On Monday, Principal Deputy Assistant Attorney General Nicole M. Argentieri spoke at the Society of Corporate Compliance and Ethics 23rd Annual Compliance & Ethics Institute. ( A copy of her remarks can be found here.) She reiterated the long-stated policy that compliance professionals play a critical role in ensuring companies comply with the law and foster a culture of ethics and integrity. She noted that the Department of Justice (DOJ) has made it clear that companies are the first line of defense against corporate crime, and compliance officers are on the front lines of this defense. The 2024 update to the DOJ’s Evaluation of Corporate Compliance Programs (ECCP) and the introduction of new pilot programs in 2024 underscore the increasing importance of the roles of compliance professionals. This blog post will review the highlights from her speech, the key lessons from this 2024 update to the ECCP, and how they should shape our approach to compliance programs in our organizations.
Lesson 1: Embrace Continuous Improvement in Compliance Programs
The DOJ’s emphasis on continuous improvement in compliance programs is a call to action for all of us. The updated ECCP highlights the need for companies to regularly review and update their compliance programs to account for emerging risks, such as those posed by disruptive technologies like artificial intelligence (AI). As the pace of technological advancement is rapid, and with it come new risks. AI, for example, can be a double-edged sword—while it offers efficiency and insights, it can also be exploited for fraudulent purposes, such as generating false documentation or approvals. The DOJ now explicitly expects companies to assess and manage these risks, which means we must stay ahead of the curve in understanding and mitigating the potential pitfalls of new technologies.
Action Steps for the Compliance Professional:
- Conduct regular risk assessments that include emerging technologies.
- Implement controls that address the risks associated with AI and other disruptive technologies.
- Ensure your compliance program evolves alongside technological advancements with continuous testing and monitoring.
Lesson 2: Foster a “Speak Up” Culture
The DOJ’s updates to the ECCP also emphasize encouraging a culture where employees feel comfortable reporting misconduct. The newly integrated questions into the ECCP regarding whistleblower protection reflect the DOJ’s serious stance on this issue. A “speak up” culture is foundational to a strong compliance program. Employees on the ground are often the first to spot potential issues, and creating an environment where they feel safe to report without fear of retaliation is crucial. The DOJ will scrutinize how well companies protect whistleblowers, so we must ensure our organizations have robust policies and training.
Action Steps for the Compliance Professional:
- Review and strengthen whistleblower protection policies.
- Regularly train employees on reporting misconduct and reassuring them about the protections in place.
- Monitor the effectiveness of your whistleblower program and make necessary adjustments to enhance reporting mechanisms.
Lesson 3: Data Access is Key to Compliance Effectiveness
Another critical area highlighted in the DOJ’s ECCP updates is the importance of data access for compliance personnel. The DOJ will now evaluate whether compliance teams have adequate access to the necessary data to assess the effectiveness of their programs.
Over the past 18 months, the DOJ has made it clear that accessing and analyzing relevant data is crucial for identifying risks and monitoring compliance. If compliance teams are siloed or cut off from important data sources, it hampers their ability to do their jobs effectively, and the DOJ will take notice.
Action Steps for the Compliance Professional:
- Ensure that compliance personnel have access to all relevant data sources.
- Invest in the necessary technology and resources for effective data analysis and monitoring.
- Work closely with IT and other departments to break down silos and facilitate seamless data access.
Lesson 4: Leverage Compensation to Drive Compliance
The DOJ’s Compensation Incentives and Clawbacks Pilot Program introduced a new dimension to compliance—aligning compensation with ethical behavior. This initiative requires companies to include compliance-related criteria in their compensation and bonus systems. While it is certainly not new to align compensation with compliance goals, it sends a powerful message to employees and management that ethical behavior is non-negotiable, and the new emphasis on consequences in the form of clawbacks and holdbacks must be considered. The DOJ views this leveraging of positive incentives and negative outcomes as a tangible link between individual performance and the company’s commitment to integrity.
Action Steps for the Compliance Professional:
- Integrate compliance metrics into performance evaluations and compensation structures.
- Regularly assess the effectiveness of these incentives and make adjustments as needed.
- Make sure you have the contractual right to clawback incentive awards or holdback bonuses for executives who are culpable or have buried their collective heads in the sand while corruption surrounds them.
Lesson 5: The Importance of Cooperation and Remediation
The DOJ’s approach to corporate resolutions underscores the importance of timely and effective cooperation and remediation. Companies that act quickly to cooperate with the DOJ and take meaningful steps to remediate misconduct are rewarded with significant penalty reductions. How a company responds can significantly affect the outcome in the unfortunate event of misconduct. The DOJ’s recent resolutions show that companies that move swiftly and decisively to address issues are viewed more favorably.
Action Steps for the Compliance Professional:
- Develop a clear protocol for responding to potential misconduct, including timely self-disclosure to the DOJ.
- Ensure that your company is prepared to cooperate fully with any investigation.
- Focus on meaningful remediation efforts that address the root causes of misconduct and prevent future occurrences.
Lesson 6: Whistleblower Programs as a Strategic Tool
Launching the DOJ’s Corporate Whistleblower Awards Pilot Program (CWA) is a significant development for compliance professionals. This program incentivizes internal reporting and substantially rewards companies that self-disclose misconduct. Given the number of reports the DOJ received in its first month (100), the CWA adds a new layer of urgency for companies to establish strong internal reporting mechanisms. Companies that encourage and protect whistleblowers can benefit from the CWA, while those that fail to do so may face harsher penalties.
Action Steps for the Compliance Professional:
- Strengthen your internal reporting systems and ensure they are well-publicized within the company.
- Make sure that your whistleblower policies are aligned with the DOJ’s expectations.
- Actively monitor and protect whistleblowers, ensuring there is no retaliation against those who report misconduct.
Now is the Time to Act
The DOJ’s updated policies and programs signal that corporate compliance expectations are higher than ever. Compliance professionals must take these developments seriously and use them as a roadmap to strengthen our programs. Do not wait. Whether embracing new technologies, fostering a “speak up” culture, or aligning compensation with ethical behavior, now is the time to make the necessary investments in compliance.
Remember, when misconduct does occur, it’s better to be proactive and call the DOJ before they call you. By taking these lessons to heart and implementing them in our organizations, we can meet the DOJ’s expectations and contribute to building a culture of integrity and accountability that will serve our companies well in the long run.
