Kenneth Polite, chief of DOJ’s criminal division, indicated that prevention would become central to the Department’s fight against white-collar crime – bribery and corporate fraud. Excellent article by Dylan Tokar, WSJ DOJ’s Kenneth Polite Puts Prevention at Forefront of White-Collar Crime Efforts – WSJ. (Follow Dylan on LinkedIn).
DOJ’s focus is correct, but they must choose their tools wisely.
The cornerstone of the DOJ approach has been the “effectiveness” of compliance programs and corporate enforcement (DPA/NPA, etc.). The threshold for “effectiveness” is not tremendously high: the program must be well designed, applied in good faith, adequately resourced and work in practice. Although DOJ proclaims the importance of a Culture of Compliance, the focus is on the program’s performance, i.e., the operation of processes and procedures. In this context, programs produce useful but only looking-back data.
Prevention, on the other hand, is forward-looking. To prevent future wrongdoing, it is essential to understand the causes, how compliance processes and controls can be (re)designed to prevent it from happening, and the levers available to change individual behaviours and create the right organisational environment (Corporate culture). How do you manage change? Effectively, it is starting from the root-cause analysis to design targeted cause-to-effect actions and to measure their impact (adjusting in the process).
How many organisations do that? Based on my experience, only a few (albeit many talks about it).
For many compliance departments, this will require a fundamental shift. Not the least to ask whether “lawyers” are still the proper custodians of E&C/ compliance in an organisation. Over the years, compliance has become more than just a “legal” discipline – it is a business process, data analysis, technology, behavioural science and culture, education, communication, change management and much more. These are not necessarily within the lawyer’s usual toolbox.
P&Ps (however well-designed and operated) are only part of the equation. To start with, DOJ should question the extent to which the program prevents wrongdoing. Does it change behaviours on organisational and individual levels? Do compliance activities lead to the intended outcomes? How do you measure the impact, rather than process performance (remember, the 2020 DOJ Guidelines’ prioritised use of data to assess program performance)?
If DOJ is serious about prevention, they need to take note of what European financial regulators do. Notably, the UK Financial Conduct Authority heavily focuses on prevention (unfortunately, sometimes at the cost of effective enforcement, but that’s a different story).
All in all, It’s a welcomed development.
Photo credit WSJ: Kenneth Polite, assistant attorney general of the Justice Department’s criminal division. PHOTO: ROD LAMKEY – CNP/ZUMA PRESS
