Hallelujah! We have fresh guidance from the Justice Department about an effective FCPA compliance program, and a speech from a new official there who says enforcement will continue!
And we all thought the Trump Administration could get nothing done.
The guidance is an 11-part checklist apparently added to the Fraud Section’s website sometime last week. It walks through questions (46 in total) that prosecutors will typically ask about a compliance program. While the guidance specifically says, “the questions below form neither a checklist nor a formula”—let’s get real here. There are actual check-boxes next to the questions:
Clearly the list isn’t meant to be definitive. Nor does it break any new ground conceptually. Nothing in this guidance will surprise any compliance professional who has been following FCPA enforcement in recent years. Still, it’s an excellent roadmap to help a compliance officer prepare for the conversations to come once you disclose that FCPA violation you just discovered.
The 46 questions are grouped into 11 categories. Those categories range from remediation of the underlying misconduct, to the role of senior and middle management, to the autonomy of the compliance function, to training, to risk assessment, and more.
The category with the most questions is “Policies & Procedures.” It asks about whether policies and procedures were designed in consultation with business units; about whether assessments were done to gauge how effective your policies and procedures are at stopping bribery; how the company trains gatekeepers on their anti-corruption responsibilities; and how the company communicates all these policies and procedures to the masses.
Two keynotes jump out to me in this guidance. One is how the company embeds FCPA compliance programs into business operations; the other is how the company communicates the importance of good conduct.
For example, four questions ask about incentives and disciplinary measures. Really, those questions try to get at how your company demonstrates to employees that good conduct is rewarded, bad conduct punished. Demonstrating the importance of something is communication. These questions don’t ask whether you hang the anti-bribery policy in the bathroom. They ask about how the company shows employees that it’s serious about anti-bribery and good conduct. That’s the communication that matters.
Compliance officers can use this guidance to inform the program you want to build. They’re specific, tangible points about program management and function that a corporate compliance officer can understand. Being able to answer all these questions certainly won’t hurt.
(By the way, credit to the law firm White & Case, which first noted the existence of this checklist on Friday.)
Another sign about the future of FCPA enforcement also arrived last week: Trevor McFadden, who will oversee the Fraud Section as deputy assistant attorney general, gave a speech on Thursday outlining his views at a forum in Washington.
Most of McFadden’s remarks were an historical overview of the law, which turns 40 this year. (Please, please, let’s not make 40th birthday jokes a running theme for FCPA discussion this year.) When he did turn to the future of FCPA enforcement, he then hit all three points that one would expect from a Justice Department official trying to win over a skeptical compliance audience:
- FCPA enforcement will continue to be a priority;
- Prosecution of individuals will be a priority;
- Cooperation from companies will be rewarded.
McFadden also acknowledged the FCPA Pilot Program. It launched one year ago to reward companies with discounted penalties if they self-disclose FCPA violations, cooperate fully, and remediate the underlying problems. The Pilot Program is up for review in April.
McFadden did not directly say what the future of the Pilot Program might be. But the spirit of the program feeds into what Attorney General Jeff Sessions wants to achieve: more prosecution of individuals, without unnecessary penalties on corporations.
So when McFadden did say, “We will carefully review the results of the Program and consider what, if any, modifications should be made to encourage companies and individuals to comply voluntarily with the FCPA’s requirements”—I take that to mean they like where the FCPA Pilot Program has been going so far.
It’s a safe bet that by later this year, we will see the program’s principles adopted as a permanent fixture of FCPA enforcement: steep reduction in penalties, or no enforcement sanction at all, if the company discloses the problem, fixes the root cause, and cooperates with prosecuting individual offenders.
One other clue: during a Q&A session after his speech, apparently McFadden said that having a compliance counsel working in the Fraud Section (Hui Chen) has been “very helpful.” I agree 100 percent. Chen spent years as an in-house compliance officer at Standard Chartered, Microsoft, and Pfizer; she brings crucial in-house compliance officer perspective to the Fraud Section. My guess is that the new checklist guidance mentioned above is her handiwork.
One question I’ve had as the Trump Administration squats into power has been the fate of the compliance counsel role: whether Chen herself would remain (she’s been at the Fraud Section since October 2015), and whether the role would continue at all.
Here’s hoping McFadden and other FCPA enforcement leaders keep the compliance counsel job as a permanent part of the payroll. It’s another reassuring sign for compliance officers. Lord knows we need them.