The cornerstone of any best practices compliance program is written protocols. This includes a Code of Conduct, policies and procedures. These elements have long been memorialized in the US Sentencing Guidelines; the Department Of Justice’s (DOJs) Opinion Releases regarding compliance programs, the 2012 FCPA Guidance, both DOJ and Securities and Exchange Commission (SEC) enforcement actions, the 2019 Guidance and FCPA Corporate Enforcement Policy.
There are three levels of standards and controls, Code of Conduct standards and policies and procedures. Every company should have a Code of Conduct that expresses its ethical principles. But a Code of Conduct is not enough. The Code of Conduct is implemented through your compliance policies. It is further operationalized through your compliance procedures. The DOJ spoke to their importance in the 2019 Guidance when it stated, “As a threshold matter, prosecutors should examine whether the company has a code of conduct that sets forth, among other things, the company’s commitment to full compliance with relevant Federal laws that is accessible and applicable to all company employees.” As a corollary, prosecutors should also assess whether the company has established policies and procedures that incorporate the culture of compliance into its day-to-day operations.
At the end of the 31 Days you will have a very detailed grounding on better written standards for your compliance program. You will be able to utilize the information presented to implement a more effective compliance program for your organization.
Three key takeaways:
- The cornerstone of any best practices compliance program is its written protocols.
- Written standards work to prevent, detect and remediate.
- What are the specific written protocols you should have in your compliance program?
For more information, check out The Compliance Handbook, 4th edition, here.