Jessica Sanderson, Of Counsel, The Volkov Law Group, rejoins us for a posting on the importance of compliance during the COVID-19 pandemic.  Jessica can be reached at [email protected].

In these challenging times, when governments around the world are asking all “non-essential” workers to stay home, and companies are struggling with business interruptions and difficult decisions regarding pay-cuts, layoffs and furloughs, we’ve been thinking a lot about compliance officers and whether they are “essential.”

Some companies operate without designated “compliance officers,” instead assigning compliance responsibilities to their legal, financial or human resources departments.  And many in the company may argue that compliance officers should be among the first to go during this crisis: the company can function without them and they typically don’t generate revenue. As team players, compliance officers should want to be and should be equally as vulnerable to cost-saving measures as other corporate functions.

At the same time, however, DOJ has stated that “if a compliance program is to be truly effective, compliance personnel must be empowered within the company,” through sufficient staff, autonomy and resources.  See April 2019 DOJ Guidance: Evaluation of Corporate Compliance Programs.  It’s hard to have Compliance without a compliance officer.  During our many years of practice, we have investigated (and defended) countless frauds and violations that we strongly believe could have been prevented, or at least detected and halted before too much damage was done, if a strong compliance officer were present and assertive. 

Regulators and prosecutors are unlikely to accept COVID-19 as an excuse for an FCPA, FCA, sanctions, antitrust or securities law violation, nor do we expect they would demonstrate any leniency towards a business that engages in fraudulent and illegal schemes during this trying time.  To the contrary, the DOJ, SEC, Treasury Department and other government agencies recently have emphasized that they are open for business and committed to prosecuting frauds and financial crimes.  See, e.g., March 23, 2020 SEC Statement (SEC’s Division of Enforcement is “actively monitoring” the markets for fraud and misconduct: “We wish to emphasize the importance of maintaining market integrity and following corporate controls and procedures. . . [and] urge public companies to be mindful of their … code of ethics.”); March 24, 2020 DOJ FTC Joint Statement (providing guidance for collaborations of businesses working to protect the health and safety of Americans during the COVID-19 pandemic, but warning they “will not hesitate to seek to hold accountable” those who violate antitrust laws through civil and criminal actions, especially those who “take advantage of COVID-19 through other fraudulent and illegal schemes.”).

And even if prosecutors were to cut companies some slack during the pandemic, one wrong message sent by a manager to his or her staff that the company might tolerate or even encourage unethical actions to achieve business objectives, and/or one unlawful act committed by an employee under actual or perceived pressure to save the company and his or her job, could lead to serious reputational damage and destroy the brand image that the company has worked so long and so hard to attain.

Above all, what message are you sending about your company’s commitment to ethics and compliance if your compliance officers are terminated or furloughed before or instead of other employees?

CCO’s don’t technically meet the US Department of Homeland Security’s definition of “essential” workers, and they certainly are not supplying our basic needs or staffing our hospitals. But we would argue that the best compliance officers are essential.  They are on the “front lines,” of their company, preventing and detecting wrongdoing, navigating through the minefield of myriad laws and regulations, scrutinizing high-risk transactions, suggesting mitigation strategies, reinforcing the company’s internal control systems and otherwise keeping companies safe, especially in times of crisis.  Now is not the time to terminate your compliance officer when the pressure or incentive to commit fraud is elevated and employees might try to rationalize improper actions with the belief that these are extraordinarily difficult times (see my separate blog re: the fraud triangle).  Employees may feel emboldened to commit fraud and more likely to escape detection if the company eliminates the staff looking over their shoulders.

We suggest instead that compliance officers can step up – many corporate executives are temporarily foregoing or reducing their salaries.  Chief Compliance Officers could do the same.  Having fought for a seat at the table, CCO’s might reduce their appetite when the pickings are slim. 

And CCO’s can reexamine their budgets and priorities.  This is a great time to conduct a risk assessment, as most risk areas and priorities have shifted. A talented, cost-conscious compliance officer knows how to narrowly focus limited resources on the areas of greatest risk.  And whatever you do, don’t allow your corporate culture to erode while the workforce is focused on other pressing matters.  One of the most effective controls is communication, which need not cost much at all.  Compliance officers should reach out to employees working from home to discuss pressures and reinforce the message that the company won’t tolerate performance without integrity.  In-person training is out of the question, but more and more companies are holding videoconferences and compliance officers can ask to join to continue to be a visible presence and ethical voice within the company.