By Susan Ameel, co-founder and partner of Global Regulatory Risk Advisors.
The Department of Justice (DOJ) updated its guidance to help prosecutors to evaluate corporate compliance programs. Prosecutors rely on this guidance when evaluating business organizations during an investigation, determining whether to bring charges or when entering into a plea agreement.
The DOJ guidance asks prosecutors to answer three questions about the organization’s compliance program including:
- Is it well designed?
- Is it applied effectively so that it mitigates risk identified during a risk assessment process?
- Does the compliance program work in practice?
Well Designed: The DOJ’s guidance provides that the organization’s compliance program is well designed if the organization periodically performs a risk assessment process to identify and understand the organization’s risks, and maintains policies and procedures that incorporate processes that mitigate those risks. The policies and procedures should “incorporate the culture of compliance in its day-to-day operations.”
Effective: The DOJ’s guidance recommends that prosecutors assess the compliance program’s effectiveness. The “tone at the top” that is set by senior management should establish an ethical environment and culture of complying with the law. Appropriate governance should be established with independent board members to ensure that there is appropriate oversight, including auditing and well financed compliance function.
Does the Compliance Program Work?
The DOJ’s guidance indicates that prosecutors should evaluate how the organization detects misconduct and the good faith effort utilized in performing remediation including the performance of a root cause analysis to understand how the misconduct occurred. The compliance program should be continuously monitoring the organization for new risk and improving the internal control system. The compliance program should include a testing program to identify any weaknesses in high risk areas, and to ensure that controls work. The organization should also investigate and remediate the root cause of misconduct.
The DOJ’s guidance provides insight on best practices that all businesses should follow. The compliance program can be customized to address an organization’s size, risk profile and srtategic goals.
Related Links:
RegTalk: Whether You Want To Sell Your Cannabis Business Or Go Public, Embrace Compliance
RegTalk: DC's Recreational Cannabis Act Is A High Risk, Small Business Act For Cannabis
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Comments
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
Click on the image for more info.
Cannabis rescheduling seems to be right around the corner
Want to understand what this means for the future of the industry?
Hear directly for top executives, investors and policymakers at the Benzinga Cannabis Capital Conference, coming to Chicago this Oct. 8-9.
Get your tickets now before prices surge by following this link.