Tag: compliance

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Contextual Diversity in Compliance

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

You must be attuned to cultural differences in a global organization.

For more on this topic, check out The Compliance Handbook, a Guide to Operationalizing Your Compliance Program, 6th edition, which LexisNexis recently released. It is available here.

Categories
Creativity and Compliance

Creativity and Compliance – Overcoming Conservatism in Compliance Education with Creativity

Where does creativity fit into compliance? In more places than you think. Problem-solving, accountability, communication, and connection – they all take creativity. Join Tom Fox and Ronnie Feldman on Creativity and Compliance, part of the award-winning Compliance Podcast Network.

Ronnie’s company, Learnings and Entertainment, utilizes the entertainment devices people use to consume information in their everyday, non-work lives and applies it to important topics around compliance and ethics. It is not only about being funny. It is about changing the tone of your compliance communications and messaging to make your compliance program, policies, and resources more accessible.

In this episode of Creativity and Compliance, Tom Fox and Ronnie Feldman tackle the challenge of integrating creative, engaging methods into compliance training within conservative institutions. Drawing examples from financial giants, they discuss how these organizations have successfully implemented entertaining and effective training strategies. Addressing common concerns such as risk aversion, cost, and effectiveness, the hosts advocate for shorter, more frequent, and varied training formats. They highlight that creativity in compliance training not only captures attention but also enhances engagement and memory retention. The episode concludes with a call to action for compliance professionals to consider what they have to lose by trying new approaches.

Key highlights:

  • Overcoming Conservatism in Creative Compliance
  • Addressing Risk-Averse Concerns
  • Short, Fun, and Frequent Training
  • Variety in Compliance Training
  • User Experience and Engagement

Resources: 

Ronnie

  • Compliance Confessionsinspired by “Mean Tweets,” these 90-second commercials address misconceptions and excuses to promote speak-up culture and the E&C team as positive and helpful.
  • E&C Training Jams – a soulful singer banters about ethics & compliance, explaining policies, sharing examples, and debunking excuses. 
  • Tales from the Hotline – Real speak-up-themed stories about workplace behavior gone wrong.
  • Workplace Tonight Show! E&C meets SNL Weekend Update to explain corporate risk topics and why employees should care.
  • 60-Second Communication & Awareness Shorts – A variety of short, customizable, music and multimedia, quick-hitter “commercials” promoting integrity, compliance, speaking up, and the E&C team as helpful advisors and coaches.
  • Custom Live & Digital Programing – Custom creative programming that balances the seriousness of the subject matter with a more engaging delivery. After all, you can’t bore people into learning.

 Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Creativity and Compliance was recently honored as one of the Top 35 Podcasts on Creativity by Feedspot.

Categories
Blog

Sherlock Holmes and the Business of Compliance: Top Five Lessons from A Study in Scarlet

In a new season of Adventures in Compliance, we have journeyed through the ethical, investigative, and leadership lessons in Sir Arthur Conan Doyle’s foundational Sherlock Holmes novel, A Study in Scarlet. Today, I wanted to look at the novel from another perspective, exploring the novel for its compelling insights into critical business practices. Sherlock Holmes is not simply the world’s greatest fictional detective; he is also an insightful instructor in the art of business. Here are five top business lessons from Holmes’ first novel and how compliance professionals can incorporate these lessons into best-practice compliance programs.

Lessons Learned

1. Cultivating Diversified Skill Sets to Foster Innovation

When Dr. John Watson meets Sherlock Holmes, we see the convergence of two dramatically different skill sets. Practical and grounded, Watson complements Holmes’s exceptional analytical acumen and eccentric genius. This pairing is significant; Holmes benefits greatly from Watson’s structured and methodical approach, which developed from Watson’s training as a medical professional and his disciplined experience as a soldier.

In business compliance, it is essential to recognize the power of multidisciplinary teams. Just as Watson’s medical insights were crucial to Holmes’ understanding of crime, a strong compliance function requires input from various corporate functions such as legal, finance, HR, and operations. Encouraging collaboration across different departments brings about innovative compliance solutions that one-dimensional thinking can’t match.

Compliance Best Practice: Build cross-functional compliance teams and create environments where open dialogue between various business units becomes standard operating procedure.

