On February 8, 2017, the Department of Justice Fraud Section posted a new guidance document on its website entitled, “Evaluation of Corporate Compliance Programs” (“Compliance Guidance”). This Compliance Guidance, comprised of a number of topics and questions, comes a little over a year after the Fraud Section hired Hui Chen as its resident compliance expert. Tapping into her experience as both a prosecutor and a compliance professional at several large multinational companies, Ms. Chen has commented that an effective compliance program requires a whole-company commitment, and has emphasized the importance of leadership and key stakeholders in the compliance process. Her vision is evident in the Fraud Section’s recently released Compliance Guidance, which provides some insights into the mindset of prosecutors tasked with corporate investigations. The Compliance Guidance itself references two of the ten “Filip Factors,” an enumerated set of factors used by prosecutors in making charging decisions related to corporate entities. Although the Compliance Guidance cautions that the Fraud Section does not use a “rigid formula” to assess a company’s compliance program, the guidance provides a detailed list of compliance-focused sample topics and questions that the Fraud Section believes are relevant to its analysis.
The corporate Compliance Guidance is divided into 11 sections:
- Analysis and Remediation of Underlying Conduct
- Senior and Middle Management
- Autonomy and Resources
- Policies and Procedures
- Risk Assessment
- Training and Communications
- Confidential Reporting and Investigation
- Incentives and Disciplinary Measures
- Continuous Improvement, Periodic Testing and Review
- Third Party Management
- Mergers & Acquisitions
While policies and procedures addressing these 11 sections are an important foundation of a corporate compliance program, this Compliance Guidance is further evidence that prosecutors analyze more than the standard documentation and weigh the tailoring of such policies and procedures, implementation, communication and tone from the top.
In keeping with Ms. Chen’s focus on the importance of leadership and key stakeholders to an effective compliance program, the Compliance Guidance includes questions about how senior leadership models behavior to subordinates, what concrete actions stakeholders have taken to demonstrate a commitment to compliance, and what compliance expertise is provided by the board of directors. The Compliance Guidance also asks how corporate training programs are tailored for high-risk employees, and how companies measure the effectiveness of these training programs. There is also significant focus on the internal compliance function, including how it compares with other corporate functions “in terms of stature, compensation, rank/title, resources, and access to key decision-makers,” and even delving into details such as the turnover rate for compliance personnel.
Ms. Chen has likened the assessment of a compliance program to the assessment of a car and driver. In this analogy, the “control panel” of data analysis, policies, and due diligence might be functioning, but the “driver,” in the form of corporate leadership and key stakeholders, might be impaired and thus undermine the functioning of the overall compliance structure. These comments, taken in conjunction with the recently issued guidance, make it clear that a well-designed compliance program is likely not sufficient to protect a company whose leadership is not viewed as actively engaged in promoting a culture of compliance at all levels.
While not revolutionary in substance, the Compliance Guidance will serve as a useful framework for compliance professionals in crafting and strengthening corporate compliance policies, as well as an outline for counsel to use in navigating communications and disclosures to the Fraud Section.