Last week, the OECD released a study on Corporate Anti-Corruption Compliance Drivers, Mechanisms, and Ideas for Change along with a panel webinar discussion about the challenges companies face in implementing and maintaining anti-corruption programs. The highlights included a US Department of Justice (DOJ) representative predicting a record-setting year of Foreign Corrupt Practices Act enforcement on the horizon.
Key DOJ remarks
The webinar panelists included Andrew Gentin, Assistant Chief of the DOJ’s Criminal Fraud Section. Gentin predicted that "in the next year our FCPA resolutions will be greater than in any previous year." He said that, despite the global pandemic and the challenge of conducting in-person interviews, the DOJ is "operating at full-speed."
While the OECD study responses were collected at the end of 2019 and early 2020, the panel acknowledged that changed circumstances due to COVID-19 are broadly impacting companies, including companies’ compliance programs and employees. Gentin advised that while the DOJ would take into account the pressures companies face due to the pandemic, the DOJ also views the pandemic as having increased anti-corruption compliance risks. Gentin cautioned that companies should particularly avoid a disproportionate reduction in compliance staff compared to the rest of the company. He noted also that the DOJ would "take a very close look at" not only the number compliance personnel, but also "where those individuals are located." Even during the pandemic, he said, the DOJ still expects to see compliance personnel "out in the field," "especially in high-risk jurisdictions."
Compliance shortfall: "Are we done now?"
The OECD study identified numerous weaknesses in global anti-corruption compliance programs.
One finding that troubled panelists was that 61.5 percent of the more than 100 companies that participated in the OECD study indicated that a "lack of executive commitment to compliance programs" made it difficult to implement an effective anti-corruption program. As described by the OECD’s Senior Legal Analyst in the Anti-Corruption Division, France Chain, this finding is consistent with a management attitude that she summed up as, "Are we done now?" Chain noted that this attitude may be particularly prevalent among executives immediately after a compliance program has been put in place or an ISO or other outside certification has been obtained.
In countries such as the United States — where there is no compliance program defense — this approach poses particularly significant risks. Indeed, Gentin noted that such an approach is strongly at odds with US regulatory expectations. The existence of a compliance program is seen as merely a baseline, and programs are expected to "evolve over time." Gentin further cautioned companies’ not to rely on "one-time" compliance certifications. He stressed that, when evaluating the strength of a compliance program, the DOJ does not give "a lot of weight" to such certifications but does expect to see "continuous improvement." He emphasized that companies stand to benefit if they have strong compliance programs and self-report violations.
Gentin further observed that there is "nothing more important that companies can do" than conduct risk assessments and that the DOJ expects such assessments to "be done regularly" because compliance should constantly evolve. As COVID-19 changes how all of us work, it will remain important to evaluate whether your compliance program is fit for purpose and to adapt as needed.
The existence of a compliance program is seen as merely a baseline, and programs are expected to “evolve over time.”