The U.S. Department of Justice (DOJ) has issued a revised version of its guidance on corporate compliance, alerting businesses to the evolving expectations prosecutors have when assessing a company’s compliance program, especially in light of criminal employee misconduct. This updated guidance, known as the Evaluation of Corporate Compliance Programs (ECCP), serves as a crucial tool for DOJ prosecutors when determining whether a corporation’s compliance efforts were effective at the time of an alleged offense, and whether they remain so during the investigation or resolution of a case.
According to the DOJ, the purpose of the ECCP is to assist prosecutors in evaluating how well a company has designed and implemented its compliance program to prevent and detect criminal activity. As the DOJ regularly updates this guidance, the latest revisions reflect key shifts in how technology, whistleblower protections, and data access should factor into corporate compliance evaluations.
Technology’s Role in Compliance
One of the notable updates to the ECCP is its emphasis on the role technology plays in business operations and its impact on corporate compliance. The new guidance instructs prosecutors to carefully consider a company’s use of technology, specifically its risk assessment related to technological risks and whether the company has taken steps to mitigate any vulnerabilities. This is particularly pertinent in an age where criminal activity can be facilitated by advanced...
While the COVID-19 pandemic may feel like a distant memory for many, its effects continue to reverberate for others—particularly for businesses that obtained loans through the Paycheck Protection ...