Advice
Compliance Programs Under Scrutiny
- Regulatory & Compliance
- 3 Mins
A Presentation of Epiq and Compliance Week
June 11, 2024
In today’s regulatory environment, corporations have a heightened obligation to investigate potential wrongdoing by their employees and to monitor, and possibly disclose, incidents of illegal conduct.
In the recent ‘Compliance Programs Under Scrutiny’ webinar, a panel of legal and technology experts discussed recent and significant regulatory developments affecting how companies handle their evolving compliance obligations. The panelists explored government expectations around compliance programs and how companies facing regulatory scrutiny, whether through a government investigation or following an enforcement action, can develop and operationalize compliance programs that position them for the best possible outcome.
The panelists included:
- Peter Skinner, Partner, Morrison & Foerster
- Caitlin Sheard, Partner, McDermott Will & Emery
- Sheryl Janet George, Senior Associate, Morrison & Foerster
- Erin Toomey, Vice President and Managing Director, Epiq
- Edward Burke (Moderator), Managing Director, Epiq
RECENT DEVELOPMENTS:
The panelists discussed several recent policy pronouncements that affect corporate compliance obligations:
- A series of programs and policy pronouncements by the Department of Justice (DOJ) that seek to incentivize companies and individuals to come forward with evidence of misconduct.
- Most recently, DOJ’s Criminal Division announced a Pilot Program for Voluntary Self-Disclosure for Individuals. This program provides transparency regarding circumstances in which Criminal Division prosecutors will offer Non-Prosecution Agreements to individuals who voluntarily disclose original information about corporate criminal activity or misconduct.
- The announcement comes roughly six weeks after DOJ announced that it was implementing a Whistleblower Reward Program that is designed to reward whistleblowers for providing information or assistance leading to civil or criminal forfeitures.
- These programs continue a trend that started last year with the announcement of a department-wide Safe Harbor Policy for voluntary self-disclosures made in the context of the mergers and acquisition process.
- The initiation of the Compensation Clawback Pilot Program, which aims to deter crime by encouraging companies to implement compensation systems that incentivize compliance and hold culpable executives and employees accountable through clawbacks of bonuses and other compensation benefits.
- Announcements by DOJ and the Securities Exchange Commission (SEC) regarding the use of personal devices and the requirement for companies to institute programs that allow for preservation and access to business-related communications.
- Updates by DOJ to its corporate compliance program guidance, including revisions to the Evaluation of Corporate Compliance Programs and the compliance obligations outlined in Foreign Corrupt Practices Act settlement documents.
EARLY-STAGE INVESTIGATIONS AND THE ROAD TO SELF-DISCLOSURE
The panel explored the early stages of an investigation and the types of disclosures that may result from that analysis:
- In September 2022, the Criminal Division of DOJ updated its Corporate and Voluntary Self-Disclosure Policy. In February 2023, DOJ adopted a new policy that establishes a national standard for voluntary self-disclosure credit in corporate criminal enforcement actions brought by U.S. Attorneys’ Offices. The Criminal Division and USAO voluntary self-disclosure policies are substantively aligned with each other. Policy objectives include:
- Standardizing how voluntary self-disclosures are defined and credited by the government.
- Incentivizing companies to maintain effective compliance programs and cooperate fully with the government in corporate criminal investigations.
- Providing transparency and predictability to companies and the defense bar concerning the concrete benefits of voluntarily self-disclosing misconduct, fully cooperating, and timely and appropriate remediation.
- What constitutes a voluntary self-disclosure:
- A disclosure is not voluntary when there is a preexisting obligation to disclose, such as pursuant to regulation or contract, or a prior DOJ resolution.
- The disclosure must be made prior to an “imminent threat of disclosure” or government investigation, prior to the misconduct being publicly disclosed, and within a reasonably prompt time after the company becomes aware of the misconduct.
- The disclosure must include all relevant facts concerning the misconduct that are known to the company at the time of the disclosure.
- The benefits of disclosure:
- In the absence of aggravating factors, the U.S. Attorney’s Office may choose not to impose a criminal penalty and a company will receive at least a 50% fine reduction off the low end of the U.S. Sentencing Guidelines fine range.
- Even when aggravating circumstances are present, a company could earn a fine reduction between 50% and 75% off the low end of the U.S. Sentencing Guidelines fine range.
- The factors that go into a declination decision by the government, including standards set forth in the Justice Manual governing when a prosecutor should proceed to prosecute a matter and whether the prosecution would serve a substantial federal interest.
- The importance of demonstrating to the government that the conduct identified will not reoccur. Parties must show that they have rigorously tested their compliance program to make sure it is working effectively.
POST RESOLUTION COMPLIANCE PROGRAMS
Finally, the panelists discussed the legal and technological issues at play after a company enters into a Deferred Prosecution Agreement or other type of resolution requiring ongoing compliance obligations. This discussion touched on the following topics:
- Types of resolutions: Declination; Declination with Disgorgement; Non-Prosecution Agreement; Deferred Prosecution Agreement; Guilty Plea.
- Recent revisions to “Attachment C” to corporate resolutions, which sets forth compliance obligations, to better reflect DOJ policy guidance and incorporate lessons learned from recent cases and monitorships.
- Factors that DOJ and the SEC consider when deciding whether a company should be subject to ongoing supervision as part of a resolution, and how a company demonstrates an ability to self-monitor.
- Imposition of a monitorship should be considered on a case-by-case basis and may not be required in those instances where a business organization demonstrates that it has a “tested, effective, adequately resourced, and fully implemented” compliance program.
- Compliance program elements to prevent recidivism.
- Companies should make sure that different corporate functions are sharing information and lessons learned from various sources—audits, investigations, monitoring, business reviews—and using that information to inform their risk assessment.
- Communication is also key – the importance of sharing lessons learned from prior investigations.
- How companies are incorporating data into their compliance and self-monitoring programs. Compliance programs must include communication monitoring to proactively, and expeditiously, identify misconduct within their organization. By doing so, the Compliance Team has the opportunity to address any issues through retraining and remediation.
The contents of this article are intended to convey general information only and not to provide legal advice or opinions.