Empowering Chief Compliance Officers? Certifications are Now Required under DOJ Resolution Policy

On June 22, 2022, Lauren Kootman, Assistant Chief in the Corporate Enforcement, Compliance and Policy Unit (the “Unit”) of the Justice Department’s (“DOJ”) Fraud Section confirmed that a forthcoming DOJ policy will require Chief Compliance Officers (“CCOs”) to certify representations about their companies’ compliance programs in settlement agreements with the DOJ.  Similar to the requirement set forth in the Sarbanes-Oxley Act that CEOs and CFOs must certify their companies’ SEC disclosures, and much like current end-of-monitorship certifications, the policy will require CCOs and CEOs to certify that their companies’ compliance programs have been “reasonably designed” to prevent future violations.  The policy was first proposed by Assistant Attorney General Kenneth A. Polite Jr. in March.  Responding to criticism (and echoing prior DOJ statements), Kootman explained that the policy is meant to ensure CCOs have “adequate visibility and access to information” about their companies’ business activities and compliance programs.  In that sense, she said it is DOJ’s goal that the new policy will “empower” CCOs, rather than target or punish them.   

Advancing the role of the CCO follows the DOJ’s recent elevation of CCOs within its own ranks.  AAG Polite is a former CCO of a Fortune 500 company and he recently tapped Glenn Leon, HPE’s CCO, to lead the Justice Department’s Criminal Fraud Section.  In his March address, Polite emphasized the important role CCOs play in encouraging ethical behaviors and the need to promote CCOs’ “independence, authority, and stature” within companies.  Discussing the then-proposed CCO certification requirement, Polite added that such a step would help ensure “that Chief Compliance Officers receive all relevant compliance-related information[.]”

Monitoring corporate compliance appears to be top of mind at the DOJ.  On the same day she confirmed the DOJ’s forthcoming policy, Kootman indicated that the reorganized Corporate Enforcement, Compliance and Policy Unit, which provides specialized training and support to prosecutors who handle DOJ investigations into corporations and their executives, will add additional, highly experienced attorneys to its ranks.  

Notably, what is now policy has already been utilized in practice.  In late May, Glencore agreed to pay more than $1.1 billion in criminal and civil penalties after pleading guilty to bribery and market manipulation charges brought by the U.S. Attorney’s Offices in Connecticut and the Southern District of New York, as well as the U.S. Commodities Futures Trading Commission.  The Glencore Plea Agreement requires it’s CEO and CCO to certify thirty-days prior to the expiration of the stipulated three-year compliance monitorship, that the company has met its compliance obligations as set forth in the Agreement, including by implementing an anti-corruption compliance program “reasonably designed to detect and prevent violations of the Foreign Corrupt Practices Act and other applicable anti-corruption laws[.]”  The Agreement states that the certification will constitute a material statement and representation under 18 U.S.C. § 1001.  

After the settlement was announced, AAG Polite noted that prosecutors would continue to focus on white collar crime and “use all tools available to bring cutting-edge market manipulation cases.”  With Kootman’s recent confirmation of the CCO certification as a new policy that will be incorporated “most likely … into every resolution,” the onus will be on CCOs to ensure that their compliance program is in order before their company will be in a position to resolve a matter with DOJ.