It’s About Compliance Processes, Not Legal Practices

12
2544

By Adam Turteltaub
adam.turteltaub@corporatecompliance.org

The Department of Justice quietly posted on its website a document entitled “Evaluation of Compliance Programs”. Despite its quiet introduction, it’s a very important work because it lays out a series of questions that the Department will likely ask in determining the effectiveness of a compliance program.

The Department makes clear that these questions “form neither a checklist nor a formula. In any particular case, the topics and questions set forth below may not all be relevant, and others may be more salient given the particular facts at issue.”

In sum, it lays out guidance for prosecutors, and a window into what the DOJ sees as important in a compliance program.

It’s a very reasonable list of questions that is reassuring in that it demonstrates a sensible understanding of compliance programs.  It is also a great tool for any compliance officer looking to demonstrate to management what it takes to have an effective compliance program.

Also notable is what is not in the list:  a focus on legal issues.  Instead, the list squarely looks at how the business operates and how the company integrates compliance into its business functions.

The word “legal” appears in it once and the word “law” not at all.  By contrast “training” appears eight times, “board” seven, “management” eleven and “process” a whopping twenty-nine times.

While compliance with the law, of course, starts with the law, and while a strong partnership with legal is essential to compliance management, and a lawyer could lead compliance, the compliance profession, as this document shows, is clearly not about the practice of law.  It is about building effective systems to prevent, find and fix problems, that are integrated into business processes.

[clickToTweet tweet=”It’s About Compliance Processes, Not Legal Practices” quote=”It’s About Compliance Processes, Not Legal Practices” theme=”style3″]

12 COMMENTS

  1. In a world of people who think “Compliance programs are all about the law” we need people to understand that it is not true. Adam’s point is profoundly important because those who think compliance programs are all about the law will fail and every CEO who listens to them risks ending up like John Stumpf.

    • Or like GM with its “69 Naughty Words” powerpoint training or VW with its multi abn $ emissions scandal. Evidently both of these companies needed more than Legal SME to detect and fix theories problems, because in each case, internal peoples tried to raise concerns, but those never made it to the right levels for remediation. This is explained in the event University of Michigan Ross School of Business white paper and empirical study “Why General Counsels Don’t Preveny Corporate Crime”. The DOJ guidance document embraces the imperative for true Compliance SME.

  2. I was so happy to read this…I’ve been saying it for all my 15+ years as a compliance officer but I guess it’s hard for some folks to grasp. After all the law profession has been around alot longer and people just gravitate to attorneys when the law is involved. So glad the compliance profession has come this far. Keep up the good work fellow Compliance professionals!

  3. I completely agree that the guidance is important and should be viewed as such. However this “new” guidance mirrors the required compliance program elements contained in the appendix of every Deferred Prosecution Areement. Those who monitor such agreements have been using it as a guide for many years. The new guidance repackages, summarizes, and adds sample questions surrounding each element.

    Yes, it is noteworthy that “legal” criteria are minimized in this document. However, we should also ask how many times the term “ethics” is used. In fact, corporate programs are uniformly referred to as Compliance rather than Ethics and Conpliance programs, and the concept of ethical culture does not receive the level of attention it deserves. In many areas, the Federal Sentencing Guidelines offer equal, if not more insight into what DoJ (including US Attorneys making Prosecution decisions) are looking for regarding corporate ethics.

      • This is the great thing about the new Guidnce. CCOs will read it and understand. But GCs posing as double hatted GC/CCOs will bw looking in vain for the Legal focus. The modern model of Compliance untethers Compliance from Legal because it is a separate and different subject matter expertise )SME) that requires more than a legal resume to practice effectively. GN is an example of what happens when in house lawyers try to “do” compliance through a legaal lens/mandate

  4. Adam,

    The last sentence of the last paragraph of your post says it all… enough said why training, management (I prefer leadership) and process are so important in establishing and maintaining compliance.

  5. Given this news, it’s not surprising that business ethics is often a required course in business schools, not just due to the conceptual discussion about the nature of business but also because of the focus on business process management– the way that any business objective is achieved through effective use of scarce resources.

  6. This is a great read. Currently reporting to an attorney who still needs to “wrap her head” around exactly what I do convinced me it’s not about the law. It’s about education on the compliance process and I strive to teach that everyday. I’m glad E&C professionals are able to stand on their own w/o having to have a “JD” at the end of their title.

  7. Nice post. I was checking constantly this weblog and I’m impressed! Very helpful info specially the ultimate phase 🙂 I care for such information much. I used to be seeking this certain information for a long time. Thanks and best of luck.

Comments are closed.