The DOJ’s FCPA Guidance and Enforcement Plan places significant emphasis on organizational culture. The section describing “an effective compliance and ethics program” includes “whether the company has established a culture of compliance, including an awareness among employees that any criminal conduct, including the conduct underlying the investigation, will not be tolerated.”
The 2012 DOJ/SEC FCPA Resource Guide was the first major policy statement by these two federal law enforcement bodies to include the culture of compliance term. Assistant AG of the Criminal Division Leslie Caldwell now consistently uses the term in her public remarks to compliance groups.
This most recent use of “culture of compliance” in the Justice Department’s Guidance and Enforcement Plan continues the DOJ’s departure from the U.S. Sentencing Guidelines culture description. The Sentencing Guidelines refer to an “organizational culture that encourages ethical conduct and a commitment to compliance.” The latter is a culture that “encourages” compliance; the Plan’s language is stronger, simpler and can be read to mean a culture that is compliance-based, or where compliance is integral to the overall culture.
The “culture of compliance” concept thus appears to be taking on increased importance with DOJ. Why is this so? One interpretation is that the Department has seen too many examples over the years of companies asserting that they had an effective compliance program, but the subsequent review shows a “check the box,” rather than substantive program foundation.
With the addition of the DOJ’s compliance counsel, those days seem to be in the rear view mirror, as the Department is now more savvy and operationally-focused. There appears to be a realization that a culture of compliance is the glue that holds together compliance programs intended to apply to globally dispersed and fast moving organizations.
And what is actually meant by a culture of compliance?
In the absence of an actual legal or standards-based definition, consider a common sense approach: a culture of compliance exists within an organization when its shared and integrated values and attitudes place compliance with the law as an operational and strategic priority, as evidenced by the organization’s actions and practices.
More simply, the cultural component is evident in how a company does business — to include producing and selling and how it treats its employees — not merely as a “bolt on” to long standing policies and practices.
The signals are clear. Organizations should take note of DOJ’s embrace of the term, and begin making a culture of compliance a top programmatic priority.
Worth MacMurray is the U.S. General Counsel and Chief Compliance Officer of GAN Integrity Inc. in McLean, Virginia. He can be contacted here.