Deputy Attorney General Rod Rosenstein focused on the question of compliance and its impact in his remarks at the Compliance Week 2018 Annual Conference for Compliance and Risk Professionals, Washington, D.C. (May 21, 2018). Threaded through the discussion were remarks about the fiduciary duties of lawyers advising firms.
“Improving the business environment is a top priority . . .” of the Department of Justice, Mr. Rosenstein began. Lawyers, compliance officers and other risk professionals “are at the forefront of advising companies to ensure that businesses operate legally and honestly” which is a top priority of the Department.
Turning to the theme of fiduciary duties, Mr. Rosenstein, quoting former Attorney General Robert Jackson, noted that “most of the mistakes and major faults of our time are to be ascribed to a failure to observe the fiduciary principle, old in equity and recognized by law – the principle of trusteeship, without which our kind of society cannot permanently endure.” Respecting such duties is a two way street. It imposes obligations on those counseling business enterprises as well as attorneys at the Department of Justice. The latter are asked to defend the rule of law. The former “ask companies to act in accord with laws and regulations, even when doing so may be difficult or burdensome.”
Strong compliance programs, coupled with effective risk assessment, are critical tools in the overall effort, the Deputy AG stated. Compliance cannot only minimize risk, but help increase value. Effective compliance can aid in avoiding, or at least mitigating, risk. That in turn can aid in minimizing cost. Creating such programs is, if viewed in this context, an investment that creates value. Likewise, a firm which complies with the law attracts investors and business partners -- firms want to do business with those perceived as acting in a lawful, honest, and reliable way.
Compliance is not a separate or distinct goal from others of the business, according to the Deputy AG. To the contrary, Mr. Rosenstein emphasized that compliance must be “fully integrated into the corporate culture.” The compliance program, legal compliance and audit departments are not just groups of professionals but must be integral parts of the firm. Indeed, a “company that properly manages its risks through a robust and appropriate compliance function – one that grows along with the rest of the company – will remain ahead of the curve” he noted.
Not even the best compliance programs can halt every malfeasance or bad actor however. Yet those with less than effective programs are often “less likely to be able to make a voluntary disclosure that qualifies them for the most significant benefits under the [FCPA] Corporate Enforcement Policy. And they are less likely to stop the conduct before it becomes pervasive. Companies without adequate compliance programs need to undertake more dramatic efforts to remediate damage and change their culture,” according to Mr. Rosenstein.
While the Department does not have a rigid formula for assessing the effectiveness of corporate compliance, when a firm “comes under investigation” two key questions are posed: “First, what was the state of the compliance program at the time of the improper conduct? Second, what is the current state of the compliance function, after remediation. ..” The answer to these questions can have a significant impact.
In his remarks Mr. Rosenstein urged business enterprises, and perhaps more importantly the professionals who advise them, to focus on compliance. Citing the fiduciary duties of professionals in a manner which is reminiscent of the SEC’s long held gatekeeper theory which essentially posits that attorneys and other market professionals have ethical and professional obligations to the markets, the Deputy AG encouraged professionals not just to install a system but to integrate it into the culture of the firm. That effort can have significant dividends he noted.
The dividends from effective compliance come not just in the form of cost savings from avoiding difficulties, but also when there is an issue firms with good programs are more likely to self-report and secure “significant benefits” from the Department. Indeed, since the Department assesses the state of compliance at the time any issue arises and then later after remediation, it is apparent that when approaching the government with an issue either as a self-report or from a subpoena, the beginning and end of the discussion should be compliance. Stated differently, the fact that the firm has built an effective, integrated compliance program should be the beginning of a conversation which places the issue in the proper context. The end of that conversation should be the improvements made to ensure against a repetition. A compliance system which supports that kind of report to the government or a regulator should reap the “significant benefits” Deputy AG cited.