2. Trust Encourages Risk-Taking and Innovation

A cornerstone of Holmes’s partnership with Watson was their mutual trust. Watson’s unwavering trust in Holmes gave Holmes the liberty to experiment boldly, occasionally taking unconventional paths toward solutions. This trusted partnership allowed Holmes to embrace creative risk-taking, essential to solving complex problems. In compliance programs, trust similarly fuels innovation. A company culture emphasizing trust will empower employees to bring forth concerns or innovative ideas without fear of reprisal. A trust-based compliance culture is a fertile ground for employee engagement, proactive problem-solving, and thoughtful risk-taking.

Compliance Best Practice: Foster a speak-up culture by actively demonstrating management’s responsiveness to employee concerns. Compliance officers must reinforce trust at all organizational levels.

3. Objective Feedback Sharpens Analytical Capabilities

Sherlock Holmes, despite his brilliance, greatly valued Watson’s objective insights. Holmes knew that an external perspective could identify blind spots he might overlook. Watson often provided straightforward observations that sharpened Holmes’ analysis, effectively guiding Holmes toward the solution by challenging his assumptions. In compliance, objective and candid feedback mechanisms are equally critical. Regular audits, external compliance reviews, and independent assessments act as the compliance function’s “Dr. Watson.” They help organizations identify areas needing improvement and provide a comprehensive understanding of compliance health.

Compliance Best Practice: Implement structured, objective compliance audits and reviews, ideally conducted by independent parties, to ensure the continuous refinement of compliance strategies.

4. Emotional Intelligence Enhances Decision-Making

While Holmes is famed for his detached logic, Watson’s emotional intelligence often balanced their investigative endeavors. Watson’s sensitivity towards human behavior complemented Holmes’ sharp logic and brought depth to their investigative methods. This integration of emotional intelligence and logical rigor proved pivotal in understanding suspects and witnesses.

Likewise, compliance is not merely about adhering to rules. It is about understanding and managing human behavior within the organizational context. Compliance officers who understand employee motivations and organizational psychology can effectively tailor compliance programs, addressing root behavioral drivers of misconduct rather than superficial symptoms alone.

Compliance Best Practice: Incorporate emotional intelligence training for compliance officers and team members. Ensure compliance communication demonstrates empathy and understanding, increasing employee acceptance and effectiveness.

5. Structured Communication Optimizes Organizational Clarity

Sherlock Holmes’ partnership with Watson was not simply effective because of their complementary skills but also exceptionally productive due to clear and structured communication. Holmes, meticulous and precise, effectively communicated his deductions, theories, and investigative approaches, thus providing Watson with clarity and alignment on strategy.

Structured communication in corporate compliance is similarly crucial. Clear, concise, and frequent communication from compliance teams ensures that every organizational member understands their responsibilities, obligations, and the reasoning behind compliance initiatives. Transparency and clarity can significantly reduce missteps caused by misunderstandings and ambiguity.

Compliance Best Practice: Develop a structured communication plan with regular compliance updates, clear policy documentation, accessible training materials, and transparent reporting channels.

6. Integrating Sherlock’s Business Wisdom into Compliance

In A Study in Scarlet, Sherlock Holmes does not simply solve mysteries; he implicitly outlines best practices that remain strikingly relevant to today’s compliance landscape. These lessons can translate for compliance professionals into actionable strategies to fortify compliance frameworks, improve organizational ethics, and drive business success.

Cross-Functional Synergy: Ensure diverse departmental insights inform your compliance program design. Holmes utilized Watson’s medical expertise, leveraging cross-departmental collaboration to create more robust, adaptive compliance structures.

Trust-Based Culture: Compliance innovation thrives where trust prevails. Demonstrating transparency and accountability cultivates trust and encourages innovative compliance problem-solving.

Objectivity and Independence: Regular external reviews and independent feedback ensure compliance programs remain sharp and attuned to emerging risks.

Emotional Insight: Emotional intelligence can enhance compliance effectiveness. Understanding employees’ emotional and psychological motivations can bolster compliance messaging and training efficacy.

Clear, Structured Communication: Establish a robust framework for clear compliance communication. This will prevent ambiguity and ensure alignment across all organizational levels.

