As we begin to prepare for a full schedule of events in 2024, starting with an event on Voluntary Self-Disclosure Policy for Export Controls Violations on January 16, 2024, the NYU School of Law Program on Corporate Compliance and Enforcement (PCCE) is taking a moment to reflect on our busy Fall 2023 program. In this post: our third annual PCCE Directors’ Academy on September 21-22, 2023.
Keynote speaker Heather Lavallee, CEO, Voya Financial, Inc. (©Hollenshead: Courtesy of NYU Photo Bureau)
Editor’s Note: On September 15, 2022, the Program on Corporate Compliance and Enforcement (PCCE) at New York University School of Law hosted Deputy Attorney General Lisa O. Monaco while she delivered a speech detailing significant changes to the Department of Justice’s corporate prosecution policies. The speech and accompanying policy memo are available here. Over the coming days and weeks, PCCE will be publishing reactions to the new DOJ policies by practitioners, scholars, and compliance officers.
The changes to the Department of Justice’s (DOJ’s) corporate criminal enforcement policy announced by Deputy Attorney General Lisa Monaco at NYU School of Law on September 15 have prompted in-house and external counsel to reassess approaches to internal investigations, prosecutorial discovery requests, and negotiations with prosecutors in pending cases. However, the speech, and especially the concurrently-released DOJ memorandum, also offer significant implications for enterprise-wide compliance and risk management programs. This note highlights program elements that compliance officers and those who oversee compliance programs should be thinking about in five important areas: issues escalation and management; policy enforcement and related discipline; the role of compliance performance in employee compensation; supervision of employee communications; and as an overarching theme, continuously managing a firm’s changing risk management profile.
Prior to the Covid-19 pandemic, anecdotal and industry survey evidence suggested that compliance staff downsizing and compliance budget capping were taking place across the corporate world in response to perceived changes in the regulatory and enforcement environment.[1] More recent reports have indicated that downsizing may continue in tandem with broader budget cuts as companies take stock of their prospects in a post-pandemic world.[2] At the same time, the changing risk landscape and implementation of new programs related to addressing the pandemic or its economic impact translate into additional demands on compliance functions.
Appropriate compliance risk management, by definition, requires the periodic redeployment or readjustment of resources to address the most critical risks of the company in a changing environment. When the fortunes of a company change dramatically for the worse, down-sizing across units may be an unavoidable consequence. However, corporate compliance is subject to unique case law and enforcement standards that set a high bar for getting compliance staffing decisions right. Continue reading