Second Edition of DOJ & SEC Resource Guide: Effective E&C Programs Evolve to Meet and Mitigate the Risks Facing their Organizations

July 13, 2020 Susan Divers

On July 3, 2020 the DOJ Fraud Section and the SEC published the second edition of the 2012 FCPA guidance – updating their 100+ page resource guide to complying with the FCPA.  It was the first detailed guidance document on anti-bribery compliance published by regulators and, although not legally binding, was intended to influence how companies complied with US anti-bribery laws.  


 This recently published second edition contains expanded discussions about gifts and entertainment, third-party compliance and M & A due diligence plus extensive updates of the “enforcement “cases cited in the first edition.  It also includes separate sections on “Evaluation of Corporate Compliance Programs” and “Best Practices” and incorporates key points from the May 2019 and June 2020 Evaluation of Corporate Compliance Programs guidance issued by the Fraud Section.


Regarding E & C programs, the second edition largely incorporates the earlier guidance with emphasis on ensuring E & C programs work in practice, evolve, and change to reflect risks and address weaknesses:


“[A] good compliance program should constantly evolve. A company’s business changes over time, as do the environments in which it operates, the nature of its customers, the laws that govern its actions, and the standards of its industry. In addition, compliance programs that do not just exist on paper but are followed in practice will inevitably uncover compliance weaknesses and require enhancements. Consequently, DOJ and SEC evaluate whether companies regularly review and improve their compliance programs and do not allow them to become stale.”  


LRN’s Strategic Program Evaluation has been specifically designed to reflect regulatory guidance with a focus on holistic program effectiveness, not checklist compliance, which is the thrust of so many other assessments. Additionally, LRN’s extensive library of ethics and compliance courses is continuously updated, providing our partners with current content such as returning to work in the wake of the pandemic and anti-racism resources, allowing them to stay on top of risks and regulations as they evolve.


The separate DOJ June 2020 and May 2019 Evaluation of Corporate Compliance Programs guidance  mention the importance of culture surveys in assessing the health of an organization’s ethical culture and the resonance of its E & C program.  The second edition DOJ/SEC guidance goes further and lists additional potential benefits of such effort:


“An organization should take the time to review and test its controls, and it should think critically about its potential weaknesses and risk areas. For example, some companies have undertaken employee surveys to measure their compliance culture and strength of internal controls, identify best practices, and detect new risk areas.”


LRN’s Compliance and Ethics Program Impact Assessment (CEPIA) uses flexible surveys and focus groups to measures levels of ethical strength and weakness and the degree to which an ethics program resonates with employees.  Using sophisticated data analysis and LRN’s extensive data, CEPIA provides an in-depth analysis of employee perceptions and key indicators of ethical culture such as levels of speaking out, organizational justice, trust and respect.  The analysis can be broken down by geographic area and business unit.  The result is a heat map showing areas needing greater attention and gaps in ethical culture that can lead to compliance failures. 


Although the second edition does not break new ground in the training area, regulators’ continuing emphasis on tailoring training to functional roles, using real life examples and translations is a critical theme for all recent guidance:


“Regardless of how a company chooses to conduct its training, however, the information should be presented in a manner appropriate for the targeted audience, including providing training and training materials in the local language. For example, companies may want to consider providing different types of training to their sales personnel and accounting personnel with hypotheticals or sample situations that are similar to the situations they might encounter.” 


Moving forward, functionality geared toward tailoring training content, such as adaptive learning, test-out, and analytics to measure understanding and impact will become even more critical in the effort to demonstrate effectiveness.  Gone are the days when repeatedly rolling out the same one-size-fits-all courses and limiting reporting to completions will suffice.


LRN’s focus on such innovations is supporting our partners as they drive their program forward in alignment with the regulatory guidance.  With adaptive learning for instance, learners can actually self-select into content appropriate for them individually based upon their business unit, role, job-grade, or geography (or any other criteria). In so doing, they are guided to  the content that  speaks to them and the risks that  they are likely to encounter. For example, in today’s environment, managers can self-select content that helps them have difficult conversations with their teams on complicated ethics and compliance issues.


Test-out is another feature gaining wide acceptance as it presents many benefits.  First, the learner can be required to only complete sections of the training related to missed pre-course knowledge check or quiz questions.  Second, the learner feels empowered and in control of their learning experience.  Even if they don’t pass the quiz, they have the opportunity to demonstrate their knowledge.  Third, user data has revealed that learners stay in a course longer if they didn’t pass the quiz, suggesting they are taking the training more seriously so that next time they can pass.


New and improved analytics are perhaps the most effective tool to demonstrate effectiveness and target learning.  In the past, only rudimentary features like pass, fail, in progress, or not started were measured.  With LRN’s robust analytics offerings, our partners can now understand exactly what learners are focusing on within a course, where they are struggling, and how their performance varies from group to group.  For example, such data can indicate that learners in specific areas of the world find the compliance aspects of gifts and entertainment difficult to understand in cultures where they are customary.  This allows companies to actually pinpoint hot-spots and areas for remediation activities.  It also helps inform future curriculum planning so the focus will be on the most critical materials moving forward based upon proficiency demonstrated or absent in the past. 


Thus, the second edition of A Resource Guide to the Foreign Corrupt Practices Act continues regulators’ insistence that the evaluation of E & C programs be based on how those programs (1) evolve to reflect and address new risks and (2) whether they work effectively in practice.

About the Author

Susan Divers

Experienced Ethics and Compliance Executive. Senior Advisor at LRN

More Content by Susan Divers
Previous Post
CCPA Enforcement Begins
CCPA Enforcement Begins

The California Consumer Privacy Act took effect in January, with enforcement officially beginning on July 1...

Next Post
Workers Will Walk Away if CEOs Don’t Act on Moral Issues
Workers Will Walk Away if CEOs Don’t Act on Moral Issues

The findings underline a moral leadership gap; employees believe their companies’ leaders fall short.