Conclusion

Although fictional, Sherlock Holmes provides a powerful template for contemporary business compliance. By embodying these five business principles observed in A Study in Scarlet, compliance professionals can ensure their programs are robust, effective, proactive, and dynamic. Holmes reminds us that compliance, much like detective work, demands constant vigilance, a diverse skill set, structured communication, emotional intelligence, and trust-based relationships.

In the face of modern compliance challenges, ranging from regulatory upheavals and technological advancements to shifting corporate cultures, these timeless lessons from Sherlock Holmes offer valuable strategies that corporate compliance professionals can immediately deploy. As compliance programs evolve, embracing these lessons will position compliance officers not merely as corporate watchdogs but as critical strategic partners and business enablers.

Remember Holmes’ words: “There is nothing like first-hand evidence.” Compliance leaders must continuously seek first-hand insights into organizational behavior, culture, and practices. By applying Sherlockian clarity, logic, and strategic thinking to our compliance programs, we can transform compliance from a reactive safeguard into a proactive catalyst for ethical business excellence.

Let Holmes inspire your compliance journey, empowering your teams to navigate the complexities of corporate ethics and integrity with confidence and innovation. Embrace these five business lessons, apply them rigorously, and watch your compliance program thrive.

As Holmes would undoubtedly advise, the game is always afoot—so let’s play it well.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Podcasting for Compliance Training

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Use all the tools at your disposal for training, including podcasting.

For more on this topic, check out The Compliance Handbook, a Guide to Operationalizing Your Compliance Program, 6th Edition, which LexisNexis recently released. It is available here:  https://bit.ly/433bKre

Categories
Blog

It’s a New Dawn – Compliance Monitors in 2025

In a move that should surprise no corporate compliance professional, the DOJ’s Criminal Division issued a new Memo on May 12, 2025, updating and clarifying its policies on the selection, imposition, and oversight of compliance monitors in corporate resolutions. (Herein the ‘Monitor Memo.’) This new guidance refreshes prior directives (including the foundational Morford Memo) and lays out how monitorships should be assessed, tailored, and executed in granular detail. I want to end my short series on the DOJ’s announcement of changes in white-collar enforcement by reviewing the changes to monitor selection and monitorships going forward and then considering what this means for compliance professionals. As Grace Slick said when Jefferson Airplane hit the stage at Woodstock on the morning of Day 2, “It’s a new dawn.”

I. Monitors: Precision Tools

First, the DOJ clarifies that monitorship should not be used for punitive purposes. Instead, they aim to ensure that a company meaningfully implements compliance reforms and reduces the risk of future misconduct. However, the DOJ also recognizes that monitors can be costly and intrusive. Hence, their use must be carefully calibrated. The core principle of the Monitor Memo is that monitors should be imposed only when necessary, and their scope should be tailored to the misconduct and the company’s risk profile.

The Criminal Division lays out four key factors for when a monitor may be appropriate:

  1. Risk of Recurrence. If the underlying misconduct is serious—think sanctions violations, FCPA infractions, healthcare fraud, or cartel facilitation—and has national or international implications, the risk of recurrence will weigh heavily in favor of a monitorship.
  2. Other Oversight. If another regulator (domestic or foreign) is already effectively overseeing compliance, the DOJ might hold back on appointing a monitor. But if your company committed crimes despite existing oversight, that fact will support the need for one.
  3. Compliance Program & Culture. If your company has revamped its program, replaced bad actors, and created a credible culture of compliance, that cuts against the need for a monitor. But if your program is underdeveloped, window dressing won’t suffice.
  4. Control Maturity & Self-Monitoring Capacity. Have you tested your controls? Have they been in place long enough to prove they work? Can you test, update, and scale your compliance framework internally? If yes, you may avoid a monitor. If not, start preparing now.

The DOJ’s memo drives home one central theme: fit matters. The DOJ wants focused, cost-conscious, collaborative monitorships, from budget caps to biannual meetings.

