DOJ Issues New, Practical Guidance on Effective Corporate Compliance Programs
On February 8th, the Department of Justice (DOJ) Criminal Division, Fraud Section issued new guidance (available here) on how it evaluates the effectiveness of a corporate compliance program when conducting an investigation of a corporation. This guidance is significant as it is the first of its kind since the confirmation of the new U.S. Attorney General, and as it pulls from, but provides significantly more detail and practical steps than, existing resources on corporate compliance programs (such as guidelines from the U.S. Sentencing Commission, available here).
The new guidance “provides some important topics and sample questions that the Fraud Section has frequently found relevant in evaluating a corporate compliance program.” The sample topics and questions are divided into the following 11 categories:
- Analysis and remediation of underlying misconduct
- Senior and middle management
- Autonomy and resources
- Policies and procedures (including design and accessibility and operational integration)
- Risk assessment
- Training and communications
- Confidential reporting and investigation
- Incentives and disciplinary measures
- Continuous improvement, periodic testing and review
- Third party management
- Mergers and acquisitions
Health care organizations should use this new guidance, together with previously existing resources including the voluntary compliance program guidance from the Department of Health and Human Services Office of Inspector General tailored for specific types of providers and suppliers (available here), as they implement and maintain a comprehensive corporate compliance program to prevent, detect and respond to improper conduct.