The Department of Justice recently published a new version of its guidance on how it evaluates compliance programs when making corporate charging decisions. The document is used as a primer to assist prosecutors in making informed decisions as to whether, and to what extent, the corporation’s compliance program was effective.
DOJ has played a leadership role in pushing corporate compliance programs to improve. It has been at the forefront of pushing the importance of corporate compliance officers in corporate governance.
In looking over the range of the DOJ Guidance changes, here is a list of the five (5) most important:
Resources and Empowerment: Companies have been implementing budget cuts to corporate compliance programs and DOJ have been concerned that these budget cuts will have a harmful impact. To address this, the DOJ included several revisions to its guidance to emphasize the importance of ensuring that compliance programs are sufficiently resourced and empowered to exercise appropriate authority. It is reminding companies to spare corporate compliance programs, and even expand such operations if relevant risks require such increases. It is reminding companies that DOJ expects compliance officers and lawyers to have adequate authority to stop a transaction or other action from occurring if there are real and significant compliance concerns. Companies have to adopt explicit controls requiring sign off from compliance and/or legal as a condition before any action can occur.
Consistency: One of the clear messages in the revised guideline is how the compliance team monitors investigations and resulting discipline to ensure consistency. It's a significant concern because DOJ knows that the surest way to undermine a company’s culture is uneven discipline. By focusing compliance officers on this important issue, DOJ is taking steps to ensure that compliance officers have a seat at the table when discipline is implemented and that such discipline is consistent across the organization.
Real-time monitoring: DOJ’s Guidance incorporates changes to reflect the importance of real-time monitoring and the continuous evolution of the compliance program. DOJ has embraced the idea that compliance programs are not static and must evolve based on updated risk assessments, internal investigations and lessons learned, and ongoing monitoring functions dictate. This new emphasis is a critical requirement because it is a challenge to the compliance function to embrace technology, data, and build real-time monitoring and improvement. Companies are also realizing that company data can be mined and accessed on an ongoing basis to monitor corporate activities on a proactive basis.
Access to Data: DOJ’s Guidance aims that companies are moving in the direction of crafting real-time monitoring programs and that compliance officers have access to data generated by the technology implemented. Companies are now proactively moving to a centralized platform to store their compliance program data and ensure access to compliance teams.
Post-Acquisition Integration and Audits: DOJ’s policy emphasis on mergers and acquisitions has evolved over the last ten years from pre-acquisition due diligence to post-acquisition integration and audits. DOJ’s Guidance includes revisions reflecting the importance of post-acquisition planning and audits. Companies that rely on acquisitions to grow have to devote significant efforts to planning post-acquisition integration to include: training of new officers and employees; expansion and revision of policies and procedures to incorporate the new company; and post-acquisition audits to ensure the absence of FCPA or other violations.