DOJ Updates Corporate Compliance Program Evaluation Guidelines to Invite the Practice of Continuous and Evolving Improvements Through Data Analysis
The Department of Justice (DOJ) recently updated its Evaluation of Corporate Compliance Programs guidelines, which federal prosecutors consider when making decisions to prosecute corporate compliance violations, impose monetary penalties, and require future compliance commitments. The guidelines highlight what prosecutors should deem relevant in evaluating a corporate compliance program, both at the time of the offense(s) and at the time of the charging decision and resolution. In turn, the guidelines serve as a roadmap for corporate compliance and control personnel in designing a corporate compliance program, allocating resources to the program, evaluating the efficacy of the program in practice, and redesigning the program as needed on a regular basis. The updates make clear that the DOJ is interested in the continuous evaluation and evolution of corporate compliance programs, and that prosecutors will now be examining whether and how a compliance program incorporates data analytics. As before, the guidelines instruct federal prosecutors to ask three questions, though now slightly revised as follows: Is the compliance program well designed? Is the program adequately resourced and empowered to function effectively? Does the program work in practice? A welcome addition to the guidelines is a stated recognition that the circumstances of the company, e.g., size, industry, geographic footprint, regulatory landscape, etc., are relevant to prosecutors’ analysis. The guidelines also suggest...