The Trump Administration’s top regulatory review officer is outlining ambitious plans for more deregulation in 2018 — including efforts to sweep independent federal agencies into her purview and to crack down on the “sub-regulatory” guidance that corporate compliance professionals consume all the time.
Neomi Rao, head of the Office for Information and Regulatory Affairs (OIRA) made her remarks Friday during a speech in Washington. To no surprise, she called 2017 “a banner year” for deregulation, and praised President Trump’s executive order requiring federal agencies to propose repealing two existing rules for every new rule they want to adopt.
“The administration didn’t go after this problem with little scissors,” Rao said, “but really with something much more like the big, beautiful, gold scissors the president used to cut the red tape at his December speech.”
Perhaps those scissors Trump used were gold-plated, covering up whatever cheap metal the president really used for his pointless photo-op. That would be a much better metaphor for the 2-for-1 regulatory kill order Rao touted last week.
After all, independent agencies such as the Securities and Exchange Commission, Federal Reserve, Public Company Accounting Oversight Board, OSHA, Federal Trade Commission, and many more (read the complete list if you like) are not subject to Trump’s kill order. They can participate if they want, and some agency chiefs in full Trumpian thrall certainly do. But neither law nor Trump’s executive order require them to do so.
Even for agencies where the kill order does apply, regulations relevant to military, national security, or foreign policy are exempt. New regulations required by statute are exempt. And agencies only need to propose repealing two rules, not actually repeal them. Those proposed repeals must go through the usual public comment and review process — which, as every compliance officer knows, can take forever.
So Rao was quick to praise the administration for withdrawing or delaying more than 1,500 planned rules. That is not the same as existing rules repealed, and existing rules are what fills a compliance officer’s time.
More interesting to compliance officers will be Rao’s comments about “sub-regulatory guidance” — the policy memos, FAQs, and even speeches that government officials put forth, which everyone then pores over obsessively to divine some deeper meaning.
Nice try, Rao said, but the logic of sub-regulatory guidance relies on a “thinner constitutionality” and subverts the public’s ability to review and comment on the ideas behind such guidance. She wants less of it.
“By cracking down on sub-regulatory guidance… we’re ensuring that when agencies impose new requirements, they’re following administrative procedures, and giving the public notice and opportunity to comment,” she said.
And what would qualify as sub-regulatory guidance Rao wants to review? “If there’s a guidance document that imposes significant costs — it’s economically significant, or otherwise significant from a policy perspective — we should be taking a look at that,” she said. “And we might push back if we think it’s better served by a regulation.”
That answer strikes me as vague. For example, would the Justice Department’s Resource Guide to the FCPA from 2012 qualify under her standard? It seems significant from a policy perspective to me, and companies that ignore its 10 hallmarks of an effective compliance program can incur the displeasure of attorneys in the Fraud Section. Should those 10 hallmarks have been published as an exposure draft and put out for public comment?
On the other hand, what about the Guidelines to Evaluate the Effectiveness of a Compliance Program, released in 2017? That was an internal policy memo for Justice Department lawyers, not intended for public consumption. The department posted it as a goodwill gesture for the compliance community, and we’ve eaten it up ever since. It’s only a list of questions DOJ lawyers might ask your company when under investigation; would Rao want that to go through exposure drafts and public comment, too?
Within the Justice Department, the crucial question is whether that sub-regulatory guidance creates some new enforcement risk for a company — that is, if DOJ lawyers would try to extract penalties or sanctions if your company ignores the guidance.
Two months ago Attorney General Jeff Sessions issued a memo “prohibiting the Department of Justice from issuing guidance documents that have the effect of adopting new regulatory requirements or amending the law.” Last week the Civil Division of the department issued its own memo reiterating that policy, We don’t yet have a head of the Criminal Division (the nominee is still waiting on Senate confirmation), but one can assume he’ll adopt that posture, too.
Well, would the compliance community, investors, and victims of corruption really would be better served if the 10 hallmarks of an effective compliance program had been subject to public comment? In fact, would that have happened at all? Or will we see more of what deputy AG Rod Rosenstein did when he announced the FCPA Corporate Enforcement Policy, where he simply framed DOJ policy as enforcement guidelines folded into the U.S. Attorney’s Manual? (Which, we might add, Rosenstein announced after Sessions’ no-new-guidance rule went into effect.)
Independent Agencies in Target
Rao also took the required Republican swipe at independent agencies such as the SEC and PCAOB. She was clear that she wants their regulatory work to fall under OIRA review: “I think there’s no constitutional reason to treat independent agencies differently from other agencies.” Rao even said OIRA would be eager to look at IRS guidance on widely applicable rules — ponder that for a moment, tax compliance professionals out there.
“I think there’s no constitutional reason to treat independent agencies differently from other agencies.”
I wonder whether the heads of said independent agencies, even in the Trump Administration’s deregulatory era, truly want to see their power curbed. In the Securities and Exchange Commission, for example, we have all sorts of sub-regulatory guidance: “Dear CFO” letters, Compliance Discussion & Interpretation missives, staff legal and accounting bulletins, and even the occasional meaty speech from a commissioner. Would investors be better protected if the SEC had to slow the production of that material?
Rao’s answer almost seems like she’s inviting anti-regulation zealots to file a lawsuit of some kind, alleging that an independent agency’s rule is invalid because it didn’t go through OIRA review.
The plain truth is that Rao, like so many others in the Trump Administration, can talk a good game to her political audience, but there’s less there than meets the eye, especially for the compliance community. SEC rules, AML rules, cybersecurity precautions, FCPA “hints” folded into the U.S. Attorneys’ Manual (don’t call it guidance!) — that’s all still coming. That’s all still on your desk.