Evaluating Corporate Compliance Programs? Updated DOJ Criminal Division Guidance

The updated guidance document on corporate compliance from the Department of Justice sets forth topics that the Criminal Division has frequently found relevant in evaluating corporate compliance programs. The information shared in the guidance may be beneficial for legal, business, and information technology professionals in the eDiscovery ecosystem as they consider audits, investigations, and litigation in the area of corporate compliance.

en flag
nl flag
et flag
fi flag
fr flag
de flag
pt flag
ru flag
es flag

Editor’s Note: The Criminal Division earlier this month announced the release of a guidance document for white-collar prosecutors on the evaluation of corporate compliance programs.  The document, entitled “The Evaluation of Corporate Compliance Programs,” updates a prior version issued by the Division’s Fraud Section in April 2019. The guidance document sets forth topics that the Criminal Division has frequently found relevant in evaluating corporate compliance programs and it may be beneficial for legal, business, and information technology professionals in the eDiscovery ecosystem as they consider audits, investigations, and litigation in the area of corporate compliance.

An extract from the updated DOJ Criminal Division Evaluation of Corporate Compliance Programs Document

Evaluation of Corporate Compliance Programs

General Introduction Extract

This document is meant to assist prosecutors in making informed decisions as to whether, and to what extent, the corporation’s compliance program was effective at the time of the offense, and is effective at the time of a charging decision or resolution, for purposes of determining the appropriate (1) form of any resolution or prosecution; (2) monetary penalty, if any; and (3) compliance obligations contained in any corporate criminal resolution (e.g., monitorship or reporting obligations).

Because a corporate compliance program must be evaluated in the specific context of a criminal investigation, the Criminal Division does not use any rigid formula to assess the effectiveness of corporate compliance programs. We recognize that each company’s risk profile and solutions to reduce its risks warrant particularized evaluation. Accordingly, we make a reasonable, individualized determination in each case that considers various factors including, but not limited to, the company’s size, industry, geographic footprint, regulatory landscape, and other factors, both internal and external to the company’s operations, that might impact its compliance program. There are, however, common questions that we may ask in the course of making an individualized determination. As the Justice Manual notes, there are three “fundamental questions “a prosecutor should ask:

  1. “Is the corporation’s compliance program well designed?
  2. “Is the program being applied earnestly and in good faith? “In other words, is the program adequately resourced and empowered to function effectively?
  3. “Does the corporation’s compliance program work “in practice?

See JM 9-28.800.

Mergers and Acquisitions Section Extract

A well-designed compliance program should include comprehensive due diligence of any acquisition targets, as well as a process for timely and orderly integration of the acquired entity into existing compliance program structures and internal controls. Pre-M&A due diligence, where possible, enables the acquiring company to evaluate more accurately each target’s value and negotiate for the costs of any corruption or misconduct to be borne by the target. Flawed or incomplete pre- or post-acquisition due diligence and integration can allow misconduct to continue at the target company, causing resulting harm to a business’s profitability and reputation and risking civil and criminal liability.

The extent to which a company subjects its acquisition targets to appropriate scrutiny is indicative of whether its compliance program is, as implemented, able to effectively enforce its internal controls and remediate misconduct at all levels of the organization.

  • Due Diligence Process – Was the company able to complete pre-acquisition due diligence and, if not, why not? Was the misconduct or the risk of misconduct identified during due diligence? Who conducted the risk review for the acquired/merged entities and how was it done? What is the M&A due diligence process generally?
  • Integration in the M&A Process – How has the compliance function been integrated into the merger, acquisition, and integration process?
  • Process Connecting Due Diligence to Implementation – What has been the company’s process for tracking and remediating misconduct or misconduct risks identified during the due diligence process? What has been the company’s process for implementing compliance policies and procedures, and conducting post-acquisition audits, at newly acquired entities?

