In a podcast series sponsored by Affiliated Monitors, Inc. (AMI), Tom Fox visits with Eric Feldman, Senior Vice President of AMI. They look at the Department of Justice (DOJ) Evaluation of Corporate Compliance Programs, (the “2019 Guidance”), which was released in April 2019. Over the next five podcasts we will explore what the 2019 Guidance changes are from the Evaluation of Corporate Compliance Program (2017 Guidance), released in February 2017, the structure and emphasis of the 2019 Guidance and what it means for the compliance practitioner going forward.
Listen to the full series below, or wherever you listen to podcasts.
In this first episode, they begin with some of Feldman’s observations on the 2019 Guidance. The 2019 Guidance asks three fundamental questions prosecutor should ask; all other questions are divided into these categories: (1) “Is the corporation’s compliance program well designed”; (2) “Is the program being applied earnestly and in good faith?” In other words, is the program being implemented effectively? Is it real? and (3) “Does the corporation’s compliance program work” in practice?
In this Episode 2, they consider the question “Is your program well designed?” To that end, they highlight some main components of the topic: Risk assessment, policies & procedures, training and communications, confidential reporting structure, 3rd party management, and mergers & acquisitions.
In Part 3, Tom Fox and Eric Feldman address whether a program is being effectively implemented. Feldman began by stating, “I like what they say up front here that prosecutors are instructed to prove specifically whether compliance program is a paper program or one implemented, reviewed and revised as appropriate in an effective manner.” In other words, is your compliance program “really just a fig leaf. And here DOJ takes it on directly.”
In part 4, Eric and Tom consider the question “Does your compliance program work in practice?”This final category considers your compliance program in both a retrospective and current review. It considers the effectiveness of your program at the time of the incident(s) in question and then asks if your compliance program has changed based on the lifecycle of risk assessment program, implementation evaluation, and other inputs. Additionally, Feldman noted that for the “first time I have ever seen in any DOJ guidance, it says that the existence of misconduct does not by itself means that a compliance program did not work or was ineffective.”
In this concluding Episode, they bring together their final thoughts through a consideration of the question “What does it all mean for your compliance practice?” Organizational culture is a main component of this discussion. Feldman said he “views culture as more than just some squishy social science concept. It is a foundational internal control that guides the behavior of employees. Without that internal control, all the other rules, regulations, policies and controls you have in place aren’t going to be effective if the culture does not support them.”