By Adam Turteltaub
The Department of Justice quietly posted on its website a document entitled “Evaluation of Compliance Programs”. Despite its quiet introduction, it’s a very important work because it lays out a series of questions that the Department will likely ask in determining the effectiveness of a compliance program.
The Department makes clear that these questions “form neither a checklist nor a formula. In any particular case, the topics and questions set forth below may not all be relevant, and others may be more salient given the particular facts at issue.”
In sum, it lays out guidance for prosecutors, and a window into what the DOJ sees as important in a compliance program.
It’s a very reasonable list of questions that is reassuring in that it demonstrates a sensible understanding of compliance programs. It is also a great tool for any compliance officer looking to demonstrate to management what it takes to have an effective compliance program.
Also notable is what is not in the list: a focus on legal issues. Instead, the list squarely looks at how the business operates and how the company integrates compliance into its business functions.
The word “legal” appears in it once and the word “law” not at all. By contrast “training” appears eight times, “board” seven, “management” eleven and “process” a whopping twenty-nine times.
While compliance with the law, of course, starts with the law, and while a strong partnership with legal is essential to compliance management, and a lawyer could lead compliance, the compliance profession, as this document shows, is clearly not about the practice of law. It is about building effective systems to prevent, find and fix problems, that are integrated into business processes.
[clickToTweet tweet=”It’s About Compliance Processes, Not Legal Practices” quote=”It’s About Compliance Processes, Not Legal Practices” theme=”style3″]