, neither does the mere possibility of the former supplant or trump the actual explanatory validity of the latter.[187] The person who throws her drink on your jersey is not likely to convince you that she is not to blame merely because there exists a possible redescription of the encounter that makes no appeal to human agency, accounting for these interactions solely in terms of quarks and leptons.[188] Relevant here, the claimed independence between organizational and individual responsibility is not making a causal or metaphysical point about organizations acting independently from individuals.[189] And to conclude from the bare possibility of reduction that organizational responsibility too is necessarily reducible to individual responsibility is to engage the fallacy of equating causal responsibility with culpable responsibility.

In summary, respondeat superior treats an individual’s responsibility for misconduct as the basis and precondition for ascribing responsibility to her organization. However, to the extent that viewing a description of wrongdoing gives rise to a judgment that an organization did something wrong, that judgment is analytically insensitive to the identification of any one individual inside the corporation committing the wrong.

  1. Respondeat Superior as a Destructive Proxy

If the independence point above is overstated slightly, amending it only makes things worse for respondeat superior. Because inasmuch as our organizational judgments are sensitive to concurrent judgments that some individual member is responsible, those judgments are sensitive in the opposite direction from what the doctrine of respondeat superior anticipates.

As before, consider an example to motivate the intuition. In the run-up to the 2008 financial crisis, the foreclosure-processing company DocX “forged or created out of whole cloth” over one million documents, many of which served as the primary, or even exclusive, basis for foreclosure.[190] During this period, collection agencies would purchase, at a steep discount, tranches of poorly documented, frequently inaccurate, debt records. Without bothering to verify the accuracy of these records, DocX would “recreate” missing mortgages, securitization agreements, and even complete debt packages, thus providing the collection agency everything it needed to foreclose.[191]

Similar to BP and PG&E, it seems reasonable at first pass to blame DocX for perpetrating a pervasive, years-long scheme. However, upon further investigation, it turns out that DocX’s president designed, oversaw, and frequently refined the mass forgery mill—for just one anecdote, she personally taped to every “employees’ desks forged signatures for them to copy.”[192] DocX’s workforce, meanwhile, consisted primarily of temporary, sometimes unauthorized, employees working in sweatshop conditions under domineering oversight and close supervision, with many being fired immediately if they fell short of onerous quotas.[193] Learning this further information likely does not strengthen or confirm the judgment that DocX is at fault—despite what respondeat superior would suggest. More plausibly, these details weaken one’s initial instinct to blame the organization; DocX looks less like an autonomous wrongdoer and more like the president’s alter ego. A similar story could be told about Theranos—at least based on allegations to date—which paint Holmes, in coordination with the Theranos President Sunny Balwani, as almost entirely responsible for orchestrating, executing, and concealing even from other employees Theranos’ fraud.[194]

More generally, finding out that a random employee happened to commit the same predicate offense as being attributed to the corporation may not by itself make us more likely to judge the institution as responsible—but it might make us less likely to blame the organization. And the literature on scapegoating and collective responsibility provides further support for this finding. While scholars have documented a robust tendency to ascribe judgments of praise and blame to organizations we perceive to show a high degree of internal cohesion and entitativity,[195] the same research suggests that singling out a responsible individual inside the organization tends to weaken our judgment of organizational responsibility.[196] In practice, our judgments tend to be inversely correlated: “The more a group is attributed a group mind, the less members of that group are attributed individual minds, and vice versa.”[197] Part III discusses the ways in which organizations have weaponized this tendency to trade off between organizational and individual responsibility.[198] Regardless, the broader takeaway here is that identifying a culpable individual doesn’t strengthen or even confirm our judgment of institutional fault as much as it calls them into question.Yet notice again that respondeat superior operates in precisely the opposite direction. Corporate fault, on the doctrinal view, is necessarily derivative of individual fault rather than independent of it or inversely related to it.

To summarize the dialectic of Part II: first, there exists a reliable, cogent practice of blaming organizations for their misconduct—viz., organizational responsibility. Second, for purposes of corporate criminal law, respondeat superior enshrines individual liability as a proxy for, or at least a necessary condition of, organizational responsibility. But either individual liability and organizational responsibility are unrelated to each other, or else they interact in a manner exactly opposite to what respondeat superior is meant to accomplish.

 III.         Evaluating Underbreadth

Part II exhausted an important, if modest, point: respondeat superior is an imperfect proxy for organizational wrongdoing. It is imperfect, moreover, in ways that suggest respondeat superior is underinclusive of organizational responsibility: the doctrine has the potential to exclude instances of organizational wrongdoing, focuses attention on individual predicate offenders even when that attention is irrelevant, and even threatens to undermine the stability of organizational responsibility judgments in cases that the doctrine does manage to reach. Moreover, this disconnect between normative practice and legal doctrine poses predictable, if underappreciated, consequences for corporate criminal enforcement.

A.    Underbroad in Principle: The Cases Respondeat Superior Leaves Behind

Because respondeat superior limits corporate criminal law to cases where a predicate individual offender exists, the doctrine predictably excludes instances of organizational responsibility from the ambit of corporate criminal law. In other words, respondeat superior is underbroad. Specifically, the doctrine excludes two predictable classes of organizational responsibility judgments from criminal cognizance: cases where no individual exists and cases where no individual can be found. Both circumstances are more plausible than one might at first appreciate—moreover, both are positioned to occur more frequently with the rise of algorithmic governance.

  1. Dispersed Wrongs and Collective Harms

Can an organization be responsible for a crime when no individual inside the corporation is also responsible? Armed with the distinction between causal responsibility and culpable responsibility, clearly the answer is yes. Ordinarily, corporate misconduct—and corporate conduct generally—does not reduce to the causal contributions of a single individual. To state the obvious, it would be a poorly designed organization of any scale if it functioned this way; the value of organizations comes from combining the talents of lots of individuals, not from isolating discrete inputs.[199]

As applied to corporate criminal law, it is perfectly plausible that an organization deemed culpably responsible as part of our ordinary social practice would commit all elements of an associated crime even where the elements of the predicate offense fail to cohere in a single individual inside the organization but instead are dispersed throughout the organization. At its most basic, the modal crime consists of three elements: an actus reus, a mens rea, and a requirement that these two elements occur concurrently within the same person.[200] But in the context of corporate criminal law, all three can be dispersed.

First, the actus reus can be dispersed across individuals within an organization. In reality, most corporate actions actually are dispersed across individuals within an organization,[201] and potentially criminal acts are no exception. Take a painfully simple example: seeking to corruptly gain favor with a foreign public official, the board of Fantasy Corp. votes to acquire that official’s separate private business in clear violation of the Foreign Corrupt Practices Act.[202] The board’s approving this corrupt purchase clearly satisfies the FCPA’s actus reus requirement.[203] And yet, no single board member committed, or even could have committed, the act in question. The board’s vote is necessarily a collective action: a board’s vote to act cannot occur, by definition, without a majority of board members assenting. As a result, even though the board’s action is clearly traceable to the discrete contributions of individual board members, no individual board member is individually capable of committing the act in question.[204]

The simplicity of this example brings into stark relief the sorts of cases of organizational responsibility that respondeat superior threatens to exclude by ruling out liability when the actus reus is dispersed across multiple individuals. Strictly speaking, if no individual committed the actus reus, then neither could the corporation.[205] And yet, it is difficult to imagine a more blatant act of corporate criminality, the kind of evidence of a prosecutor dreams to uncover, than a recorded vote by the board of directors to knowingly commit a crime.

Second, mens rea can be dispersed throughout an organization. Part I.A touched on a version of this dispersion in discussing the viability of the collective knowledge doctrine.[206] The sort of case imagined here is one where no single employee possesses information sufficient to satisfy the requisite mens rea, but where nevertheless said information exists across several individuals inside the organization.[207] To be sure, there is little reason to think that the collective knowledge doctrine remains,[208] if it ever was, good law. And critics of the doctrine may well be correct that reviving it would in practice sweep in too many cases that satisfied the letter of the law but lacked any notion of genuine organizational wrongdoing—in other words, the collective knowledge doctrine would render respondeat superior (even more) overinclusive of organizational responsibility.[209] But while this empirical claim may bear out depending on further facts on the ground, the conceptual point remains: respondeat superior excludes from the criminal law instances of organizational responsibility where many individuals taken together, but no one individual, satisfy the predicate offenses’ mens rea requirements.

Meanwhile, research in the past several years has significantly advanced our understanding of what it means to attribute an attitude to an organization that is distinct from attitudes traceable to individuals inside the organization. Professors List and Pettit, for example, have modeled conditions whereby an organization can express a belief or attitude the entirety of which is not held by any of the individuals constituting that organization.[210] In its purest form, these models, responding to what is termed a “discursive dilemma,” are meant to capture more than a brute aggregation of partial beliefs; such an approach imagines the use of decision-making protocols that produce collective beliefs that are autonomous—that is, not held by an individual member—corporate beliefs.[211] For a non-corporate example, consider that when an appellate court panel releases a decision containing multiple concurrences and dissents, the result is often a series of holdings all of which are endorsed by the panel but none of which are all endorsed by a single judge.[212]

Meanwhile, legal expressivists have pointed out that what the law actually tracks with respect to mens rea is not whether an individual possesses certain proscribed mental states—because, among other things, there is no conceivable way for the state to access directly a person’s mental states.[213] Rather, attributions of mens rea turn on observable conduct, which can be publicly interpreted as expressing some of the underlying, potentially proscribed, mental states.[214] Understood in this way, it’s relatively straightforward to imagine circumstances where individual actors behave in ways expressive of an attitude held by the organization, despite no one actor herself holding that attitude.[215]These developments suggest that the collective knowledge doctrine turns out to be one species of a broader genus of dispersed mens rea cases. At the same time, dispersed mens rea appears to be a comparatively exotic genus of a much broader, more prosaic family—namely, those instances where the attitudinal contributions to organizational wrongdoing are dispersed across multiple individuals.

Third, respondeat superior excludes instances of organizational responsibility where each element of the crime is satisfied by some individual, but not all elements are satisfied concurrently by the same, single individual. Collective actions might offer the most blatant exclusion, and collective attitudes the most conceptually interesting—but dispersion of the elements of a crime throughout an organization is, if comparatively prosaic, almost certainly the most common. Countless corporate scandals are characterized by precisely this disconnect between the harm carried about and the attitude or belief needed to make that harmful act criminal: DocX instructed employees to “recreate” mortgage documents, but the employees forged the documents themselves.[216] Theranos’s engineers had yet to create a successful product, but only executives knew that it was actually being sold.[217] Wells Fargo insisted its employees meet strict quotas that were virtually unattainable absent rule-breaking, and then left the employees to break the law on their own.[218] Boeing engineers underdesigned its AirMax’s safety systems, but sales and marketing teams lied about the plane’s software and hardware changes.[219]

More generally, this disconnect between an organization’s bad act and bad attitude is routinely used to explain why senior executives are rarely individually prosecuted for a company’s misconduct.[220] That is, those senior executives best situated to satisfy a crime’s mens rea requirement are frequently far removed from the action, and so they cannot plausibly be described as carrying out the actus reus.[221] Indeed, this disconnect helps to explain—though not justify—the prevalence of prosecutions against low‑level managers in cases of major organizational wrongdoing: they are the organizations’ Goldilocks candidates as far as the criminal law’s concurrence requirement is concerned.[222] Regardless, the broader point remains that respondeat superior fails to capture cases where the organization satisfies all elements of a given offense in circumstances but where no one individual inside the organization satisfies all elements of the offense.

  1. Nonseparable Wrongs and Epistemic Uncertainty

We’ve now seen how respondeat superior excludes instances of organizational wrongdoing where a crime’s key elements are dispersed across individuals within the organization. Implicitly, this discussion presupposed that no single individual within the corporation actually committed the underlying crime.

But respondeat superior also excludes a distinct, albeit related, set of circumstances: organizational wrongdoing for which it is impossible to determine whether any particular individual committed the predicate offense. To be clear, the cases of interest here are not those where ordinary proof problems impede prosecution; proving a criminal case can be hard for myriad reasons that have nothing to do with the relevant attribution rule.[223] Rather, of concern here are circumstances where the same organizational design features that make business entities such impressive vehicles of economic creation also make it nearly “impossible to ascertain” whether a single “individual’s contributions rise to the level of criminality.”[224]

Recall that a defining characteristic of organizations’ successes is their ability to encourage and facilitate the synthesis of individuals’ inputs into an output greater than the sum of its parts; a well-designed organization aggregates and synthesizes information from lower members, pushing anonymized information up to decision-makers, who can then push down orders to act.[225] But equally crucial to the discussion here is that these processes tend to be unidirectional, such that “it is difficult, solely by observing total output, to either define or determine each individual’s contribution to this output.”[226] That is, organizational structures are very good at synthesizing individual inputs into a collective output but often do so in a manner that makes it nearly impossible to reverse-engineer from that output who put what in, or how much that specific input mattered to the final output.[227] Organizational and management theorists describe the result of such collaboration as nonseparable “team production.”[228]

So foundational is nonseparability to organizational design that it motivates one of the dominant conceptions of modern corporate activity: Blair and Stout’s “team production theory” of the corporation.[229] Blair and Stout note that “because the outcome of their [team members’] efforts—a successful product—is nonseparable, it may be impossible to determine who is ‘responsible’ for what portion of the final output.”[230] Of course, there is disagreement over whether the nonseparability of teams’ production motivates the best explanation of corporate behavior, as Blair and Stout argue, or whether it is merely an important facet of the story.[231] Nevertheless, even this disagreement is instructive. For example, Stephen Bainbridge has suggested that the practical impact of nonseparable team production fades once attention shifts from individual employees to the intra-firm hierarchies (i.e., different business departments or divisions) in which those individuals are embedded.[232]

One needn’t take sides in the intractable debate over theories of the corporation to appreciate the relevance of team production on corporate criminal law. On the one hand, respondeat superior requires identification of an individual predicate offender as a prerequisite to corporate criminality. On the other hand, a well-functioning organization is built upon processes that render the possibility of such an “easy reduction” practically impossible.[233] Indeed, Bainbridge’s response to team production theory—namely, that team production is nonseparable at the individual level but discernible at a department level—highlights just how disconnected respondeat superior as a legal doctrine is from characterizing individuals’ activity within a firm.[234] The doctrine of respondeat superior forbids courts to resolve organizational responsibility at the level of mediating hierarchies; criminal liability requires pushing all the way down to the level of individual contributions.

Respondeat superior’s nonseparability problem is the practical upshot of the analytic claim developed in Part II.B, which is that whether we judge an organization to be responsible does not turn on whether there exists a predicate offender—even if it turns out that there is one. For all we know, it may well be metaphysically necessary that all corporate conduct (and misconduct) be reducible, in principle, to the causal contributions of discrete, discernible individuals.[235] It’s just that metaphysical necessity doesn’t have much to say about the nature of normative judgments, and definitely has less to say about the mechanics of criminal investigations. Pointing out that corporate misconduct is always traceable to individuals—much less to a single individual as respondeat superior requires—is a bit like telling a hiker lost in the woods not to worry because, in principle, there’s a way out of the wilderness.

  1. Algorithmic Wrongs and the Future of Governance

Respondeat superior has always been underbroad; the potential for dispersion problems and nonseparable production arise from the doctrine itself. That said, the impacts of these disconnects between legal doctrine and normative practice are set to grow qualitatively more acute. This is because advances in algorithmic decision-making processes—and particularly those captured under the banner of “machine learning”[236]—have begun to restructure business organizations’ outward-facing behavior and internal corporate governance structures in a manner that has already begun, and will only continue, to exacerbate the impact of respondeat superior’s underbreadth.

