The DOJ’s recently updated guidance poses helpful questions for UK corporates evaluating the effectiveness of their internal compliance programmes.
It is well known that a corporate’s failure to prevent offences can be answered with a defence of “adequate procedures” in a case of bribery or “reasonable procedures” in a case of failure to prevent the facilitation of tax evasion. However, with no case law to aid comprehension of what “adequate” or “reasonable” mean, UK corporates are forced to seek answers elsewhere.
The UK government has issued guidance alongside both the Bribery Act 2010 and the Criminal Finances 2017, and these documents remain the principal source for interpreting those acts. However, UK companies looking to understand the wider expectations of law enforcement — particularly companies that operate in multiple jurisdictions — may find useful the US Department of Justice’s (DOJ’s) updated guidance “Evaluation of Corporate Compliance Programs” and recent comments from Assistant Attorney General Brian Benczkowski introducing the updated guidance, which replaces similar DOJ guidance issued in 2017.
Under the new guidance, prosecutors are instructed to probe whether a compliance programme is a “paper program” or a programme that is “implemented, reviewed, and revised, as appropriate, in an effective manner.” The new guidance also makes clear that if a compliance programme is to be truly effective, compliance personnel must be empowered within the company.
The new guidance — which contains most of the language from the 2017 guidance, but with additional context and new elements (making it twice as long) — is now organised around three “fundamental questions” a prosecutor should ask:
The guidance stresses that these questions are “neither a checklist nor a formula”, and that prosecutors should start by “understand[ing] the company’s business from a commercial perspective”. Benczkowski specifically noted that this policy would not “spell the death of monitorships”, but would instead “focus [the] prosecutors’ determination on the appropriate factors so that monitors are imposed only where necessary and under the terms and scope that is appropriate for that given case”.
Excerpted below are key new elements of the guidance that UK corporates may find useful in assessing their own compliance programmes:
UK corporates looking to scope and evaluate their compliance programs — particularly those with a multi-jurisdictional focus — can now look to this guidance for at least one regulator’s perspective on what would be considered “adequate procedures” or “reasonable procedures.”