The FCPA Paparazzi have a thick head and a stubborn chin. They just do not understand the significance of Compliance 2.0 to corporate governance and they blindly adhere to simplistic, yet unexplained, solutions to complex problems – kind of sounds like a presidential candidate we all know.
Without getting into politics, which I avoid here on this blog, DOJ’s recent FCPA guidance on voluntary, disclosure, cooperation and remediation sets out an ambitious push on ethics and compliance programs. Of course, the new remediation elements apply only to those situations where companies are seeking cooperation and disclosure benefits, along with implementation of a remediation plan.
The new compliance elements represent validation of the Compliance 2.0 model, which has been advanced by leading compliance strategists, such as Tom Fox (here), Donna Boehme (here), Roy Snell (here), and Joe Murphy (here). Unlike many in the FCPA Paparazzi, they have been pushing new and innovative compliance strategies for years that flow from the elevation of an independent compliance function in global companies.
The new compliance leaders do not blindly adhere to quick-fixes of a compliance defense, which has a whole host of problems, but they advocate for a robust compliance function out of a desire to create a long-term model for corporate sustainability premised on corporate trust and integrity. These compliance leaders know that a culture of ethics and compliance improves corporate profitability and leads to greater sustainability. It is not a guarantee of perfection but Compliance 2.0 minimizes risk across the company.
In many respects, the elements of DOJ’s new remediation standard for assessing compliance programs resembles the remediation efforts that Wal-Mart has implemented during its ongoing investigation. A few of the items explained by DOJ are implicit in pasts statements and now made explicit. DOJ has articulated in a variety of contexts elements from the US Sentencing Guidelines, and expanded on a few of them as well.
The most significant “new” or explicit elements listed by DOJ are aimed at looking beyond the compliance program on paper and examining the quality and operational capability of the program. For example, there is nothing new in DOJ indicating that it will assess whether a compliance program dedicates sufficient resources to the compliance function, but DOJ goes beyond that to examine “the quality and experience” of the compliance personnel to identify and understand the potential risks of a transaction. In addition, DOJ’s list includes an assessment of the “independence” of the compliance function, as well as the overall compensation and promotion of compliance personnel in comparison to other employees in the company.
In sum, DOJ is requiring that companies demonstrate that their compliance function has adequate resources, is independent, is competently staffed, and appropriately compensated. The picture is unmistakable – a company cannot just create a compliance function, put it anywhere, make it fight for resources, and hire a few mid-level compliance professionals to carry out the new function.
For those in the FCPA Paparazzi who continue to cling to a compliance defense as the silver bullet solution, it is time to face reality – your idea has no legs, and it is now time to embrace Compliance 2.0 as the growing corporate governance movement. Compliance 2.0 is built on several basic assumptions: the elevation and empowerment of a separate compliance function, led by a subject matter expert in the field, who has line of sight across the organization, membership in the C-Suite and consistent access to the board of directors, as needed, for the board to exercise appropriate oversight and monitoring of the compliance function.