The Yates Memo has gone viral, and for good reason. Whether interpreted as an expansion of preexisting policy or as a significant change in direction, the Memo now makes the accountability of individuals involved in corporate wrongdoing that violates US law a US Department of Justice (DOJ) priority. You can download the DOJ Memorandum: Individual Accountability for Corporate Wrongdoing here.
For the General Counsel (GC)/Chief Compliance Officers (CCO) responsible for the administration of corporate compliance programs (e.g. anti-corruption, anti-trust/competition, government contracts, environmental, or sector specific – such as health care or financial services-related), the Memo’s issuance is a singular event that will place new demands on the position. But is also an opportunity to demonstrate leadership. Sound guidance and direction provided now can positively impact the program, the company and the GC/CCO’s career path in future periods.
So what should the GC/CCO be thinking about concerning the Yates Memo at these early stages?
What are some of the strategic or “big picture” questions that are important to consider in terms of the programmatically significant issues of leadership, risk assessment, policy, culture, communications/training, internal controls and oversight?
Among the possible questions are the following:
- Does management and the Board know about the Memo, do they understand it, and do they appreciate its significance?
The Memo is big news in corporate America, less so elsewhere. Many execs have likely learned about some aspects of the Memo from the major business media outlets. But senior leadership in all companies subject to the US Foreign Corrupt Practices Act (FCPA) should be promptly informed about the Memo and its meaning. Executives’ personal risk profiles have effectively changed.
- What is the best way to communicate the Memo’s contents and significance to these parties?
There is an abundance of thoughtful law and other professional service firm Memo analyses readily available by Googling “Yates Memo”. One of these, best fitting the GC/CCOs own views, and attached to a short summary email, will get the word out quickly. GC/CCOs should also request speaking slots at the next senior management and Board meetings to cover the Memo, to answer questions and to discuss possible changes to the company’s compliance program.
- What Memo points should be highlighted in any such communication?
In simple terms, the Memo does two things: it (in steps 1, 4 and 6) sets out individual accountability related to corporate wrongdoing as a DOJ priority; it also (in steps 2, 3 and 5) covers the changes to DOJ practice and procedures, the “nuts and bolts,” that support this policy direction. The individual accountability aspects are likely to be of most interest to execs – particularly the DOJ positions that: all relevant facts about individuals must be provided by companies to be eligible for any cooperation credit; and protection from criminal or civil liability for individuals will not be part of case resolutions with companies in most circumstances.
- What recommendations does the GC/CCO have about possible changes to the existing corporate compliance program in light of the Memo?
The good news/bad news is that this question will be forthcoming – most likely from the CEO and/or the Board. This is an opportunity to have open discussions about the new challenges presented by the Memo, existing compliance program issues and themes, and resources. Because personal liability and reputations are now part of the DOJ law enforcement dynamic, corporate compliance programs will be getting more attention from companies’ senior management and Boards – both now, and going forward. It’s been repeated often, but it’s never been truer: “never let a good crisis go to waste”; GC/CCOs should use this opportunity to enhance their compliance programs.
- Is it possible that the Memo’s issuance will change the company’s risk appetite?
A preliminary question may be, “Has the company’s risk appetite actually been articulated?” In many companies, it has not, and a given company’s risk appetite may be a function of the present company culture, often influenced by the acts and words (in that order) of senior management. This is another instance where the GC/CCO can take advantage of the Memo’s issuance to have discussions around the business and legal aspects of acceptable vs. unacceptable risk boundaries, and to help bring clarity around the often amorphous notion of risk appetite.
Beyond these initial big picture questions, there are other inquiries and analyses that the GC/CCO may wish to consider in response to the Yates Memo. Future GAN blogs will address these topics.
Image credit: Ryan J. Reilly, Flickr. (Image has been modified.)
Federal appeals court upholds 5.6B USD Visa and Mastercard settlement
The DOJ updates its guidance on corporate compliance programs
Founder and former FTX CEO arrested, indicted on eight fraud charges