Tag: culture of compliance

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 4 – The March 2023 Monaco Speech

In March, Deputy Attorney General (DAG) Lisa Monaco reviewed a number of initiatives by the DOJ that every compliance professional needs to study in some detail. These new initiatives included: (1) The Criminal Division’s Pilot Program Regarding Compensation Incentives and Clawbacks; (2) Evaluation of Corporate Compliance Programs; and (3) Revised Memorandum on Selection of Monitors in Criminal Division Matters.

Monaco set the tone for the week by identifying five general areas of DOJ focus. (1) Inspiring a Culture of Compliance; (2) Voluntary Self-Disclosure Programs; (3) Promoting Compliance through Compensation and Clawback Programs; (4) Resource Commitments to Corporate Criminal Enforcement; and (5 ) Individual Accountability.

Three key takeaways:

1. A culture of compliance continues to be the most important component of DOJ reviews.

2. Self-disclosure will be the number one factor in reducing a potential fine and penalty.

3. Expect more individual accountability.

Categories
Blog

Key Compliance Speeches from 2023 – DAG Monaco on a Culture of Compliance

In March 2023 there were two days of speeches from the DOJ which added to the compliance complexity.  The speeches were made by Deputy Attorney General (DAG) Lisa Monaco (2023 Monaco Speech) and Assistant Attorney General Kenneth A. Polite, Jr. (Polite Speech) and they discussed a number of initiatives by the DOJ which every compliance professional needs to study in some detail. Today we will review the 2023: (1) The Criminal Division’s Pilot Program Regarding Compensation Incentives and Clawbacks; (2) Evaluation of Corporate Compliance Programs; and (3) Revised Memorandum on Selection of Monitors in Criminal Division Matters.

In the fall 2021, Monaco announced the “Corporate Crime Advisory Group to recommend more advances, based on input, and this is important, input from outside as well as inside the department.” This led to the September 2022 announcement of the Monaco Doctrine as laid out in the Monaco Memo where the DOJ changed its focus to “promoting cultures of corporate compliance, while also ensuring consistency and predictability in the way the government treats corporate crime.” Her goal was to “empower companies to do the right thing, by investing in compliance, in culture and in good corporate citizenship — while at the same time empowering our prosecutors to hold accountable those who don’t follow the law.”

At the end of the day, perhaps the most significant pronouncement from Monaco was the following “in today’s complex and uncertain geopolitical – very uncertain quite frankly – geopolitical environment, corporate crime and national security are overlapping to a degree never seen before, and the department is retooling to meet that challenge.” This fits with the Biden Administration’s Strategy on Combatting Corruption, which elevated the fight against bribery and corruption through enforcement of laws such as the Foreign Corrupt Practices Act (FCPA) to a National Security Issue. Of course, the Biden DOJ has said several times in the past that “Sanctions are the new FCPA” and Monaco reiterated that in her speech last week.

Monaco set the tone for the week by identifying five general areas of DOJ focus. (1) Inspiring a Culture of Compliance; (2) Voluntary Self-Disclosure Programs; (3) Promoting Compliance through Compensation and Clawback Programs; (4) Resource Commitments to Corporate Criminal Enforcement; and (5 ) Individual Accountability.

A Culture of Compliance

The Monaco Memo “emphasized the department’s commitment to finding the right incentives to promote and support a culture of corporate compliance.” Monaco hoped to do so by creating two new areas of focus in addition to those laid out in the FCPA Resource Guide,  the 2017 Evaluation of Corporate Compliance Program and its 2020 Update and Chief Compliance Officer (CCO) certification requirement. In the 2023 Monaco Speech, she stated, “I noted two new areas of particular focus: a cross-department approach to promoting voluntary self-disclosure and how compensation structures can foster responsible corporate behavior. We want companies to step up and own up when they discover misconduct and to use compensation systems to align their executives’ financial interests with the company’s interest in good corporate citizenship.”

What is interesting about these two components is that they previously existed but were made more important in the Monaco Memo. Clear rewards for self-disclosure have been a part of FCPA enforcement since 2016 with the initiation of the Pilot Program around self-disclosure. Financial incentives and penalties (carrots and sticks) have been a part of best practices compliance programs since at least 2004 and were included in the original 2012 FCPA Resource Guide. But now a company must engage in both actions to demonstrate a “culture of compliance” to obtain the presumption of a declination under the Corporate Enforcement Policy.

