The Dangers of Quick Fix Solutions – Certifications and Compliance Defenses
When the going gets tough, the tough do not necessarily get going. This is evident in the world of corporate governance, compliance, and defense against aggressive government enforcement. Corporate lobbying interests are pushing a new and dangerous agenda, one that is shortsighted and certain to create problems for chief compliance officers.
Several years ago the Chamber of Commerce launched an attack on FCPA enforcement with a misguided and ill-conceived proposal for amendments to the FCPA statute and adoption of a compliance defense. The Chamber’s proposal suffered from a serious flaw – companies do not want to rely on a compliance defense because they want to avoid indictment by a grand jury and a trial. The Chamber never really thought through the proposal very well, and various proponents have failed to explain how such a defense would work in practice. The Chamber’s proposal died a certain but steady death, especially after DOJ outmaneuvered the Chamber by seeking time to issue the FCPA Guidance.
Not to be outdone, the Chamber is gravitating again to a new proposal – reliance on independent certifications of effective compliance programs and possible access to a compliance defense or safe harbor. In support of this misguided approach, some are spending more time defining standards for such certifications and possible incentives for companies to be rewarded for such efforts.
In some circles, proponents are pushing for CCOs to certify to the effectiveness of their own programs akin to CEO and CFO certification to financial reports for Sarbanes-Oxley purposes. This analogy suffers from serious deficiencies. If CCO independence is real, most CCOs would not certify as to their own program’s effectiveness. Many CCOs recognize the challenges they still face, the budget limitations and resources needed to implement a real and meaningful compliance program.
If the certification idea extends to independent reviews of compliance programs, there are a number of interested parties (Big 4, Compliance Lawyers, and Consultants) who would be more than happy to help on the annual certification front. But such a prospect is very difficult to administer, let alone define. Compliance is not a quick and dirty examination and assessment. There are many variables and permutations that affect how a compliance program operates and should be designed to respond to company operations and risks. Standardization is about as difficult as you can get when it comes to compliance programs.
DOJ’s hiring of a Compliance Counsel represents a more significant step than I originally thought – it is bringing to law enforcement a new and fresh perspective on how compliance works and what needs to be done to remediate deficient compliance programs. There is no downside to this educational effort and the DOJ Compliance Counsel position.
These trends, however, should not be used as a means to reintroduce a bad idea – the corporate compliance defense. From a practical standpoint, companies will regret the day a new compliance defense is ever authorized – why?
Because it gives prosecutors a license to conduct detailed and in-depth grand jury investigations into corporate compliance programs – bringing to light more potential violations and greater liabilities. Prosecutors will enjoy rummaging around corporate compliance programs.
Moreover, companies will only use a corporate compliance defense to increase leverage in plea negotiations. It will rarely, if ever, be used since companies avoid criminal trials for fear of demise.
Instead of spending so much money on advocating for unpersuasive ideas and concepts, corporate business interests would do much better to focus on how ethics and compliance contributes to a company’s bottom line.
Advocates of these misguided certification and compliance defense proposals conveniently ignore the fact that ethics and compliance contributes to a company’s bottom line and ultimately corporate sustainability. With such a narrow view of compliance, corporate lobbyists are revealing their own lack of understanding of the compliance issue and looking for easy solutions to more difficult problems.