Formerly the exclusive province of high-tech firms, machine learning has recently begun to infiltrate broad swaths of the business world.[237] Firms are increasingly building procedurally generated algorithms into their business models; machine learning is already being used to improve sales and marketing,[238] recruitment and hiring,[239] fraud detection,[240] predictive maintenance,[241] and supply chain management.[242]

In response to this proliferation, scholars have begun to interrogate the law’s role in managing the risks that arise alongside our increased reliance on algorithmic decision-making.[243] In doing so, some have noticed parallels between machines and corporations, speculating that both can be conceived of as species within a broader genus of artificial, intelligent agents.[244] With respect to the criminal law specifically, several have already considered whether to extend criminal liability directly to the algorithm itself—including by drawing comparisons to the criminal law of corporations.[245] Melding the two lines of inquiry, Mihailis Diamantis has recently argued that the criminal justice system should respond to algorithmic misconduct derivatively by means of corporate criminal liability.[246]

Gone overlooked in these discussions analogizing between corporate crimes and algorithmic misconduct is the impact that the latter is likely to have on proving the former. Machine learning’s widespread adoption threatens to undermine the corporate criminal law that we currently have by exacerbating respondeat superior’s inadequacies as a rule of attribution—namely, that the doctrine excludes instances of both nonseparable and dispersed corporate wrongdoing.

Start with nonseparability. As noted previously, the “easy reduction” implicit to respondeat superior’s approach to attribution has long been implausible as a matter of practice.[247] However, machine learning promises to make it impossible as a matter of design. The power of algorithmic procedural methods derives from their ability to produce predictions or recommendations by mining complex patterns across massive data sets using procedures that do not rely on explicit guidance from programmers.[248] As a result, and while the outputs of this process are valuable, the process itself by which an algorithm arrives at them are often “inscrutable”—that is, the rules applied are “so complex, numerous, and interdependent that they defy practical inspection and resist comprehension.”[249] Even though we have access to the complete set of inputs, the full code used to process those inputs, and the ultimate outputs, we cannot reliably explain how those inputs were converted to outputs.[250] And even if we succeeded in summarizing the conversion of inputs to outputs, the contribution of any particular input might depend heavily, and unpredictably, on the presence of another input.[251] In short, the price of sophisticated algorithmic decision-making is the introduction of an ineliminable form of computational opacity.[252]

The introduction of computational opacity into both corporate decision‑making and governance threatens to make respondeat superior’s nonseparability problem substantially worse. This is because the opacity in question is not one that can be avoided or resolved through, say, better computer code: “Machine learning models that prove useful . . . possess a degree of unavoidable complexity.”[253] As a result, to the extent that organizations turn these technologies inward, using them to improve corporate governance practices,[254] it will become impossible to trace back individual employees’ contributions. In other words, machine learning only exacerbates team production’s irreducibility problem.

As to dispersion, algorithmic decision-making procedures increase the likelihood that a company will act or act for certain reasons that do not cohere within a single individual.[255] For one thing, the sheer quantity of decisions reached through algorithmic processes cannot feasibly be replicated by employees. Technology platforms like Facebook, Twitter, and other social media companies would have to increase their workforces to ludicrous sizes just to match the number of decisions executed by these companies’ user preference algorithms. The aforementioned responsibility gap has historically been used to describe the disconnect between management’s potentially criminal attitudes and employees’ potentially criminal acts.[256] However, as firms’ actions are increasingly virtual, a similar disconnect looms between the intentions of those deploying algorithms and the actions those algorithms produce. Meanwhile, although algorithms themselves may be proprietary to a particular firm, their technical development regularly relies on open-source software communities.[257] As a result, insofar as the task of reducing firm outputs to individual contributions was already difficult, communities like GitHub threaten to explode the level of complexity in a manner that makes porous the boundaries between firm and market.[258] Taken together, and for all its promise in other areas of law and commerce, machine learning threatens to make both pre-existing dispersion and nonseparability problems worse.

B.    Underbroad in Practice: The Enforcement Consequences of a Mistargeted Attribution Rule

The doctrine of respondeat superior is underbroad, excluding from the criminal law’s cognizance attributions of organizational responsibility in the absence of a predicate individual offender. On the other hand, the enforcement landscape surrounding corporate criminal law can diverge, sometimes wildly, from its formal doctrines.[259] This divergence is particularly visible with respect to respondeat superior’s overbreadth, whereby a combination of prosecutorial innovations and industry pressures have produced a “richer version of entity liability . . . in the shadow of respondeat superior.”[260] So, if respondeat superior is underbroad in principle, what consequences follow in practice?

  1. How Not To Think About Underenforcement

It is tempting to frame the practical consequences of underbreadth by asking which cases are being missed—that is, by seeking to identify instances of organizational wrongdoing that otherwise would have been prosecuted but for the doctrine’s underbreadth. After all, in discussions of overbreadth critics identify specific organizational convictions they believe to have been unjust or inefficient.[261] However, this counterfactual approach is a non-starter for two distinct, albeit overlapping, reasons.

First, an asymmetric absence of evidence makes it qualitatively more difficult to investigate the impact of respondeat superior’s underbreadth on enforcement as compared to its overbreadth. This asymmetry is primarily a function of the fact that prosecutors exercise exclusive authority in deciding which cases to prosecute and, more importantly for these purposes, which cases not to prosecute.[262] With respect to the latter, the Justice Department’s longstanding policy is to remain silent concerning investigations in which it ultimately decides not to bring charges.[263] Although prosecutors occasionally publicize their declination decisions in high-profile cases,[264] silence is especially warranted where declination would create the impression that the non-defendant nevertheless is culpable.[265] What results is an absence of direct evidence to confirm whether and to what extent respondeat superior’s underbreadth results in potential cases going unresolved due to the lack of, or an inability to identify, an individual predicate offender. Relatedly, even where a conviction obtains, it may still be difficult to evaluate whether respondeat superior’s underbreadth hampered, or otherwise influenced, that specific outcome. As with the rest of the criminal law, most organizational prosecutions are resolved through a guilty plea or prosecution agreement.[266] Meanwhile, a business organization may well have prudential reasons to accept a plea or settlement agreement notwithstanding its suspicion that the Justice Department would not prevail in a court of law.[267] Accordingly, the government is not often required to prove its case.[268]

Second, the resourcefulness of prosecutors, combined with the open‑textured, inchoate nature of certain white-collar statutes, complicates efforts to assess counterfactually the impact of respondeat superior’s underbreadth in any particular case. Epistemic challenges aside, there is a more basic measurement question about what outcomes would count as specific instances of underenforcement. For illustration, return to Fantasy Corp.—which, to recall, did not violate the FCPA when a majority of its board voted to break the law because no one board member, through her vote, could have alone violated the law.[269] Viewed in isolation, these facts provide a stark illustration of underbreadth. But on the other hand, if a prosecutor’s ambition were to hold the organization responsible somehow for its wrongdoing, likely the criminal law provides further options. For one, the same evidence may suffice to bring a lesser or related charge. Even if no board member violated the FCPA, for example, each likely conspired to do so.[270] Alongside inchoate crimes, some white-collar statutes are similarly open textured; a handful even forgo traditional elements like mens rea entirely.[271] For another, we might easily hypothesize that some subsequent event executing the board’s vote—approving a wire transfer for the funds voted on by the board, for example—sufficed to tie a single employee to the FCPA elements. If so, then the board vote would have created the material conditions for bringing charges but not the legal predicate for doing so, while some further employee provided the pretext for the charge.[272]

In short, it is difficult to measure specific instances of underbreadth owing to structural features of the broader enforcement landscape. Viewed from a narrow perspective, one might thereby conclude that there is no underbreadth problem on the facts hypothesized: charges could be brought against Fantasy Corp. related to its wrongdoing. More generally, one might suspect that prosecutors will not let prominent cases of organizational responsibility slide—or, at least, will not miss such cases merely because the doctrine puts the case formally beyond their reach.

At the extreme, this cynical take ostensibly calls into question whether respondeat superior’s doctrinal shortcomings actually matter for enforcement. But to be abundantly clear, it does so by jettisoning the rule of law. Even when the grounds for organizational wrongdoing are overwhelming, the state has a duty to bring charges only when its case will “probably be sufficient” to prove all elements of the crime.[273]Moreover, this characterization papers over fundamental worries about the doctrine’s shortcomings and the impacts of those shortcomings on corporate criminal enforcement. Falling back on lesser charges—not because of the absence of evidence, but because the attribution rule excludes what should strike us as straightforward evidence of patently organizational misconduct—may be an excusable reaction to a doctrine’s shortcomings. But we shouldn’t mistake settling for or sidestepping the consequences of an underbroad attribution rule for a defense of that rule. And it is no critique of respondeat superior’s underbreadth to say that the government could get away with disregarding or obscuring the problem in practice; if anything, highlighting the ways in which respondeat superior is underbroad brings into relief the prospect of deeper enforcement problems.

  1. Underbreadth’s Enforcement Pathologies

Marshalling direct evidence of underbreadth’s impact in any specific case is challenging. Nevertheless, it does not follow from these challenges that underbreadth is irrelevant: an absence of direct evidence is not evidence of absence.[274] Respondeat superior’s underbreadth is by now so ingrained that it can be easy to overlook the extent to which it contributes to well-known features plaguing corporate criminal enforcement.

A more fruitful strategy, then, is to highlight the pathologies of respondeat superior’s underbreadth—that is, the predictable consequences that this underbroad attribution rule might be expected to have on the broader enforcement landscape. To be clear up front, surfacing these pathologies is not the same as claiming they provide the exclusive, or even primary, explanation for our corporate criminal practices; myriad other factors likely matter and may turn out to predominate any given explanation. On the other hand, these pathologies are at the very least consistent with broad developments in corporate criminal enforcement. Especially considering how little attention underbreadth has received over the years, they merit serious consideration here.

Start by isolating these pathologies of underbreadth. Given the prior diagnosis of which sorts of cases respondeat superior excludes and why, what are some likely mechanisms through which underbreadth might bear on enforcement? First and foremost, we should expect that circumstances involving either dispersion, nonseparable production, or algorithmic decision-making will make it generally challenging, if not practically impossible, to identify a predicate individual offender.[275] Second, the likelihood of detecting and identifying an individual wrongdoer will be lower for an observer outside the organization as compared to an observer inside it.[276] All things being equal, we should expect that prosecutors will be in a considerably worse epistemic position than managers to identify, with sufficient granularity, the contributions of any given individual within the organization. And third, many of the underlying, structural features driving respondeat superior’s underbreadth are features of scale; robust, complex organizational governance structures tend to be a response to size.[277] As a consequence, the larger an organization is, the less likely it is that any one individual will be in a position to carry out all elements of a crime. Similarly, a large organization is more likely to synthesize employees’ inputs into a collective output through processes that make it difficult to later separate out individual contributions.

How do these pathologies of underbreadth bear on enforcement? First, they imply that firms will be broadly difficult to convict, and moreover that smaller organizations will be overrepresented among the convicted. And as it turns out, this prediction is consistent with well-documented, oft-lamented features of the enforcement landscape. For one thing, the overall rates of corporate prosecution are consistently low; there is widespread consensus that corporate criminal law is infrequently enforced both in absolute terms and relative to other areas of federal criminal law.[278] And while there is a range of explanations for why organizations are infrequently prosecuted, one routinely noted by current and former prosecutors is just that prosecuting corporate crime is hard: bringing a case against an organization poses a series of challenges not presented by other types of prosecutions.[279] And of course, a central force contributing to this challenge is the exacting requirement that a single, predicate offender be identified as a basis for prosecution.[280]

Meanwhile, enforcement is not just infrequent, but moreover skews disproportionately toward smaller organizations.[281] Specifically, a majority of corporate criminal prosecutions are brought against organizations with fifty or fewer employees.[282] To be sure, we should be careful not to overread the data; prosecutors do succeed in securing convictions of large organizations or their subsidiaries, as was the case with BP and PG&E. Nevertheless, the broader trend is consistent with the observation that the leading forces contributing to underbreadth are also likely to correlate with scale. Among other reasons why small firms attract more attention from prosecutors than do large firms, it is more likely the case in a small firm that a discernible, individual predicate offender actually exists.[283]

Second, the pathologies of underbreadth are likely to influence enforcement strategies—that is, not whether core cases of organizational wrongdoing are brought, but instead how they are being brought. Over the past two decades, organizational cooperation has become a hallmark of the Justice Department’s enforcement practices. Prosecutors rely heavily—through both sticks and carrots—on firms’ cooperation for investigating corporate crime.[284] Again, several forces conspire to explain this trend, but a central one is that prosecutors are poorly situated to conduct an investigation themselves. It is beyond the scope of this Article to provide a comprehensive account of the quasi-administrative regulatory practice that has resulted from this sustained emphasis on cooperation—or, for that matter, to exhaust the interplay among prosecutors, firms, employees, and the law firms that increasingly serve as intermediate, independent investigators.[285] However, a handful of specific incentives are worth calling out both for their troubling nature and because of their plausible connections to underbreadth.

For one, underbreadth creates the conditions for pretextual enforcement: respondeat superior incentivizes even a good‑faith prosecutor to target individuals within an organization so that the prosecutor can charge the entity itself. In such a circumstance, individual liability operates not as a basis for criminal liability but as a pretext for it.[286] Specifically, a prosecutor’s reason for pursuing an individual would not be for the sake of her own wrongdoing but because her personal liability would trigger vicarious liability for the organization really responsible for the wrongdoing.[287]

Pretextual enforcement is unseemly at best, unethical and even illegal at worst.[288] Nevertheless, respondeat superior’s underbreadth incentivizes the practice insofar as the sorts of cases formally beyond the doctrine are likely to be ones especially worth bringing.[289] One key determinant for the government is the company’s degree of cooperation, which emphasizes as evidence of cooperation whether the company has identified responsible individuals.[290] Indeed, the recent Yates Memo made employee identification a precondition for establishing cooperation,[291] although that demand has since been relaxed.[292] And in fact, prominent instances of corporate criminal enforcement have led to low-level employees being prosecuted for seemingly organizational wrongdoing. For example, in the case of the Deepwater Horizon spill, two of the rig’s supervisors were prosecuted individually for the same crimes thereby attributed to BP itself.[293]Again, it is difficult to ascertain motivations in any particular prosecution.[294] These individuals may indeed have borne personal responsibility for the underlying wrongdoing—although it is suggestive that charges against one individual were eventually dropped, while the other was ultimately acquitted.[295]

Concerns about pretext persist even when the individuals who are targeted to provide a basis for corporate liability are not themselves charged. Although the Justice Department’s stated policy is that such an event should be rare,[296] in practice the government has not reliably prosecuted individuals alongside organizations.[297] Plausibly this outcome is preferable to the alternative, although it is difficult to judge in a vacuum: the line between who is eligible for prosecution and who merits prosecution is a more fact-intensive one than a high-level discussion can be expected to draw. Regardless, it is one thing to say that the government can choose to decline prosecution against an individual when justice requires. It is quite another to defend, on that basis, a legal doctrine that aims prosecutors’ attentions at individuals for the purpose of punishing organizations.

