US Department of Justice (DOJ) publishes new evaluation guidance for compliance programs
The DOJ’s Fraud Section recently released its Evaluation of Corporate Compliance Programs, containing guidance on 11 key topics considered by federal criminal investigators when assessing corporations.
The 11 topic areas:
- Analysis and Remediation of Underlying Misconduct
- Senior and Middle management
- Autonomy and Resources
- Policies and Procedures (Design and Accessibility and Operational Integration)
- Risk Assessment
- Training and Communications
- Confidential Reporting and Investigation
- Incentives and Disciplinary Measures
- Continuous Improvement, Periodic Testing and Review
- Third Party Management
- Mergers and Acquisitions
Of particular note is the DOJ’s focus on the day-to-day operation of compliance programs. For example, the Evaluation invokes the principles of “root cause analysis”, and examines the importance of, and processes involved in, identifying the systemic problems underlying any misconduct. It also asks whether any earlier opportunities to detect the misconduct were missed, and specifies types of misconduct remediation companies should undertake.
The integration of the compliance program into companies’ management systems (that is, its compliance culture) is another area of emphasis. The Evaluation discusses compliance resource allocation, and any exercise of compliance personnel’s powers to pursue compliance concerns.
While no high-level report can specifically address a company’s unique risk profile, the Evaluation provides valuable insight into how the DOJ assesses compliance programs, and serves as a practical outline for designing, enhancing or implementing rigorous compliance programs.
Contact GRC Solutions today for more information about our off-the-shelf and custom corporate compliance training modules.