Here’s what that looks like (at this point):

  • Budget Caps: Monitors must submit a detailed budget, subject to DOJ approval, at the outset of their work. Rate caps and cost estimates must be justified, updated before each review phase, and strictly adhered to.
  • Tri-Partite Meetings: At least twice a year, the monitor, the company, and the DOJ must meet to align goals, address concerns, and ensure transparency. These are not performative check-ins; they are designed to keep all parties rowing in the same direction.
  • Collaboration over Confrontation: The DOJ is encouraging a cultural shift. Monitorships should be approached as mutual partnerships, not hostile audits. Companies have a voice; explaining operational constraints or challenging unnecessary actions is not a red flag.

The selection of a monitor should not be a backroom deal. As a monitorship is a multilayered and often multiyear process, the selection process should be designed to ensure integrity, independence, and credibility. The Monitor Memo sets out a new and transparent process.

  1. Company Nominates: The company proposes 3–5 candidates with no recent ties to the organization and compliance and independence certifications.
  2. DOJ Interviews and Evaluations: Prosecutors and section supervisors interview each candidate, assessing their qualifications, objectivity, cost-efficiency, and experience.
  3. Standing Committee Review: A special committee, including ethics officials, reviews the DOJ’s recommended candidate and must approve before the pick moves to the Assistant Attorney General (AAG).
  4. Final Approval: The AAG reviews the recommendation and sends it to the Office of the Deputy Attorney General (ODAG), which gives the final stamp of approval.

In short, this is a deliberate, transparent process. If the DOJ rejects a candidate or the entire slate, the company must resubmit promptly.

The DOJ’s 2025 memorandum reflects an evolution in how federal prosecutors see compliance monitors: not just as watchdogs but as facilitators of lasting cultural change. For the corporate compliance community, this is a clarifying moment. The DOJ isn’t out to punish companies for punishment’s sake. It offers your compliance regime a chance to prove that your organization’s compliance house is in order and that your company can keep it that way without someone watching over your shoulder.

II. Lessons for the Compliance Professional

Taken in conjunction with the Galotti Memo, revised CEP, and Galeotti Speech, what should compliance leaders be doing today?

  • Bolster Your Program Now

The most effective way to avoid the imposition of a monitor and indeed receive a full Declination is to have a robust, tested, and risk-aligned compliance program already in place when misconduct is discovered, or better yet, before it occurs. If your program is reactive, overly general, or untested, it signals to the DOJ that you may need outside help. But suppose you can demonstrate that your program has been implemented thoughtfully, customized to your company’s risk profile, and embedded into business operations. In that case, you are far more likely to avoid a monitor. That means (1) documenting not only your policies and procedures; (2) showing how they are communicated, enforced, and regularly improved; (3) that your internal controls are more than words on paper; they are working in practice; and (4) continuous improvement through regular testing, third-party evaluations, and board-level oversight.

  • Document Everything

In compliance, if it is not documented, it did not happen. This mantra has never been more important than in the post-resolution environment. The DOJ’s refocused CEP and changes to monitorship decisions underscore the need for companies to contemporaneously and comprehensively document all remediation efforts, disciplinary actions, training rollouts, and policy changes. If your company responds to misconduct with serious reforms, but you do not have the paper trail to back it up, prosecutors may assume those reforms are temporary, superficial, or nonexistent. That is a recipe for a monitor.

  • Engage Experts

One of the clearest signals a company can send to the DOJ about its seriousness in addressing misconduct is proactively engaging third-party experts before the government forces its hand. The revised CEP and Monitor Memo recognizes that a company’s voluntary use of outside compliance consultants, forensic auditors, or legal advisors can reduce or even eliminate the need for a monitor. These experts provide an independent lens, help benchmark your program against industry standards, and identify gaps before they become systemic failures. The bottom line is not to wait for the government to tell you to bring in expertise. Be proactive. Be smart. Be credible.

  • Prove Your Culture Has Changed

Culture is the bedrock of compliance, and the DOJ knows it. The revised CEP and Monitor Memo encourage prosecutors to consider whether a company’s leadership and culture differ meaningfully from those that allowed the misconduct to occur. This creates a critical opportunity for compliance professionals to prove that their house has been cleaned and remodeled. It means demonstrable metrics, employee survey data, speak-up culture indicators, training completion rates, or reduction in hotline-related retaliation claims that show your culture is becoming one of integrity and accountability. Suppose you can show that employees now report misconduct earlier, that internal investigations are handled more fairly, and that ethical conduct is rewarded. In that case, your company is more likely to argue that external supervision is no longer necessary, even if a full Declination is not warranted. Cultural change takes time, but in the eyes of the DOJ, it is one of the most persuasive indicators of whether your organization has truly moved on from its past.