Third, concerns about cooperation in light of underbreadth’s pathologies are not limited to prosecutors. This cooperation policy is motivated on the government’s side largely by the fact that corporate prosecutions are hard—and, the more suffuse the individual contributions to that organizational wrongdoing, the more difficult it will be for the government to investigate and prosecute without the company’s assistance.[298] The government thus finds itself in the position of seeking the company’s help not just in determining the entity’s role for any alleged wrongdoing, but also in identifying, and implicating, predicate individual offenders.[299] In doing so, the government’s efforts to identify predicate individual offenders risk aligning the interest of prosecutors and managers against low-level employees, which creates an opportunity and permission structure for firms to scapegoat employees as a means of defusing organizational responsibility.[300]

Recall that judgments of individual responsibility have the potential to undermine or destroy our judgments of organizational responsibility.[301] By itself, this principle just describes a feature of our moral psychology: although our concepts of organizational responsibility and individual responsibility are analytically distinct, in practice these judgments tend to trade off with each other.[302] But as it turns out, an organization can weaponize this principle “by framing individual agents as responsible for” the misconduct in order to undercut judgments that the organization itself is to blame.[303] Indeed, at least when compared to “downplaying or denying the transgression,” the more effective strategy for an organization seeking to avoid blame is to identify from within the organization a “bad apple,” “black sheep,” or “scapegoat” who can be deemed personally responsible for the wrongdoing.[304] By encouraging, and at times requiring, firms to produce individuals to the government, the Justice Department is enabling companies to cut away at the normative foundations for the organization’s own criminal judgment.

Fourth and finally, the pathologies of underbreadth are likely to be felt in recent and ongoing innovations in the area of corporate punishment. Particularly in the past two decades, federal criminal law has been getting into corporate governance. As has been well documented elsewhere, both courts and prosecutors have increasingly sought to impose internal compliance and governance reforms on organizations as a form of sanction for wrongdoing.[305] And in particular, courts and prosecutors have consistently demonstrated a preference for compliance reforms that would have the effect of making it easier, going forward, to identify and prosecute individual wrongdoers inside the organization.[306] Put in the language of this Article, criminal enforcers have prioritized compliance reforms that seek to undo dispersion and nonseparability, which frustrate the prospect of identifying a predicate individual offender.

In light of respondeat superior’s underbreadth problem, it is easy to appreciate why courts and prosecutors would favor these reforms. If prosecuting organizations is hard for all the reasons stated here, then it makes sense to want to reform away those challenges. But whatever one thinks about the principle behind using criminal enforcement as a means to effect governance reforms, there is broad consensus that the actual reforms being imposed have, thus far, proven broadly ineffective at achieving this aim.[307] At the same time, these reforms are expensive for firms to implement.[308] For one, there are high costs to implementation and monitoring.[309] But more fundamentally, these reforms are aiming at organizational processes that, in general, are economically valuable—remember, these processes are central to what makes business organizations valuable enterprises in the first place.[310]

Of course, the compliance reforms being imposed on firms under the auspices of criminal enforcement might turn out to be worthwhile. All the same, there is ample basis for skepticism about the cost and efficacy of the way this government-led compliance revolution is run. And helping to power, or at least explain, the embrace of these reforms is a doctrine of attribution that treats individual liability as a proxy for organizational wrongdoing. More generally, the underbreadth inherent to respondeat superior does more than just fail to capture potential cases of organizational wrongdoing; it also contributes to a host of enforcement pathologies that range from inefficient to outright unjust.

IV.  Reevaluating Overbreadth, Reforming Underbreadth

Having spent the prior two parts unpacking the magnitude and impacts of respondeat superior’s underbreadth, this final Part IV leverages these results to reevaluate the standard wisdom—namely, that the doctrine’s major problem is that it is too broad. At the same time, it considers how the law might respond to the concerns raised throughout that respondeat superior is too narrow, including by adopting reforms that would convert this latter, unmanageable underbreadth problem into a familiar, and to date manageable, overbreadth problem.

A.    The Standard Wisdom Revisited: Why Underbreadth Might Now Matter More than Overbreadth

The central flaw at the heart of respondeat superior—one that causes the doctrine to be at once too broad and too narrow—is that it treats an individual employee’s liability as a proxy for, and predicate of, organizational responsibility. For decades, the standard wisdom has treated this overbreadth as a pressing problem while dismissing underbreadth as an unimportant symmetry. But in fact, the opposite might be true. This is because first, respondeat superior is underinclusive of not just any cases, but particularly of paradigmatic instances of organizational wrongdoing. By contrast, the types of cases currently picked out by respondeat superior, and thus of concern for overbreadth, all appear to be merely peripheral cases of organizational wrongdoing. And second, to the extent that overbreadth and underbreadth are symmetric problems, their solutions are not. Those strategies that have mitigated the harms attendant to overbreadth either cannot, or will not, carry over to underbreadth. And, in certain respects, these efforts to manage overbreadth have exacerbated the harms already associated with underbreadth.

  1. Is Underbreadth Worse than Overbreadth?

What would it mean to say that respondeat superior’s underbreadth is worse than its overbreadth? It cannot merely be that the former excludes more potential cases than the latter includes. For one thing, the possibility of making such an empirical calculation is suspect; at the very least, the results are inaccessible.[311] For another, even if the empirical claim somehow bore out, since Blackstone the criminal law has expressed a commitment to tolerating underbreadth as a price for avoiding overbreadth.[312]

A more accurate (if less pithy) way to frame the challenge, then, is to assert that diagnosing underbreadth reveals the profundity of the mismatch between organizational responsibility and respondeat superior. In doing so, it implies that overbreadth is in reality a secondary problem. The real problem with respondeat superior is that by relying on individual liability as a proxy, it aims the attention of corporate criminal law away from core, paradigmatic kinds of organizational wrongdoing and toward peripheral cases in which an organization’s wrongdoing happens to cohere in a single individual. It also turns out that, in doing so, the doctrine is too broad: it captures cases at the periphery but also beyond it. But the more fundamental concern, it seems, should be that the doctrine is barely aimed at organizational responsibility in the first place. In other words, it’s a problem that respondeat superior is overbroad, but a bigger problem that it is underbroad.

Start with underbreadth. Respondeat superior excludes from criminal liability cases of organizational wrongdoing that look like the sorts of cases in which our tendency to blame organizations is at its strongest. Specifically, respondeat superior excludes liability for (at least) two types of organizational wrongdoing: (1) instances where the elements of the crime are dispersed across individuals within the organization; and (2) instances where the nonseparability of individuals’ contributions, owing to forces like team production and machine learning, makes an easy reduction practically impossible and epistemically inaccessible.[313] Neither of these categories should be considered minor, peripheral, or deviant candidates for organizational responsibility. Quite the opposite, these circumstances describe core instances of organizational wrongdoing—and, as such, the types of cases at which corporate criminal law should aim.

With respect to the target that respondeat superior should aim for as an attribution rule, the classes of cases being described here are those where, according to the best evidence regarding our normative practices, our folk judgments of organizational responsibility are most fitting. Recall that we are most likely to attribute responsibility to an organization rather than to an individual within the organization in circumstances where the conduct in question is perceived as stemming from a tightly integrated, cohesive group.[314] The phenomena of dispersion and nonseparability, and the organizational processes that produce them, point to the conditions that would make judgments of organizational responsibility felicitous in the first place.[315] That should make sense. If there’s any circumstance where we should want to attribute criminal liability to an organization, it should be one where the conduct is pervasive throughout, and a product of, the organization itself—in a slogan, corporate crime should be reserved for crimes that are pervasively corporate.

Meanwhile, as to the sources of organizational wrongdoing, we should expect that organizational wrongdoing will frequently present as either a dispersion case or nonseparability case. This is because the underlying phenomena are not unique to misconduct; rather, they describe ordinary corporate activity generally. That is, dispersion and nonseparability are inevitable byproducts of good organizational design.[316]And, in general, we should encourage large organizations to embrace these sorts of organizational processes; after all, being able to synthesize individual inputs into an output greater than its parts is, by definition, what makes a business organization so much more effective than a mere collection of individuals.[317] However, these organizational processes are value neutral—there is no antecedent reason to think that collective behavior necessarily has to be good or lawful.[318] When incentives point in the wrong direction, or when a corporation’s culture is corrupted, these organizational forces create space to do harm far beyond not just what any individual could do but also what any individual would have reason or incentive to do.[319] In short, respondeat superior is not just generically underinclusive—it’s not failing to capture just random instances of wrongdoing—but also is biased against the very sorts of cases that motivate corporate criminal law’s role in the first place.

And what about the cases that respondeat superior actually targets? Are these predicate individual offender cases just another type of important case that corporate criminal law should reach? Actually, probably not.

That individual liability might be inversely correlated with, or even destructive of, organizational responsibility has already been discussed from the perspective of moral psychology. Evidence that the conduct was really the work of a discrete individual or individuals, separate from the group, tends to dispel attributions of organizational responsibility.[320] Consider now the same observation from the perspective of the criminal law. This Article has operated from the premise—one shared by overbreadth critics—that whatever the justification for having an institution of corporate criminal law turns out to be, whatever the content of that criminal law turns out to be, the criminal law of corporations should aim to attach when the misconduct in question gives rise to our judgment that the organization, rather than some individual, is to blame.[321] Implicit to this view is a somewhat obvious point that corporate criminal law and the rest of the criminal law should be aimed at different offenders. Think of it this way: corporate criminal law is generally and correctly seen as an addition to, or an expansion of, the ordinary criminal law, which traditionally applied only to individuals.[322] If the criminal law is to be expanded in this way, it shouldn’t be redundant. Whatever the point of corporate criminal law, we should expect it to be something more than just piling charges on individual offenders that the ordinary criminal law already has no problem reaching.

And yet, respondeat superior cases have precisely this redundancy built in. The cases it criminalizes are those where some individual is already eligible for criminal responsibility. In fact, arguably the purest example of corporate criminal liability, from the perspective of respondeat superior, is a one-person sole proprietorship, for which the organization is just the alter ego of the predicate individual offender. But of course, this example is a reductio: there’s no reason to dedicate an entire area of the criminal law to ensure that individuals be prosecuted both personally and in their corporate capacity. If any type of case being discussed here sits at the periphery of what corporate criminal law should be aimed at—viz., our normative practice of organizational responsibility—it is those cases where every element of the underlying, criminal misconduct can actually be traced to a single individual inside the organization.

This criticism doesn’t deny respondeat superior’s overbreadth problem, but it does dramatically diminish its importance. Even if respondeat superior is aimed primarily at peripheral cases of organizational wrongdoing, the doctrine would still be overbroad to the extent that it also captures cases beyond the periphery. Nevertheless, and recognizing that there are always reasons to be worried about overbreadth, it hardly seems the most pressing priority: we should worry about a doctrine being too broad only after we are confident that the doctrine is approximately aimed at the right target.

  1. Is Underbreadth Less Manageable than Overbreadth?

Overbreadth would pose a more serious problem to the legitimacy of respondeat superior if not for the tempering influence of mechanisms within the criminal justice system and the broader political economy surrounding corporate criminal enforcement. Unfortunately, neither of these forces are available to address the harms of underbreadth. And the forces operating to rein in overbreadth are not merely unable to fix simultaneously the separate harms attendant to underbreadth. In certain respects, managing the problem of overbreadth has made the harms from underbreadth worse.

First, recall that the criminal law has available mechanisms that function to constrain the risks attendant to a doctrine that, standing alone, would otherwise criminalize too much conduct.[323] With respect to overbreadth specifically, that respondeat superior might attribute liability to a corporation in the absence of organizational responsibility is tempered by heightened mens rea requirements and by the application of prosecutorial discretion.[324] But these mechanisms for ameliorating overbreadth are one-way ratchets: they cannot be operated in reverse to capture misconduct that lies beyond an underinclusive doctrine. More generally, the criminal justice system is not designed to allow conviction beyond the scope of what doctrine has criminalized. Nor should it be: some of the most heralded principles in the criminal law—for example, the rule of lenity and the void-for-vagueness doctrine—stand for the broader proposition that the state cannot punish conduct that it has not clearly circumscribed within the criminal law’s ambit, much less conduct that is clearly outside it.[325] As a result, the doctrinal challenges facing respondeat superior’s underbreadth are qualitatively different from those faced by the specter of overbreadth. The weaknesses of the latter are shored up through other doctrinal tools within the criminal law; no such strategy is available for the former. This asymmetry might end up harmless were underbreadth concerned only with peripheral cases of wrongdoing. But particularly where respondeat superior risks excluding paradigmatic instances of organizational wrongdoing, this asymmetry is qualitatively more troubling.

To be sure, cases excluded by an underbroad attribution rule are not eternally beyond the reach of law and law enforcement. While underbreadth cannot be expanded through mechanisms internal to the criminal law, Congress can always rewrite its criminal statutes to expand their scope.[326] For example, insofar as mens rea poses a common obstacle to prosecuting business crime, lawmakers and regulators could avoid this obstacle (and, regrettably, occasionally have) by creating more strict liability crimes.[327] But this possibility hardly provides grounds to discount respondeat superior’s overbreadth: it “solves” the attribution rule’s deficiency by doing violence to core commitments of the criminal law.[328] Likewise, prosecutors may have the power in practice to ignore respondeat superior’s predicate individual offender requirement; firms may likewise have instrumental reasons to go along.[329] But again, this possibility does not solve or ameliorate the problems attendant to underbreadth as much as it sidesteps the rule of law. Using the leverage of state power coupled with the relative opacity of a guilty plea just to skirt its obligation under the rule of law does not excuse the government from following that duty.

Second, recall that the risks from overbreadth are tempered not just by other components of the criminal law but also by the confluence of corporate and prosecutorial interests surrounding the political economy of corporate criminal enforcement.[330] To reiterate, any discussion of political economy within the shadow of the criminal law just doesn’t apply to wrongdoing outside the shadow of the criminal law; neither prosecutors nor defendants can lawfully expand the reach of the criminal law behind respondeat superior if they wanted to. That point aside, neither are there strong institutional incentives to reform respondeat superior in such a way as to address the doctrine’s underbreadth. Unsurprisingly, businesses have expressed no interest in expanding their own potential liability beyond that which the law already requires. Neither, for that matter, have prosecutors who depend on corporate cooperation to enforce the status quo. Were such a rule of attribution available, the Justice Department might choose to leverage any expansion that a correction of respondeat superior’s underbreadth would afford it.[331] But it is one thing to consider the incentives that doctrinal reform would enable and quite another to suggest that the Justice Department would leverage the political capital and stasis it has with the white-collar bar now to go out and try to expand respondeat superior. This is particularly true when the fact of underbreadth has received comparatively little attention over the years. In short, whereas both prosecutors and defendants have incentives to rein in overbreadth, there is with respect to underbreadth no consensus and also no visible appetite for reform.

Indeed, insofar as the status quo operates already to curb the excesses of overbreadth, it in some ways exacerbates the harms surfaced by underbreadth. Consider, for example, one of the primary overbreadth critiques—namely, that respondeat superior discourages valuable corporate cooperation. There, critics of respondeat superior argued that well-meaning corporations would be unwilling to identify individual wrongdoers, even if the company wanted to, because doing so would expose the company to the prospect of criminal liability.[332] Viewed in this light, the Justice Department’s recent policies to encourage and reward this type of cooperation are encouraging steps to soften the hard edges of an overbroad doctrine.[333]

But meanwhile, the same policies have the effect of empowering organizations to subvert their perceived responsibility for wrongdoing.[334] After all, respondeat superior, for all its flaws, disincentivizes organizations from scapegoating their own employees. Well-meaning companies are not the only ones interested in outing their employees for misconduct. In light of its tendency to undermine judgments that the organization itself is to blame, this incentive impacts all companies; moreover, the more unscrupulous the firm, the more we might suspect that it is acting strategically and without regard for whether the outed employee is really responsible. Unvarnished respondeat superior thus offers a check against scapegoating by turning it into a high-stakes tactic: attempting to undermine the normative basis for criminal liability requires creating the eligibility conditions for criminal liability. Part III.B already canvassed the concerns with pretextual enforcement that underbreadth engenders. Here, the Justice Department’s efforts to mitigate overbreadth only exacerbates the harms of underbreadth, particularly for low‑level employees. And owing to the tendency of underbreadth to apply in cases of paradigmatic organizational wrongdoing, the more suffuse and systematic the wrongdoing, the stronger these incentives become for both sides.

