Kusserow on Compliance: DOJ on benchmarking compliance program effectiveness

Under the U.S. Sentencing Commission Guidelines for Organizations, federal judges are mandated to take into the consideration the existence or absence of an effective compliance program as factors for aggravation or mitigation of penalties. A year has passed since the Department of Justice (DOJ) appointed Hui Chen as the Compliance Counsel for the Criminal Division’s Fraud Section. Over the last 12 months the DOJ has Compliance Counsel presented at a number of conferences and given numerous interviews in rolling out this new program. The Compliance Counsel has responsibility for providing expert guidance to prosecutors as they consider the enumerated factors concerning the prosecution of business entities. The DOJ Compliance Counsel is further charged with helping prosecutors to assess organization corporate compliance and remediation measures. This will include developing benchmarks to enable measuring an organization’s compliance program effectiveness.

Tom Herrmann, JD, who for many years had responsibility of coordinating HHS Office of Inspector General (OIG) work with the DOJ made the point that “This is a significant move by the DOJ to evaluate whether an entity has evidence of the existence of a robust compliance program at the time of the conduct giving rise to the investigation. If the organization can provide evidence it had been involved in implementing meaningful compliance measures to prevent, detect and act appropriately upon wrongdoing; it can go a long way to mitigate their exposure and have prosecutors focus on individuals as rogue employees. On the other hand, if the organization failed to implement proper prevention measures, then the scope of the wrongdoing and penalties against the organization will be much greater.”

Some of the areas for which the DOJ has reported that it will be evaluating and establishing compliance benchmarks should be familiar to anyone who has read compliance guidance by the OIG. They include the following:

  • How well is the compliance program operating?
  • How well the compliance program is communicated at all levels of the organization?
  • Is there an adequate Code of Conduct and comprehensive compliance policies?
  • Are directors and senior managers providing strong, explicit and visible compliance support
  • Is there a senior executive with appropriate autonomy to oversee a corporate compliance?
  • Does compliance receive adequate funding and resources?
  • Are the compliance policies clear and in writing and easily understood by employees?
  • Are compliance policies effectively communicated to all employees?
  • Do employees have easy access to written policies and procedures?
  • Are employees receiving repeated compliance-related trainings?
  • Are policies and practices reviewed and kept up-to-date with evolving risks?
  • Are there mechanisms to enforce compliance policies?
  • Does the compliance program guidance extend to vendors, agents or consultants?

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2016 Strategic Management Services, LLC. Published with permission.