No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

The DOJ Doubles Down on Data, Raising the Stakes for Proactive Information Governance

Revised guidance, new agency hires indicate stronger focus on data and analytics

by FTI Consulting
October 19, 2022
in Compliance
doj data enforcement

As the DOJ signals that proactive compliance measures focused on data and analytics will be central to the agency’s future treatment of organizations that run afoul of the law, experts from FTI Consulting explore what companies (and compliance professionals) need to know.

FTI Consulting’s Andrea Levine and Jake Frazier co-authored this article.

Two recent developments at the DOJ have signaled a continuation and intensification of the agency’s focus on the role of data, proactive compliance and analytics in the antitrust enforcement ecosystem.  On Sept. 15, Deputy Attorney General Lisa Monaco announced revisions to the DOJ’s corporate criminal enforcement policies, which place strong emphasis on corporate data as a key factor in maintaining, demonstrating and investigating compliance. The revisions were also released in an agency memo.

These changes provide guidance for prosecution of individual and corporate misconduct and emphasize what the DOJ considers best practices for effective corporate compliance programs. Corporate data practices and governance are implicated throughout the memo, including their importance in ensuring the preservation of data that is pertinent to business communications and activity. 

Broadly, the DOJ has also demonstrated a pattern of hiring former compliance officials and investing in specialists who have the expertise needed to dissect whether corporate compliance programs are underpinned with sufficient data and analytics. The agency announced in September the appointment of a notable data analytics and global compliance expert to a newly created advisory position within its fraud section. In this role, Matt Galvin, former Anheuser-Busch InBev SA’s global compliance chief — who is well known for his work in leveraging analytics to identify and proactively mitigate non-compliant activity — will advise prosecutors on the characteristics and execution of robust proactive compliance programs. Glenn Leon, former chief ethics and compliance officer for Hewlett Packard, was also recently installed as the new fraud section chief. Data analytics and compliance expertise are significant factors of these strategic hires.

This revised guidance and the coinciding staffing trends will likely influence numerous aspects of regulatory enforcement going forward, but there is at least one critical implication organizations need to be aware of now: The importance of data and the use of data analytics in effective compliance and cooperation has become an irrefutable focal point in the DOJ’s strategy. 

Moreover, with leading data and compliance experts now dedicated to advising DOJ prosecutors, organizations should be prepared for an emphasis on the rigor and sophistication applied to how they govern their data, as well as whether their proactive compliance programs include sufficient access to and analysis of relevant sources of data.

Emerging data sources and personal devices

Under the new guidance, it will no longer be enough for compliance programs to address traditional information sources and communications channels. The new guidance is clear that data preservation and monitoring must also address the “use of personal devices and third-party messaging platforms,” including policies and training on appropriate use of personal devices and collaboration apps for business. The guidance also requires prosecutors to evaluate whether organizations have instituted policies to facilitate production of all relevant information, including from employee devices, when providing cooperation credit.

These directives carry significant information governance implications. To date, most organizations have believed that they are only required to collect data from personal devices or chat and collaboration applications if the DOJ expressly requests that information as part of investigation. The DOJ is now saying that enforcement of policies governing emerging data and personal devices must be effective and part and parcel of a cooperation. 

To meet such requirements must first have their data house in order. This means developing policies and employee training for the approved uses of third-party messaging and collaboration tools. Compliance teams should collaborate with their information governance or IT counterparts to understand the types of tools commonly used across the organization, as well as how the information within these platforms is accessed, shared and preserved. Likewise, organizations must set clear guidelines on the use of mobile devices for business, including installation of mobile device management systems to support and integrate mobile data with information governance procedures. Only once the corpus of business data is identified can compliance departments adequately monitor such data to detect and prevent misconduct in the future.

Fox Monaco doctrine wp_f
Compliance

The Monaco Doctrine: A Jolt for Compliance

by Corporate Compliance Insights
October 17, 2022

September saw the announcement of a significant refinement of Department of Justice (DOJ) enforcement policies around FCPA enforcement and corporate compliance programs. Tom Fox, author, podcaster and compliance expert, shares insights from his conversations with several thought leaders in compliance.