B.    Pathways to Reform: Get Rid of Underbreadth or Replace It with Overbreadth

How should we go about solving the problem of underbreadth while being attentive to the progress made against overbreadth? This final section offers two brief observations—one a friendly amendment to the family of direct liability proposals discussed in Part I, and one a counterintuitive solution that would solve respondeat superior’s underbreadth problem . . . by converting it into an overbreadth problem.

  1. From Vicarious Liability to Direct Liability

Respondeat superior is overbroad, and it is underbroad. One reasonable conclusion to draw from these facts is that respondeat superior is just a bad doctrine, which needs to be rooted out in its entirety and replaced.

Unsurprisingly, given the discussion, the problems attendant to respondeat superior’s underbreadth argue in favor of tying the attribution of corporation criminal liability more directly to some underlying sense of organizational responsibility. As discussed in Part I, there are a host of accounts on offer to replace vicarious liability with some version of a direct liability approach to corporate criminal law.[335] Alternatively, the Justice Department’s prosecutorial guidelines—as well as the U.S. Sentencing Commission’s recommendations—can be understood as second-best efforts to recreate such a regime within the shadow of respondeat superior.[336] These existing practices, taken together, provide a ready framework for a direct liability attribution rule; corporate criminal law would be substantially improved just by shifting these considerations out of the charging and penalty phases, respectively, and into the liability phase.[337]

While the specifics of these approaches differ, in general any of them would represent an improvement over respondeat superior. First, the broader shift towards organizational responsibility as the direct target for liability attributions would provide a firm normative foundation for corporate criminal liability. And second, insofar as it would eliminate the central flaw underlying respondeat superior—namely, that it treats individual liability as a proxy for, and predicate of, organizational responsibility—shifting to direct liability would have the further benefit of addressing simultaneously concerns about overbreadth and underbreadth.

All this said, the attention to underbreadth in this Article puts pressure on an assumption common to many of these direct liability accounts. In defending direct liability as preferable to respondeat superior, many advocates take for granted that embracing such a reform would shrink the scope and reach of corporate criminal law because those now-excluded cases were not normatively defensible in the first place.[338]Indeed, that one’s proposal would have this effect is sometimes presented as a badge of honor; for example, Pamela Bucy acknowledges that her corporate ethos account “will result in fewer criminal prosecutions of corporate defendants” but follows up by claiming that “critics should see this fact not as a weakness, but as a strength of the standard.”[339]

The assumption that moving from vicarious liability to direct liability would thereby shrink the scope of corporate criminal law is an understandable one. After all, these direct liability proposals are often offered against the backdrop of, and as a cure for, concerns about overbreadth.[340] But as this Article has demonstrated, such an assumption is unwarranted. Yes, a direct liability regime would block attribution in outlier cases—for example, where the crime was perpetrated by an employee against the organization.[341] But a liability rule that is responsive to the sources of underbreadth—namely, dispersion, nonseparable production, and algorithmic decision-making—would almost certainly expand the range of cases that could be brought. The net effect of these countervailing expansions and contractions is ultimately an empirical question.[342] And how one views this potential revision to the impact of a direct liability rule will likely hang on one’s prior commitments regarding the propriety of an institution of corporate crime more generally.[343] Regardless, solving respondeat superior’s shortcomings by converting to a direct liability regime would solve the doctrine’s overbreadth problems—but it doesn’t follow that it would reduce the scope of corporate criminal law.

  1. From Vicarious Liability to Vicarious Attribution

Replacing respondeat superior with a direct liability regime isn’t the only way to improve the doctrine’s underbreadth. Moving in the other direction, a different strategy to address respondeat superior’s underbreadth would be instead to relax substantially the need to tie liability to a single, predicate offender. If replacement amounts to moving from a vicarious liability regime to a direct liability regime, this alternative approach might best be characterized as moving from a vicarious liability regime towards a vicarious attribution rule.

There is an array of reforms to consider, all of which would maintain the broad contours of the current attribution rule while expanding a fact finder’s ability to attribute corporate criminal liability by reference to the causal contributions beyond just a single employee. With respect to addressing dispersion problems, one approach would be to embrace and update the collective knowledge doctrine, amending concerns about its excesses by incorporating recent work on collective intentional attitudes.[344] Another option would be to relax the concurrence element of respondeat superior’s predicate individual offender requirement, while still requiring that each element of a crime be satisfied by a single individual.[345] A version of this strategy has been recently proposed by the Australian Law Reform Commission for that country’s corporate criminal law; such a revision would leave beyond the criminal law’s reach cases of collective knowledge and collective action but might carve off major concerns attached to underbreadth while still improving upon the status quo.[346] With respect to nonseparable team production, attribution requirements could be shifted from the individual level to the departmental level. This reform would allow a factfinder to locate all elements of a crime within a single business unit or department without having to further specify that one individual within that hierarchy personally satisfies each element.[347] And with respect to machine learning, courts could stipulate that outputs of algorithmic decision-making be attributed to the corporation employing that algorithm.[348]

At the extreme, one might go so far as to abandon any constraints limiting vicarious attribution, requiring each element to be grounded in the discernible conduct of individuals—but otherwise not restricting who, or how many individuals provided the basis for that attribution. Admittedly, at first glance, converting respondeat superior into a vicarious attribution rule might seem the worst of all worlds. On the one hand, it would dramatically expand the scope of cases covered by corporate criminal law in precisely the manner that overbreadth critics have sought to correct—viz., by exposing the corporation to liability for every employee without consideration of whether this is the kind of conduct for which the organization should be held responsible. And on the other hand, vicarious attribution lacks the coherence of direct liability, which endeavors to adopt a positive account of collective action, collective intention, and collective responsibility.

Nevertheless, there are reasons to suspect that these complaints are less persuasive than they first appear, and that vicarious attribution might really be a model for corporate criminal law to explore further. With respect to direct liability, the ostensible weakness of vicarious attribution is that it allows a factfinder to consider lots of employee conduct without providing any organizing principles for whose conduct counts for what when it comes to attributing liability to the corporation.[349] Skeptics have worried particularly about circumstances where one employee has a bad attitude satisfying mens rea even while several employees have a contrary attitude—why should the attitude of one bad employee dominate in cases of inevitable disagreement?

But the concern here is overblown: this hunt-and-peck approach to attribution simply doesn’t square with how we go about assigning responsibility.[350] And this is true broadly, for individuals and organizations. Recall that liability is fundamentally expressive in character, which is only to say that determining what a person did (and why) is fundamentally an exercise of public interpretation.[351] We don’t look into someone’s mind to determine whether they satisfied mens rea—that is impossible and will continue to be either for a long time or forever—but instead look to whether their prior actions expressed the prescribed attitudes in question. Indeed, so banal is this point that many of the original courts to recognize corporate criminal liability, having cleared that admittedly large legal and conceptual hurdle, saw no need to specify an attribution rule at all.[352] Rather, they left the process to jurors, noting that the deliberative processes for imputing actus reus and mens rea are no different in the context of organizations than they are for individuals.[353] The same approach applies to organizations: we look at the conduct of individuals within the organization, and sometimes just the organization’s behaviors themselves, to determine whether and why the organization caused the misconduct in question.

Finally, and with respect to overbreadth, a vicarious attribution approach would unquestionably expand, in principle, the doctrine’s footprint. However, not all expansions of a doctrine are over-expansions. Broadening the current attribution rule so that it captures core cases of wrongdoing as well as peripheral cases is not per se a bad thing; if anything, it may even help to put corporate criminal law closer to a more stable normative and conceptual foundation. More acutely, the mere fact that vicarious attribution would expand the set of possible cases is not itself disqualifying because the status quo is already arbitrarily constrained to a set of factual characteristics that are only incidentally relevant to the normative target the doctrine should be trying to hit. Of course we should worry about an attribution rule’s overbreadth, but we should worry about it only after ensuring that the rule is approximately aimed at the right target.

Moreover, a central lesson of this Article is that the harms of overbreadth are both manageable and managed—not because of the doctrine itself, but because of the broader legal and political environments in which the doctrine is embedded. Those same forces will exist regardless of whether respondeat superior is treated as a vicarious liability rule or vicarious attribution rule. Substantive elements like a strict mens rea requirement will continue to prevent every bad outcome from being elevated to a crime. Prosecutors will still have the same set of reasons to skew the full breadth of their doctrinal reach in exercising their discretion. And the corporate bar will remain well funded, well connected, and well situated to resist prosecutorial overreach. In fact, shifting to vicarious attribution amounts to solving the underbreadth problem by converting it to an overbreadth problem, which we have already figured out how to solve. As such, shifting to vicarious attribution has the potential to harness the past decades’ success in defeating overbreadth to also fix corporate criminal law’s underbreadth problem.


Corporate criminal law is built atop the doctrine of respondeat superior, whereby a business organization can be held responsible for criminal misconduct carried out by any one of its employees. This doctrine is too broad, and it is too narrow. But whereas the doctrine’s overbreadth has been for decades the target of criticism and reform, its underbreadth has gone overlooked and underexplored.

No longer. Respondeat superior is underbroad in ways that have profound consequences for our understanding of the doctrine, for the practice and development of corporate criminal enforcement, and for how we think about the doctrine’s overbreadth going forward. Taken together, it remains a serious problem that respondeat superior is still too broad . . . but it is now becoming a more serious and more intractable problem that the doctrine is too narrow.

     *      Assistant Professor of Business Law, University of Michigan Ross School of Business; J.D. and Ph.D. in Philosophy, University of Michigan. Special thanks are due to Miriam Baer, Sam Buell, Mihailis Diamantis, Brenner Fissell, Todd Haugh, David Hess, Vic Khanna, Jeremy Kress, Eric Miller, Cindy Schipani, and Amy Sepinwall. This project was greatly improved by valuable feedback received during the Academy of Legal Studies in Business annual conference, Crimfest!, the National Business Law Scholars Conference, and from participants in workshops hosted by the University of Georgia, University of Illinois, University of Michigan, and Wharton School of Business. Finally, thanks to Laura Boniface for excellent research assistance and to the members of the Arizona State Law Journal for diligent editing.

     [1].     For an exhaustive account of Theranos’s rise and fall, see John Carreyrou, Bad Blood: Secrets and Lies in a Silicon Valley Startup (2018).

     [2].     Press Release, SEC, Theranos, CEO Holmes, and Former President Balwani Charged with Massive Fraud (Mar. 14, 2018), [].

     [3].     Complaint at paras. 83–89, SEC v. Holmes, No. 5:18-cv-01602 (N.D. Cal. Mar. 14, 2018), [].

     [4].     Id. at paras. 54, 66.

     [5].     Kevin Loria, America’s Youngest Female Billionaire Explains How She’s Transforming Medicine, Bus. insider (Nov. 12, 2014, 11:17 PM), [].

     [6].     Carreyrou, supra note 1, at 28, 285–86.

     [7].     N.Y. Cent. & Hudson River R.R. Co. v. United States, 212 U.S. 481, 493 (1909); see United States v. Adams Express Co., 229 U.S. 381, 390 (1913).

     [8].     At the time of this Article, Holmes and Theranos’s former president face multiple charges of wire fraud and conspiracy. John Carreyrou, U.S. Files Criminal Charges Against Theranos’s Elizabeth Holmes, Ramesh Balwani, Wall St. J., [https://‌] (June 15, 2018, 6:26 PM); Micah Maidenberg, Theranos Trial’s Judge Narrows Case Against Founder Elizabeth Holmes, Wall St. J., [] (Feb. 12, 2020, 3:47 PM).

     [9].     See Developments in the Law: Corporate Crime: Regulating Corporate Behavior Through Criminal Sanctions, 92 Harv. L. Rev. 1227, 1247 (1979).

     [10].   See David Marcus, Trans-Substantivity and the Processes of American Law, 2013 BYU L. Rev. 1191, 1193–94 (describing the wide scope of attribution rules).

     [11].   Preet Bharara, Corporations Cry Uncle and Their Employees Cry Foul: Rethinking Prosecutorial Pressure on Corporate Defendants, 44 Am. Crim. L. Rev. 53, 59 (2007). For a small sample of recent articles discussing respondeat superior’s overbreadth, see Sara Sun Beale, Is Corporate Criminal Liability Unique?, 44 Am. Crim. L. Rev.1503, 1504 (2007); Samuel W. Buell, Criminal Procedure Within the Firm, 59 Stan. L. Rev. 1613, 1663 (2007); Brandon L. Garrett, Structural Reform Prosecution, 93 Va. L. Rev. 853, 876–78 (2007); Stacey Neumann Vu, Corporate Criminal Liability: Patchwork Verdicts and the Problem of Locating a Guilty Agent, 104 Colum. L. Rev. 459, 466 (2004); Andrew Weissmann & David Newman, Rethinking Criminal Corporate Liability, 82 Ind. L.J. 411, 414–15 (2007); Julie Rose O’Sullivan, The Federal Criminal “Code”: Return of Overfederalization, 37 Harv. J.L. & Pub. Pol’y 57, 59 (2014); Michael A. Simons, Vicarious Snitching: Crime, Cooperation, and “Good Corporate Citizenship, 76 St. John’s L. Rev. 979, 983–84 (2002).

     [12].   Pamela H. Bucy, Corporate Ethos: A Standard for Imposing Corporate Criminal Liability, 75 Minn. L. Rev. 1095, 1104 (1991) (“[A]ll corporations, honest or dishonest, good or bad, are convicted if . . . one maverick employee committed criminal conduct.”).

     [13].   See United States v. Sun-Diamond Growers of Cal., 138 F.3d 961, 970 (D.C. Cir. 1998) (upholding a conviction for honest services fraud where a corporation’s employee embezzled funds).

     [14].   The term “organizational responsibility,” but not the underlying normative concept that it is meant to instantiate, is unique to this Article. See infra Parts I.A.2 and II.A.

     [15].   See W. Robert Thomas, How and Why Corporations Became (and Remain) Persons Under the Criminal Law, 45 Fla. St. U. L. Rev. 479, 518–24 (2018) (noting the lack of attention given to underbreadth). Only recently, a handful of scholars have begun to consider specific examples of underbreadth. See Alexander Sarch, Criminally Ignorant: Why the Law Pretends We Know What We Don’t 231–63 (2019); Mihailis E. Diamantis, The Body Corporate, 83 Law & Contemp. Probs. 133, 151–57 (2020); Erin. L. Sheley, Tort Answers to the Problem of Corporate Criminal Mens Rea, 97 N.C. L. Rev. 773, 775 (2019).

     [16].   This Article focuses on federal law both for simplicity and because the federal government predominates in enforcement. Nevertheless, most of the criticisms developed here apply, at least as strongly, to the alternative attribution rule preferred by most states. See infra Part I.

