Recent compliance developments
There has been a flurry of activity by regulators that emphasizes the importance of an effective compliance program and the need to continually evolve a compliance program to foster an ethical culture. This includes remarks by Deputy Attorney General Lisa Monaco regarding shifting priorities of the Department of Justice (DOJ), revisions to the DOJ criminal enforcement policies, and recent enforcement activity.
The DOJ is taking more proactive steps to combat corporate crime, actively reviewing its own corporate enforcement efforts, building additional compliance and data analytics expertise within the department, and shifting priorities to further strengthen how it prioritizes and prosecutes corporate crime.
Organizations should take note, consider how the latest developments may impact their corporate compliance programs, and assess whether their programs work in practice to foster an ethical culture.
“Companies need to actively review their compliance programs to ensure they adequately monitor for and remediate misconduct – or else it’s going to cost them down the line.”
– Deputy Attorney General Lisa Monaco1
Action items for companies based on recent developments
Key action items in light of recent developments include evaluating how organizations 1) address the use of personal devices and third-party messaging apps, 2) use compensation structures to promote compliance, and 3) ensure the timely completion of investigations.
Use of personal devices and third-party applications
The DOJ and Securities and Exchange Commission (SEC) are placing greater emphasis on corporate governance of personal devices and third-party messaging apps in their evaluations of corporate compliance programs. Corporate policies may limit a corporation’s ability to monitor the use of such devices and gather relevant data for investigations.
Organizations should assess the use of such devices within their business, their policies governing their use, the effectiveness of training and communications about such policies, how relevant data can be collected and analyzed as part of an investigation, and how to monitor and enforce the policies.
Compensation structures that promote compliance
The DOJ is scrutinizing how organizations use compensation systems to deter risky behavior, incentivize compliant conduct, and foster an ethical culture. This includes whether compensation agreements incorporate clawbacks for unethical behavior, whether company policies allow for penalties to be levied for misconduct, and more.
Organizations should assess whether their compensation systems are appropriately designed and implemented to incentivize compliant behavior, deter risky behavior, and promote an ethical culture and whether these practices are actually enforced.
Timeliness of investigations
The DOJ is focused on assessing the timeliness of organizations’ investigations and related disclosures. Failing to complete an investigation in a timely manner may result in the dissipation of evidence, the expiration of the statute of limitations, or the lack of timely remediation of pervasive or serious misconduct. The DOJ has indicated the need to expedite its own investigations, empower prosecutors, and clear impediments to completing investigations timely. This is a warning sign to corporations that their internal investigations need to be completed and disclosed in a timely manner.
Organizations should assess the effectiveness of their investigations policies and procedures and determine whether such policies and the organizations’ resources and fundings facilitate the timely completion of investigations.
Recent case summary
Strengthen your compliance program
Organizations must actively assess their compliance programs in light of the recent regulatory updates to foster an ethical culture, prevent and detect potential misconduct, and meet regulatory expectations. Organizations turn to CRA when they need to strengthen their compliance program. CRA has deep experience evaluating compliance program frameworks and delivery models, advising on the design and implementation of compliance program elements, and building and sustaining compliance programs.