by Emil Moschella and Joseph Murphy

Today there is an urgent call for reform with respect to race relations in policing, especially in the use of force.  Proposed solutions range from defunding the police to more discrete ideas that address the use of force, de-escalation techniques, dealing with impaired individuals, providing on the scene expertise to work with the police, the quality of internal investigations, discipline, and preventing dismissed law enforcement officers from working in similar positions anywhere in the country. 

Without advocating for any of these changes specifically, we address how to make reforms effective and lasting. We strongly recommend that whatever changes to policing are chosen, whether by legislation, regulation, or internal police policy, they be part of an administrative framework that is sustainable and geared to prevent and detect violations of rules governing overall police procedures and conduct.

Police Self-Policing

While compliance and ethics (C&E) programs have found a home in corporations and other organizations as a way to mitigate the effects of corporate criminal and civil liability, they have been slower to develop in government organizations.  This is so even though the concept of government self-control is as old as the country.  In 1788, James Madison noted in his Federalist Paper No. 51 that: 

“In framing a government which is to be administered by men over men, the great difficulty lies in this: you must first enable the government to control the governed; and in the next place oblige it to control itself.”

An internal  compliance program (managed from within the police department but with reporting to the top governing authority), as developed over the past decades in corporations, breathes life into Madison’s concept of government self-control and ensures that today’s enthusiasm is not a passing phase but is acted upon and continually refreshed.

We believe that practical steps are needed to address issues of racial bias and misuse of force in police departments.  However, while new rules are an important start and can have immediate impact, sustainable change requires a management framework affecting the culture of these organizations.  Fixing problems in an embedded culture is no easy task, but this is what government already expects from the private sector. The effort to comply with regulations requires companies to demonstrate organizational leadership in words and action.  Training and standards must be underscored by strong management steps such as monitoring, audits, visible discipline, a safe internal reporting system, and a self-evaluation process geared toward early detection of organizational misconduct and steps to ensure that the entire system is actually working. 

We propose that police departments use all the best practices of an effective compliance and ethics program to prevent and detect government wrongdoing and effect lasting change.

15 Steps for a Police Compliance and Ethics Program

A robust compliance and ethics (C&E) program uses solid management tools to detect and prevent misconduct.  Those tools are identified in the Federal Sentencing Guidelines for Organizations (FSGO)[1] and generally accepted corporate best practices as follows:

1. High level oversight. In the private sector this is often exercised at the board level, with a delegation to a board subcommittee.  The oversight includes regularly scheduled meetings (usually quarterly) with a formal agenda and minutes.  In a police department, this may start with an internal oversight function with broader oversight performed by the highest governing authority – city councils, county boards, or committees of those boards.
2. Chief Ethics and Compliance Officer. The head of the police department must lead in promoting the C&E program. However, day-to-day responsibility for the C&E program should be delegated to a high-level manager who reports to the oversight body (also known as a chief ethics and compliance officer (“CECO”)). The position should not be viewed as a “dead end job” but one that is part of a promotional continuum.  An effective CECO needs independence, authority, resources, line-of-sight into all parts of the organization, and knowledge of the organization and the field of compliance and ethics.  
3. Clear policies, codes of conduct, and internal controls. Police departments should have policies, codes of conduct, and internal controls in place that are designed to make the values, rules, and expectations of the organization clear, and to implement procedures designed to control misconduct. Standing alone, these are just passive tools, but when promoted and lived by management, and combined with the other steps explained here, they help set an organization’s tone. 
4. Careful delegation of responsibility. Leadership should be diligent in not delegating responsibility to those who are not completely committed to the program or are likely to undermine the program’s effectiveness. Promotions should give great weight to the individual’s commitment to the values of the organization, including compliance with the law.  
5. Use of incentives and discipline to promote and enforce the program in both the line and supervisory ranks. Compliance and commitment to ethical norms must be a part of each employee’s performance evaluation. Disclosure of awards and disciplinary action taken (while appropriately shielding individual privacy) is considered a best practice.
6. Reporting. Mechanisms for employees to obtain advice and raise compliance concerns anonymously or confidentially or, when necessary, to intercede on the scene without fear of retaliation. This is a challenging but essential message that employees must see in action: that reports are taken seriously and result in visible action, and that violations are subject to discipline, no matter who the violator may be.  Cultural issues can make this especially difficult, because law enforcement officers rely on each other for backup where it can mean asking someone to put their physical wellbeing or life at risk.  However, police departments can learn from the private sector where the best practice is a C&E hotline to receive allegations of misconduct; a duty to report non-compliant behavior and disciplinary exposure for failing to do so; a yearly sign off on a representation of no knowledge of any unreported non-compliant behavior; and, perhaps most importantly, a strong organizational reaction to allegations of retaliation. 
7. Prompt, thorough, and independent investigation of complaints of misconduct. This serves two ends: it demonstrates responsiveness to individual and community concerns and, when appropriate, removes the cloud of suspicion from officer(s) who did nothing wrong.
8. Robust training and communication. Robust training and ongoing communications must be implemented, including new employee training; in-service training; and specialized training dealing with the particular assignments.
9. Monitoring subordinates’ actions through appropriate supervision and other tools. Managers and compliance professionals would be trained to listen carefully: to colleagues on the force and to citizens who deal with officers. 
10. Auditing police actions to identify trends, both good and problematic. In addition to record reviews, this includes obtaining the observations of  prosecutors, judges, jail, and probation officials about what concerns them regarding police conduct.
11. Periodic evaluation of the program’s effectiveness. Certainly, one of the greatest weaknesses of implementing only parts of compliance programs has been the absence of any mandate to test whether any of the required training or other steps imposed to remediate misconduct actually worked.  For instance, even after receiving complaints about the ineffectiveness of sexual harassment training, the same training often is inflicted on employees, who end up viewing it as meaningless box-ticking.  No training or other program steps should be done unless their effectiveness is measured, and ineffective steps should be quickly changed.  
12. Periodic risk assessment, and learning from the experiences of comparable organizations around the country. These ongoing assessments can lead to a review of all of the program elements to be sure they address the current risks. Timely risk assessment assures that the program keeps up with developments in the organization, the law, and the field of compliance and ethics.
13. Keeping up with other compliance and ethics programs’ best practices. This can be done through information sharing, such as through national organizations. The Society of Corporate Compliance and Ethics, for example, provides access to the profession globally, and keeps up with developments in all aspects of the field. 
14. Responding appropriately to violations. This includes performing a root cause analysis, taking steps to prevent recurrence, and notifications to appropriate oversight bodies.
15. Documenting the program. This is critical for transparency and enabling future auditing.