     [17].   4 William Blackstone, Commentaries *352 (“[B]etter that ten guilty persons escape, then that one innocent suffer”); R A Duff, The Realm of Criminal Law 64 (1st ed. 2018). But see William S. Laufer & Robert C. Hughes, Justice Undone, 58 Am. Crim. L. Rev. 155, 163–69 (2021).

     [18].   See infra Part III.A.1.

     [19].   See infra Part I.A (discussing the collective knowledge doctrine). Respondeat superior does not require, however, that an individual employee actually be prosecuted or convicted in order to bring charges against an organization. On the relevance of this point, see infra Part III.B.

     [20].   See infra Part III.A.2.

     [21].   See infra notes 133–138.

     [22].   See infra Part III.A.3.

     [23].   See infra Part II.A.

     [24].   See infra Parts II.A, IV.A.1.

     [25].   See Mihailis E. Diamantis & William S. Laufer, Prosecution and Punishment of Corporate Criminality, 15 Ann. Rev. L. & Soc. Sci. 453, 458–59 (2019).

     [26].   See infra Part III.A.1.

     [27].   See infra Part III.B.2.

     [28].   See infra Part III.B.2. See generally Miriam H. Baer, When the Corporation Investigates Itself, in Research Handbook on Corporate Crime and Financial Misdealing 308 (Jennifer Arlen ed., 2018).

     [29].   See infra Part III.B.2.

     [30].   Stephanos Bibas, The Need for Prosecutorial Discretion, 19 Temp. Pol. & C.R. L. Rev. 369, 371–73 (2010); Samuel W. Buell, The Upside of Overbreadth, 83 N.Y.U. L. Rev. 1491, 1557 (2008) (discussing mens rea’s role in limiting overbroad statutes).

     [31].   See, e.g., William J. Stuntz, The Pathological Politics of Criminal Law, 100 Mich. L. Rev. 505, 520–21 (2001).

     [32].   See, e.g., William S. Laufer & Alan Strudler, Corporate Crime and Making Amends, 44 Am. Crim. L. Rev. 1307, 1311 (2007).

     [33].   See N.Y. Cent. & Hudson River R.R. Co. v. United States, 212 U.S. 481, 493 (1909).

     [34].   Id.

     [35].   Thomas, supra note 15, at 518–24 (discussing the development of state corporate criminal law).

     [36].   Sherman Antitrust Act of 1890, 15 U.S.C. § 1.

     [37].   Hale v. Henkel, 201 U.S 43 passim (1906).

     [38].   N.Y. Cent. & Hudson River R.R. Co., 212 U.S. 481.

     [39].   Id. at 494–95.

     [41].   See John Gund Brewing Co. v. United States, 204 F. 17, 23–24 (8th Cir. 1913) (discussing attribution within the Elkins Act).

     [42].   United States v. Nearing, 252 F. 223, 231 (S.D.N.Y. 1918) (“[H]ow far the law has gone in imputing to a corporation the acts of its agents . . . . [has become] a question upon which the law has always tended towards larger and larger liability.”).

     [43].   See e.g., Goldsmith v. United States, 42 F.2d 133 (2d Cir. 1930) (applied to 18 U.S.C. § 72); Nobile v. United States, 284 F. 253 (3d Cir. 1922) (applied to National Prohibition Act); Egan v. United States, 137 F.2d 369 (8th Cir. 1943) (applied to Public Utility Holding Company Act of 1935, 15 U.S.C. § 79l(h)); Md. Cas. Co. of Balt. v. Queenan, 89 F.2d 155 (10th Cir. 1937) (applied to an embezzlement case).

     [44].   United States v. Dotterweich, 320 U.S. 277, 282 (1943).

     [45].   Id.; see Gerhard O. W. Mueller, Mens Rea and the Corporation, 19 U. Pitt. L. Rev. 21, 21 (1957) (“Nobody bred it, nobody cultivated it, nobody planted it. It just grew.”).

     [46].   Restatement (Third) of Agency § 7.07(2) (Am. L. Inst. 2006). On the historical relevance of the intent-to-benefit element, see United States v. Automated Med. Lab’ys, Inc., 770 F.2d 399, 407 (4th Cir. 1985); Standard Oil Co. of Tex. v. United States, 307 F.2d 120, 128 (5th Cir. 1962).

     [47].   E.g., United States v. Sun-Diamond Growers of Cal., 138 F.3d 961, 970–71 (D.C. Cir. 1998).

     [48].   Bucy, supra note 12, at 1149; Samuel W. Buell, The Blaming Function of Entity Criminal Liability, 81 Ind. L.J. 473, 531 (2006) (claiming the requirement is now “virtually meaningless”).

     [49].   For a history and overview, see Amy J. Sepinwall, Corporate Moral Responsibility, 11 Phil. Compass 3 (2016).

     [50].   Peter A. French, The Corporation as a Moral Person, 16 Am. Phil. Q. 207, 212 (1979); id. passim. See generally Peter A. French, Collective and Corporate Responsibility (1984).

     [51].   E.g., Margaret Gilbert, Joint Commitment How We Make the Social World 58–81 (2014); Christian List & Philip Pettit, Group Agency: The Possibility, Design, and Status of Corporate Agents 153–70 (2011); Larry May, The Morality of Groups: Collective Responsibility, Group-Based Harm and Corporate Rights 65–72 (1987); Eric W. Orts, Business Persons: A Legal Theory of the Firm 133–46 (2013); T.M. Scanlon, Moral Dimensions: Permissibility, Meaning, Blame 160–63 (2008); Mihailis E. Diamantis, Corporate Criminal Minds, 91 Notre Dame L. Rev. 2049 (2016); Thomas, supra note 15.

     [52].   For an overview, see William S. Laufer, Corporate Culpability and the Limits of Law, 6 Bus. Ethics Q. 311 (1996).

     [53].   Brent Fisse, Reconstructing Corporate Criminal Law: Deterrence, Retribution, Fault, and Sanctions, 56 S. Cal. L. Rev. 1141, 1201–13 (1983); Brent Fisse & John Braithwaite, The Allocation of Responsibility for Corporate Crime: Individualism, Collectivism and Accountability, 11 Sydney L. Rev. 468, 481–88, 505–06 (1988).

     [54].   Bucy, supra note 12, at 1099–101.

     [55].   William S. Laufer, Corporate Bodies and Guilty Minds, 43 Emory L.J. 647, 701 (1994). See generally William S. Laufer, Corporate Bodies and Guilty Minds: The Failure of Corporate Criminal Liability (2006).

     [56].   See, e.g., Buell, supra note 48, at 502 (arguing that organizational responsibility reflects “not just that somebody pursued faulty preferences, but that the group arranged itself badly”).

     [57].   See infra Part I.C.

     [58].   Cf. Mininsohn v. United States, 101 F.2d 477, 478 (3d Cir. 1939) (“[T]he guilty intent of officers of a corporation may be imputed to the corporation itself in order to prove the guilt of the corporation.”).

     [59].   Model Penal Code § 2.07(4)(c) (Am. L. Inst. 1962).

     [60].   See id.

     [61].   See Elizabeth K. Ainslie, Indicting Corporations Revisited: Lessons of the Arthur Andersen Prosecution, 43 Am. Crim. L. Rev. 107 app. B (2006).

     [62].   Grand Rapids & Ind. Ry. Co. v. United States, 212 F. 577, 584 (6th Cir. 1914); see also Inland Freight Lines v. United States, 191 F.2d 313, 316 (10th Cir. 1951); United States v. T.I.M.E.-D.C., Inc., 381 F. Supp. 730, 738 (W.D. Va. 1974).

     [63].   United States v. Bank of New England, 821 F.2d 844 (1st Cir. 1987). For a critical history of Bank of New England and its ensuing scholarship, see Thomas A. Hagemann & Joseph Grinstein, The Mythology of Aggregate Corporate Knowledge: A Deconstruction, 65 Geo. Wash. L. Rev. 210 (1997).

     [64].   Bank of New England, 821 F.2d at 847.

     [65].   United States v. Aversa, 984 F.2d 493, 497–501 (1st Cir. 1993) (en banc) (clarifying that Bank of New England’s “professed unawareness . . . was a product of the bank’s deliberate blindness” rather than a broader collective knowledge doctrine), vacated and remanded on other grounds sub nom. Donovan v. United States, 510 U.S. 1069 (1994).

     [66].   New York v. United Parcel Serv., Inc., 253 F. Supp. 3d 583, 669–70 (S.D.N.Y. 2017); United States v. Sci. Applications Int’l Corp., 653 F. Supp. 2d 87, 99 (D.D.C. 2009), aff’d in part, rev’d in part 626 F.3d 1257 (D.C. Cir. 2010); cf. United States v. PG&E Co., No. 14-cr-00175, 2015 U.S. Dist. Lexis 171577, at *7–14 (N.D. Cal. Dec. 23, 2015) (unpublished opinion) (discussing narrow grounds for recognizing collective willfulness). Complicating this assessment is the fact that few corporate prosecutions go to trial. Diamantis & Laufer, supra note 25, at 458–59. Moreover, determining the baseline counterfactual—the quantity of cases that would have been brought under the collective knowledge doctrine, but not otherwise—is practically impossible. See infra Part III.B.1. Nevertheless, the limited evidence available suggests, at least prima facie, that the collective knowledge doctrine has not been embraced as a meaningful expansion of New York Central form.

     [67].   E.g., In re Apple Comput., Inc., 127 F. App’x. 296, 303 (9th Cir. 2005); Southland Sec. Corp. v. INSpire Ins. Sols., Inc., 365 F.3d 353, 366 (5th Cir. 2004); Gutter v. E.I. DuPont de Nemours, 124 F. Supp. 2d 1291, 1311 (S.D. Fla. 2000); United States ex rel. Heathcote Holdings Corp. v. William K. Walthers, Inc., 779 F. Supp. 2d 735, 738 (N.D. Ill. 2011). Although these cases concerned questions of scienter, the opinions reject any substantive basis for collective knowledge rather than denying its extension to federal securities law. But see In re WorldCom, Inc. Sec. Litig., 352 F. Supp. 2d 472, 497 (S.D.N.Y. 2005).

     [68].   E.g., Joseph F. Francis, Criminal Responsibility of the Corporation, 18 Ill. L. Rev. 305, 315–17 (1924); Frederic P. Lee, Corporate Criminal Liability, 28 Colum. L. Rev. 181, 183–89 (1928); Mueller, supra note 45, at 41–46; see supra note 11 (collecting citations).

     [69].   See, e.g., Broadrick v. Oklahoma, 413 U.S. 601, 613 (1973).

     [70].   Duff, supra note 17, at 64. See generally Stephen Bero & Alex Sarch, The Problem of Over‐Inclusive Offenses: A Closer Look at Duff on Legal Moralism and Mala Prohibita, 14 Crim. L. & Phil. 395 (2020).

     [71].   By analogy, even if you aren’t certain what makes something the tallest mountain on Earth, you can confidently identify lots of mountains that aren’t. See Trevor Nace, The Tallest Mountain in the World Is Surprisingly Debatable, Forbes (Nov. 25, 2015, 5:30 PM), []. See generally Achille C. Varzi, Vagueness in Geography, 4 Phil. & Geography 49 (2001).

     [72].   See supra Part I.A.

     [73].   Bucy, supra note 12, at 1104.

     [74].   E.g., Harvey L. Pitt & Karl A. Groskaufmanis, Mischief Afoot: The Need for Incentives To Control Corporate Criminal Conduct, 71 B.U. L. Rev. 447 (1991); Charles J. Walsh & Alissa Pyrich, Corporate Compliance Programs as a Defense to Criminal Liability: Can a Corporation Save Its Soul?, 47 Rutgers L. Rev. 605 (1995).

     [75].   Bucy, supra note 12, at 1180 (arguing that an attribution rule should “target only the morally culpable corporation”); Fisse, supra note 53, at 1181 (defending a backwards-looking model of corporate fault).

     [76].   Consideration of compliance efforts is, however, built into both sentencing determinations and prosecutorial decision-making. U.S. Sent’g Guidelines Manual §§ 8D1.4(b), 8C2.5(f) (U.S. Sent’g Comm’n 2016); U.S. Dep’t of Just., Just. Manual § 9-28.800 (2018).

     [77].   See Jennifer Arlen, The Potentially Perverse Effects of Corporate Criminal Liability, 23 J. Legal Stud. 833, 836 (1994); see also William S. Laufer, Corporate Liability, Risk Shifting, and the Paradox of Compliance, 52 Vand. L. Rev. 1341, 1410 (1999).

     [78].   See Arlen, supra note 77, at 843.

     [79].   Jennifer Arlen & Reinier Kraakman, Controlling Corporate Misconduct: An Analysis of Corporate Liability Regimes, 72 N.Y.U. L. Rev. 687, 693 (1997).

     [80].   See V.S. Khanna, Is the Notion of Corporate Fault a Faulty Notion?: The Case of Corporate Mens Rea, 79 B.U. L. Rev. 355, 378–80 (1999).

     [81].   See id. at 379.

     [82].   E.g., United States v. Automated Med. Lab’ys, Inc., 770 F.2d 399, 407 (4th Cir. 1985) (upholding corporate conviction despite predicate individual offender acting “contrary to corporate policy”); accord United States v. Basic Constr. Co., 711 F.2d 570, 573 (4th Cir. 1983); United States v. Hilton Hotels Corp., 467 F.2d 1000, 1004 (9th Cir. 1972). See generally James V. Dolan & Richard S. Rebeck, Note, Corporate Criminal Liability for Acts in Violation of Company Policy, 50 Geo. L.J. 547, 548–49 (1962).

     [83].   Bucy, supra note 12, at 1154 (“The cases where a corporate agent commits the criminal acts in disregard of corporate policy or express instructions most dramatically reveal the infirmities of the current standards of liability.”).

     [84].   But see David Luban, A Flawed Case Against Punitive Damages, 87 Geo. L.J. 359, 373 (1998) (“[I]n some cases (not all) I think that the corporation clearly deserves the blame for creating a climate that encourages rogue behavior.”).

     [85].   Mueller, supra note 45, at 44.

     [86].   Id.

     [87].   Moore v. United States, 160 U.S. 268, 269 (1895) (listing the elements of embezzlement).

     [88].   But see Standard Oil Co. of Tex. v. United States, 307 F.2d 120, 128–29 (5th Cir. 1962) (reversing corporate conviction where defendant was to be the victim of underlying theft).

     [89].   138 F.3d 961, 963–64 (D.C. Cir. 1998).

     [90].   Id. (affirming conviction for honest services fraud).

     [91].   See Michelle Madden Dempsey, Decriminalizing Victims of Sex Trafficking, 52 Am. Crim. L. Rev. 207, 207–08 (2015).

     [92].   See generally Adam J. Kolber, Punishment and Moral Risk, 2018 U. Ill. L. Rev. 487, 527.

     [93].   Douglas Husak, Overcriminalization: The Limits of the Criminal Law (2008); Todd Haugh, Overcriminalization’s New Harm Paradigm, 68 Vand. L. Rev. 1191, 1199 (2015). But see Buell, supra note 30, at 1554 (“Overbreadth . . . is not itself a problem.”).

     [94].   Of course, the criminal law has a separate problem concerning the expansion of strict liability crimes. See W. Robert Thomas, Note, On Strict Liability Crimes: Preserving a Moral Framework for Criminal Intent in an Intent-Free Moral World, 110 Mich. L. Rev. 647, 659 (2012). The intersection of strict individual liability and vicarious entity liability, then, is a worrisome combination.

     [95].   Buell, supra note 30, at 1557.

     [96].   See Benjamin Levin, Mens Rea Reforms and Its Discontents, 109 J. Crim. L. & Criminology 491, 499 (2019).

