The Department of Justice and the SEC have had a profound effect on corporate compliance programs. That is an understatement.
Prior to the reinvigorated FCPA enforcement program, corporate compliance programs were relatively modest in scope. Sarbanes-Oxley resulted in reforms and controls designed to improve financial reporting.
DOJ’s aggressive FCPA enforcement program has catapulted compliance to a significant priority. In many respects, companies are still scrambling to put in place appropriate compliance policies and procedures.
The FCPA Guidance was a significant event in compliance history. It set forth, in one important document, a number of important compliance principles.
Another important source of compliance information are the corporate settlements and the terms of compliance program requirements set forth in the infamous “Schedule C.” The specific requirements included in Schedule C are important sources of information on best practices and other innovations.
Last year, for example, what started out as “enhanced” compliance program elements started to become the new “norm” in settlements. For companies implementing compliance programs, Schedule C is an important reality check for their program.
In the Parker Drilling settlement, for example, the specific elements described in the Schedule C were described by the Justice Department as “enhanced” compliance program elements. Parker Drilling was credited for its commitment to complete implementation of the “enhanced” compliance program.
After the Parker Drilling settlement, these same terms were included in every corporate settlement. They were not described as “enhanced,” but were listed as required corporate compliance program elements.
The specific corporate compliance elements are familiar to the compliance professional. It is a comprehensive list of compliance program strategies and worth reviewing. I am not advocating a check-the-box approach but it is a very comprehensive and important list of program elements.
The implementation of each element will vary across organizations depending on the specific risk profile, resources available, and other intangibles.
It is interesting to map the changes in Schedule C over the last several years. DOJ and the SEC are well aware of the impact they have on compliance programs, and have used corporate settlements to advance compliance programs.
Five years from now, the DOJ and SEC will look back on this time period as yet another page in history. The Schedule C requirements may be more specific or address other issues. It is hard to say what compliance will look like in five years. Whatever happens, compliance officers will be busy and the field will continue to grow in importance.