Deputy Attorney General Rod Rosenstein delivered remarks on May 21 at the Mayflower Hotel in Washington, DC, as part of Compliance Week’s 2018 Annual Conference for Risk Professionals. In candid remarks, Mr. Rosenstein reinforced the US Department of Justice’s recent policy announcements highlighting the need for and advantages of an effective, appropriately tailored compliance program.
Mr. Rosenstein began his speech by noting that “[i]mproving the business environment is a top priority of the Trump administration.” He stressed that compliance is also good business; ethical and reliable companies attract investors, and good compliance programs avoid unanticipated investigation costs and penalties.
Providing specific insight into DOJ’s process in evaluating the compliance function of companies it is investigating, Mr. Rosenstein said that DOJ asks two principle questions:
- What was the state of the compliance program at the time of the improper conduct? Mr. Rosenstein pointed to the “Filip Factors” (see our February 2017 LawFlash)—also known as the Principles of Federal Prosecution of Business Organizations—which instruct DOJ prosecutors to examine whether a compliance program is appropriately and effectively designed and implemented, or if it is merely a “paper program.” Importantly, Mr. Rosenstein conceded that even a model compliance program cannot stop rogue actors. However, he stressed that a good compliance program, like an annual physical exam, is good “preventative medicine” that can “help to ensure that issues will be detected and addressed at an early stage.”
- What is the current state of the compliance function, after remediation to address any lessons learned? In describing DOJ’s focus on a company’s future, Mr. Rosenstein pointed to DOJ’s November 2017 Foreign Corrupt Practices Act Corporate Enforcement Policy (see our November 2017 LawFlash), which provides incentives for companies to voluntarily report misconduct promptly; fully cooperate with an investigation; and implement effective remedial measures.
Mr. Rosenstein noted that compliance programs cannot and should not be uniform across companies, nor should they be static over the life of a company. “Compliance is not a one-size-fits-all proposition,” he stated, indicating that compliance programs must be tailored appropriately for the size and complexity of each company. And companies also must be aware of their changing risks as they grow, expand business operations to new locations or sectors, go public, or otherwise take on a new risk profile. As such, DOJ does not have a single formula for evaluating an effective program, but looks at the particular circumstances of each company.
Mr. Rosenstein notably recognized the challenges large companies face with compliance: “In an organization the size of the [DOJ], we rely on professionals to ensure compliance with the myriad ethical rules, court rules, regulations, and statutes that affect our employees. When any one of our 115,000 employees makes a mistake, it can affect the entire organization. So, I can empathize with many of you.”
Quoting Thomas Jefferson, Mr. Rosenstein also focused on fairness and consistency in DOJ enforcement: “‘The most sacred of the duties of government [is] to do equal and impartial justice to all its citizens.’ We must endeavor to enforce the law fairly and consistently.” He also reiterated DOJ’s recently announced “no piling on” policy, (see our May 2018 LawFlash), which discourages “piling on”—or inflicting multiple penalties from different enforcement agencies—by directing DOJ (for instance, criminal and civil assistant US attorneys) to coordinate with one another in parallel investigations seeking fair outcomes proportionate to the wrongdoing at hand.
Mr. Rosenstein concluded his remarks by inviting feedback and stating that DOJ wants to work with companies on its policies: “We want you to work with us as we face today’s challenges. We need you to help us uphold the rule of law. We are eager to hear from you and other stakeholders. If there are ways you think we can improve, let us know.”
Mr. Rosenstein’s remarks reinforce that companies should continue to devote meaningful time and resources to effective compliance programs—both to prevent and detect misconduct as well as to mitigate the impact of government investigations.