Voluntary Self-Disclosure

Seemingly buried in the speech is perhaps the most significant statement about white collar criminal enforcement. Monaco said, “Now, with respect to voluntary self-disclosure, I am pleased to report that, for the first time, every U.S. Attorney’s Office now has, and every component I should say, that prosecutes corporate crime, now has in place an operative, predictable and transparent voluntary self-disclosure program. These policies share a common principle: absent aggravating factors, no department component will seek a guilty plea where a company has voluntarily self-disclosed, cooperated and remediated the misconduct.” She went on to add, “Let me be very clear. I want every general counsel, every executive and board member to take this message to heart: where your company discovers criminal misconduct, the pathway to the best resolution will involve prompt voluntary self-disclosure to the Department of Justice.” Her example was an excellent one: the ABB FCPA enforcement action.

Compensation and Clawbacks

Once again Monaco emphasized a part of every best practices compliance program over the past 20 years, financial incentives for doing business ethically and in compliance. However, in her 2023 Speech, she emphasized the disincentives or clawbacks. She stated, “First, every corporate resolution involving the Criminal Division will now include a requirement that the resolving company develop compliance-promoting criteria within its compensation and bonus system…Second, under the pilot program, the Criminal Division will provide fine reductions to companies who seek to claw back compensation from corporate wrongdoers.”

Monaco said the goal is “to shift the burden of corporate wrongdoing away from shareholders, who frequently play no role in the misconduct, onto those directly responsible.” The DOJ will incentivize such behavior in the following manner. “At the outset of a criminal resolution, the resolving company will pay the applicable fine, minus a reserved credit equaling the amount of compensation the company is attempting to claw back from culpable executives and employees. If the company succeeds and recoups compensation from a responsible employee, the company gets to keep that clawback money — and also doesn’t have to pay the amount it recovered.  And because we heard from stakeholders about how challenging and how expensive the pursuit of clawbacks can be, the pilot program will also ensure that those who pursue clawbacks in good faith but are unsuccessful are still eligible to receive a fine reduction.”

Resource Commitments

This section of the speech deals with DOJ resource commitments but it is still significant. Here Monaco emphasized the intersection of corruption, money-laundering, sanctions and National Security. This continues the Biden Administration trend on this score. There are new and additional resources the DOJ is bringing to bear in all of these areas. This includes the international arena as well. But a huge part of this commitment is that companies are now seen in many ways as the front line of criminal enforcement through self-disclosure of illegal conduct. If the DOJ continues down this path, both the incentives for self-disclosure and cooperation as well as the pain the DOJ will bring for companies which do self-disclose will be significant.  Monaco closed her speech with the following, “Investing now in a robust compliance program is good for business, and it is good for our collective economic and national security.”

Individual Accountability

As far back as 2015, in the Yates Memo, the DOJ has said they will emphasize individual accountability, through individual, as opposed to corporate, enforcement actions. In her speech, Monaco pointed to charges brought against two of the current most prominent alleged fraudsters, Sam Bankman-Fried and Carlos Watson and the convictions out of Theranos; Elizabeth Homes and Sunny Balwani. She also stated, “The Criminal Division’s Fraud Section, for example, secured more individual convictions at trial last year than in any of the previous five years.  So, our message is clear: the department will zealously pursue corporate crime in any industry, and we will hold wrongdoers accountable, no matter how prominent or powerful they are.” While this has yet not been seen in FCPA enforcement, perhaps it will be this year and beyond.

Tomorrow we will review the Polite Speech.

