Joshua Drew on Attachment C Compliance Guidance [Podcast]


By Adam Turteltaub

While most eyes have focused on the US Department of Justice’s document Evaluation of Corporate Compliance Programs when looking for guidance, it’s not the only DOJ source out there.

Josh Drew (LinkedIn), Member, Miller & Chevalier explains that it would be wise to also look to Attachment C. What is it? It’s a document typically attached to Foreign Corrupt Practices Act (FCPA) resolutions. It specifies what the defendant company will need to do to establish and maintain an effective corporate compliance program. As a result, it, like the Evaluation document, provides very clear guidance as to what the DOJ’s thinking is when it comes to compliance.

In August and September 2023 there were several changes to Attachment C. For one, it expanded the call for support from senior management down to include midlevel management as well. It specifically points to the importance of their tone and conduct:  “The Company will ensure that mid-level management throughout its organization reinforce leadership’s commitment to compliance policies and principles and encourage employees to abide by them.”

In the realm of training, it calls for metrics to assess the effectiveness of the training, not just that it was given. That’s a theme consistent with other direction from the DOJ.

Not surprising for an FCPA-related document, it also calls for documenting the business justification for engaging a third party and ensuring that contract terms are specific. Third parties should also be tracked after the initial engagement, which means ongoing due diligence.

And, here, too, as elsewhere, the Department of Justice reinforces the importance of both incentives for good behavior and disincentives for bad.

Listen in and then be sure to spend some time reading Attachment C.