The Challenge of addressing DOJ Compliance Guidance
With the DOJ’s June 2020 update to their guidance on corporate compliance programs, regulators have further sought to provide guidance and transparency to organizations by clearly communicating their expectations of what a well-designed and properly executed compliance program should look like.
Compliance officers can start by answering the three questions the DOJ instructs prosecutors to ask at the start of their evaluation: 1) Is the corporation’s compliance program well designed? 2) Is the program adequately resourced and empowered to function? 3) Does the program work in practice?
The DOJ guidance then provides detailed questions to evaluate each response. Someone measuring a risk and compliance program’s design, for example, should start by reviewing its risk assessment. How did the company define its risk profile? Did it tailor its programs to detect the specific types of misconduct identified, and allocate resources accordingly? Did it periodically review and revise its assessment? By proactively addressing the questions posed in the DOJ guidance, organizations can prevent the need for prosecutors to seek answers in the wake of compliance failure.