  • Prepare for Monitoring Anyway

If your company believes it will avoid a monitorship, prepare as if one is coming. Pressure tests your program and creates a remediation roadmap aligning with DOJ expectations. Be ready to show how your company has made significant progress. Preparing for a monitor also forces your team to adopt a monitor’s mindset: testing controls, tracking effectiveness, documenting improvements, and coordinating with business units. It’s a rigorous, forward-leaning exercise that will strengthen your compliance program, even if the monitor never arrives. Remember, the DOJ is not just interested in what you say your organization will do; it is watching what you have already done. Preparation shows maturity. And if the monitor is ultimately imposed, you can hit the ground running with a partner who views you as ready, willing, and able, not reluctant or reactive.

The bottom line from these new DOJ pronouncements is that compliance can be cleaned up, and then full walking papers for FCPA or other white-collar crime incidents that your organization may have sustained can be obtained. Now is the time to take advantage of the DOJ’s incredibly pro-business approach. If your senior management harks back to the Executive Order suspending FCPA investigation and enforcement, tell them that the DOJ has lifted the suspension.

Resources:

CRM White Collar Enforcement Plan

Revised CEP

CRM Monitor Memo

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Measuring Compliance Training Effectiveness

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

How do we meet the DOJ mandate for effective training?

For more on this topic, check out The Compliance Handbook, a Guide to Operationalizing Your Compliance Program, 6th Edition, which LexisNexis recently released. It is available here.

Categories
Great Women in Compliance

Great Women in Compliance – Compliance is the Floor, Ethics is the Ceiling with Ellen Hunt

In this week’s special episode of Great Women in Compliance, Hemma interviews Ellen Hunt, an ethics and compliance professional and recent recipient of the Compliance Week Lifetime Achievement in Compliance Award. Ellen shares her journey from law to compliance, emphasizing the importance of organizational justice, psychological safety, and ethical decision-making. Listeners will gain insights into Ellen’s approach to fostering a values-driven culture, her experiences and advice on ensuring transparency, the role of conflict in cultivating psychological safety, and her commitment to nurturing the compliance community.

Highlights include: 

  • Ellen Hunt’s Career Journey and Recent Lifetime Achievement Award
  • Organizational Justice and Compliance
  • The Evolution of Ethics and Compliance
  • The Role of Psychological Safety
  • Ellen’s Legacy in Elevating a Compliance Community

Biography:

Ellen is a lawyer, ethics & compliance professional, audit executive, and chief privacy officer. Before joining Spark Compliance Consulting, A Diligent Brand, Ellen was the Vice President, Compliance Program Operations and Chief Privacy Officer for LifePoint Health, Senior Vice President ~Chief Ethics & Compliance Officer, and Chief Audit Executive for AARP.

Ellen was named “Mentor of the Year” by Compliance Week in 2021 and the 2019 Not-For-Profit Compliance Officer of the Year by Women In Compliance. She received the Trust Across America Top Thought Leaders Lifetime Achievement Award in 2019 and was named a Top Mind by Compliance Week in 2016. Most recently, in April 2025, she was awarded a Lifetime Award for Compliance by Compliance Week.

She taught at the Fordham University School of Law, Program for Corporate Ethics and Compliance. She is an adjunct professor at Loyola University Chicago School of Law, teaching Business Ethics in the 21st Century and co-teaching the Compliance and Culture courses. Ellen serves on the Advisory Boards for the Notre Dame Deloitte Center for Ethical Leadership, Compliance Week, and the Quorum Initiative. She is the co-founder of The Seven Elements Book Club, a book club devoted to ethics and compliance authors, and winner of the 2022 award for “Best New Idea” by the Great Women in Compliance podcast.

Categories
Blog

The Updated CEP: Is Real Credit Finally Here?

