The written standard requirements have long been memorialized in the U.S. Sentencing Guidelines, which contain seven basic compliance elements that can be tailored to fit the needs and financial realities of any given organization. From these seven compliance elements, the DOJ has crafted its minimum best practices compliance program, which is now attached to every DPA and NPA issued. These requirements were incorporated into the 2012 FCPA Guidance and brought forward in the 2019 Guidance and FCPA Corporate Enforcement Policy. The U.S. Sentencing Guidelines assumes that every effective compliance and ethics program begins with a written standard of conduct; i.e., a Code of Conduct.

Following your Code of Conduct is written policies and procedures required for a best practices compliance program are well- known and long established. The role of compliance policies is to provide guidance and to protect companies, despite an occasional hick-up. Policies provide a basic set of guidelines for employees to follow. They can include general do’s and don’ts, work process flows, specific issue guidelines. By establishing what is and is not acceptable compliance behavior, a company can mitigate the compliance risks posed by employees who might make foolish decisions or otherwise engage in unethical behavior.

There are numerous reasons to put some serious work into your Code of Conduct, policies and procedures. They are certainly a first line of defense when the government comes knocking. This means the regulators will take a strong view against a company that does not have well thought out and articulated policies, procedures or Code of Conduct; all of which are systematically reviewed and updated. Written policies, signed by employees provide a vital layer of communication. Together with a signed acknowledgement, these documents can serve as evidentiary support if a future issue arises. In other words, the “Document, Document, Document” mantra applies just as strongly to this area of anti-corruption compliance.

Three key takeaways:

  1. A Code of Conduct, together with policies and procedures, have long been recognized as cornerstones of a best practices compliance policy.
  2. Each level of written standards builds upon one another, so consider this integration step.
  3. The Fair Process Doctrine applies to your written standards.