The FCPA includes a specific requirement that a public company maintain an adequate set of internal controls.  A company’s compliance program is one component of a company’s internal controls.  Sarbanes-Oxley expended and reinforced this important requirement. The Department of Justice and the SEC have aggressively enforced the internal controls requirement.  The SEC, in particular, has expansively enforced the internal controls requirement even where a failure...