On June 1, 2020, the Department of Justice (DOJ) published an updated version of its guidance for “Evaluation of Corporate Compliance Programs,” originally published in February 2017. The guidance is intended to assist federal prosecutors, but it also shines light on how corporate compliance teams should be organized.
The following are key actions corporate compliance teams should take as a result of the revised guidance.
- Companies must act to ensure compliance teams are adequately resourced and must make investments into compliance programs.
A compliance program must be “adequately resourced and empowered to function” effectively. Companies should invest in compliance by training and incentivize compliance management. Compliance officers should be given access to the management of a corporation or granted enough power to conduct investigations without interference. Prosecutors will look at the resources allocated and positions held by the compliance team to determine the earnest and good faith efforts of a corporation to be compliant.
- Compliance teams should be given access to appropriate data on a frequent basis instead of intermittent snapshots of data.
The new language encourages companies to ensure their programs are always receiving new information and not looking at a “snapshot.” Revisions to the guidance emphasize a theme of dynamic and changing data and analysis expected of compliance programs. These revisions complement the emphasis placed on the individualistic nature of each compliance program and the need to evaluate programs both at the time of an offense and also at the time of a charging decision.
- Compliance teams should stay abreast of industry and regional news, as well as consistently monitor how their internal risk assessments can be incorporated into their programs.
The guidance reveals teams are expected to incorporate “lessons learned” from their own risk assessments, misconduct within the company, as well as misconduct by companies in the same industry or region. Compliance teams need to ensure they stay abreast of relevant industry or regional news in order to adjust their programs accordingly.
- Companies should monitor third party vendors frequently and should incorporate newly-acquired M&A targets into their existing compliance program.
Companies should perform audits on newly-acquired targets. As the guidance acknowledges, full and complete compliance analysis and due diligence may not be completed before acquisition of a target, making post-acquisition compliance essential. Additionally, third party vendors should be monitored and reviewed frequently instead of only at the beginning of a relationship because the guidance notes that third party vendors increase compliance risk in many cases.
Heather Hatfield represents clients in corporate investigations, white-collar crime investigations and defense involving the Foreign Corrupt Practices Act (FCPA), complex contract disputes, oil and gas litigation ...
Blake Runions assists clients with broad range of business disputes and investigatory matters, including partnership disputes, internal investigations, and commercial litigation.
Prior to joining the Firm, Blake worked in the ...
Jamie Godsey represents public and private corporations, partnerships, and small companies on a broad range of complex business and commercial litigation. Her experience includes a wide variety of matters such as contractual ...
- Transparency International’s 2020 Corruption Perceptions Index Indicates Corruption is Affecting COVID-19 Response
- Expected Enforcement Trends under the Biden Administration
- FCPA: 2020 Year-In-Review
- Goldman Sachs Reaches Record $2.9 Billion Settlement of Malaysia FCPA Violations
- Recent Advisory Opinion Provides Important Guidance to Mitigate Sanctions Risk
- DOJ Releases Rare FCPA Opinion Procedure
- Essentra Settlement Demonstrates Government Commitment to Compliance Framework
- DOJ Updates Corporate Compliance Evaluation Guidance
- Political Retribution in Bridgegate Cannot Sustain Federal Fraud Convictions in Kelly v. United States
- Key Considerations in the Timing of FCPA Violation Disclosures
- March 2021
- February 2021
- January 2021
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019