BY Richard Summerfield
This week the US Department of Justice (DOJ) issued a series of revisions to its ‘Evaluation of Corporate Compliance Programs’ which clarifies the new factors prosecutors may consider in the areas of risk management, policies and procedures, training and communications, mergers and acquisitions, and more in their evaluation of corporate compliance programmes.
Since the department first released guidance on how it evaluates corporate compliance programmes in 2017, there have been several revisions. Though the latest version leaves much of the substance of earlier versions unchanged, the most recent updates are in keeping with the agency’s efforts to improve its policies and provide transparency.
“The revised guidance on the Evaluation of Corporate Compliance Programs reflects additions based on our own experience and important feedback from the business and compliance communities,” said Brian Benczkowski, assistant attorney general of the DOJ’s Criminal Division, in a statement. “Although much of the substance of the prior version remains unchanged, the updates we have made are in keeping with our continued efforts as prosecutors to improve our own policies and practices to ensure transparency and the effective and consistent enforcement of our laws”.
One of the most telling changes has been in the section of the guidance concerning compliance programme structure, in which new language has been added to reflect how the Criminal Division assesses a company’s risk profile and offers solutions to reduce its risks. The new language states prosecutors will make a “reasonable, individualised determination in each case that considers various factors including, but not limited to, the company’s size, industry, geographic footprint, regulatory landscape, and other factors, both internal and external to the company’s operations, that might impact its compliance program”.
There have also been notable revisions to the language requiring prosecutors to ask companies whether their compliance programme is “adequately resourced and empowered to function” effectively. In previous versions of the guidance, prosecutors were encouraged to ask if the compliance programme has been “implemented effectively”.
Furthermore, the revisions note that prosecutors will evaluate compliance programmes at the time a potential offence occurred and when a decision is made about bringing charges. This will enable them to track the steps taken by companies to prevent problems from reoccurring.