In February, to little fanfare, the Department of Justice (DOJ) Criminal Division Fraud Section issued detailed criteria for evaluating corporate compliance programs. The guidance, entitled Evaluation of Corporate Compliance Programs (“Evaluation Guidance” or “Guidance”) comes two years after DOJ hired Hui Chen as Compliance Counsel in the Fraud Section. When her position was announced, the DOJ said that Chen would “help prosecutors develop appropriate benchmarks for evaluating corporate compliance and remediation measures” and would “communicat(e) with stakeholders in setting those benchmarks.” The Evaluation Guidance provides those benchmarks used by the DOJ to evaluate the effectiveness of corporate compliance programs. It covers 11 key compliance program evaluation topics, along with a list of specific questions that DOJ considers important in evaluating compliance programs as part of a criminal investigation.
The Evaluation Guidance is, in some ways, unremarkable, as it contains no groundbreaking announcements. The document itself acknowledges as much, noting that it draws from existing guidance in the United States Attorney’s Manual, the United States Sentencing Guidelines, prior corporate resolution agreements, FCPA program guidance, among others. However, what is remarkable is that the Evaluation Guidance provides a one-stop, universal blueprint for evaluating corporate compliance programs across industries, with a level of specificity that DOJ has not provided until now. For example, the Guidance addresses confidential reporting and investigations. In the series of questions that follow, the DOJ lays out the important issues in determining if the existing reporting mechanism is effective, if investigations are appropriately scoped, independent and document, and if the company has used the information gathered in the investigation to identify root causes and vulnerabilities in order to respond to the investigative findings.
The Guidance also gives a nod to the Department’s commitment to holding individuals accountable in corporate cases. In discussing the roles of senior and middle management, the Guidance asks a series of questions about “conduct at the top”, suggesting that a thorough analysis of the words and actions of senior leadership should be done, in order to be compliant with the requirements of the Yates Memo.
The Evaluation Guidance is written in the context of a criminal investigation, however it has much broader usefulness for compliance professionals. The Guidance provides helpful benchmarks for best practices in compliance. For those in healthcare, the Evaluation Guidance provides specific guidance on several compliance areas that are especially important to the healthcare sector, including: confidential reporting and investigations, mergers and acquisitions and third-party management.