Recently DOJ Criminal Division Assistant Attorney General Kenneth Polite delivered this speech.
He focused on the following topics: how the DOJ evaluates “corporate compliance programs to ensure that companies are designing and implementing effective compliance systems and controls, creating a culture of compliance, and promoting ethical values,” corporate monitors, DOJ compliance related resources, and the consequences for a company violating a DOJ resolution agreement.
Polite also announced that he has asked his “team to consider requiring both the Chief Executive Officer and the Chief Compliance Officer to certify at the end of the term of the agreement that the company’s compliance program is reasonably designed and implemented to detect and prevent violations of the law (based on the nature of the legal violation that gave rise to the resolution, as relevant), and is functioning effectively.”
During his speech, Polite used the words or concepts “detect and prevent” several times. Keep in mind however, that there is no relevant legal standard that requires corporate compliance programs to “detect and prevent” violations of law. For this reason among others, Polite’s policy suggestion is off-target.