Matthew R. Galeotti, Head of the Criminal Division at the U.S. Department of Justice (DOJ), recently delivered a speech at SIFMA’s Anti-Money Laundering and Financial Crimes Conference. Contemporaneously, the DOJ issued a Memo (the Galeotti Memo) entitled Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime. I have explored both in previous blog posts. Today, I want to review the Corporate Enforcement and Voluntary Self-Disclosure Policy (CEP) updates. It provides a roadmap for how companies can earn leniency when they self-report wrongdoing. And in an increasingly unforgiving regulatory landscape, that roadmap is worth its weight in gold.

Under the CEP, a company that voluntarily self-discloses, fully cooperates, and timely remediates can qualify for a declination of prosecution, provided there are no aggravating circumstances. This is the reaffirmation of a multi-year DOJ effort to garner more self-disclosures. It gives compliance professionals something real to bring to the C-suite: if we invest in robust compliance and proactively address issues, we can avoid criminal prosecution altogether.

What if aggravating factors exist, such as senior-level involvement or prior misconduct? If the company cooperates and remediates in good faith, the policy still provides for reduced penalties, non-prosecution agreements, and shorter resolution terms. In other words, the DOJ offers a “near miss” safety net for companies that fall short of full eligibility but act responsibly.

The takeaway is clear: Compliance is not just a cost center but a value driver. The CEP recognizes that companies should be rewarded for coming forward, cooperating, and fixing problems. That means compliance professionals must build systems that detect misconduct early, encourage internal reporting, and enable swift action. When a crisis hits, your response will not just shape your company’s future; it may be the difference between a decline and a prosecution.

Voluntary Self-Disclosure

The DOJ’s Criminal Division strongly encourages companies to voluntarily self-disclose potential misconduct as early as possible, even before completing an internal investigation. To qualify under the CEP, a disclosure must meet several key criteria: it must be made to the Criminal Division (or in good faith to another DOJ component involved in the resolution), concern previously unknown misconduct, not be required by any existing legal obligation, and occur before any imminent threat of disclosure or government investigation arises. Additionally, the disclosure must be made within a “reasonably prompt” timeframe, with the company bearing the burden of proving timeliness.

The DOJ proposes a limited exception for the new Corporate Whistleblower Awards Pilot Program. Suppose a whistleblower reports misconduct internally and to the DOJ. In that case, a company may still qualify for the presumption of declination, but only if it self-discloses to the DOJ within 120 days of the internal report and meets all other voluntary disclosure conditions.

This guidance underscores the urgency and importance of real-time reporting mechanisms, strong internal controls, and rapid compliance response protocols. Timely self-disclosure is not just encouraged; it is now a strategic imperative in mitigating enforcement risk.

What is Full Cooperation?

To earn full cooperation credit under the CEP, a company must go beyond the general requirements of the Principles of Federal Prosecution of Business Organizations (Justice Manual 9-28.000) and meet six key obligations:

  1. Disclosure of All Relevant Facts: A company must share all non-privileged, relevant facts it knows, including facts about individuals responsible for the misconduct, regardless of their rank, whether internal or external to the company.
  2. Timely and Specific Information Sharing: This includes facts obtained through any internal investigation, updates during that investigation, and specific attributions of facts to sources. The company must also clearly identify all involved parties.
  3. Proactive Cooperation: Companies must voluntarily disclose relevant facts, even if prosecutors do not specifically request them. They are also expected to alert the DOJ to any avenues of obtaining evidence not in the company’s possession but known to them.
  4. Preservation and Disclosure of Documents: Relevant documents, including overseas ones, must be preserved, collected, and produced. Companies must detail such documents’ origin, custodians, and locations; facilitate third-party productions; and provide necessary translations. The company must prove the restriction if foreign law prevents disclosure and suggest viable alternatives.
  5. De-confliction: Companies must avoid actions that might interfere with DOJ investigations. If requested, they must delay certain investigative steps, such as employee interviews, for a narrowly tailored period to protect DOJ priorities.
  6. Availability of Individuals for Interviews: Subject to constitutional protections, companies must make current and former employees (including those overseas) available for DOJ interviews and facilitate third-party interviews where possible.

