Recent developments confirm that the US Department of Justice (DOJ) is increasing the pressure on companies to implement robust and tailored compliance programs.
On November 3, 2015, Hui Chen joined the DOJ as the agency’s first compliance counsel (Compliance Counsel). Assistant Attorney General Leslie Caldwell announced that Chen’s mission will be to assist prosecutors in assessing a company’s program, “as well as [to] test the validity of [the company’s] claims about its program, such as whether the compliance program truly is thoughtfully designed and sufficiently resourced to address the company’s compliance risks, or essentially window dressing.”
According to Caldwell, Chen was selected because of her substantial in-house compliance experience across diverse industries, including the financial, pharmaceutical and software technology sectors. Chen most recently headed Standard Chartered Bank’s global anti-bribery and corruption program. She previously served as an Assistant US Attorney in Brooklyn, New York.
The hiring of its first Compliance Counsel signals that the DOJ is not willing to accept at face value a company’s representations about the quality and strength of its compliance program. Rather, the DOJ expects Compliance Counsel to provide “a reality check” on the actual state of the program. Chen’s review is expected to address the recurring question of whether a violation of the law occurred because the company lacked an effective compliance program or because a rogue employee circumvented an otherwise robust program. The Compliance Counsel’s assessment is expected to influence the DOJ’s charging decisions as well as any remedial measures the DOJ may require a company to undertake, including whether to impose a compliance monitor.
Specifically, the Compliance Counsel will examine whether:
- The board and senior management have a visible and strong commitment to the program that is communicated throughout the organization;
- The individual responsible for compliance holds a position of stature and has adequate resources and funding to implement an effective program;
- Policies and procedures are accessible, easy to understand and translated into all necessary languages;
- Employees receive periodic training on policies and procedures, including information on how and where they can seek guidance and/or report concerns;
- The program is dynamic and evolves as risks change, such as when the company acquires other companies or enters new territories;
- Incentives for ethical behavior and disciplinary measures are evenly applied across all levels of management and employees; and
- The company has procedures in place to ensure that its vendors, consultants and other third parties comply with the company’s policies and the law. Companies are expected to terminate business relationships with third parties that demonstrate a lack of adherence to laws and policies. Boilerplate contractual representations regarding the third party’s compliance with applicable laws and audit rights that are never exercised are insufficient.
None of the above elements is new. All have been previously articulated by the DOJ and the Securities and Exchange Commission in various pronouncements as key components of a strong compliance program. The significance of the Compliance Counsel’s appointment, however, is that a company’s compliance program will be scrutinized in “real time” during the DOJ’s investigation and that this review will have a direct impact on the resolution. Whereas companies have typically met with prosecutors and presented their own assessment of their individual programs, those self-assessments will be scrutinized by the Compliance Counsel and that assessment will likely carry significant weight with respect to the DOJ’s decision regarding the appropriate resolution.
According to Andrew Weissmann, chief of the DOJ’s Fraud section, the Compliance Counsel’s responsibilities will also include helping criminal prosecutors better understand the role of corporate compliance programs and evaluate the effectiveness of remediation efforts when deficiencies are discovered. The Compliance Counsel will also be tasked with assessing whether the compliance monitors placed within companies as part of a settlement agreement with the DOJ are effective.
The Compliance Counsel is expected to attend every compliance presentation a company makes to the DOJ and evaluate the presentations. The Compliance Counsel’s expertise will assist in determining whether a company has designed a program that suits the unique attributes of that company.
The DOJ’s addition of a Compliance Counsel increases the pressure on companies to proactively assess and enhance their programs. At the same time, compliance officers should view this as an opportunity to make the business case to management and the board of directors that there is a “return on investment” in a strong compliance program. While the DOJ has indicated that it is not prepared to recognize a “compliance defense”—akin to the “adequate procedures” defense under the UK Bribery Act—companies should expect that a favorable assessment of their compliance program will be a positive factor that is reflected in the ultimate resolution with the DOJ.