No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Former Regulator’s Advice on Implementing New DOJ Guidance

Proactive compliance approach includes investigations, root cause analysis & behavior modification

by Jacquelyn Pruet
October 9, 2024
in Compliance
doj building sign

The DOJ’s recently announced update to its compliance program guidance reflects a growing global trend (see new guidance in Australia) of enforcement authorities focusing on compliance programs. Jacquelyn Pruet, formerly chief regulatory policy writer for the Texas Commission on Law Enforcement, offers a former regulator’s take on what it means to have an effective compliance program.

The DOJ’s recent update of its “Evaluation of Corporate Compliance Programs” guidance, along with Australia’s new guidance foreign bribery prevention, have intensified the focus of global authorities on corporate compliance programs. Increasingly, the effectiveness of a company’s compliance framework is a critical factor in prosecutorial decision-making worldwide.

As regulatory landscapes shift and corporate environments become increasingly complex, it is essential for compliance leaders to ensure their programs are not only robust but also adaptable and genuinely remedial. Evaluating the evolution of a compliance program, its depth of root cause analysis and its responsiveness to findings is key to meeting these new standards.

The evolution of compliance programs

An effective compliance program must be dynamic, evolving in response to emerging risks and lessons learned. A compliance program is not a static entity but should be a living system that adapts as the company’s operations and as the regulatory landscape changes. The update to the DOJ guidance spells out more clearly than ever how compliance leaders should assess whether their organization’s program has been updated to address new or evolving risks, rather than simply existing in its original form. The DOJ says, “prosecutors should consider whether the company has engaged in meaningful efforts to review its compliance program and ensure that it is not stale.” It advises that organizations should be able to answer the challenge “Is the company’s approach … proactive or reactive?” It is also worth noting in the same guidance, federal prosecutors are also instructed that, “Prosecutors may reward efforts to promote improvement and sustainability.”

For instance, a company that initially developed its compliance program based on industry standards should be assessed on its ability to adapt to new regulations, technological advancements and changes in market conditions. Inability to evolve may reveal deeper issues within the company’s risk management strategy. 

One effective way to demonstrate adaptation is by establishing the compliance program as a standalone department with direct access to the CEO and board of directors, akin to what legal, operations and human resources departments typically enjoy. A compliance program that proactively implements updates and adjustments reflects a strong commitment to continuous compliance and ethical practices.

Demonstrating meaningful adaptation involves a standalone department that has implemented a three-pronged approach: investigation, root cause analysis and behavioral modification.

sec building glitch effect
Compliance

The SEC Is at the Front Desk. Cooperate or Resist?

by Lindi Jarvis and Edurne Sistiaga
September 18, 2024

In recent years, the SEC has planted a lot of carrots, telling companies over and over again that cooperation with commission investigations is one of the best ways to avoid harsh penalties. But corporate leaders are still left to calculate the risk and reward of proactive engagement with enforcement authorities whose proceedings pack a punch.

Read moreDetails

Root cause analysis

While robust investigation departments staffed with properly accredited investigators are crucial, they should not be the sole focus of a healthy compliance program. Relying on investigations alone is like balancing on a pogostick — it might work temporarily, but it is unstable and prone to frequent and recurrent issues.

According to the federal prosecutorial guidelines, a critical aspect of assessing a compliance program is the depth and honesty of its root cause analysis following an incident of misconduct. Root cause analysis should go beyond identifying what went wrong; it must explore why it happened and what systemic changes are needed to prevent recurrence. This involves having a data analysis team, ideally supported by skilled data scientists. Data analysis provides a more stable foundation than a program with only an investigation “leg,” sort of like having stilts for your compliance program. For this area to succeed, it must have direct access to the chief compliance officer or department leader. However, even this approach has limitations and cannot stand indefinitely without further support.

Behavioral modification

Effective root cause analysis demands a thorough examination of the underlying issues that allowed misconduct to occur. This may involve scrutinizing organizational culture, inadequate controls or lapses in oversight. Based on these findings, the compliance program should implement actionable steps, such as enhancing training programs, revising policies or strengthening internal controls. This introduces the third critical element — behavioral modification — which provides a solid foundation for the compliance program, like a stool that a company can confidently rest upon.

