Thu. Mar 28th, 2024

Editor’s Note: The Criminal Division earlier this month announced the release of a guidance document for white-collar prosecutors on the evaluation of corporate compliance programs.  The document, entitled “The Evaluation of Corporate Compliance Programs,” updates a prior version issued by the Division’s Fraud Section in April 2019. The guidance document sets forth topics that the Criminal Division has frequently found relevant in evaluating corporate compliance programs and it may be beneficial for legal, business, and information technology professionals in the eDiscovery ecosystem as they consider audits, investigations, and litigation in the area of corporate compliance.

An extract from the updated DOJ Criminal Division Evaluation of Corporate Compliance Programs Document

Evaluation of Corporate Compliance Programs

General Introduction Extract

This document is meant to assist prosecutors in making informed decisions as to whether, and to what extent, the corporation’s compliance program was effective at the time of the offense, and is effective at the time of a charging decision or resolution, for purposes of determining the appropriate (1) form of any resolution or prosecution; (2) monetary penalty, if any; and (3) compliance obligations contained in any corporate criminal resolution (e.g., monitorship or reporting obligations).

Because a corporate compliance program must be evaluated in the specific context of a criminal investigation, the Criminal Division does not use any rigid formula to assess the effectiveness of corporate compliance programs. We recognize that each company’s risk profile and solutions to reduce its risks warrant particularized evaluation. Accordingly, we make a reasonable, individualized determination in each case that considers various factors including, but not limited to, the company’s size, industry, geographic footprint, regulatory landscape, and other factors, both internal and external to the company’s operations, that might impact its compliance program. There are, however, common questions that we may ask in the course of making an individualized determination. As the Justice Manual notes, there are three “fundamental questions “a prosecutor should ask:

  1. “Is the corporation’s compliance program well designed?
  2. “Is the program being applied earnestly and in good faith? “In other words, is the program adequately resourced and empowered to function effectively?
  3. “Does the corporation’s compliance program work “in practice?

See JM 9-28.800.

Mergers and Acquisitions Section Extract

A well-designed compliance program should include comprehensive due diligence of any acquisition targets, as well as a process for timely and orderly integration of the acquired entity into existing compliance program structures and internal controls. Pre-M&A due diligence, where possible, enables the acquiring company to evaluate more accurately each target’s value and negotiate for the costs of any corruption or misconduct to be borne by the target. Flawed or incomplete pre- or post-acquisition due diligence and integration can allow misconduct to continue at the target company, causing resulting harm to a business’s profitability and reputation and risking civil and criminal liability.

The extent to which a company subjects its acquisition targets to appropriate scrutiny is indicative of whether its compliance program is, as implemented, able to effectively enforce its internal controls and remediate misconduct at all levels of the organization.

  • Due Diligence Process – Was the company able to complete pre-acquisition due diligence and, if not, why not? Was the misconduct or the risk of misconduct identified during due diligence? Who conducted the risk review for the acquired/merged entities and how was it done? What is the M&A due diligence process generally?
  • Integration in the M&A Process – How has the compliance function been integrated into the merger, acquisition, and integration process?
  • Process Connecting Due Diligence to Implementation – What has been the company’s process for tracking and remediating misconduct or misconduct risks identified during the due diligence process? What has been the company’s process for implementing compliance policies and procedures, and conducting post-acquisition audits, at newly acquired entities?

Read more on the Evaluation of Corporate Compliance Programs 


Evaluation of Corporate Compliance Programs (PDF) Mouseover to Scroll

Evaluation-of-Corporate-Compliance-Programs-June-2020-Revision

Original Source: U.S. Department of Justice Criminal Division


Additional Reading

Source: ComplexDiscovery

 

Generative Artificial Intelligence and Large Language Model Use

ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude, Midjourney, and DALL-E, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).

ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on ComplexDiscovery.com. By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.

 

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.

ComplexDiscovery OÜ is a highly recognized digital publication focused on providing detailed insights into the fields of cybersecurity, information governance, and eDiscovery. Based in Estonia, a hub for digital innovation, ComplexDiscovery OÜ upholds rigorous standards in journalistic integrity, delivering nuanced analyses of global trends, technology advancements, and the eDiscovery sector. The publication expertly connects intricate legal technology issues with the broader narrative of international business and current events, offering its readership invaluable insights for informed decision-making.

For the latest in law, technology, and business, visit ComplexDiscovery.com.