Jeffrey M. Kaplan (email@example.com) is a Partner with Kaplan & Walker LLP in Princeton, New Jersey, USA.
The Evaluation of Corporate Compliance Programs, updated in June by the Department of Justice (DOJ), is the most significant and evolved set of compliance and ethics program standards ever issued by a US enforcement agenda. While the entire document should be read by compliance and ethics professionals, it is worth paying particular attention to the section on discipline, given the difficulties that this area can pose for companies.
The overarching expectation here is that prosecutors will assess “whether the company has clear disciplinary procedures in place, enforces them consistently across the organization, and ensures that the procedures are commensurate with the violations.”
Communications about discipline are key to this and should convey to employees that “unethical conduct will not be tolerated and will bring swift consequences, regardless of the position or title of the employee who engages in the conduct.… By way of example, some companies have found that publicizing disciplinary actions internally, where appropriate and possible, can have valuable deterrent effects.”
Also important to the DOJ is learning “who participates in making disciplinary decisions, including for the type of misconduct at issue? Is the same process followed for each instance of misconduct, and if not, why?”
As well, prosecutors should determine if “the actual reasons for discipline [are] communicated to employees? If not, why not? Are there legal or investigation-related reasons for restricting information, or have pre-textual reasons been provided to protect the company from whistleblowing or outside scrutiny?”
Another evaluation topic is consistent application: “Have disciplinary actions and incentives been fairly and consistently applied across the organization? Does the compliance function monitor its investigations and resulting discipline to ensure consistency? Are there similar instances of misconduct that were treated disparately, and if so, why?”
All of these criteria are common sense, but in many companies, they are neither practiced nor preached—due in part to the desire to protect powerful people in a company from being held to account for their wrongdoing.
What can be done to mitigate this? Several approaches can be helpful, though none are guaranteed to succeed:
Incorporate key parts of the criteria into applicable policies.
Do the same with select areas of training.
Make presentations on these issues to the audit committee.
Include these issues in external program assessments.