The U.S. Sentencing Commission is mulling possible changes to its Federal Sentencing Guidelines that could change the expectations for “effective” corporate compliance programs generally, and for the chief compliance officer in particular.
The Guidelines, first enacted in 1991 and last revised in 2004, spell out 10 points that define an effective compliance program. They have become the
de facto template for how corporate compliance programs are structured and managed, so that corporations can demonstrate to prosecutors that they have made a good-faith effort at preventing corruption, and consequently seek kinder treatment should the company be under investigation.
“The guidelines have significant influence, both formally and informally,” says Jeffrey Kaplan, a partner in the law firm Kaplan & Walker.
Most notable for CCOs is an “Issue for Comment” the Sentencing Commission included in its proposal: Should the amended guidelines allow a company that meets specific criteria to receive credit for having an effective compliance program, even if a high-level executive is involved in the wrongdoing?
Currently, companies cannot get a sentence reduction for having an effective program if the offense involves a senior employee. The logic, according to Donna Boehme, a principal with Compliance Strategists, is that if a company’s CEO or other top executive is involved in some sort of corruption, “it’s viewed as almost de facto proof that companies don’t have any effective compliance program.”
The Commission is wondering whether to change the guidelines to allow sentencing credit under those circumstances, provided that: (a) the person with operational responsibility for the compliance program reports directly to the board or one of its committees; (b) the compliance program detected the executive’s offense before any outside person or agency either did discover it, or reasonably might have discovered it; and (c) the company promptly reported the offense to proper authorities.
That issue and the Sentencing Commission’s other proposals are out for comment until March 22; a public hearing on the proposals is scheduled for March 18. The Sentencing Commission will then vote in April on whether to send any amendments to Congress. If it does, the amendments would become effective Nov. 1 unless Congress acts to strike them down.
Spokesmen for the Sentencing Commission said the text of the proposals speaks for itself, and declined to elaborate. The Justice Department—the agency that most often applies the guidelines in specific investigations—likewise declined to comment.
Independent compliance experts, however, say the proposed amendments are a rare chance for Corporate America to voice its opinion about sentencing policy, and urged CCOs to speak up. “This is a good opportunity for the ethics and compliance officer community to give input to the Commission about what really matters on the ground,” Boehme says.
“This is a good opportunity for the ethics and compliance officer community to give input to the Commission about what really matters on the ground.”
Boehme and Kaplan both note the Commission’s criterion that the top compliance officer must report directly to the board if the company wants sentencing credit. That, they say, is the Sentencing Commission sending a message on what it considers important.
“It highlights the fact that direct unfiltered access to the board is an important check and balance against senior management intent on wrongdoing,” Boehme says.
On the other hand, the Sentencing Commission’s phrase “the person with operational responsibility for the compliance program” is vague. In some cases that person is actually the general counsel, even if the company has a chief compliance officer; in others, the daily responsibility for operating compliance might fall to an internal auditor, or some person who reports to the chief compliance officer.
That imprecise language, combined with the idea of reporting directly to the board, could affect other reporting relationships and pressure companies to redraw lines on the organizational chart. Further, Boehme says, while most compliance officers can now reach the board when necessary, many still don’t have total, unfettered access.
“They may have access to the board, but in many cases, their reports can be filtered by the general counsel or by senior business leaders, so the board doesn’t get their full report and opinion,” she says.
Self-Disclosure and More
Others stress the proposal’s call for prompt disclosure of any misconduct. “In essence, it’s saying companies should rush to disclose any problems to prosecutors,” says Toby Vick, a partner in white-collar defense at the law firm McGuireWoods. “That puts pressure on companies to self-report before they fully understand what they’re dealing with.”
If the Sentencing Commission does approve its proposals later this spring, Vick and others say companies will need to revisit their compliance programs to focus their efforts more on detecting wrongdoing by senior employees. “I’m not sure many companies have looked at their program from the specific standpoint of whether it’s sufficient to catch white-collar criminals,” Vick says.
The Commission is also proposing to clarify what’s considered “effective” remediation by companies that uncover criminal misconduct. One proposed addition reads: “High-level and substantial authority personnel should be aware of the organization’s document retention policies, and conform any such policy to meet the goals of an effective compliance program under the guidelines and to reduce the risk of liability under the law."
Document retention is mentioned again in another section describing the periodic reviews companies should conduct to assess the risk that criminal conduct will occur. An amendment there would add a reference to “the nature and operations of the organization with regard to particular ethics and compliance functions.” For example, “all employees should be aware of the organization’s document retention policies, and conform any such policy to meet the goals of an effective compliance program under the guidelines and to reduce the risk of liability under the law.”
TO SUBMIT COMMENT:
To submit a comment on the proposed amendments to the Federal Sentencing Guidelines, follow the instructions below:
(1) Written Public Comment. Written public comment regarding the proposed amendments and issues for comment set forth in this notice, including public comment regarding retroactive application of any of the proposed amendments, should be received by the Commission no later than March 22, 2010.
(2) Public Hearing. The Commission plans to hold a public hearing regarding the proposed amendments and issues for comment set forth in this notice. Further information regarding the public hearing, including requirements for testifying and providing written testimony, as well as the location, time, and scope of the hearing, will be provided by the Commission on its Website.
Public comment should be sent to:
Attention: Public Affairs
United States Sentencing Commission
One Columbus Circle, N.E., Suite 2-500
Washington, D.C. 20002-8002
For Further Information Contact: Michael Courlander, Public Affairs Officer, (202) 502-4597.
Kaplan says why the Sentencing Commission wants to bring more attention to “document retention awareness compliance” over other risk areas, such as anti-trust, corruption, or fraud risk, isn’t entirely clear. He worries that calling out document retention “will make people think that’s the most important legal risk area in America.”
Likewise, Boehme says the phrasing could lead companies to “interpret document retention as a silver bullet.”
The Commission also proposed more guidance on the reasonable steps that a company should take after detection of criminal conduct. To prevent similar wrongdoing in the future, the company “should assess the compliance and ethics program and make modifications necessary to ensure the program is more effective. The organization may take the additional step of retaining an independent monitor to ensure adequate assessment and implementation of the modifications.”
That last sentence about retaining an independent monitor, Kaplan says, may give companies pause.
“The basic idea is good: to encourage companies to seek expertise to fix a problem,” he says. But using the word “monitor” may confuse people, since that term is often associated with a deferred- or non-prosecution agreement—not “as a step to fix the problem before a prosecutor or court is part of the picture,” he says.
Still, Kaplan says additional guidance on risk assessments should be helpful, since it’s “still a cause of bafflement for some companies.”
A proposed change to the Policy Statement on the Recommended Conditions of Probation for Organizations would add language regarding the engagement of an “independent, properly qualified, corporate monitor,” which the Sentencing Commission says reflects “current governmental policy and best practices.”
Boehme notes that the proposals follow a December recommendation by the Organization for Economic Cooperation and Development that OECD countries should encourage companies to “develop and adopt adequate internal controls, ethics and compliance programs, or measures for the purpose of preventing and detecting foreign bribery.” She says practice guidelines on those recommendations (due out by June) are likely to track much of what the sentencing guidelines say an effective program should look like.