Post By: Adam Turteltaub
The last two weeks have seen an extraordinary convergence of direction from enforcement authorities globally when it comes to compliance programs. While for years many considered compliance an “American thing”, that idea has been fading away as more and more governments advocate compliance programs with elements that echo those in the US Federal Sentencing Guidelines.
Now we have two more pieces of evidence that compliance is now a “global thing” with a growing consensus that enforcement authorities should evaluate compliance programs when making charging and settlement decisions. And, that consensus also includes a common belief that the compliance program should be risk-based and designed to meet the unique needs of the business.
Compliance professionals are likely already family, with this language from the U.S Department of Justice Criminal Division: Evaluation of Corporate Compliance Programs (Updated June 2020):
The starting point for a prosecutor’s evaluation of whether a company has a well-designed compliance program is to understand the company’s business from a commercial perspective, how the company has identified, assessed, and defined its risk profile, and the degree to which the program devotes appropriate scrutiny and resources to the spectrum of risks. In short, prosecutors should endeavor to understand why the company has chosen to set up the compliance program the way that it has, and why and how the company’s compliance program has evolved over time.
Notably, that same thinking can now be seen in the new UK SFO Operational Handbook, Chapter on Deferred Prosecution Agreements (October 2020). This document, which provides prosecutors there with direction for evaluating compliance programs, states:
A compliance programme must be proportionate, risk-based and regularly reviewed and tested, and the Company should be able to evidence that its programme has these traits, is adopted at board level and is sufficiently well-resourced.
As if this convergence of approaches weren’t enough it has also been reported that The World Bank is following a similar approach. Joseph Carl Maur, an Integrity Compliance Specialist at the Integrity Vice Presidency of The World Bank, commented at a World Bank Colloquium (October 2020) that The World Bank will also be evaluating compliance programs to determine if they are tailored to the risks the organization faces.
This harmony of approaches makes it easier to design compliance programs, and, just as importantly, demonstrate to management the importance of a risk-based, fully functional compliance program tailored to the company’s needs.
To be sure, there will always be slight differences in approach by members of the enforcement community from country to country, and even within countries. Antitrust enforcers often are less receptive to compliance programs than others are. But, it has grown very clear that more and more authorities globally are looking closely at compliance efforts with a common lens and expectations.
When the greatest difference is whether prosecutors are looking to evaluate programs or programmes, that’s a very good thing for compliance efforts globally.
Well-said, Adam. A good reminder for all, “…risk-based and designed to meet the unique needs of the business.”
Comments are closed.