     [97].   Id. at 529; Peter J. Henning, Making It Harder To Prove White-Collar Crimes, N.Y. Times: DealBook (Nov. 30, 2015), [].

     [98].   Buell, supra note 30, at 1557.

     [99].   Bibas, supra note 30, at 371–73.

     [100]. Id.; Buell, supra note 30, at 1557.

     [101]. See generally Kenneth Culp Davis, Discretionary Justice: A Preliminary Inquiry (1969); Stuntz, supra note 31.

     [102]. U.S. Dep’t of Just., supra note 76, §§ 9-28.000–.300; Memorandum from Eric H. Holder, Deputy Att’y Gen., to All Component Heads and U.S. Att’ys (June 16, 1999), [] (amended by McNulty Memo, Thompson Memo, Filip Memo, and Yates Memo).

     [103]. See Miriam H. Baer, Organizational Liability and the Tension Between Corporate and Criminal Law, 19 J.L. & Pol’y 1, 8 (2010).

     [104]. Brandon L. Garrett, Globalized Corporate Prosecutions, 97 Va. L. Rev. 1775, 1796 (2011); accord Samuel W. Buell, Why Do Prosecutors Say Anything? The Case of Corporate Crime, 96 N.C. L. Rev. 823, 826 (2018).

     [105]. Laufer & Strudler, supra note 32, at 1311.

     [106]. See Buell, supra note 104, at 845 (detailing lobbying efforts against prosecutors); Garrett, supra note 11, at 880–81.

     [107]. United States v. Stein, 435 F. Supp. 2d 330, 335–36 (S.D.N.Y. 2006) (tracing the history of employee indemnification).

     [108]. See id. For an accounting of this and adjacent disputes between the white-collar bar and the Justice Department, see generally Michael L. Seigel, Corporate America Fights Back :The Battle over Waiver of the Attorney-Client Privilege, 49 B.C. L. Rev. 1 (2008).

     [109]. Memorandum from Mark R. Filip, Deputy Att’y Gen., to Heads of Dep’t Components and U.S. Att’ys 13 (Aug. 28, 2008), [].

     [110]. John C. Coffee, Jr., “No Soul To Damn: No Body To Kick”: An Unscandalized Inquiry into the Problem of Corporate Punishment, 79 Mich. L. Rev. 386, 390 (1981).

     [111]. Id. at 388–89.

     [112]. Miriam H. Baer, Law Enforcement’s Lochner, 105 Minn. L. Rev. (forthcoming 2021); Michael Elston, Cooperation with the Government Is Good for Companies, Investors, and the Economy, 44 Am. Crim. L. Rev. 1435, 1437–38 (2007); Lisa Kern Griffin, Inside-Out Enforcement, in Prosecutors in the Boardroom 110, 113 (Anthony S. Barkow & Rachel E. Barkow eds., 2011).

     [113]. See infra Parts III.B, IV.

     [114]. E.g., Richard A. Epstein, Deferred Prosecution Agreements on Trial: Lessons from the Law of Unconstitutional Conditions, in Prosecutors in the Boardroom, supranote 112, at 38, 45.

     [115]. See Beale, supra note 11, at 1504; Kyle Noonan, Note, The Case for a Federal Corporate Charter Revocation Penalty, 80 Geo. Wash. L. Rev. 602, 608–09 (2012); cf. David M. Uhlmann, Deferred Prosecution and Non-Prosecution Agreements and the Erosion of Corporate Criminal Liability, 72 Md. L. Rev. 1295, 1322 (2013) (“There is no indication of [serious] collateral consequences in the overwhelming majority of cases resolved by deferred prosecution and non-prosecution agreements.”).

     [116]. E.g., Gabriel J. Chin, The New Civil Death: Rethinking Punishment in the Era of Mass Conviction, 160 U. Pa. L. Rev. 1789 (2012).

     [117]. E.g., Jesse Eisinger, The Chickenshit Club: Why the Justice Department Fails To Prosecute Executives 31–37 (2017) (discussing the continuing impact of the collapse of Arthur Andersen on the Justice Department’s prosecutorial culture).

     [118]. Id.

     [119]. Waivers of Disqualification Under Regulation A and Rules 505 and 506 of Regulation D, SEC: Div. of Corp. Fin., [] (Mar. 13, 2015); Public Statement, Allison Herren Lee, Acting Chair, SEC, Contingent Settlement Offers (Feb. 11, 2021),[].

     [120]. See supra notes 49–57 and accompanying text.

     [121]. D.E. Cooper, Collective Responsibility, 43 Philosophy 285 (1968), reprinted in Collective Responsibility: Five Decades of Debate in Theoretical & Applied Ethics 35, 35 (Larry May & Stacey Hoffman eds., 1992) (“The obvious point is that responsibility is ascribed to collectives, as well as to individual persons.”); accord Deborah Perron Tollefsen, Participant Reactive Attitudes and Collective Responsibility, 6 Phil. Expls. 218, 224 (2003) (“We do not reserve our reactive attitudes for individuals. We unleash our indignation and resentment on collectives themselves.”).

     [122]. We may be quicker to blame organizations than praise them, but this asymmetry is both common to and a defensible feature of our normative practices generally. Dana K. Nelkin, Responsibility and Rational Abilities: Defending an Asymmetrical View, 89 Pac. Phil. Q. 497, 499 (2008). Relevant to for-profit entities, there does seem to be a view that a profit motivation is not praiseworthy; greed may be good, but it does not appear to be particularly praiseworthy. See Scanlon, supra note 51, at 161–62.

     [123]. Samuel W. Buell, The Responsibility Gap in Corporate Crime, 12 Crim. L. & Phil. 471, 488–89 (2018) (“We speak comfortably and commonly about what Exxon or Pfizer or Bank of America or Walmart or Penn State or the Catholic church did.”).

     [124]. Thomas F. Denson et al., The Roles of Entitativity and Essentiality in Judgments of Collective Responsibility, 9 Grp. Processes & Intergroup Rels. 43, 56 (2006); Arthur S. Jago & Jeffrey Pfeffer, Organizations Appear More Unethical than Individuals, 160 J. Bus. Ethics 71, 83 (2019).

     [125]. E.g., Adrianna C. Jenkins et al., The Neural Bases of Directed and Spontaneous Mental State Attributions to Group Agents, 9 PLOS One 1, 9 (2014); Mark Plitt et al., Are Corporations People Too? The Neural Correlates of Moral Judgments About Companies and Individuals, 10 Soc. Neuroscience 113, 118 (2015).

     [126]. Steven J. Sherman & Elise J. Percy, The Psychology of Collective Responsibility: When and Why Collective Entities Are Likely To Be Held Responsible for the Misdeeds of Individual Members, 19 J.L. & Pol’y 137, 151 (2010) (emphasis omitted); Denson et al., supra note 124, at 45 (“The term entitativity was coined by [Donald] Campbell . . . . [and] has been shown to predict group-based responsibility.” (citing Donald T. Campbell, Common Fate, Similarity, and Other Indices of the Status of Aggregates of Persons as Social Entities, 3 Behav. Sci. 14 (1958))).

     [127]. Anna-Kaisa Newheiser & John F. Dovidio, High Outgroup Entitativity Can Inhibit Intergroup Retribution, 54 Brit. J. Soc. Psych. 341, 342 (2015).

     [128]. Sherman & Percy, supra note 126, at 149. At least, this is true for blame. Tage S. Rai & Daniel Diermeier, Corporations Are Cyborgs: Organizations Elicit Anger but Not Sympathy When They Can Think but Cannot Feel, 126 Org. Behav. & Hum. Decision Processes 18, 24 (2015); cf. Anna-Kaisa Newheiser et al., Why Do We Punish Groups? High Entitativity Promotes Moral Suspicion, 48 J. Experimental Soc. Psych. 931, 935 (2012).

     [129]. Manuel Velasquez, Debunking Corporate Moral Responsibility, 13 Bus. Ethics. Q. 531 (2003); see Sepinwall, supra note 49, at 5 (collecting citations).

     [130]. Adam Waytz & Liane Young, The Group-Member Mind Trade-Off: Attributing Mind to Groups Versus Group Members, 23 Psych. Sci. 77, 78 (2012).

     [131]. See supra text accompanying notes 1–6.

     [132]. See supra text accompanying notes 124–129.

     [133]. Sherman & Percy, supra note 126, at 164–68; accord Jago & Pfeffer, supra note 124, at 83.

     [134]. Indeed, so fundamental is this observation that it forms the foundation of Peter French’s original theory of corporate moral responsibility. See supra note 50.

     [135]. Herbert A. Simon, Rational Choice and the Structure of the Environment, in Models of Man 261 (1957); Roy Radner, Bounded Rationality, Indeterminacy, and the Theory of the Firm, 106 Econ. J. 1360, 1362–68 (1996).

     [136]. Margaret M. Blair & Lynn A. Stout, A Team Production Theory of Corporate Law, 85 Va. L. Rev. 247, 266 (1999); Susan G. Cohen & Diane E. Bailey, What Makes Teams Work: Group Effectiveness Research from the Shop Floor to the Executive Suite, 23 J. Mgmt. 239, 241 (1997); Raghuram G. Rajan & Luigi Zingales, Power in a Theory of the Firm, 113 Q. J. Econ. 387 (1998); see also Armen A. Alchian & Harold Demsetz, Production, Information Costs, and Economic Organization, 62 Am. Econ. Rev. 777, 779–80 (1972).

     [137]. Masahiko Aoki, Corporations in Evolving Diversity: Cognition, Governance, and Institutions 19–63 (2008) (discussing corporate cognition).

     [138]. Kenneth J. Arrow, The Limits of Organization 63–79 (1974); Stephen Bainbridge, The New Corporate Governance in Theory and Practice 37–63 (2008).

     [139]. Sherman & Percy, supra note 126, at 170.

     [140]. Cf. David Lewis, The Punishment that Leaves Something to Chance, 18 Phil. & Pub. Affs. 53, 54 (1989) (objecting to criminal law justifications grounded on demands of blood).

     [141]. Albert W. Alschuler, Two Ways To Think About the Punishment of Corporations, 46 Am. Crim. L. Rev. 1359 (2009); John Hasnas, The Centenary of a Mistake: One Hundred Years of Corporate Criminal Liability, 46 Am. Crim. L. Rev. 1329 (2009); Michael McKenna, Collective Responsibility and an Agent Meaning Theory, 30 Midwest Stud. Phil. 16, 23–29 (2006).

     [142]. See supra text accompanying notes 129–139.

     [143]. See Albert W. Alschuler, Ancient Law and the Punishment of Corporations: Of Frankpledge and Deodand, 71 B.U. L. Rev. 307, 313 (1991).

     [144]. For an overview of competing metaethical theories, see Stephen Darwall et al., Moral Discourse and Practice: Some Philosophical Approaches (1997).

     [145]. Peter Strawson, Freedom and Resentment, 48 Proc. Brit. Acad. 187, 210 (1962); see, e.g., R.J. Wallace, Responsibility and the Moral Sentiments (1998) (developing a Strawsonian account of moral responsibility independent on metaphysics).

     [146]. Cf. Tollefsen, supra note 121, at 225 (“[T]o look for a metaphysical fact to justify our [organizational] attitudes would be to commit the very mistake that the determinists or utilitarian compatibilists make when they attempt to justify our reactive attitudes toward individuals.”).

     [147]. While few believe the two are entirely divorced, nevertheless the consensus view is that resolving metaethical disputes is unlikely to dictate the contours of our moral judgments. See Geoff Sayre-McCord, Metaethics, Stan. Encyc. Phil. (Jan. 26, 2012), [].

     [148]. E.g., Richard Joyce, The Myth of Morality, at x–xii (2001); Caroline West, Business as Usual? The Error Theory, Internalism, and the Function of Morality, in A World Without Values 183 (Richard Joyce & Simon Kirchin eds., 2010).

     [149]. E.g., Assaf Hamdani & Alon Klement, Corporate Crime and Deterrence, 61 Stan. L. Rev. 271, 290–98 (2008); Kathleen F. Brickey, Corporate Criminal Accountability: A Brief History and an Observation, 60 Wash. U. L.Q. 393, 423 (1982).

     [150]. E.g., Peter A. French, The Hester Prynne Sanction, 4 Bus. & Pro. Ethics J. 19, 22–23 (1985); Gregory M. Gilchrist, The Expressive Cost of Corporate Immunity, 64 Hastings L.J. 1, 42–50 (2012); David M. Uhlmann, The Pendulum Swings: Reconsidering Corporate Criminal Prosecution, 49 U.C. Davis L. Rev. 1235, 1259–67 (2016).

     [151]. E.g., Regina A. Robson, Crime and Punishment: Rehabilitating Retribution as a Justification for Organizational Criminal Liability, 47 Am. Bus. L.J. 109, 110 (2010); see also Diamantis, supra note 51, at 2049; W. Robert Thomas, The Ability and Responsibility of Corporate Law To Improve Criminal Fines, 78 Ohio St. L.J. 601, 608–17 (2017).

     [152]. E.g., Mihailis E. Diamantis, Clockwork Corporations: A Character Theory of Corporate Punishment, 103 Iowa L. Rev. 507, 509 (2018); Peter J. Henning, Corporate Criminal Liability and the Potential for Rehabilitation, 46 Am. Crim. L. Rev. 1417 passim (2009).

     [153]. E.g., W. Robert Thomas, Incapacitating Criminal Corporations, 72 Vand. L. Rev. 905 passim (2019); Steven Walt & William S. Laufer, Corporate Criminal Liability and the Comparative Mix of Sanctions, in White-Collar Crime Reconsidered 309, 320–23 (Kip Schlegel & David Weisburd eds., 1992).

     [154]. E.g., Alschuler, supra note 141, at 1372; Hasnas, supra note 141, at 1354; V.S. Khanna, Corporate Criminal Liability: What Purpose Does It Serve?, 109 Harv. L. Rev. 1477, 1489 (1996); Jeffrey S. Parker, Doctrine for Destruction: The Case of Corporate Criminal Liability, 17 Managerial & Decision Econ. 381, 382 (1996).

     [155]. For an overview and taxonomy of approaches taken, see W. Robert Thomas, Making Sense of Corporate Criminals: A Tentative Taxonomy, 17 Geo. J.L. & Pub. Pol’y 775 (2019).

     [156]. See John Rawls, Two Concepts of Rules, 64 Phil. Rev. 3, 16 (1955) (articulating the criminal law’s institutional responsibility to reflect settled expectations); accordT.M. Scanlon, Punishment and the Rule of Law, in The Difficulty of Tolerance: Essays in Political Philosophy 223 (2003); see also Vincent Chiao, Criminal Law in the Age of the Administrative State 35–70 (2018) (prioritizing criminal law’s role in stabilizing social cooperation).

     [157]. See supra text accompanying notes 149–154.

     [158]. See Robson, supra note 151; see also Diamantis, supra note 51, at 2049.

     [159]. See, e.g., Newheiser et al., supra note 128, at 935 (discussing perceptions towards minority groups); cf. Kate Mann, Down Girl: The Logic of Misogyny, at xvi–xix (2018) (framing misogynist complaints as Strawsonian reactive attitudes).

     [160]. E.g., Husak, supra note 93; Sanford H. Kadish, Legal Norm and Discretion in the Police and Sentencing Processes, 75 Harv. L. Rev. 904, 909–10 (1962) (coining the term “overcriminalization”). See generally Benjamin Levin, The Consensus Myth in Criminal Justice Reform, 117 Mich. L. Rev. 259 (2018) (identifying overlapping decriminalization movements within contemporary criminal justice reforms).

