Yesterday, Assistant Attorney General Kenneth A Polite, Jr. laid out the details of revisions to the FCPA Corporate Enforcement Policy (CEP) that provide “specific, additional incentives to companies for voluntary self-disclosures, as well as for cooperation and remediation.” In short, expanding the parameters by which companies that have broken the law may still earn lighter treatment from the DOJ, and deepening the rewards for good companies that got into trouble because of an isolated bad apple.
Polite is clear in his comments—which you can read in full here—that as much as the DOJ values the cooperation of the very companies it polices, and as much as the DOJ wishes to give those companies more reason to cooperate (or at least defuse fears that cooperation could actually lead to more severe punishment), it also expects those same companies to go truly above and beyond if they are to expect special treatment. These are, after all, companies that have broken the law. At that point, the rewards for mere compliance are off the table—and rightfully so.
There’s a lot to unpack in Polite’s commentary, which doubles the range and broadens the discretion by which companies may receive reduced penalties, depending on their intensity of self-disclosure, cooperation, and remediation. This is no effort to let bad guys get away with things, but rather, an intentional effort to make companies understand that even if there are serious issues in their self-disclosure, cooperation, and remediation, there is probably still an avenue by which they can get better treatment than if they do nothing. The DOJ wants the people it’s policing to help them do the policing. These new guidelines prove it, and one suspects, they will be successful at it, as well.
Of particular interest is the degree to which having a robust and effective compliance department beforehand can help even an egregious offender receive lighter treatment. Ideally, the kind of compliance program the DOJ is looking for is one that will prevent conversations with the DOJ from ever taking place. But Polite’s comments underscore what we all know: humans are flawed creatures who will always find new ways to disappoint. And sometimes those disappointments can be severe. Polite understands this and wants to make sure that companies that take compliance seriously have an option to distinguish themselves from the average corporate wrongdoer. Not only is that fair, but it provides another avenue by which compliance departments can (admittedly, under suboptimal conditions) prove the value of their investment. Strictly from a compliance point of view, this is a pretty big carrot.
“We are going to be closely examining how companies discipline bad actors and reward the good ones,” Polite notes. That last part is especially significant, in light of the new guidelines on allowing even egregious offenders a wide lane of partial redemption, because it puts cultures of integrity and accountability front and center. A great compliance program does not exist in a vacuum. There are zero companies out there with world-class compliance programs that don’t also have significant support from the top and strong ethical culture throughout the enterprise. These are the pillars on which a good compliance program rests. To have the kind of compliance program you need to get a declination, you need something even bigger, really. You need to care enough about ethics to invest meaningfully in it. That means a strategic view toward accountability and integrity, so when and if there is a tactical failure—and they do happen—that should not automatically discount what is, for the company, a virtuous way of life.