Read more

Responsiveness 

The new guidance also introduces time pressure for corporations to disclose evidence, especially evidence and communications relating to individual misconduct. So much so that delays will impact cooperation credit due to the fact that such delays “reduce the likelihood that the government may be able to adequately investigate the matter in time to seek appropriate criminal charges.” 

The ability to produce relevant documents and data “swiftly and without delay” is a hallmark challenge in regulatory investigations. As the number of relevant data sources grows, and the time to collect this data shrinks, organizations must improve preparedness. Without visibility into where this type of information may exist within the organization, counsel may not even know the extent of the organization’s exposure. Further, if the organization lacks a well-maintained information governance program, the sheer volume of data that may need to be evaluated could create costly delays. 

Proactive compliance 

Again, these developments are consistent with a larger trend that’s been forming within the DOJ and other regulatory bodies over the past several years. In 2020, the DOJ issued updated guidance that gave “Data more prominence as a critical factor in maintaining compliance programs,” given its role in ensuring visibility into all corporate activity and communications. Various groups within regulatory agencies, including the fraud division, are increasing their emphasis on the role of analytics in “identifying crime and building cases,” and are also demonstrating growing interest in hiring experts in analytics and compliance monitoring. In short, regulators are becoming more aware of what compliance programs should include, as well as what they are capable of when supported by data and analytics. 

This broader view of regulatory activity underscores just how valuable and risky data has become in the current business environment. Proactive compliance programs, supported by data experts and robust information governance practices that enable compliance teams to access emerging data platforms, are imperative under the latest guidance. It is clear that policies and training, and even culture of compliance, will no longer be sufficient to receive credit for cooperation or compliance programs should an organization come under suspicion or be flagged by a whistleblower or other investigatory activity. 

Andrea Levine is a managing director within the technology practice of FTI Consulting. She is a qualified antitrust attorney, expert in merger and cartel investigations and trusted compliance adviser. She specializes in creating, implementing and managing novel, technology and data driven solutions that help global corporations and firms mitigate risk, strengthen long-term compliance and improve response to high stakes matters. 

Jake Frazier is a senior managing director and serves as the global head for the Information Governance, Privacy & Security practice within FTI Consulting’s technology segment. He helps clients identify, develop, evaluate and implement governance processes, programs and solutions that produce the largest return on investment while reducing risk. 




Tags: Data GovernanceDOJ
Previous Post

Yes, Regulation Is Growing, But It Doesn’t Affect All Industries Equally

Next Post

How to Send the Elevator Back Down When a Contact Tells You They’re Job Hunting

FTI Consulting

FTI Consulting

Related Posts

Fox_DOJ Speeches_f

Analysis of Recent DOJ Statements

by Corporate Compliance Insights
March 23, 2023

DOJ leaders provide insight into agency's plans. Analysis of Recent Statements DOJ Shaping the Future of Corporate Criminal Enforcement What’s...

Fox_2023 ECCP Update_f

2023 Evaluation of Corporate Compliance Programs

by Corporate Compliance Insights
March 23, 2023

Keeping up with 2023 changes to DOJ guidelines. Additions, Deletions & Changes From 2020 2023 Evaluation of Corporate Compliance Programs...

safe harbor

What Is Safe in a World Without Antitrust Safe Harbors?

by Fiona Schaeffer and Adam Di Vincenzo
March 22, 2023

A trio of policy statements dating back to 1993 established the concept of safety zones with regard to information exchanges...

banks information sharing_f

Sharing Is Caring? Lessons From Dutch Banks’ Data-Sharing Program

by Sukirt Singh
March 22, 2023

With federal investigations pending, the autopsy of Silicon Valley Bank and resulting cascade of bank failures is only just beginning....

Next Post
job seeking

How to Send the Elevator Back Down When a Contact Tells You They’re Job Hunting

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT