In late November, there were two speeches by Department of Justice (DOJ) officials which directly impacted corporate compliance programs going forward. They were a speech by Principal Deputy Assistant Attorney General John P. Cronan who spoke at the Practising Law Institute Eventin Washington. The second was Deputy Attorney General Rod Rosenstein, who delivered a keynoteaddress to the conference the same week as ACI. I wanted to conclude this series by considering what the information means for the compliance professional going forward.
Through Cronan’s speech, it is clear that the DOJ recognizes compliance practitioners are on the front lines of efforts to promote doing business ethically and in compliance with laws such as the Foreign Corrupt Practices Act (FCPA). He also noted the roles of Boards of Directors and senior management who are working to “detect, deter, and rectify corporate misconduct and misbehaviors.” He specifically noted that it is the compliance professional and corporate compliance function which “will confront difficult decisions about how to respond to bad actors; what compliance, audit, and ethics programs will look like; what resources will be devoted to those programs; and the level of access that compliance personnel will have to management and the board. It therefore is you to whom we in government want to make our message clear about the incentives for companies to prevent and redress corporate misconduct.”
Cronan’s speech very specifically focused on the words “effective compliance program”, not a paper compliance program. He stated, “when we at the Department talk about compliance, we are referring to effective compliance. The Principles of Federal Prosecution of Business Organizations make that clear. Under those Principles, in determining whether to charge a corporation, prosecutors must consider, among other factors, the existence and effectiveness of the corporation’s preexisting compliance program, as well as the corporation’s subsequent remedial actions including efforts to implement an effective compliance program or improve an existing one. In assessing a compliance program, the Principles specifically direct prosecutors to consider “whether a corporation’s compliance program is merely a ‘paper program’ or whether it was designed, implemented, reviewed, and revised, as appropriate, in an effective manner.””
When you tie these remarks into those made by Securities and Exchange Commission’s (SEC) FCPA unit chief Charles Cain and DOJ FCPA head Daniel Kahn, at the ACI National FCPA Conference, regarding not only robust enforcement in 2018 but anticipated ongoing enforcement in 2019 and beyond, you can see the prosecutors and regulators are committed to strong FCPA enforcement. You also see an administration which is committed to robust FCPA enforcement as it views international bribery and corruption as a scourge to be lessened and eventually eradicated, even if President Trump thinks it is a “horrible law”. By bringing corporations into the overall system to fight this global blight, it will put more pressure on companies subject to the FCPA to both prevent and detect instances of corruption and when they find it, work with the government to eradicate it.
This also ties to moving mergers and acquisitions (M&A) under the 2017 FCPA Corporate Enforcement Policy safe haven. A prime reason to do so was the government wanted US companies with more robust compliance programs and cultures of compliance to acquire foreign entities which may have something less than robust compliance programs. All of these incentives are wrapped up in the FCPA Corporate Enforcement Policy. The DOJ and SEC want companies incentivized to cooperate in the worldwide fight against corruption but to do so on the front line requires more robust compliance programs. This is the job of the compliance professional.
Rosenstein announced a modification of the Yates Memo. The Yates Memo had required companies to fully investigate and turn over to the government information on all employees who might be involved in bribery and corruption violating the FPCA. The revision is designed to make “clear that any company seeking cooperation credit in criminal cases must identify every individual who was substantially involvedin or responsiblefor the criminal conduct.” [emphasis supplied] This change was made so that “investigations should not be delayed merely to collect information about individuals whose involvement was not substantial, and who are not likely to be prosecuted. We want to focus on the individuals who play significant roles in setting a company on a course of criminal conduct. We want to know who authorized the misconduct, and what they knew about it.”
Now companies must focus their efforts on those who were substantially involved or substantially responsible. In practice this may not seem like much of a change, but it does remove the requirement that each and every person who participated be investigated before a company can conclude a FCPA enforcement matter. Taken together with the FCPA Corporate Enforcement Policy, it should be a continued welcome for the compliance profession, allowing a more focused investigation and hopefully quicker overall resolution.
This change allows quicker more efficient remediation of companies which have sustained a compliance failure or FCPA violation. This change in the Yates Memo also ties into Cronan’s speech and the remarks of Cain and Kahn. The regulators clearly want compliance at the forefront of companies efforts to do business ethically and in compliance.
[View source.]
