“Even if we tried to prosecute every instance of corporate wrongdoing that we can possibly achieve, it still wouldn’t be enough. We have to invest in prevention as a department, and, frankly, as a society.”
– Kenneth Polite, Department of Justice, Assistant Attorney General
This week, we look at the Department of Justice’s (DOJ) focus on prevention regarding white-collar crime. We consider how real-time messaging platforms may increase compliance risk due to their informal nature. We explore lessons to take away from the recent Silicon Valley Bank failure. Finally, we learn twenty questions to ask to ensure your compliance program helps you minimize corporate risks.
DOJ’s Kenneth Polite Puts Prevention at Forefront of White-Collar Crime Efforts
According to Assistant Attorney General Kenneth Polite, the US Justice Department is looking to expand its compliance and prevention approach towards white-collar crime. Polite said that the department’s efforts to fight both violent crime and corporate misconduct, such as overseas bribes, would require investment in prevention, as prosecuting every instance of wrongdoing would not be enough. The department has launched and reworked a number of policies to encourage companies to invest in compliance programs; a trend Polite says he sees room to expand.
Have Enterprise Collaboration Tools Made Every Day Casual Friday When It Comes to Electronic Communications?
Over the past decade, workplaces have evolved significantly, with the pandemic forcing many employees to telecommute using collaboration platforms like Slack, Microsoft 365, and Google Workspace. These platforms offer real-time messaging formats similar to text and online chat messaging. The less formal communication style can create additional risks related to communications created, sent, and stored through these tools. Such informal communication can lack discretion and decorum appropriate for workplace correspondence and fail to capture the full context of the subject matter. Organizations should train employees about best practices for using these communication tools, including guidance on record retention practices and employees’ responsibilities related to managing and preserving communications and other records for legal proceedings.
Compliance Lessons from the SVB Failure
Silicon Valley Bank’s collapse reveals multiple levels of oversight failure in identifying poor risk management practices, responding to red flags, and preparing for crises. KPMG auditors failed to identify the strategic risks taken by SVB around low-interest rate loans that put the bank in a precarious position. The Board and senior management failed to respond adequately to the BlackRock consultants’ report, which identified 11 of 11 criteria for risk management failures, indicating serious issues. Additionally, regulators raised red flags about SVB’s risk management practices and potential lack of access to emergency funding. Yet, they failed to create a plan to address these issues before the crisis occurred. The collapse of SVB highlights the importance of proper oversight, risk management, engaging with auditors, and having a plan in place to deal with potential crises. Organizations should learn from this case to ensure a similar disaster does not occur again.
Top 20 Questions to Ensure Your Compliance Program Helps You Minimize Corporate Criminal Risks
In 2023, federal officials will take a broader view of a company’s compliance program when investigating allegations of corporate wrongdoing or considering criminal charges. The updated Evaluation of Corporate Compliance Programs will evaluate whether a company has an effective plan for identifying issues, responding to them, and measuring the implementation of ongoing improvement initiatives. Companies should consider the top 20 questions provided, including identifying issues and culture of reporting, responding to issues, and continuous monitoring. Compliance is not a one-size-fits-all approach, and a healthy compliance program will have a crossover between areas of potential concern. Regulators expect a robust, active, sustainable compliance program to adapt based on actual feedback. Even if a company’s compliance program is imperfect, implementing a plan to tackle challenging compliance issues will be better than doing nothing.