These standards ensure that cooperation is meaningful, timely, and valuable to the DOJ’s efforts, rewarding companies that truly support investigations with favorable outcomes under the CEP.

Timely and Appropriate Remediation

Under the CEP, timely and appropriate remediation is a non-negotiable component of earning cooperation credit and potentially avoiding prosecution. And for compliance professionals, it is a clarion call to action. First, the company must conduct a root cause analysis, a genuine examination of what went wrong, why, and how to prevent it from happening again. It’s not about blaming a few bad apples but addressing systemic issues that allowed the misconduct to take root. Did a cultural blind spot develop in a high-risk market? Was there a breakdown in oversight or a failure to escalate red flags? The DOJ expects thoughtful answers and corrective action.

Second, the company must demonstrate an effective compliance and ethics program tailored to its risk profile, business model, and resources. That means more than having policies on the books. DOJ evaluators are looking at leadership’s commitment, compliance’s access to the board, compensation tied to ethical performance, and real-time testing of program effectiveness. Box-checking won’t cut it.

Third, accountability is key. Companies must appropriately discipline wrongdoers, including those who failed in their supervisory duties, and ensure they retain and safeguard business records, including communications on personal devices and ephemeral apps.

Finally, remediation includes showing that the company understands the seriousness of the misconduct and is proactively reducing future risk. This is about culture, not cosmetics.

In short, remediation is proof of your values in action. It is the difference between performative compliance and real commitment. Suppose you’re building a credible compliance program in today’s enforcement environment. In that case, remediation must be embedded in your DNA because the DOJ is watching, and your organization’s future may depend on how you respond.

Providing Cooperation Credit

Finally, there is the cooperation credit. Hopefully, we have finally moved past the Kenneth Polite formulation of super, double-secret, undefined “we know it when we see it” cooperation. Cooperation credit here will be earned through demonstrable, high-quality, timely actions. Cooperation is assessed on a sliding scale based on how extensively and effectively a company supports the government’s investigation. Once a company meets the minimum threshold for cooperation, prosecutors evaluate factors such as scope, quantity, quality, timing, and the overall impact of the cooperation provided.

Importantly, cooperation credit starts at zero and increases only with meaningful contributions, and there is no presumption of full credit. The DOJ now distinguishes between cooperation levels by varying the starting point within the U.S. Sentencing Guidelines fine range, and the percentage of fine reduction awarded. Companies that delay cooperation may significantly reduce their potential credit.

Waiver of attorney-client privilege or work product protections is not required to receive cooperation credit. If a company claims its financial condition limits its ability to cooperate, it must provide supporting documentation. The DOJ will carefully evaluate any such claims. Ultimately, the message is clear: to earn meaningful credit, cooperation must be real, proactive, and sustained. But at least it is now defined and not “We know it when we see it.”

Resources:

CRM White Collar Enforcement Plan

Revised CEP

CRM Monitor Memo

Categories
Innovation in Compliance

Staying the Course in Compliance: Insights from Kristy Grant-Hart

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. Today, we begin a 3-part podcast series sponsored by Diligent with Clint Palermo, Kristy Grant-Hart, and Stephanie Font. In Part 3, Tom is joined by Kristy Grant-Hart, Vice President and Head of Compliance Advisory Services at Spark Compliance Consulting, a Diligent brand, about the state of compliance in the wake of recent changes to FCPA enforcement.

They discuss the importance of staying consistent with compliance programs, the role of regulatory bodies worldwide, and the practical implications of modern slavery and trade sanctions. Kristy emphasizes the need for a strategic focus on forward-looking risks and the benefits of combining Diligent’s software capabilities with expertise in compliance services. They also underscore the importance of maintaining psychological safety and a speak-up culture within organizations.

Key highlights:

  • The Importance of Consistency in Compliance
  • The Power of Combining Compliance Services with Technology
  • Strategic Focus for Compliance Officers

Resources:

Kristy Grant-Hart on LinkedIn

Spark Compliance

Visit Diligent Website

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Compliance Training Frequency

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Does compliance training always have to be conducted annually?

For more on this topic, check out The Compliance Handbook, a Guide to Operationalizing Your Compliance Program, 6th Edition, which LexisNexis recently released. It is available here.