Challenge of addressing DOJ Compliance Guidelines
The U.S. Department of Justice’s Evaluation of Corporate Compliance Programs is NOT a best practices manual for compliance professionals. It is guidance for prosecutors to help them determine the size and severity of punishment a company should face in the event of a compliance failure. However, the DOJ compliance program guidance can be very useful for organizations looking to build programs designed to prevent compliance failures from happening in the first place.
Compliance officers can start by answering the three questions the DOJ instructs prosecutors to ask at the start of their evaluation: (1) Is the corporation’s compliance program well designed? (2) Is the program being implemented effectively? (3) Does the program work in practice? The DOJ guidance then provides detailed questions to evaluate each response. Someone measuring an E&C program’s design, for example, should start by reviewing its risk assessment. How did the company define its risk profile? Did it tailor its programs to detect the specific types of misconduct identified, and allocate resources accordingly? Did it periodically review and revise its assessment? By proactively addressing the questions posed in the DOJ guidance, organizations can prevent the need for prosecutors to seek answers in the wake of compliance failure.
We Can Help