Leaders of organizations across the country might be tempted to view the appointment of Christopher Wray, confirmed as the new head of the FBI on Tuesday, as a sign the new administration plans to ease up on regulating business. After all, Wray spent more than a decade as a corporate lawyer who might be expected to take a softer line on white-collar infractions.
But that view is misguided for two important reasons – and much of what we’ve seen from Washington in 2017 should send a signal that strong compliance programs are as important now as ever.
First, it’s important to understand a few things about Christopher Wray. Before private practice, he was a tough federal prosecutor who helped put lobbyist Jack Abramoff and former Enron Chairman Kenneth Lay behind bars, among many others. We’ve been given no reason to believe Wray has lost those prosecutorial instincts.
Subscribe: Get the Ethics & Compliance Matters Blog in Your Inbox
Given recent political tides in Washington, broader perspective is all the more useful. Despite some initial fear that compliance would take a backseat under the new administration, the past several months have shown there’s no reason for organizations to increase the slack on ethics and compliance. Compliance is just good business – period. It’s not worth the risk to bet on dysfunction in Washington or an erosion of the wall between the White House and the FBI, Justice Department and regulatory agencies like the Securities and Exchange Commission (SEC) on the other.
Some observers have made much of the new administration’s praise for attempts to dismantle the Dodd-Frank financial reforms. Or the highly publicized departure of Hui Chen, former compliance counsel to the Justice Department, who resigned in June.
But we have to balance these happenings against Wray’s prosecutorial background and the bipartisan support he’s received. We also have to consider the guidance issued by the Justice Department in February that shows a clear intent to conduct vigorous and holistic assessments of organization’s compliance efforts and U.S. Attorney General Jeff Sessions' comments at the 2017 Ethics & Compliance Initiative’s Annual Conference in April. Sessions said the Justice Department is still committed to prosecuting corporate fraud and all manner of other white-collar crimes. Sessions also mentioned his intent to hold individuals accountable for corporate misconduct – an initiative that gained greater traction during the Obama administration.
As Session said at the conference, “It is not merely companies, but specific individuals, who break the law. We will work closely with our law enforcement partners, both here and abroad, to bring these persons to justice.”
Whether the Justice Department will vigorously prosecute corporate fraud and non-compliance with existing laws is an open question. However, even if U.S. officials do ease up on corporate enforcement – a current topic of debate – any organization with foreign operations needs to remain vigilant, especially as overseas governments tighten their own regulations. The European Union’s General Data Protection Regulation (GDPR), taking effect next May, will impose heavy fines – up to 4 percent of global gross revenue – on companies that fail to protect the data privacy of EU citizens. The GDPR covers everything from sensitive personnel records to retail purchase histories and it has extraterritorial reach, meaning any company doing business with EU citizens must maintain compliance with its regulations.
Read More: Reflections on My Interview with Hui Chen on Compliance Program Effectiveness
Then there’s China, which has recently bolstered its Cybersecurity Law to cover any “network operators,” including companies with internal computer networks within the country. The new law imposes rigorous recordkeeping and security requirements on companies doing business within China and requires them to protect the privacy of “natural persons,” regardless of citizenship.
Only by taking a holistic approach that links all elements of an effective ethics and compliance program, with the capability for regular updates and capacity for refinements, can organizations operate safely within this new environment.
The changes in Washington and the complex global regulatory landscape definitely present ethics and compliance uncertainties. But they also create opportunities for compliance programs to prove their worth – and staying power. Only by taking a holistic approach that links all elements of an effective ethics and compliance program, with the capability for regular updates and capacity for refinements, can organizations operate safely within this new environment.
Administrations change, but the need for organizations to make sure they meet the regulatory requirements in every jurisdiction where they operate has never been stronger.
Subscribe: Get the Ethics & Compliance Matters Blog in Your Inbox