Categories
Blog

Monaco Speech: Part 3 – Culture

Deputy Attorney General (DAG) Lisa O. Monaco gave a Keynote Address at ABA’s 36th National Institute on White Collar Crime last week (Monaco Speech). Her remarks were noted by many commentators, including on two Compliance Into the Weeds podcasts where Matt Kelly and myself took two deep dives into her speech our podcast. Her remarks reframed a discussion about this Department of Justice’s (DOJ) priorities on white collar criminal enforcement, including under the Foreign Corrupt Practices (FCPA). Her remarks should be studied by every compliance professional as they portend a very large change in the way the DOJ and potentially other agencies enforce the FCPA. This has significant implications for every Chief Compliance Officer (CCO), compliance professional and corporate compliance programs.
Today, I am going to take up her remarks on corporate culture. They were a small but significant part of her remarks so I will quote them in full. She said,
Now, I recognize the resources and the effort it takes to manage a large organization and to put in place the right culture. The Department of Justice has over 115,000 employees across dozens of countries and an operating budget equivalent to that of a Fortune 100 company. So, I know what it means to manage and be accountable for what happens in a complex organization. But corporate culture matters. A corporate culture that fails to hold individuals accountable, or fails to invest in compliance — or worse, that thumbs its nose at compliance — leads to bad results.
Let me also be clear: a company can fulfill its fiduciary duty to shareholders and maintain a commitment to compliance and lawfulness. In fact, companies serve their shareholders when they proactively put in place compliance functions and spend resources anticipating problems. They do so both by avoiding regulatory actions in the first place and receiving credit from the government. Conversely, we will ensure the absence of such programs inevitably proves a costly omission for companies who end up the focus of department investigations.
Although we understand the costs that enforcement actions can place on shareholders and others, our responsibility is to incentivize responsible corporate citizenship, a culture of compliance and a sense of accountability. So, the department will not hesitate to take action when necessary to combat corporate wrongdoing. [Emphasis Supplied]
I asked Affiliated Monitors Inc., (AMI) founder Vin DiCianni for his thoughts around these remarks. He said, “Last week’s announcement by Deputy Attorney General Lisa Monaco and the Justice Department reignited the agency’s concentration of corporate and individual liability for white collar crimes.  In doing so, she emphasized to businesses, their leadership and the attorneys who represent them on the importance of implementing and maintaining strong effective compliance programs and how DOJ will continue to look at these programs going forward.” In other words, the criticalness of culture.
A culture of compliance is the foundation of an organization’s compliance program. It is a measure of how well employees feel empowered to identify, mitigate, and escalate risk within their institution. An institution’s compliance culture is set by the Board and Executive Leadership team. Their messaging should be continuously reinforced in an institution’s risk appetite statement, policies, training and enterprise-wide communications. A strong compliance culture should be evident at all levels of the financial institution and across all three lines of defense.
Tina Rampino, Associate Managing Director at K2 Integrity, laid out some key questions to ask around culture. They included:

  • What is the tone that is set from the most senior levels of the organization?
  • Are employees motivated by doing any and all business no matter the risk?
  • Are they empowered to act with integrity and choose the right business that aligns with their compliance culture?

She went on to relate, “Many institutions have built training and communications programs to help employees understand what the “right business means” – reinforcing an institution’s risk appetite statement, incorporating policies and procedures, and training on red flags and high-risk issues.” She concluded, “A culture of compliance should empower employees, not just in the second line of defense but in all areas of the institution – to think about the risks being presented through their customers, transactions, and products and services and how they can do their part in mitigating risk to the institution.”
We next turned to some of the key actions senior executives and leaders can take to not simply ‘talk-the-talk’ but also ‘walk-the-walk’ of compliance. Senior executives and leaders are responsible for setting the tone from the top which means setting expectations for the importance of compliance throughout the organization and by modeling behaviors for their employees. Rampino details the seven elements of a culture of compliance:

  1. Tone from the Top.
  2. Establishing and communicating enterprise-wide policies and programs.
  3. Defining clear roles and responsibilities across the three lines of defense.
  4. Ensuring adequate staffing and resources for functions responsible for compliance.
  5. Designing and implementing a comprehensive compliance training program.
  6. Establishing compliance incentives
  7. Creating efforts to embed and sustain a compliance culture.

Monaco had two additional remarks around corporate culture and a culture of compliance that bear repeating. She said, a record of corporate misconduct, even outside the FCPA, “speaks directly to a company’s overall commitment to compliance programs and the appropriate culture to disincentivize criminal activity.” In a remark that tied back to yesterday’s discussion of monitors she said, “Stepping back, any resolution with a company involves a significant amount of trust on the part of the government. Trust that a corporation will commit itself to improvement, change its corporate culture, and self-police its activities. But where the basis for that trust is limited or called into question, we have other options. Independent monitors have long been a tool to encourage and verify compliance.” This last sentence would speak directly to DiCianni’s thoughts that “Unlike the previous administration’s very limited use of monitors, DAG Monaco described the value that integrity monitors bring to oversight for both the department and those entities subject to such oversight.”
Monaco noted she has sat on corporate boards when in the private sector. This experience certainly informs her approach as the DAG. The DOJ will be taking a much closer and in-depth look at corporate culture and whether there is a culture of compliance in any company which finds itself in a FCPA investigation or enforcement action. CCOs and compliance functions need to be ready to have demonstrable and documented evidence of a culture of compliance.