How to Improve Your Corporate Compliance Program With the Help of the Department of Justice
So you find yourself in court or realize you soon will be. Who’s on trial? You? Your company? Your Compliance Program? Could be all three!
Periodically, the US Department of Justice Criminal Division updates and releases guidelines for prosecutors for the evaluation of corporate compliance programs. Increasingly, the lines are blurred around liability between the bad actor who caused the incident, the permissive environment that allowed it to go previously undetected, and the company. As the guidelines say, “prosecutors are instructed to probe specifically whether a compliance program is a ‘paper program’ or one ‘implemented, reviewed, and revised, as appropriate, in an effective manner.’ JM 9-28.”
For prosecutors, this is a critical part of their evaluation of a case or potential case to determine where the charges appropriately lie. Was this truly a bad actor not following company policy and intentionally evading detection by a well-designed and managed program? Or did the bad actor take advantage of a lax program that was poorly designed or implemented?
The guidelines specifically discuss three critical areas for evaluation by the prosecutor:
“Is the corporation’s compliance program well-designed?”
“Is the program being applied earnestly and in good faith?” In other words, is the program adequately resourced and empowered to function effectively?
“Does the corporation’s compliance program work in practice?”
Without question, these are three critical cornerstones for an effective corporate compliance program, partly because they are critical metrics that a prosecutor will use to evaluate your program. Let’s dive deeper.
Is the corporation’s compliance program well-designed?
This speaks to not just the technology in place, but how it is used and made available. For example, is your policy management system separate from or integral to your case management system? Is exit interview data considered a source for intake of new concerns?
Is the program being applied earnestly and in good faith?
Statistics show consistently that less than 20% of all issues that should be investigated are brought forward, leaving 80% or more to fester and poison your company culture. This, sadly, is the way the vast majority of case management and hotline system work.
Try a more active approach. Go to the reporters instead of them coming to you. Have you considered, for example, monitoring social media such as Glassdoor or LinkedIn for comments that warrant an investigation? What about exit interviews? We have seen clients that deploy exit interviews integrated into their case management process are able to identify and quickly address issues that otherwise would have been ignored.
Does the corporation’s compliance program work in practice?
Here’s a simple challenge – does your current system give you a benchmarking analysis broken down into useful insights that you can address? Most companies at best have some anecdotal evidence as to how they stack up, likely from some stale data.
The challenge here includes the lack of efficacy in that type of comparative benchmarking. How are each of those categories defined? Is there any consistency? If you don’t know or can’t answer that, I’d suggest that you really don’t know if your program works.
Of course, there’s a lot more to having an effective compliance program that will guard your brand and reputation. A proper program drives loyalty and trust from your employees and provides the comfort of knowing your company did everything in could to do the right thing in the eyes of a prosecutor. It could be the difference in determining if your company should be a defendant in a lawsuit or excluded with the blame falling squarely on a bad actor.
At ETHIX360, we know all there is to know about effective compliance programs. From case and policy management, to benchmarking, to exit interviews and social media monitoring, we’ve helped our clients fully prepare for potential litigation. I hope your company is just as prepared. If not, let’s have a conversation.
The ETHIX360 blog brings you weekly updates on all things human resources and compliance.
MEET THE AUTHOR
J Rollins is the co-founder and CEO of ETHIX360. J is a well known leader and innovator who has served on senior leadership teams ranging in responsibility from Chief Revenue Officer, Chief Marketing Officer, SVP of Product Strategy and Chief Operating Officer.
ABOUT ETHIX360
At ETHIX360, our goal is simple: to provide an affordable, flexible, and comprehensive answer to employee communication, policy management, corporate training and case management on issues related to corporate ethics, code of conduct, fraud, bribery, and workplace violence.
