On April 10, 2026, International Business Machines Corporation (IBM) became the first company to settle with the Trump Administration to resolve allegations that it violated the False Claims Acts (FCA) by implementing diversity, equity, and inclusion (DEI) as part of its hiring practices.  As we have discussed in prior posts, this Administration has clearly signaled that it would use the FCA as part of its an anti-DEI campaign and that, as of late 2025, the DOJ had already launched investigations of DEI consideration in hiring or promotion at major U.S. companies.  

IBM’s $17 million settlement with the DOJ may just be in the first of several currently pending FCA DOJ cases to resolve.  The following will discuss the settlement agreement and potential D&O exposure for companies that may be or become targets of FCA anti-DEI enforcement actions.

The IBM Settlement

The settlement agreement with IBM is the first secured under the DOJ’s Civil Rights Fraud Initiative launched in May 2025.  The agreement resolves allegations against IBM that it violated the False Claims Act in connection with its compliance certifications as a federal contractor. IBM, a New York–based corporation providing products and services to the federal government, was purportedly required to comply with anti-discrimination provisions incorporated into its federal contracts, including requirements derived from Title VII and the Federal Acquisition Regulation. 

The government alleged that IBM knowingly submitted false claims and made false statements by certifying compliance with these requirements while maintaining certain DEI-related employment practices. Specifically, the DOJ contended that IBM engaged in practices that took race, sex, or other protected characteristics into account in employment decisions, including compensation adjustments tied to demographic targets, hiring and promotion practices involving “diverse slate” requirements, and the use of demographic goals in business unit decision-making. 

The DOJ had alleged that IBM offered certain training, mentoring, and professional opportunities that were limited based on protected characteristics, thereby raising concerns under federal anti-discrimination requirements applicable to government contractors.  Without admitting liability, IBM agreed to pay approximately $17 million to resolve the matter, including a portion designated as restitution. The agreement also reflects IBM’s cooperation with the government’s investigation, including early disclosure of relevant facts and remedial measures such as modifying or terminating certain programs at issue. 

Discussion

IBM’s agreement to settle the allegations against it could represent a significant development in the emerging use of the FCA as a vehicle for challenging corporate DEI practices. The Administration’s willingness to frame DEI-related conduct as a basis for FCA liability, and to pursue enforcement on that basis, may now result in meaningful financial exposure for federal contractors whose DEI practices are alleged to be noncompliant with anti-discrimination obligations embedded in federal contracts. In that respect, the settlement not only resolves a single enforcement action but also provides a template for how the government may pursue similar claims going forward. It also may encourage other companies facing pending FCA investigations in this area to consider early resolution, particularly where certification-based theories of liability are in play.

From a D&O exposure perspective, the implications are also potentially significant. As we noted in our discussion of the Administration’s use of the FCA in the anti-DEI context, enforcement actions of this type rarely exist in isolation. Rather, they often serve as a predicate for follow-on civil litigation. To the extent companies publicly disclose DEI initiatives, describe them in SEC filings, or represent compliance with applicable legal requirements, an FCA enforcement action could form the basis for securities class action lawsuits or shareholder derivative claims alleging that the company and its executives misrepresented or failed to adequately oversee these practices.

Perhaps recent developments in ESG-related securities litigation provide a useful analogue. D&O Diary readers may recall the securities suit against Target, in which shareholder plaintiffs demonstrated a willingness to challenge corporate statements and strategies relating to ESG initiatives, particularly where those initiatives become the subject of public or political controversy. In that case, the court’s decision to allow the claims to survive a motion to dismiss suggests that courts may be receptive, at least at the pleading stage, to allegations that companies misled investors about the risks associated with their ESG-related decisions. There may be parallels to DEI-related FCA enforcement. Just as ESG disclosures have been scrutinized for alleged misstatements or omissions, DEI-related disclosures—particularly those tied to compliance representations, could become fertile ground for securities litigation following an enforcement action.

In addition, the IBM settlement may underscore the growing importance of compliance oversight at the board and senior management level. Directors and officers of companies with significant federal contracting exposure may now need to ensure that DEI programs are not only aligned with corporate values and strategic objectives, but also carefully vetted for compliance with applicable legal standards. The risk here is not simply that a program may draw regulatory scrutiny, but that it may be alleged to be inconsistent with certifications made to the federal government, thereby triggering FCA exposure. In this current environment, boards may face increased scrutiny regarding their oversight of compliance functions, potentially giving rise to Caremark-style derivative claims alleging a failure of oversight in the event of an enforcement action.

The IBM settlement also raises important questions about insurance coverage. FCA-related exposures often present complex coverage issues under D&O policies, particularly with respect to whether amounts characterized as restitution or disgorgement are insurable, and whether conduct exclusions may be implicated. Moreover, where an FCA resolution is followed by parallel securities or derivative litigation, questions may arise regarding the allocation of defense costs and the extent to which different towers of insurance respond to overlapping claims. These issues are likely to become increasingly salient if DEI-related FCA enforcement actions become more common.

Along with D&O coverage and exposure considerations, the IBM settlement also raises potential employment practices liability (EPL) implications. The underlying allegations center on employment-related decisions, including hiring, promotion, compensation, and access to professional opportunities. To the extent that DEI-related practices are challenged as discriminatory, companies may face parallel or follow-on claims from employees or applicants alleging disparate treatment or disparate impact under federal and state anti-discrimination laws. Moreover, even absent direct employee litigation, the factual allegations developed in an FCA investigation could provide a roadmap for private plaintiffs’ firms. This dynamic creates the potential for overlapping D&O and EPL exposures, particularly where senior management is alleged to have directed or approved the challenged practices.

Finally, the settlement raises the question whether this represents an isolated enforcement action or the beginning of a broader trend. Given the DOJ’s stated enforcement priorities, the establishment of the Civil Rights Fraud Initiative, and the Administration’s prior signaling that DEI practices would be a focus of FCA scrutiny, it seems likely that this will not be the last such case. Companies with federal contracts, and particularly those with well-developed or highly visible DEI initiatives, may face increasing scrutiny as the government continues to test the boundaries of this enforcement theory. At the same time, the interplay between regulatory enforcement and private litigation, as illustrated by the ESG cases, suggests that the ultimate D&O exposure may extend well beyond the initial government action.