Generic DOJ/SEC Guidance on Corporate Compliance Programs and FCPA Enforcement

e the appropriateness of a cooperation credit in light of the profile of the cooperating individual. Corporate Compliance Program Ina global marketplace, an effective compliance pro- gram is a critical component of a company’s internal con- trols and is essential to detecting and preventing FCPA vio- lations.*” Effective compliance programs are tailored to the company’s specific business and to the risks associated with that business. They are dynamic and evolve as the business and the markets change. An effective compliance program promotes “an orga- nizational culture that encourages ethical conduct and a commitment to compliance with the law.’*! Such a program protects a company’s reputation, ensures investor value and confidence, reduces uncertainty in business transactions, and secures a company’s assets.’ A well-constructed, thought- fully implemented, and consistently enforced compliance and ethics program helps prevent, detect, remediate, and report misconduct, including FCPA violations. In addition to considering whether a company has self-reported, cooperated, and taken appropriate remedial actions, DOJ and SEC also consider the adequacy of a company’s compliance program when deciding what, if any, action to take. The program may influence whether or not charges should be resolved through a deferred prosecution agreement (DPA) or non-prosecution agreement (NPA), as well as the appropriate length of any DPA or NPA, or the term of corporate probation. It will often affect the penalty amount and the need for a monitor or self-report- ing As discussed above, SEC’s Seaboard Report focuses, among other things, on a company’s self-policing prior to the discovery of the misconduct, including whether it had established effective compliance procedures2™ Likewise, three of the nine factors set forth in DOJ’s Principles of Federal Prosecution of Business Organizations relate, either directly or indirectly, to a compliance program’s design and implementation, including the pervasiveness of wrongdo- ing within the company, the existence and effectiveness of the company’s pre-existing compliance program, and the company’s remedial actions?” DOJ also considers the US. Guiding Principles of Enforcement Sentencing Guidelines’ elements of an effective compliance program, as set forth in § 8B2.1 of the Guidelines. These considerations reflect the recognition that a company’s failure to prevent every single violation does not necessarily mean that a particular company’s compli- ance program was not generally effective. DOJ and SEC understand that “no compliance program can ever prevent all criminal activity by a corporation’s employees;?% and they do not hold companies to a standard of perfection. An assessment of a company’s compliance program, including its design and good faith implementation and enforcement, is an important part of the government’s assessment of whether a violation occurred, and if so, what action should be taken. In appropriate circumstances, DOJ and SEC may decline to pursue charges against a company based on the company’s effective compliance program, or may otherwise seek to reward a company for its program, even when that program did not prevent the particular underlying FCPA violation that gave rise to the investigation” DOJ and SEC have no formulaic requirements regarding compliance programs. Rather, they employ a common-sense and pragmatic approach to evaluating com- pliance programs, making inquiries related to three basic questions: e Is the company’s compliance program well designed? e Is it being applied in good faith? ¢ Does it work?” This guide contains information regarding some of the basic elements DOJ and SEC consider when evaluating compliance programs. Although the focus is on compliance with the FCPA, given the existence of anti-corruption laws in many other countries, businesses should consider designing programs focused on anti-corruption compli- ance more broadly” HOUSE_OVERSIGHT_022558