     [161]. Duff, supra note 17, at 64; Bero & Sarch, supra note 70, at 403–04; see also Matt Levine, Everything Everywhere Is Securities Fraud, Bloomberg Op.: Money Stuff(June 26, 2019, 9:01 AM), [].

     [162]. A similar discussion concerns whether and when to extend the procedural protections of the ordinary criminal law to corporations. See Baer, supra note 112.

     [163]. By contrast, jurisdictions like the United Kingdom have adopted specific laws distinguishing corporate manslaughter from the crime of manslaughter committed by individuals. See generally Steve Tombs, The UK’s Corporate Killing Law: Un/fit for Purpose?, 18 Criminology & Crim. Just. 488 passim (2018).

     [164]. Marcus, supra note 10, at 1193–94; cf. David D Caron, The Basis of Responsibility: Attribution and Other Trans-Substantive Rules, in The Iran-United States Claims Tribunal: Its Contributions to the Law of State Responsibility 109, 128 (Richard B. Lillich, Daniel Barstow Magraw & David J. Bederman eds., 1998) (“The rules of attribution are thus a set of trans-substantive rules that delineate one of the potential boundaries of State responsibility.”).

     [165]. See generally Todd Haugh, The Power Few of Corporate Compliance, 53 Ga. L. Rev. 129 passim (2018) (discussing Wells Fargo and enforcement responses).

     [166]. Cf. Emily Flitter, The Price of Wells Fargo’s Fake Account Scandal Grows by $3 Billion, N.Y. Times (Feb. 21, 2020), [] (discussing criminal charges).

     [167]. Michael Muskal, BP Pleads Guilty to Manslaughter in 2010 Gulf Oil Spill, L.A. Times (Jan. 29, 2013, 12:00 AM), [‌9ABN-G2QE].

     [168]. Nat’l Comm’n on the BP Deepwater Horizon Oil Spill & Offshore Drilling, Deep Water: The Gulf Oil Disaster and the Future of Offshore Drilling, at vii (2011), [].

     [169]. Pierre Thomas, Lisa A. Jones, Jack Cloherty & Jason Ryan, BP’s Dismal Safety Record, ABC News (May 27, 2010. 12:56 PM), [].

     [170]. See generally Brandon L. Garrett, Too Big To Jail: How Prosecutors Compromise with Corporations 117–46 (2014).

[171].  Nat’l Comm’n on the BP Deepwater Horizon Oil Spill & Offshore Drilling, supra note 168.

     [172]. J. Edward Moreno, PG&E Pleads Guilty to 84 Felony Counts of Involuntary Manslaughter in 2018 Camp Fire, Hill (June 16, 2020, 6:08 PM), []. PG&E’s conviction here occurred in state, not federal court; however, this distinction does not impact the instant discussion.

     [173]. Eric Ting, Why Is It Called the Camp Fire? How California’s Most Destructive Wildfire Got Its Name, SFGate (July 18, 2019, 9:57 AM), [https://‌]; Steve Gorman, Probe Finds PG&E Power Lines Sparked Deadly 2017 California Wildfires, Reuters (June 8, 2018, 5:33 PM) [].

     [174]. Morgan McFall-Johnsen, Over 1,500 California Fires in the Past 6 Years—Including the Deadliest Ever—Were Caused by One Company: PG&E. Here’s What It Could Have Done but Didn’t., Bus. Insider (Nov. 3, 2019, 2:52 AM), [].

     [175]. See Russell Gold & Katherine Blunt, This Old Metal Hook Could Determine Whether PG&E Committed a Crime, Wall St. J. (Mar. 8, 2020, 5:30 AM), [].

     [176]. Muskal, supra note 167; Phil Helsel, PG&E Pleads Guilty to 84 Counts of Manslaughter in Devastating Camp Fire, NBC News (June 16, 2020, 10:23 PM), [].

     [177]. Clifford Krauss, In BP Indictments, U.S. Shifts To Hold Individuals Accountable, N.Y. Times (Nov. 15, 2012), [].

     [178]. Margaret Gilbert, Who’s To Blame? Collective Moral Responsibility and Its Implications for Group Members, 30 Midwest Stud. Phil. 94, 109 (2006); see alsoChristopher Kutz, Complicity: Ethics and Law for a Collective Age 205 (2000) (arguing that judgments of organizational fault “cannot be further localized” to specific individuals).

     [179]. See generally H.L.A. Hart, Postscript: Responsibility and Retribution, in Punishment and Responsibility: Essays in the Philosophy of Law 210, 210–23 (2008) (canvassing different notions of responsibility used in the law).

     [180]. Matthew Talbert, Moral Responsibility, Stan. Encyc. Phil. (Oct. 16, 2019), [] (“[W]e cannot infer moral responsibility from an assignment of causal responsibility.”). This distinction is an old one; see Gary Watson, Two Faces of Responsibility, 24 Phil. Topics 227, 232 (1996) (citing Christian August Crucius, Guide to Rational Living (1744), reprinted in 2 Johns Hopkins Univ., Moral Philosophy from Montaigne to Kant568, 570–71 (J.B. Schneewind ed., 1990)).

     [181]. For a canvassing of entailments, see Carolina Sartorio, Causation and Responsibility, 2 Phil. Compass 749, 750 (2007). See generally Susan Wolf, Freedom Within Reason 40–41 (1990).

     [182]. E.g., Michael E. Bratman, Responsibility and Planning, in Faces of Intention: Selected Essays on Intention and Agency 165, 188 (1999) (arguing that collective attitudes are always reducible to the contributions of individual members); cf. Margaret Gilbert, Sociality and Responsibility: New Essays in Plural Subject Theory 3 (2000) (agreeing that an account of group agency does not require positing an “ontologically suspect kind of ‘social spirit’ or ‘group mind’”).

     [183]. Jon Elster, The Case for Methodological Individualism, 11 Theory & Soc’y 453, 453 (1982). See generally Joseph Heath, Methodological Individualism, Stan. Encyc. Phil. (Apr. 27, 2020), [].

     [184]. Cooper, supra note 121, at 38.

     [185]. Id.

     [186]. This point is not lost on methodological individualists, who employ the reductive assumption selectively. For a classic example, economists routinely model behavior at the household level—not because they believe the family is an irreducibly collective organization but because the enormous complexity that this further reduction would add is not worth the explanatory candle. Jon Elster, Explaining Social Behavior: More Nuts and Bolts for the Social Sciences 13 (1st ed. 2007); see Petri Ylikoski, Methodological Individualism, in The Routledge Companion to Philosophy of Social Science 135, 138–40 (Lee McIntyre & Alex Rosenberg eds., 2017).

     [187]. Frank Jackson & Philip Pettit, In Defense of Explanatory Ecumenism, 8 Econ & Phil. 1, 7–10 (1992).

     [188]. See id.

     [189]. Remember, it is not intended to be making a metaphysical point at all. See supra Part II.A.2. For an account focusing on the metaphysics of accountability, see, for example, Harry Frankfurt, The Importance of What We Care About, 53 Synthese 257, 271 (1982).

     [190]. William Robert Thomas, How and Why Should the Criminal Law Punish Corporations? 76 (2015) (Ph.D. dissertation, University of Michigan), [‌5XLZ-JK4F]; Andrew Harris, Ex-DocX President Pleads Guilty in Florida in Robo-Sign Case, Bloomberg (Nov. 20, 2012, 4:46 PM), [].

     [191]. Ryan Chittum, NYT: Criminal Charges in the Foreclosure Scandal, Colum. Journalism Rev. (Feb. 7, 2012), []; Ariana Eunjung Cha & Brady Dennis, Under Piles of Paperwork, a Foreclosure System in Chaos, Wash. Post (Sept. 23, 2010), [].

     [192]. Thomas, supra note 190, at 77; Harris, supra note 190; Drew Harwell, Former Florida Mortgage Executive Pleads Guilty to Widespread Robo-Signing, Tampa Bay Times (Nov. 20, 2012), [].

     [193]. Harris, supra note 190.

     [194]. See supra notes 2–8; see also Complaint at paras. 30–35, SEC v. Balwani, No. 5:18-cv-01603 (N.D. Cal. Mar. 14, 2018), [] (discussing the use of “code names” to “ensur[e] that even other Theranos employees would not know” about efforts to cover up Theranos’ product failures).

     [195]. See supra Part II.A.

     [196]. Amy C. Lewis & Steven J. Sherman, Perceived Entitativity and the Black-Sheep Effect: When Will We Denigrate Negative Ingroup Members?, 150 J. Soc. Psych.211, 213 (2010); see also Sherman & Percy, supra note 126, at 163–64.

     [197]. Waytz & Young, supra note 130, at 83.

     [198]. See infra Part III.B.

     [199]. See supra text accompanying notes 196–198.

     [200]. 1 Wayne R. LaFave, Substantive Criminal Law § 1.2 (3d ed. 2017).

     [201]. See Cristina De Maglie, Models of Corporate Criminal Liability in Comparative Law, 4 Wash. U. Glob. Stud. L. Rev. 547, 553 (2005).

     [202]. 15 U.S.C. § 78dd-1.

     [203]. See id. § 78dd-1(a) (prohibiting “authorization of the payment of any money”).

     [204]. Margaret Gilbert, Corporate Misbehavior and Collective Values, 70 Brook. L. Rev. 1369, 1376 (2005).

     [205]. We can equally imagine a variant of this example where some act by a single director did satisfy the statutory requirements—although, it should strike us as an odd, factually contingent turn of events if in every case of organizational wrongdoing there happened to be an identifiable individual who also (or “really”) committed the predicate offense. For more, see infra Part III.B.

     [206]. See supra notes 62–67.

     [207]. See, e.g., Sarch, supra note 15, at 247–80.

     [208]. See generally Derik T. Fettig, Who Knew What When? A Critical Analysis of the Expanding Collective Knowledge Doctrine, 82 UMKC L. Rev. 663 (2014).

     [209]. But see infra Part IV (defending such an outcome).

     [210]. List & Pettit, supra note 51, at 22; see also Philip Pettit, Responsibility Incorporated, 117 Ethics 171, 177–92 (2007).

     [211]. See Edward B. Rock, The Corporate Form as a Solution to a Discursive Dilemma, 162 J. Institutional & Theoretical Econ. 57, 68 (2006).

     [212]. See Philip Pettit, Deliberative Democracy and the Discursive Dilemma, 11 Phil. Issues 268, 272–76 (2001).

     [213]. Alexander Sarch, Who Cares What You Think? Criminal Culpability and the Irrelevance of Unmanifested Mental States, 36 Law & Phil. 707, 711–14 (2017); Gabriel S. Mendlow, Why Is It Wrong To Punish Thought?, 127 Yale L.J. 2342, 2345–46 (2018).

     [214]. Elizabeth S. Anderson & Richard H. Pildes, Expressive Theories of Law: A General Restatement, 148 U. Pa. L. Rev. 1503, 1522–23 (2000); Thomas, supra note 15.

     [215]. See, e.g., Harwell, supra note 192.

     [216]. See supra text accompanying note 192.

     [217]. See Carreyrou, supra note 1, at 85.

     [218]. See generally Haugh, supra note 165.

     [219]. Jack Nicas, Natalie Kitroeff, David Gelles & James Glanz, Boeing Built Deadly Assumptions into 737 Max, Blind to a Late Design Change, N.Y. Times (June 1, 2019), [].

     [220]. E.g., Buell, supra note 123, at 471–73; Peter J. Henning, Why It Is Getting Harder To Prosecute Executives for Corporate Misconduct, 41 Vt. L. Rev. 503, 508 (2017); David M. Uhlmann, Crimes on the Gulf, 53 Law Quadrangle Notes 31, 32 (2010).

     [221]. Uhlmann, supra note 220, at 32 (discussing the difficulty in finding “individuals with enough supervisory responsibility and personal involvement” (emphasis added)).

     [222]. See infra Part III.B; see also Todd Haugh, The Most Senior Wall Street Official: Evaluating the State of Financial Crisis Prosecutions, 9 Va. L. & Bus. Rev. 153, 168 (2015).

     [223]. See supra Part I.C.

     [224]. Thomas, supra note 151, at 639. For an argument that this problem disproportionately harms low-level employees, see id. at 618–19.

     [225]. See supra text accompanying notes 133–138.

     [226]. Alchian & Demsetz, supra note 136, at 779; see Barton H. Hamilton et al., Team Incentives and Worker Heterogeneity: An Empirical Analysis of the Impact of Teams on Productivity and Participation, 111 J. Pol. Econ. 465, 470–71 (2003) (noting that disaggregation is not merely a summation problem).

     [227]. Bucy, supra note 12, at 1119 (“[I]t is often difficult to decipher which individuals within an organization are responsible for the criminal act.”); Orts, supra note 51, at 135 (“[O]rganizational complexity can obscure the necessary lines of legal proof and evidence gathering.”). See generally Todd R. Zenger, Explaining Organizational Diseconomies of Scale in R&D: Agency Problems and the Allocation of Engineering Talent, Ideas, and Effort by Firm Size, 40 Mgmt. Sci. 708 (1994).

     [228]. Alchian & Demsetz, supra note 136, at 779–80.

     [229]. Blair & Stout, supra note 136, at 249; see also Margaret M. Blair & Lynn A. Stout, Team Production in Business Organizations: An Introduction, 24 J. Corp. L. 743 passim (1999); Margaret M. Blair, Reforming Corporate Governance: What History Can Teach Us, 1 Berkeley Bus. L.J. 1, 6–7 (2004); Margaret M. Blair et al., Outsourcing, Modularity, and the Theory of the Firm, 2011 BYU L. Rev. 263, 275.

     [230]. Blair & Stout, supra note 136, at 265–66.

     [231]. E.g., Bainbridge, supra note 138, at 60–65; Stephen M. Bainbridge, Director Primacy: The Means and Ends of Corporate Governance, 97 Nw. U. L. Rev. 547, 595 (2003); see also John C. Coates IV, Measuring the Domain of Mediating Hierarchy: How Contestable Are U.S. Public Corporations?, 24 J. Corp. L. 837 passim (1999).

     [232]. Bainbridge, supra note 138, at 63.

     [233]. List & Pettit, supra note 51, at 76–78. For a formal proof that nonseparability is not generally solvable, see Bengt Holmstrom, Moral Hazard in Teams, 13 Bell J. Econ. 324, 326 (1982).

     [234]. For an argument that the team production model supports prosecuting corporate executives, rather than the corporation itself, see Amy J. Sepinwall, Crossing the Fault Line in Corporate Criminal Law, 40 J. Corp. L. 439 passim (2015).

     [235]. See supra Part II.B.

     [236]. Ryan Copus et al., Big Data, Machine Learning, and the Credibility Revolution in Empirical Legal Studies, in Law as Data: Computation, Text, & the Future of Legal Analysis 21, 23–24 (Michael A. Livermore & Daniel N. Rockmore eds., 2019) (“Machine learning is not a specific research tool; it is a catch-all term that refers to any method that features learning by a machine about quantitative data.” (emphasis omitted)).

     [237]. Michael Hilb, Toward Artificial Governance? The Role of Artificial Intelligence in Shaping the Future of Corporate Governance, 24 J. Mgmt. & Governance 851, 851–52 (2020).

     [238]. See Eric M. Schwartz et al., Customer Acquisition via Display Advertising Using Multi-Armed Bandit Experiments, 36 Mktg. Sci. 500 (2017).