Read more on the Evaluation of Corporate Compliance Programs 


Evaluation of Corporate Compliance Programs (PDF) Mouseover to Scroll

Evaluation-of-Corporate-Compliance-Programs-June-2020-Revision

Original Source: U.S. Department of Justice Criminal Division


Additional Reading

Source: ComplexDiscovery

A Matter of Pricing? A Running Update of Semi-Annual eDiscovery Pricing Survey Responses

First administered in December of 2018 and conducted four times during the last two years with 334 individual responses, the semi-annual eDiscovery Pricing Survey highlights pricing on selected collection, processing, and review tasks. The aggregate results of all surveys as shared in the provided comparative charts may be helpful for understanding pricing and its impact on purchasing behavior on selected services over time.



Access the Results Now!

ComplexDiscovery combines original industry research with curated expert articles to create an informational resource that helps legal, business, and information technology professionals better understand the business and practice of data discovery and legal discovery.

All contributions are invested to support the development and distribution of ComplexDiscovery content. Contributors can make as many article contributions as they like, but will not be asked to register and pay until their contribution reaches $5.

Morae Acquires Legal Management Consultancy Janders Dean

According to Janders Dean founder Justin North, "Now more than ever,...

eDiscovery Mergers, Acquisitions, and Investments in Q2 2020

From UnitedLex to Onna, ComplexDiscovery findings, data points, and tracking information...

An Irish Update: DPC Ireland Publishes GDPR Regulatory Activity Report

The purpose of this two-year assessment is to provide a wider-angled...

Constrained Acceleration? The Summer 2020 eDiscovery Business Confidence Survey

Since January 2016, 2,089 individual responses to eighteen quarterly eDiscovery Business...

A Running List: Top 100+ eDiscovery Providers

Based on a compilation of research from analyst firms and industry...

The eDisclosure Systems Buyers Guide – 2020 Edition (Andrew Haslam)

Authored by industry expert Andrew Haslam, the eDisclosure Buyers Guide continues...

The Race to the Starting Line? Recent Secure Remote Review Announcements

Not all secure remote review offerings are equal as the apparent...

Enabling Remote eDiscovery? A Snapshot of DaaS

Desktop as a Service (DaaS) providers are becoming important contributors to...

Home or Away? New eDiscovery Collection Market Sizing and Pricing Considerations

One of the key home (onsite) or away (remote) decisions that...

Revisions and Decisions? New Considerations for eDiscovery Secure Remote Reviews

One of the key revision and decision areas that business, legal,...

A Macro Look at Past and Projected eDiscovery Market Size from 2012 to 2024

From a macro look at past estimations of eDiscovery market size...

An eDiscovery Market Size Mashup: 2019-2024 Worldwide Software and Services Overview

While the Compound Annual Growth Rate (CAGR) for worldwide eDiscovery software...

Constrained Acceleration? The Summer 2020 eDiscovery Business Confidence Survey

Since January 2016, 2,089 individual responses to eighteen quarterly eDiscovery Business...

A Matter of Pricing? A Running Update of Semi-Annual eDiscovery Pricing Survey Responses

First administered in December of 2018 and conducted four times during...

A Pandemeconomic Indicator? Summer 2020 eDiscovery Pricing Survey Results

Based on the complexity of data and legal discovery, it is...

COVID-19 Constrained? The Impact of Six Issues on the Business of eDiscovery

In the spring of 2020, 51.2% of respondents viewed budgetary constraints...

Morae Acquires Legal Management Consultancy Janders Dean

According to Janders Dean founder Justin North, "Now more than ever,...

eDiscovery Mergers, Acquisitions, and Investments in Q2 2020

From UnitedLex to Onna, ComplexDiscovery findings, data points, and tracking information...

Mitratech Acquires CMPG Risk Solutions

According to the announcement, with the inclusion of enterprise and vendor...

Onna Raises $27M in Series B Funding

"Since we first invested in Onna last year, Slack deployed their...

Five Great Reads on eDiscovery for June 2020

From collection market size updates to cloud outsourcing guidelines, the June...

Five Great Reads on eDiscovery for May 2020

From review market sizing revisions to pandemeconomic pricing, the May 2020...

Five Great Reads on eDiscovery for April 2020

From business confidence to the boom of Zoom, the April 2020...

Five Great Reads on Data Discovery and Legal Discovery for March 2020

From business continuity considerations to cybersecurity attacks, the March 2020 edition...