In February 2017, the Department of Justice (DOJ) issued its“Evaluation of Corporate Compliance Programs,” which provides an explanation as to how compliance programs are evaluated by prosecutors. This 119-question resource offers great insights for compliance officers working to build and enhance their compliance programs. One thing to remember about these guidelines is that they relate to all industry sectors. The Principles of Federal Prosecution of Business Organizations in the United States Attorney’s Manual describes specific factors that prosecutors should consider in conducting an investigation of a corporate entity, determining whether to bring charges, and negotiating plea or other agreements. These factors, commonly known as the Filip Factors, include “the existence and effectiveness of the corporation’s pre-existing compliance program” and the corporation’s remedial efforts “to implement an effective corporate compliance program or to improve an existing one.” The guidance was formulated to evaluate compliance programs after a violation has been discovered and examine the existing misconduct as the benchmark against which the compliance program will be evaluated. The Compliance Program Guidance is divided into 11 sections. Each category includes a list of questions the DOJ may consider when evaluating a company’s compliance program when it confronts corporate misconduct. The sections are:
- Analysis and Remediation of Underlying Conduct;
- Senior and Middle Management;
- Autonomy and Resources;
- Policies and Procedures;
- Risk Assessment;
- Training and Communications;
- Confidential Reporting and Investigation;
- Incentives and Disciplinary Measures;
- Continuous Improvement, Periodic Testing and Review;
- Third Party Management; and
- Mergers & Acquisitions.
The DOJ noted that in developing this document, it used the U.S. Sentencing Commission Guidelines. The document also relates back to a number of other DOJ reports, including the Yates Memorandum that focused on individual accountability in corporate investigations, and not just organizational wrongdoing. Although the compliance guidance documents issued by the HHS Office of Inspector General (OIG) are tailored to the health care sector, the reading of the DOJ evaluation document is relatable to them. All seven elements of an effective compliance program are included in the DOJ guidelines. It is worthwhile for compliance officers of health care entities to read this document and incorporate those areas identified by the DOJ for their own work place. There are plenty of ideas among the 119-questions outlined in their document for use by compliance officers to improve their organizations’ compliance programs.
The OIG calls for ongoing monitoring of the compliance program to ensure that it is up to date and operating the way it is designed to. In addition, there should be periodic, independent auditing of the program to verify that monitoring is taking place and validate that the results of operation are making the compliance program effective in achieving its goals. The U.S. Sentencing Commission in its standards for compliance and ethics programs also call for organizations to “evaluate periodically the effectiveness of the organization’s compliance and ethics program.” Now the DOJ is calling for the same thing. As such, those organizations that have not had their compliance program subject to an independent compliance program effectiveness evaluation should consider having it now, incorporating the DOJ guidelines as part of their review.
Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.
Connect with Richard Kusserow on Google+ or LinkedIn.
Copyright © 2017 Strategic Management Services, LLC. Published with permission.