Behavioral modification requires specialized expertise in corporate change management. For corporations, this often involves tailored training programs, strategic communications and adaptive policies. However, even the best-designed training, communication and policy plans can fail without meaningful support from the executive team, extending through to frontline workers. 

Just as you need qualified professionals to staff your investigation team and data scientists to manage data/root cause analysis, you also need seasoned corporate behavior modification specialists who understand how to implement and manage organizational changes effectively. These corporate change management experts should have a strong background in communication, executive training, policy and if possible also be legal experts. 

This role is not ideal for a lawyer but someone who understands how both the law and lawyers operate. Ideally the organization chooses someone who can work with the communications, training and legal departments while also handling executive messaging on the subject. For this role to succeed there must be direct access to the chief compliance officer or leader of the compliance department, as well as access to the executives they will be helping to create the communication strategies for.

A holistic approach

Ultimately, building a robust compliance program necessitates a holistic approach that considers both its evolution and response to past issues. Compliance leaders must look beyond checklists to evaluate how their programs address compliance risks substantively. A program that evolves and tackles root causes effectively demonstrates a genuine commitment to ethical behavior and legal adherence, which can influence regulatory decisions on whether to pursue charges or negotiate resolutions. 

The DOJ has indicated that proactive compliance may not just help companies in ongoing investigations but can help them prevent future investigations altogether.

An effective compliance program is defined by its adaptability and its ability to drive meaningful change. This requires all three separate areas of the department to report directly to their Chief compliance officer or compliance leadership. This helps ensure that a program is not merely one-dimensional (investigations only) and taking a reactive stance but that it represents a sincere effort to uphold ethical standards (root cause analysis) and prevent future misconduct, focusing on a proactive approach (behavioral modification). 

By taking a proactive approach, companies not only strengthen their corporate accountability but also enhance the integrity of the regulatory framework governing their business practices. None of the three key areas regulators expect to see in a compliance program are ideally staffed by lawyers. 

Although a robust legal department is highly beneficial and can serve as a valuable partner to a compliance program, lawyers are not necessarily equipped with the specialized skills required for these areas.

When a company creates an independent compliance department and uses a three-pronged approach staffed by appropriately credentialed individuals, all supported by organization-wide buy-in, and direct access to leadership the company can establish a solid and dependable compliance program, ensuring stability in their compliance efforts and avoidance of regulatory interventions.


Tags: Corporate CultureDOJ
Previous Post

The CISO’s Journey From Digital Defender to Compliance Champion

Next Post

NY to Finance Sector Leaders: Let’s Get Personal

Jacquelyn Pruet

Jacquelyn Pruet

Jacquelyn Pruet is a change management specialist, legal expert and communications strategist known for her ability to drive measurable behavioral change through the creation of award-winning, educational and impactful content. With extensive experience across banking, law enforcement and contract manufacturing, she has specialized in executive leadership communication, mergers and acquisition transition assimilation and legal compliance. Jacquelyn excels in navigating complex environments to achieve strategic outcomes and facilitate effective organizational change. She formerly was chief regulatory policy writer for the Texas Commission on Law Enforcement.

Related Posts

low battery on iphone warning

Ethics Fatigue: The Burnout That’s Putting Your Organization at Risk

by Nick Gallo
June 20, 2025

The psychology behind why ethics professionals are exhausted and what companies risk when they let it go unchecked

doj distorted

FCPA Enforcement Back on at DOJ — With a New Look

by Jennifer L. Gaskin
June 18, 2025

After a shorter-than-expected pause, officials with the DOJ have formally renewed the department’s enforcement of the FCPA. CCI’s Jennifer L....

toxic positivity concept melting smiley face

Good Vibes Do Not Always Mean Good Ethics

by Vera Cherepanova
June 18, 2025

Sound ethics can’t exist without a culture of accountability

layoffs woman with carton of items

Beyond Fair WARNing: Regulatory & Reputational Pitfalls of Workforce Reduction

by Nancy Mann Jackson
June 11, 2025

Nearly 700,000 workers have lost jobs this year as companies respond to economic uncertainty, but employment law experts warn that...

Next Post
digital collage illustrating concept of individual being investigated

NY to Finance Sector Leaders: Let’s Get Personal

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights