DOJ has instituted a new practice of requiring Chief Executive Officers (CEO) and Chief Compliance Officers (CCO) to certify the effectiveness of compliance programs as part of corporate plea agreements. This new enforcement tool is sure to draw greater attention and scrutiny to CCOs, and impact the way corporations and executives approach compliance programs and enforcement actions.
Compliance Certifications, an enforcement tool Assistant Attorney General Kenneth Polite initially espoused in a pair of public speeches in March of this year, has quickly come to pass. AAG Polite called upon federal prosecutors “to consider requiring both the chief executive officer and the chief compliance officer to certify at the end of the term of an agreement that the company’s compliance program is reasonably designed and implemented to detect and prevent violations of the law and is functioning effectively.” That is exactly what federal prosecutors did in the recent plea agreement between Glencore International A.G. and the DOJ. Pursuant to Attachment H to the agreement, the CEO and CCO were required to certify that “the Company has implemented an anti-corruption compliance program . . . reasonably designed to detect and prevent violations of the Foreign Corrupt Practices Act and other applicable anti-corruption laws” and that all reports submitted to the DOJ concerning this matter are “true, accurate, and complete.” Moreover, they were required to certify this information subject to a false statements prosecution.
This is a game changer when it comes to corporate enforcement and the individual liability of senior executives. AAG Polite, former CCO for Entergy Corporation, has sought to strengthen the influence of CCOs within the corporate structure, and further incentivize good corporate citizenship and a culture of compliance. The use of compliance certifications furthers those goals in two ways: (1) It requires the CEO and CCO to be intimately involved in the company’s compliance program and its success and (2) It clearly holds these senior executives directly responsible for compliance failures by requiring them to certify the effectiveness of compliance programs under threat of criminal prosecution.
For corporations, the ability of the CEO and CCO to truthfully and accurately certify the strength and effectiveness of their compliance program will require significant work and resources. It also presents the internal organizational question of how to manage individuals who report to the CEO and/or CCO and upon whom these executives rely to effectively carry out their duties. To what extent will CEOs and CCOs request that lower-level employees and other executives certify the information they provide regarding compliance programs? And, the bigger question, to what extent will the DOJ accept such representations?
For those companies whose plea agreements contain a compliance certification clause, adequately addressing such clauses will require significant diligence on behalf of individual CEOs and CCOs, as well as the corporations, as a whole. Corporations will want to coordinate with outside counsel to ensure strong compliance programs and internal controls are in place, and they must effectively address any potential issues in a timely manner. When faced with enforcement actions and compliance certifications, CEOs and CCOs should consider whether to retain independent counsel to protect their own personal interests.
An ambiguity in the new compliance certification rests with the definition of reasonableness. The certification requires that compliance programs be “reasonably designed to detect and prevent violations.” But, what is reasonable? The subjectiveness of what is reasonable will certainly lead to litigation and/or intense negotiations regarding the term, if and when the DOJ seeks to hold a CEO or CCO responsible for violating the compliance certification. To minimize ambiguity, counsel for the company should review the company’s compliance program with DOJ at the time in which the plea agreement is entered, at the end of the term of the agreement, and in the interim, as dictated by any major developments or material changes. DOJ, if it truly seeks to foster compliance, should be willing to provide feedback concerning the program, including any perceived deficiencies.
One key takeaway is that companies do not have to wait until they face an enforcement action to take the necessary steps to ensure that they have an effective compliance program. DOJ is not playing gotcha. This new initiative was announced publicly two months prior to the first plea agreement with a compliance program certification and senior DOJ leadership has repeatedly emphasized the importance of a strong corporate culture and compliance program in public remarks over the past year.
AAG Kenneth Polite: “Companies that make a serious investment in reviewing their compliance programs and internal controls will be viewed in a better light by the department. Support your compliance team now or pay later.”
Deputy AG Lisa Monaco: “Companies need to actively review their compliance programs to ensure they adequately monitor for and remediate misconduct, or else it’s going to cost them down the line.”
Bottom line, the role of the chief compliance officer has never been more essential. Companies should proactively review their compliance programs with outside counsel and make any needed updates sooner rather than later.
Seek legal counsel
Nixon Peabody’s Government Investigations and White Collar practice group routinely collaborates with clients to develop effective compliance programs, meeting the expectations of law enforcement and regulatory agencies. Nixon Peabody is also able to lead a variety of sensitive internal investigations and appropriately resolve all manner of regulatory and/or criminal enforcement matters, as they arise.