2019 has been a very significant year for every compliance practitioner and compliance program. There were three significant releases of information by the federal government which directly impacted compliance professionals in 2019. Two came from the Department of Justice (DOJ) and one came from the Department of Treasury, Office of Foreign Asset Control (OFAC).

 In April, Assistant Attorney General Brian Benczkowski announced an update to the 2017 Evaluation of Corporate Compliance Programs, entitled Evaluation of Corporate Compliance Programs – Guidance Document (2019 Guidance). It is mandatory reading for every Chief Compliance Officer (CCO), compliance practitioner and professional or any other person interested in the latest thinking from the DOJ on what constitutes a best practices compliance program. The 2019 Guidance posed three “fundamental questions” that prosecutors must begin their analysis with:

  1. “Is the corporation’s compliance program well designed?”
  2. “Is the program being applied earnestly and in good faith?” In other words, is the program being implemented effectively?
  3. “Does the corporation’s compliance program work” in practice?

The 2019 Guidance also put a newfound importance on corporate culture.

In June, OFAC released the Framework for OFAC Compliance Commitments (OFAC Framework). It provides guidance for entities seeking to comply with sanctions through a Sanctions Compliance Program (SCP). Mike Volkov, one not normally associated with hyperbole, has called this “a game-changer”.

The OFAC Framework “strongly encourages” companies subject to its jurisdiction to take a “risk-based approach to sanctions compliance by developing, implementing, and routinely updating a sanctions compliance program (SCP).” OFAC recognizes that all businesses are different in “size and sophistication, products and services, customers and counterparties, and geographic locations”. To this end each compliance program should not be a cookie cutter, off the shelf solution.

OFAC related that each corporate compliance program should be predicated on and incorporate at least five essential components of compliance:

  • management commitment;
  • risk assessment;
  • internal controls;
  • testing and auditing; and
  • training.

The OFAC Framework had a key emphasis on vendors in the Supply Chain as well as customers mandated in ongoing due diligence.

Finally, in July, the DOJ Antitrust Division released its Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations (Antitrust Guidance). Together with the 2019 Guidance and OFAC Framework, these three documents go a long way in cementing the need for robust and effective compliance for corporations.

The Antitrust Guidance significantly changes the calculus by the government when prosecuting a criminal antitrust violation. Regarding the Leniency Program, Volkov noted, “Since the 1990s, the Antitrust Division’s policy regarding corporate compliance programs was generally fixed given the ability of companies to seek benefits under the leniency program. In this respect, the first reporting company would earn immunity and a de-trebling of civil liability for antitrust cartel conduct.” However, if your organization was not the first to self-report, you could not avoid a criminal penalty for violation of antitrust laws. It was purely a race to see which organization could self-report to the Antitrust Division first.

This has changed under the Antitrust Guidance as it incentivizes companies by creating credit which the government may give at the charging stage of an antitrust violation. This means that the Leniency Policy created in the 1990s for the first to self-report has now been expanded so that a company which no longer is the first to report can receive up to a Declination if certain criteria are met. Put another way, good corporate citizens who are not the first but do self-report, thoroughly investigate the violation, extensively cooperate with the government and have an effective compliance program under the Antitrust Guidance can receive a significant discount up to a Deferred Prosecution Agreement (DPA) for criminal antitrust violations.

The purpose of the Antitrust Guidance is threefold. First, it provides a manner to credit compliance programs at the charging stage of an antitrust indictment. Second, it clarifies the Antitrust Division’s approach to evaluating effectiveness of compliance programs at the charging stage. Thirdly, it provides a public guidance document for the evaluation of compliance programs, once again from the antitrust perspective. In addition to these three considerations made at the charging stage, the Antitrust Guidance may also come into play at any sentencing stage. Volkov stated, “Under the existing Sentencing Guidelines, a company can earn a three-point reduction in its culpability score if the company has an “effective” compliance program. Second, a compliance program may be relevant to deter mining the appropriate corporate fine to recommend within the guidelines range, or even below the range in extraordinary circumstances. And third, the existence of a compliance program is relevant to the government’s recommendation on probation.”

I have always striven to provide my readers and listeners with the most up-to-date information on what goes into a best practices compliance program. The OFAC Framework and Guidance’s lay out what compliance practitioners need to put into their compliance programs going forward. Beginning January 1, and for the next 31 days, I will be exploring the best way to more fully operationalize a compliance program using these resources. The podcast series will provide the compliance practitioner with a thorough grounding in the key aspects of a best practices compliance program based on the latest information from the regulators. Each day I will highlight a new topic based upon the information released on compliance programs in 2019.

I hope you will join me as we engage in 31 days to a more effective compliance program. It will be available on the FCPA Compliance Report, iTunes, YouTube and JDSupra.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

 © Thomas R. Fox, 2019