Deep Dive Into DOJ Compliance Guidance

Last week the Justice Department released new guidance on effective corporate compliance programs, to incorporate the department’s new stance on compensation clawbacks and disciplinary procedures that it wants companies to embrace. Let’s take a close read of those changes to see what’s going on.

The updated guidance comes after numerous speeches by Justice Department officials calling for clawbacks and consistent disciplinary action as part of the culture of corporate compliance that prosecutors want to see. Just last week, both deputy attorney general Lisa Monaco and assistant attorney general Kenneth Polite both stressed the importance of such measures — and expressly warned that clawbacks will be a standard part of corporate misconduct resolutions from here forward.

So now we have the formal, updated guidance on evaluating corporate compliance programs. What does it say? 

The most important stuff begins on Page 12. The guidance unveils a new section titled “Compensation Structures and Consequence Management,” which previously had been called “Incentives and Disciplinary Measures.” This new section is expanded from 415 words to 1,150, and talks much more about disciplinary procedures, financial incentives, and the importance of assessing the effectiveness of your consequence management efforts. 

For example, the introduction of this section talks at length about the design of compensation schemes, and declares: “Prosecutors may consider whether a company has incentivized compliance by designing compensation systems that defer or escrow certain compensation tied to conduct consistent with company values and policies.” Later comes a detailed paragraph about how prosecutors will review a company’s financial incentives. 

The prior version of guidance only mentioned compensation in a brief, cursory way, asking questions such as “Has the company considered the implications of its incentives and rewards on compliance? How does the company incentivize compliance and ethical behavior?” That’s pretty much it.

Anyway, this is the new benchmark for the fabled “effective compliance program” you’re all striving to achieve. Let’s take a closer look.

Clawbacks and Compensation Schemes

The discussion of financial incentives and compensation schemes opens with a few questions:

  • Has the company considered the impact of its financial rewards and other incentives on compliance?
  • Has the company evaluated whether commercial targets are achievable if the business operates within a compliant and ethical manner?
  • What role does the compliance function have in designing and awarding financial incentives at senior levels of the organization?

All these questions drive at whether the company incorporates ethics and compliance concerns into its strategic plans and its use of human capital. That is, the company sets certain financial performance targets (“we want to grow overseas sales by 10 percent this year”), and then designs incentive plans to motivate employees to hit those targets. Are ethics and compliance concerns included in that planning? 

Of course, one easy way to include those concerns is to include the chief compliance officer when those deliberations happen; hence the third question above. Then again, it’s not enough simply to include the CCO so he or she can say, “Umm, that bonus plan for sales execs is an FCPA nightmare waiting to happen unless we ramp up training and vendor management.” Management actually has to heed the CCO’s counsel. How often does that actually happen? You tell me. (Seriously, email me at [email protected]. Confidentiality guaranteed.)

Next are a few questions more related to compensation policies:

  • What percentage of executive compensation is structured to encourage enduring ethical business objectives?
  • Are the terms of bonus and deferred compensation subject to cancellation or recoupment, to the extent available under applicable law, in the event that non-compliant or unethical behavior is exposed before or after the award was issued?
  • Does the company have a policy for recouping compensation that has been paid, where there has been misconduct? 

These questions are more issues of policy management; and how compliance, HR, and legal all work together to assure that you have mechanisms in place to address what the Justice Department is talking about. 

This might even be one area where your company could (ugh) benefit from a compensation consultant. I’m often cynical about how useful such firms truly are, but you’d need to show the logic and effectiveness of these policies — and especially for senior executives with equity stakes, compensation plans can be enormously complicated. Attention to detail will matter. 

Disciplinary Procedures and Documentation

Compensation clawbacks might be getting all the headlines, but the Justice Department’s new guidance actually devotes more attention to corporate disciplinary policies. It divides the subject into three specific paragraphs. 

Human Resources Process. This paragraph starts by asking questions about the transparency of the disciplinary process, such as who is involved in making disciplinary decisions, and for which types of misconduct. Even more interesting, the paragraph then fires off numerous questions about whether the company discusses disciplinary incidents with the general workforce:

  • Where an executive has been exited from the company on account of a compliance violation, how transparent has the company been with employees about the terms of the separation? 
  • Are the actual reasons for discipline communicated to employees in all cases? If not, why not? 
  • Has the company taken steps to restrict disclosure or access to information about the disciplinary process? 
  • Are there legal or investigation-related reasons for restricting information, or have pre-textual reasons been provided to protect the company from whistleblowing or outside scrutiny?

Umm, wow. I could see your employment counsel losing their lunch over these questions. Of course there will be times where individuals’ privacy concerns might warrant withholding some details of disciplinary actions; but it’s also clear that the Justice Department wants employees to understand when their coworkers do something wrong, so those employees can see that compliance violations bring consequences. Using privacy concerns as a fig leaf to hide the extent of a problematic culture — that’s not going to go over too well with prosecutors. 

Disciplinary Measures. This paragraph gets rather nitty-gritty. Among the questions asked: 

  • What types of disciplinary actions are available to management when it seeks to enforce compliance policies?
  • What policies and practices does the company have in place to put employees on notice that they will not benefit from any potential fruits of misconduct? 
  • With respect to the particular misconduct at issue, has the company made good faith efforts to follow its policies and practices in this respect?

Personally, I’d also add a follow-up question to that second bullet point above: “If you did put employees on notice, let’s see it.” That is, there are a lot of documentation demands hidden behind these questions. So how will you collect, organize, and preserve all that evidence? 

Consistent Application. This paragraph also runs heavy on documentation. Its questions include: 

  • Does the compliance function monitor its investigations and resulting discipline to ensure consistency? 
  • Are there similar instances of misconduct that were treated disparately, and if so, why?
  • What metrics does the company apply to ensure consistency of disciplinary measures across all geographies, operating units, and levels of the organization?

Let’s note here that when the Securities and Exchange Commission sanctioned JPMorgan Chase in 2021 for improper employee use of messaging apps, part of that settlement included JPMorgan hiring an “independent compliance consultant” who had to review, among other things, the bank’s disciplinary program. This new section in the Justice Department guidance addresses a lot of the same material. So you might want to consider whatever framework your company uses (if any) to address instances of non-compliance, systems to track discipline handed out, and processes that help to assure discipline is consistent across business lines and seniority ranks.  

Remember How Compliance Guidance Works

Compliance professionals have a tricky relationship with these evaluation guidelines. As much as we all obsess over the document, its primary audience are federal prosecutors throughout the Justice Department. 

They use the guidance more on a mix-and-match basis, selecting questions to ask you and your company based on the facts of the misconduct in question. You, the corporate compliance officer, don’t have that luxury. You need to design a compliance program that’s versatile enough to anticipate every question the evaluation guidelines contain — because you don’t know the fact pattern that might emerge and haul you into the nearest U.S. attorney’s office. 

There’s lots more in the updated guidance, too. We’ll get to that material in future posts. 

Leave a Comment

You must be logged in to post a comment.