The latest on compliance programs from the Department of Justice

For at least three decades the U.S. Department of Justice has been encouraging – including, in some cases, incenting – companies to develop and implement effective compliance programs, most recently in Deputy Attorney General Rod Rosenstein’s speech Monday at the annual Compliance Week conference in Washington DC. Every C&E professional should read his remarks – which can be found here.  Note that the Deputy AG broke no new ground with the speech. But – as the latest word on the subject from DOJ – it can be  useful to draw from in preparing compliance training, particularly for the Board and senior management, in explaining  the benefits of having a strong program generally and of assessing risks and program efficacy in particular, and in other matters.

Some of the highlights are:

When companies come under investigation, we ask two principal questions about the company’s compliance function: First, what was the state of the compliance program at the time of the improper conduct? Second, what is the current state of the compliance function, after remediation to address any lessons learned? The first question focuses on whether there was an adequate compliance function. The 2008 revisions to the Principles of Federal Prosecution of Business Organizations are known as the “Filip Factors” – after a former Deputy Attorney General. The Department directed prosecutors to determine “whether a corporation’s compliance program is merely a ‘paper program’ or whether it was designed, implemented, reviewed, and revised, as appropriate, in an effective manner.”

(My note: while not new, it is good to see the inclusion here of the efficacy of a program at the time of the misconduct in question, because sometimes only post-wrongdoing-based compliance is listed by the DOJ  as worth their consideration.)

– At the same time, we recognize that even the best compliance program may not stop individual bad actors. Corporate compliance programs are sometimes compared to preventative medicine. It’s a good analogy.  Getting an annual physical doesn’t mean you won’t get sick. But those screenings – just like a robust compliance program – help to ensure that issues will be detected and addressed at an early stage.

(The preventive medicine comparison – while also not new – is potentially helpful because it underscores that compliance is, and is seen by DOJ as, a true no-brainer.)

– Compliance is not a one-size-fits-all proposition… Even blue-chip, multinational corporations with strong preexisting programs must continuously evaluate their risk profiles and adapt to new circumstances.

(This should, of course, be helpful to E&C officers in persuading their companies to undertake  risk and program assessments.)

– Our Department does not use a rigid formula to assess the effectiveness of corporate compliance. Each company’s risk profile and solutions to reduce its risks warrant consideration. We make an individualized determination in each case.

(This should also be helpful in moving ahead on risk and program assessments.)

So, all told, good stuff – but only if members of the E&C community put it to use.

 

Leave a comment
*
**

*



* Required , ** will not be published.

*
= 5 + 6