RILA recently partnered with Gibson Dunn to host an educational webinar for RILA’s Compliance Council (comprised of members’ chief compliance officers) discussing the Department of Justice’s (DOJ’s) new Guidance on Evaluation of Corporate Compliance Programs (Compliance Program Guidance) and evolving retail compliance programs to address the impact of COVID as well as other new emerging risks. The featured guest speaker was Michael Diamant, Partner, Gibson Dunn.
Diamant detailed the new changes to DOJ’s Compliance Guidance and the DOJ/Securities and Exchange Commission (SEC) Resource Guide on the US Foreign Corrupt Practices Act as well as DOJ/SEC criminal and civil enforcement trends and key developments.
Key points and takeaways:
- The COVID-19 pandemic places new challenges and risks for corporate compliance due to new working conditions and operational changes. Corporate compliance programs will need to adapt to effectively cover new risk areas.
- Evolving Risk Assessments – Risk assessments should be living documents that are updated on an ongoing basis and reflect lessons learned.
- Culture of Compliance – DOJ’s revised Compliance Guidance specifically references middle management’s role in creating a culture of compliance and whether senior and middle management are held accountable for misconduct that occurs under their watch.
- Third Parties Risk Management – DOJ will consider whether a company has documented an appropriate business rationale for engaging specific third parties and whether the company engages in ongoing monitoring to supplement due diligence conducted at vendor/service provider onboarding.
- Effective Compliance Training – Compliance training should discuss prior compliance incidents and lessons learned where appropriate.
- Monitoring, Testing, and Remediation – The Compliance Guidance has been updated to require a thorough root cause analysis and timely and appropriate remediation.
- Compliance Programs vs. Internal Accounting Controls – The updated Compliance Guidance recognizes that “a company’s internal accounting controls are not synonymous with a company’s compliance program” but an effective program will contain “a number of components that may overlap with a critical component of an issuer’s internal accounting controls.”
- DOJ and SEC Enforcement Trends – Both DOJ and SEC have increased enforcement efforts over the past 4 years and this trend is likely to continue with a special focus on the impact of COVID-19 on businesses’ compliance programs.
- SEC Whistleblower Program – SEC Whistleblower complaints over the past year grew by 35 percent. Companies should take every complaint seriously and have a procedure to quickly respond to whistleblower complaints.
The presentation was followed up by a Q&A Session then a robust members-only benchmarking session where members shared information on any revised risk assessments they had done or were planning to do.
For more information on RILA’s Compliance Council, please contact Kathleen McGuigan, EVP & Deputy GC at firstname.lastname@example.org.
Legal Affairs & Compliance