DOJ’s Kenneth Polite to CCOs: Tell me your compliance success stories

The assistant attorney general and head of the Department of Justice’s Criminal Division received handshakes and hellos from more than a dozen friends and former colleagues both before and after delivering his keynote at Day 2 of Compliance Week’s National Conference on Tuesday. Many of those connections were no doubt forged during his time as a Morgan Lewis partner before joining the Justice Department in 2021, but Polite also holds the notable distinction of being a former chief compliance officer himself.

That work experience helped influence a dynamic 23-minute address that left the conference audience abuzz for the remainder of the day’s event.

“I’ve served as a prosecutor, I’ve served as a defense attorney … and, uniquely, I’ve also served as a chief compliance officer for a Fortune 500 company,” Polite said, acknowledging his time in the role at electric power company Entergy from 2017-18. “I can tell you the detection and prevention of criminal conduct has been a constant across all three of those roles. But I also recognize that perhaps the most challenging of those roles was as a compliance officer.”

Polite pointed to resource constraints as a problem area—“the fact that oftentimes our compliance functions are labeled as cost centers not contributing to the bottom line of our organization.” But his central message to company leadership could not be clearer: “Support your compliance programs now—or pay later.”

“Companies that make a serious investment in improving their compliance programs and internal controls will be viewed in a better light by the Department of Justice and by my Criminal Division,” he said. “… Chief compliance officers should have true independence, authority, and stature within their organizations.”

This message of CCO empowerment was a constant throughout Polite’s remarks. “We want to know if compliance officers have adequate access to and engagement with business functions, management, and the board of directors,” he said. Polite later recalled a recent “Filip Factors” presentation—the process the Justice Department undertakes when it is deciding whether to criminally charge a corporation—where a general counsel answered a question his team asked to the company’s CCO that was in the room.

“That single act gave me all the information I needed,” he said. “That one act demonstrated, literally and figuratively, that chief compliance officer had no voice in that organization.”

For organizations that do not invest in compliance, the risk of prosecution will be significantly greater, Polite said. Also in the Justice Department’s arsenal is the imposition of a compliance monitorship—a tool the agency’s top leaders have said companies can expect to see more frequently utilized.

“Based on what we learn about the company’s compliance program, we determine whether an independent monitor is appropriate and should be imposed,” Polite said. “Where a company has cultivated a strong culture of compliance and ethical values, our prosecutors may decide not to impose a monitorship at all.”

Polite cited the recent example of Stericycle’s two-year monitorship to accompany a $52.5 million criminal penalty the company received from the Justice Department in April for Foreign Corrupt Practices Act (FCPA) violations. Stericycle avoided a three-year monitorship—similar to the ones NatWest and Balfour Beatty each received from the agency in December, Polite noted—because “significant enhancements” to its compliance program that were still considered despite not being fully implemented and tested by the time the resolution was reached.

Seeking CCO input

“I like to see the chief compliance officer taking a prominent role” in presentations to the Justice Department, Polite said. A CCO leading the compliance portion of the presentation and demonstrating his or her knowledge and ownership of the compliance program is a plus, he said.

“I want to hear your compliance success stories: The transactions that were rejected due to the compliance risk, positive trends in your whistleblower reporting, and the partnerships that have developed between compliance officers and your business functions.”

Kenneth Polite Jr., Assistant Attorney General, Department of Justice Criminal Division

But it isn’t just stories of responding to misconduct that Polite or the Criminal Division might request. “I want to hear your compliance success stories: The transactions that were rejected due to the compliance risk, positive trends in your whistleblower reporting, and the partnerships that have developed between compliance officers and your business functions,” he said. “We are also interested in how a company measures and tests its culture and how it uses the data from that testing to embed and continuously improve its ethical culture.”

As part of this push for CCO input, Polite called attention to the Justice Department’s new consideration that CCOs be required to certify the company’s compliance program is reasonably designed and implemented to help detect and prevent violations of the law at the end of the term of an agreement with the agency.

“This announcement related to this additional certification is not intended to be punitive; it is a new tool in your arsenal to help combat those challenges,” he said. “It’s the type of resource compliance officials, including myself, have wanted for some time because it makes clear you should have and must have appropriate stature in corporate decision-making. It is intended to empower our compliance professionals to have the data, access, and voice within those organizations to ensure them and the Department that company has an ethical and compliance-focused program.”

Call to action

“Although I now serve as the head of the Criminal Division and I believe enforcement is a critical tool for us, I also recognize it is not the only tool that we have,” Polite said. Even more impactful is the work of a CCO that can prevent crime and misconduct from happening in the first place.

“That is why you will hear, you will see, and you have seen how closely we evaluate corporate compliance programs during our corporate investigations and after our corporate resolutions,” Polite said. “… I want to know whether you are doing everything you can to ensure that when an individual employee is facing that singular ethical challenge, he has been informed, he has been trained, and he has been empowered to choose right over wrong. Or, if he makes the wrong choice, you have a system that immediately detects, remediates, disciplines, and then adapts to ensure that no others follow suit.

“That is how powerful a role you have in improving our corporate culture and improving our world. Embracing that calling today and every day—that is my call to you today.”