     [239]. E.g., Dan Wellers et al., 8 Ways Machine Learning Is Improving Companies’ Work Processes, Harv. Bus. Rev. (May 31, 2017), []; see also Michael S. Weisbach, Selecting Directors Using Machine Learning, Harv. L. Sch. F. on Corp. Governance (Apr. 9, 2018), [].

     [240]. E.g., Yang Bao et al., Detecting Accounting Fraud in Publicly Traded U.S. Firms Using a Machine Learning Approach, 58 J. Acct. Rsch. 199 (2019); Andrea Dal Pozzolo et al., Learned Lessons in Credit Card Fraud Detection from a Practitioner Perspective, 41 Expert Sys. with Applications 4915 (2014); Johan Perols, Financial Statement Fraud Detection: An Analysis of Statistical and Machine Learning Algorithms, 30 Auditing 19 (2011); Fraud Detection and Machine Learning: What You Need To Know, SAS, [].

     [241]. See generally Thyago P. Carvalho et al., A Systematic Literature Review of Machine Learning Methods Applied to Predictive Maintenance, Computs. & Indus. Eng’g, Nov. 2019, at 1.

     [242]. Louis Columbus, 10 Ways Machine Learning Is Revolutionizing Supply Chain Management, Forbes (June 11, 2018, 12:42 AM), [].

     [243]. See generally Joshua A. Kroll et al., Accountable Algorithms, 165 U. Pa. L. Rev. 633 (2017).

     [244]. Benjamin Kuipers, Professor of Comput. Sci. & Eng’g, Univ. of Mich., Conference Presentation at the Collective Intelligence Conference: An Existing, Ecologically Successful Genus of Collectively Intelligent Artificial Creatures (Apr. 18, 2012), [].

     [245]. E.g., Thomas C. King et al., Artificial Intelligence Crime: An Interdisciplinary Analysis of Foreseeable Threats and Solutions, 26 Sci. & Eng’g Ethics 89 (2019); Ryan Abbott & Alex Sarch, Punishing Artificial Intelligence: Legal Fiction or Science Fiction, 53 U.C. Davis L. Rev. 323, 335–66 (2019). See generally Gabriel Hallevy, Liability for Crimes Involving Artificial Intelligence Systems (2015).

     [246]. Mihailis E. Diamantis, The Extended Corporate Mind: When Corporations Use AI To Break the Law, 98 N.C. L. Rev. 893, 916–21 (2020).

     [247]. See supra Part II.B.

     [248]. Copus et al., supra note 236, at 23–30.

     [249]. Andrew D. Selbst & Solon Barocas, The Intuitive Appeal of Explainable Machines, 87 Fordham L. Rev. 1085, 1094 (2018).

     [250]. Cynthia Rudin, Stop Explaining Black Box Machine Learning Models for High Stakes Decisions and Use Interpretable Models Instead, 1 Nature Mach. Intel. 206 passim (2019).

     [251]. See generally Ryan W. Copus, Statistical Precedent: Allocating Judicial Attention, 73 Vand. L. Rev. 605, 658 (2020).

     [252]. Jenna Burrell, How the Machine ‘Thinks’: Understanding Opacity in Machine Learning Algorithms, Big Data & Soc’y, Jan.–June 2016, at 1, 3–5 (distinguishing different types of opacity).

     [253]. Id. at 5.

     [254]. See Mark Fenwick & Erik P.M. Vermeulen, Technology and Corporate Governance: Blockchain, Crypto, and Artificial Intelligence, 48 Tex. J. Bus. L. 1, 11 (2019).

     [255]. See Abbott & Sarch, supra note 245, at 327–28; Mihailis Diamantis, Algorithms Acting Badly: A Solution from Corporate Law, 89 Geo. Wash. L. Rev. (forthcoming 2021) (manuscript at 18).

     [256]. See supra text accompanying notes 220–222.

     [257]. Burrell, supra note 252, at 3–4.

     [258]. See Robin Teigland et al., Balancing on a Tightrope: Managing the Boundaries of a Firm-Sponsored OSS Community and Its Impact on Innovation and Absorptive Capacity, 24 Info. & Org. 25, 25–27 (collecting examples).

     [259]. See supra Part I.C.

     [260]. Buell, supra note 48, at 487.

     [261]. See supra Part I.B.

     [262]. See United States v. Fokker Servs. B.V., 818 F.3d 733, 741–42 (D.C. Cir. 2016).

     [263]. 28 C.F.R. § 50.2 (2021); U.S. Dep’t of Just., supra note 76, §§ 1-7.001, 1-7.610.

     [264]. Shane Frick, “Ice” Capades: Restitution Orders and the FCPA, 12 Rich. J. Glob. L. & Bus. 433, 436–37 (2013); Karen Woody, “Declinations with Disgorgement” in FCPA Enforcement, 51 U. Mich. J.L. Reform 269, 270–72 (2018).

     [265]. A particularly vivid breach of this norm occurred during the 2016 U.S. Presidential election. Dan Mangan & Kevin Breuninger, Ex-FBI Director Comey Violated DOJ Policies in Handling Trump Memos, Inspector General Says, CNBC (Aug. 29, 2019, 3:21 PM), [].

     [266]. U.S. Sent’g Comm’n, 2017 Sourcebook of Federal Sentencing Statistics, at S-133 tbl.53 (2017), [].

     [267]. Vikramaditya S. Khanna, Corporate Crime Legislation: A Political Economy Analysis, 82 Wash. U. L.Q. 95, 97–98, 127–28 (2004).

     [268]. Sean J. Griffith, Corporate Governance in an Era of Compliance, 57 Wm. & Mary L. Rev. 2075, 2127 (2016).

     [269]. See supra Part III.A.1.

     [270]. See 18 U.S.C. § 371; McAndrew v. Lockheed Martin Corp., 206 F.3d 1031, 1037–39 (11th Cir. 2000) (collecting citations supporting the proposition that the intracorporate conspiracy doctrine does not apply to criminal conspiracies).

     [271]. Samuel W. Buell, Is the White Collar Offender Privileged?, 63 Duke L.J. 823, 842–44 (2014).

     [272]. See infra Part III.B.2.

     [273]. U.S. Dep’t of Just., supra note 76, § 9-27.220.

     [274]. It also bears mentioning the limitations of this counterfactual approach in the context of overbreadth. A review of the literature indicates a tendency to point to the same, small set of cases that—while useful for illustration purposes—mostly predate the advent of our modern corporate criminal enforcement regime.

     [275]. See supra Part III.A.

     [276]. Baer, supra note 28 passim (discussing detection avoidance).

     [277]. Zenger, supra note 227, at 712–13; see also Edward P. Lazear & Kathryn L. Shaw, Personnel Economics: The Economist’s View of Human Resources, 21 J. Econ. Persps. 91, 92–93 (2007) (quantifying prevalence of team production at large firms).

     [278]. Diamantis & Laufer, supra note 25, at 454–55; accord Brandon L. Garrett, Declining Corporate Prosecutions, 57 Am. Crim. L. Rev. 109 passim (2020).

     [279]. See, e.g., Eric H. Holder, Jr., U.S. Att’y Gen., Remarks on Financial Fraud Prosecutions at NYU School of Law (Sept. 17, 2014), []; The Endless Cycle of Corporate Crime and Why It’s So Hard To Stop, Duke L. (Jan. 13, 2017), [].

     [280]. See supra Part III.A.1.

     [281]. Diamantis & Laufer, supra note 25, at 458–59.

     [282]. Id. at 458–59.

     [283]. Brandon L. Garrett, The Corporate Criminal as Scapegoat, 101 Va. L. Rev. 1789, 1822 (2015).

     [284]. See supra Part I.C.2.

     [285]. For a useful summary, see Baer, supra note 28 passim.

     [286]. See generally Harry Litman, Pretextual Prosecution, 92 Geo. L.J. 1135 passim (2004).

     [287]. Compounding this concern is the fact that these incentives steer prosecutors to focus on low-level employees and middle managers on the basis that these employees are more likely to have satisfied all elements of any potential crimes. See supra Part II.B.1.

     [288]. Daniel C. Richman & William J. Stuntz, Al Capone’s Revenge: An Essay on the Political Economy of Pretextual Prosecution, 105 Colum. L. Rev. 583, 639 (2005). But see Gabriel S. Mendlow, Divine Justice and the Library of Babel: Or, Was Al Capone Really Punished for Tax Evasion?, 16 Ohio St. J. Crim. L. 181 passim (2018) (arguing that virtually all criminal prosecutions are pretextual).

     [289]. See supra Part III.A; see also infra Part IV.A.1.

     [290]. U.S. Dep’t of Just., supra note 76, § 9-28.300.

     [291]. Memorandum from Sally Quillian Yates, Deputy Att’y Gen., to All U.S. Att’ys (Sept. 9, 2015), []; see Katrice Bridges Copeland, The Yates Memo: Looking for “Individual Accountability” in All the Wrong Places, 102 Iowa L. Rev. 1897 (2017); Elizabeth E. Joh & Thomas W. Joo, The Corporation as Snitch: The New DOJ Guidelines on Prosecuting White Collar Crime, 101 Va. L. Rev. Online 51 (2015), [].

     [292]. See James P. Melendres, Aloke S. Chakravarty & Carter Gee-Taylor, Yates Memorandum: Rosenstein Announces Easier Path for Companies To Receive Cooperation Credit, Snell & Wilmer (Dec. 11, 2018), [].

     [293]. Steven Mufson, BP Settles Criminal Charges for $4 Billion in Spill; Supervisors Indicted on Manslaughter, Wash. Post (Nov. 15, 2012), [‌LDC2-A5RV].

     [294]. See supra Part III.B.1.

     [295]. Oliver Milman, Manslaughter Charges Dropped Against Two BP Employees in Deepwater Spill, Guardian (Dec. 3, 2015, 1:08 PM), []; BP Engineer Is Not Guilty in Case from 2010 Gulf Oil Spill, N.Y. Times (Feb. 25, 2016), [].

     [296]. U.S. Dep’t of Just., supra note 76, §§ 9-28.010–.210.

     [297]. Garrett, supra note 278, at 129–35; Garrett, supra note 283, at 1796–1823.

     [298]. See supra Parts I.C.2., II.B.

     [299]. Simons, supra note 11, at 980–82.

     [300]. Baer, supra note 28, at 20 (“The corporation must adopt a strict, take no prisoners attitude with its own employees if it is to save its organizational skin.”).

     [301]. See supra Part II.B.2.

     [302]. Waytz & Young, supra note 130, at 83.

     [303]. Jago & Pfeffer, supra note 124, at 83; see Chris Davies, Google’s “Rogue Engineer” Street View Excuse Blown Apart, SlashGear (Apr. 30, 2012, 3:46 AM), [] (detailing Google’s efforts to blame a single employee for the firm’s perpetrating the largest wiretap case in U.S. history).

     [304]. Kyriaki Fousiani et al., Justice Reactions to Deviant Ingroup Members: Ingroup Identity Threat Motivates Utilitarian Punishments, 58 Brit. J. Soc. Psych. 869, 870 (2019); Sherman & Percy, supra note 126, at 163–64.

     [305]. Miriam Hechler Baer, Governing Corporate Compliance, 50 B.C. L. Rev. 949, 949 (2009); Griffith, supra note 268, at 2133; Thomas, supra note 153, at 919–22.

     [306]. Thomas, supra note 153, at 967–68; see U.S. Dep’t of Just., Evaluation of Corporate Compliance Programs (2020), [].

     [307]. See generally David Hess, Ethical Infrastructures and Evidence-Based Corporate Compliance and Ethics Programs: Policy Implications from the Empirical Evidence, 12 N.Y.U. J.L. & Bus. 317, 332–33 (2016); Adán Nieto Martín, Cosmetic Use and Lack of Precision in Compliance Programs: Any Solution?, 3 Eucrim 124, 125 (2012).

     [308]. Kimberly D. Krawiec, Cosmetic Compliance and the Failure of Negotiated Governance, 81 Wash. U. L.Q. 487, 492 (2003).

     [309]. William S. Laufer, A Very Special Regulatory Milestone, 20 U. Pa. J. Bus. L. 392 passim (2017).

     [310]. See supra text accompanying notes 134–138.

     [311]. See supra Part III.B.1.

     [312]. Blackstone, supra note 17, at *352.

     [313]. See supra Part III.A.

     [314]. See supra Part III.A.

     [315]. See supra text accompanying notes 124–134 (discussing entitativity).

     [316]. See supra text accompanying notes 134–138.

     [317]. See supra text accompanying notes 134–138.

     [318]. Elizabeth Pollman, Corporate Disobedience, 68 Duke L.J. 709, 711 (2019).

     [319]. See Thomas, supra note 151, at 639 (collecting citations).

     [320]. See supra Part II.B.2.

     [321]. See supra Part II.A.

     [322]. See supra Part I.A.

     [323]. See supra Part I.C.1.

     [324]. See supra Part I.C.1.

     [325]. See Zachary Price, The Rule of Lenity as a Rule of Structure, 72 Fordham L. Rev. 885, 886 (2004); Anthony G. Amsterdam, Note, The Void-for-Vagueness Doctrine in the Supreme Court, 109 U. Pa. L. Rev. 67, 70–74 (1960).

     [326]. E.g., Peter J. Henning, A New Crime for Corporate Misconduct?, 84 Miss. L.J. 43, 47 (2014).

     [327]. Buell, supra note 271, at 842–44.

     [328]. To the extent there remains need to reassure that strict liability should be seen as generally suspect and presumptively unwelcome within a criminal justice system, see generally Appraising Strict Liability (Andrew Simester ed., 2005).

     [329]. See supra Part III.B.2.

     [330]. See supra Part I.C.

     [331]. See supra Part I.C.2 (noting the Justice Department’s institutional incentives).

     [332]. Arlen, supra note 77, at 842–50.

     [333]. See Fisse, supra note 53 passim (advocating considering cooperation in evaluating organizational responsibility).

     [334]. See supra Part III.B.2.

     [335]. See supra Part I.A.2.

     [336]. See Thomas, supra note 15, at 525–29.

     [337]. Id.

     [338]. E.g., Laufer, supra note 55, at 111; Fisse, supra note 53, at 1158–60.

     [339]. Bucy, supra note 12, at 1179.

     [340]. See supra Part I.B.

     [341]. See supra Part I.B.

     [342]. But see supra Part IV.A.

     [343]. See supra notes 149–155.

     [344]. See supra Part III.A.1.

     [345]. Corporate Attribution—Principled Simplicity, Australian Gov’t: Australian L. Reform Comm’n (Nov. 27, 2019), [].

     [346]. Id.

     [347]. Cf. Bainbridge, supra note 138, at 63 (arguing that team production concerns dissipate at the department level).

     [348]. See Diamantis, supra note 246, at 898.

     [349]. On the other hand, underspecificity is also vicarious attribution’s strength. For one thing, it avoids enshrining into law one of several competing conceptions of collective attribution. Cf. Amy J. Sepinwall, Guilty by Proxy: Expanding the Boundaries of Responsibility in the Face of Corporate Crime, 63 Hasting L.J. 411, 429–30 (2012) (arguing against building legal rules in corporate criminal law in the absence of foundational consensus).

     [350]. See supra Part II.A.1.

     [351]. Anderson & Pildes, supra note 214, at 1520.

     [352]. Thomas, supra note 15, at 518–24 (collecting cases).

     [353]. Id. For a sympathetic proposal that would impose attributive guideposts by reference to literature in moral psychology, see Diamantis, supra note 51.