Going Forward

The FSGO are at the core of effective C&E programs.  Thus most programs will look similar with two exceptions: the risk areas from industry to industry will differ, as will the size of the organization.  There will be differences in the size and jurisdiction of police departments.

The FSGO states that the guidelines are scalable; the formality and scope depend on organizational size.  A C&E program in a large organization would be expected to have more formality and resources, while small organizations should have the same commitment with less formality and resources.  Money does not buy compliance; commitment is the key, and any determined organization can afford this.[2] 

There are clear differences in jurisdiction amongst state, county, and city police departments, which will need to be addressed by individual compliance programs. The point is that the FSGO provides a road map of core management steps for compliance and ethics programs.[3] The implementation will vary based on size and jurisdiction.

Many of the advocates for policy change identify some of the elements of the C&E program in their proposals, including the need for new policy development, training, monitoring, and auditing.  Indeed, some LEO executives reading this may identify several of the elements identified here as already existing in their organizations.  However, implementing some but not all of the foregoing recommendations is a formula for failure. A holistic approach to compliance pulls all the existing controls under one executive and an overarching policy that establishes the program with the structural elements identified above.  Experience teaches us the importance of integrating the anti-racism and excessive force policies into the overall compliance and ethics infrastructure so that these are not isolated. Such efforts should not be removed from the independence and empowerment of the overall compliance and ethics program; doing so negates effectiveness.

While the immediate issue is responding to public calls for reform of policing to address racist behavior and police use of force, all government agencies are staffed by people. Humans have the potential to make errors or engage in misconduct. We have seen compliance issues in a range of areas, from securities fraud in the issuance of state bonds,[4] to skewing of educational results,[5] to allegations of sexual harassment even in the judiciary.[6]  Implementing the principles of effective ethics and compliance programs in police departments can help address today’s most pressing issues.  They can also be there as new risks and areas of concern develop in the future. 

[1] See United States Sentencing Guidelines, Chapter 8, § 8B2.1, https://www.ussc.gov/guidelines/2018-guidelines-manual/annotated-2018-chapter-8 for the elements of an effective compliance and ethics program.  These Guidelines have set the fundamental elements that have been reflected in compliance program standards around the world, and have been applied to address a broad range of misconduct beyond criminal violations. 

[2] See Joseph Murphy, A Compliance & Ethics Program on a Dollar a Day: How Small Companies Can Have Effective Programs (SCCE 2010), available at http://www.corporatecompliance.org/Portals/0/PDFs/Resources/ResourceOverview/CEProgramDollarADay-Murphy.pdf (PDF: 971.71 KB).

[3] See Rutgers Center for Government Compliance and Ethics, Compliance and Ethics Programs for Government Organizations: Lessons from the Private Sector (Dec. 2010), https://rcgce.camlaw.rutgers.edu/sites/rcgce/files/rcgce_whitepaper.pdf (PDF: 712.54 KB); Rachel Barkow, Organizational Guidelines for the Prosecutor’s Office, 31 Cardozo L. Rev. 2089, 2102-04 (June 2010).

[4] See Securities and Exchange Commission, “Press Release, SEC Charges State of New Jersey for Fraudulent Municipal Bond Offerings” (Aug. 30, 2010), available at https://www.sec.gov/news/press/2010/2010-152.htm.

[5] See Alan Blinder, “Atlanta Educators Convicted in School Cheating Scandal,” N.Y. Times (Apr. 1, 2015), available at https://www.nytimes.com/2015/04/02/us/verdict-reached-in-atlanta-school-testing-trial.html.

[6] See Sharlene Koonce, “#MeToo: Sexual Harassment in the Courtroom,” American Bar (Feb. 5, 2019), available at https://www.americanbar.org/groups/judicial/publications/appellate_issues/2019/winter/metoo-sexual-harassment-in-the-courtroom/. 

Emil Moschella is the Executive Director of the Rutgers Center for Government Compliance and Ethics (RCGCE), and Joseph Murphy is the Chair of RCGCE.

Disclaimer

The views, opinions and positions expressed within all posts are those of the author alone and do not represent those of the Program on Corporate Compliance and Enforcement (PCCE) or of New York University School of Law.  PCCE makes no representations as to the accuracy, completeness and validity of any statements made on this site and will not be liable for any errors, omissions or representations. The copyright of this content belongs to the author and any liability with regards to infringement of intellectual property rights remains with the author.