7K0A0223Last Friday, the FCPA Professor reported:

“According to this Global Investigations Review article:

“According to two people familiar with the matter, the US Department of Justice (DoJ) has hired Hui Chen, Standard Chartered’s former head of anti-bribery and corruption compliance, as its new compliance counsel. […] Before joining Standard Chartered, Chen served as an assistant general counsel at US pharmaceutical company Pfizer between June 2010 and September 2013. In this position, she oversaw the drug-maker’s internal investigations in the Asia-Pacific region, and also led compliance reviews in Latin America, Europe and the Middle East. Chen previously worked for Microsoft for 13 years, serving first in the intellectual property litigation team and later as a compliance officer in China. During the 1990s, Chen worked as a DoJ trial lawyer in Washington, DC, and as an assistant US attorney in Brooklyn.”

I recognize it is better to cite to the original source but as Global Investigations Review is a subscription only service, I could not view the full article, so you will have to make do with a secondary cite. Of course, if you cannot trust the FCPA Professor to report something correctly, whom can you trust?

There was much ink spilled earlier this summer about the efficacy of such a position; with a spectrum ranging from substantive, that the Department of Justice (DOJ) attorneys who do not need someone to instruct them on what a best practices compliance program is to the procedural that the compliance counsel position is not a government employee but only a contractor. However, I think those criticisms and the others leveled miss the point of the effect of the creation of this position on the compliance discipline in the corporate environment.

The creation of this position portends that the DOJ will be looking more closely at Foreign Corrupt Practices Act (FCPA) anti-corruption compliance programs to see if they meet the minimum standards or are closer to best practices. This requires companies to actually do compliance and not simply put a paper program in place and say they have an effective compliance program.

I asked Stephen Martin, the Managing Director and founder of Baker & McKenzie’s compliance consulting practice and someone who helps companies proactively enhance corporate compliance programs what he thinks the creation of this new DOJ compliance consultant position. Martin is one of the few experts out there that has a similar background to Hui Chen, having been a former federal prosecutor in Washington and in-house counsel/compliance officer helping WorldCom, Qwest and Adelphia wade through and recover from significant compliance failures and major government investigations.

“Historically, it has been difficult for compliance professionals to explain the “return on investment” in compliance programs to senior management and Board of Directors. Companies questioned whether DOJ and SEC really credited a pre-existing compliance program or enhancements done during an investigation and/or resolution. The DOJ and SEC listened to the compliance community and publicly released the rationale in the Morgan Stanley declination as resulting from the effectiveness of Morgan Stanley’s compliance program.

Now, the DOJ is furthering its focus on the importance of compliance by clearly signaling how intently DOJ will be evaluating compliance programs in charging decisions, resolutions and monitorships. By retaining a compliance consultant with previous DOJ and in-house compliance experience, DOJ is sending a strong message to senior management and Boards of Directors that it is now critical that companies have a robust, effective and sophisticated compliance program covering both FCPA and non-FCPA risk areas.

For DOJ, this is a great step forward in being able to actually understand compliance programs and how they operate in the real world, in difficult environments when investigating and resolving matters. For companies, the “return on investment” is clear…the benefits of an effective compliance program far outweigh the costs of the program and help mitigate government enforcement and compliance related risks. For compliance professionals, the DOJ’s increasing focus provides the rationale for helping companies truly move to instituting and maintaining a practical, best practices compliance program that meets the rising expectations of the DOJ.”

As Martin makes clear, having a robust demonstrable program in place is now even more critical. The foundational elements of a best practices compliance program are well known and available to anyone looking. Of course, I would say one of the best place to start is my book Doing Compliance: Design, Create, and Implement an Effective Anti-Corruption Compliance Program which is based on the 10 Hallmarks of an Effective Compliance Program, as laid out in the FCPA Guidance. But you can use other formulations such as Martin’s Five Elements of an Effective Compliance Program, the OECD 13 Good Practices or even the UK Six Principles of Adequate Procedures as the basis for your compliance program.

Whichever formulation you use, the steps are straightforward. Top management must commit to having an effective compliance program and that commitment must be transmitted down throughout the organization. You need to assess the risks to your organization around anti-corruption and to manage those risks accordingly. The specifics of the compliance expectations must be set out in a policy and sufficient procedures must be implemented to all the policies to be followed. There must be a compliance function, with sufficient resources, authority and visibility within your company to lead this area, with appropriate board oversight. You must provide training on not only the company’s expectations around compliance, but also how to do compliance. There must be sufficient incentives in place, around hiring and promotion. There must be a mechanism for reporting of violations and then an appropriate response, through investigations and reporting of any violations of your compliance program. Additionally resources need to be placed around the management of compliance risks involving third parties and mergers and acquisitions (M&A). A company must have a mechanism to keep abreast of and then implement appropriate technological and business improvements as well as any legal or business related changes in anti-corruption compliance. Finally, all of the above must be thoroughly documented.

This new compliance counsel position at the DOJ makes implementing and documenting the above steps all the more important. But it also gives companies a greater chance to avoid potential FCPA liability through a DOJ Declination to Prosecute if they can demonstrate they have an effective compliance program. With the announcement last week of the Yates Memo and the increased focus on corporate internal investigations to identify senior executives for prosecution, it is now even more important that companies have a robust compliance program in place. As Mike Volkov often says, the DOJ clearly communicates the direction they are heading. The message could not be clearer.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2015