DOJ Corporate Compliance Certifications Seem to be Here to Stay | BakerHotelier

Key points to remember
  • As part of its renewed focus on corporate crime, the Department of Justice (DOJ or Department) requires compliance officers (CCOs) and CEOs to certify the effectiveness of their company’s compliance program in all corporate criminal resolutions, including guilty pleas, prosecution agreements (NPAs) and deferred prosecution agreements (DPAs), at the end of the term of the agreement.
  • The policy has caused unease among some compliance professionals, fearing that the certifications will leave CCOs exposed to criminal prosecution.
  • But the policy has been repeatedly emphasized by DOJ officials and appears to be here to stay. The DOJ has used compliance certifications in two corporate criminal resolutions so far, the most recent on September 15, 2022, in a DPA with GOL Linhas Aéreas Inteligente (GOL). On September 22, speaking before the New York City Bar Association (NYCBA) 2022 Compliance Institute, Alixandra Smith, Deputy Chief of the Criminal Division of the United States Attorney’s Office for the Eastern District of New York, pointed out that compliance certifications serve as a tool for the DOJ to hold individuals accountable for corporate wrongdoing and would continue to be used.
Compliance Certification Policy Background

The Compliance Certification Policy was first announced by Deputy Attorney General (Deputy AG) Kenneth Polite in March 2022, when he stated that for all “criminal division corporate resolutions (including pleas, DPAs and NPAs),” the department would consider requiring CCOs and CEOs to certify at the end of the agreement term that their company’s compliance program is “reasonably designed and implemented. works to detect and prevent violations of the law…and operates effectively”. Assistant AG Polite continued that in certain resolutions that require annual self-reports on the status of the company’s compliance program, the Department would consider requiring the CEO and CCO to also certify the truth and accuracy. accuracy of these reports. Assistant AG Polite said his announcement was “not punitive in nature”. Rather, “it is intended to enable our compliance professionals to have the data, access and voice within the organization to ensure you and us that your business has a[n] environment focused on ethics and compliance.

However, since the announcement of assistant AG Polite, some in the compliance industry have expressed concern that these certifications could expose CCOs to future criminal prosecution. In response to questions about the Department’s approach to individual accountability under the certification policy, Assistant AG Polite told Law360 that while the purpose of the new requirements is not to prosecute CCOs or CEOs, “if there is a conscious misrepresentation on the part of the CEO or chief executive officer, it could certainly result in some form of personal liability,” and he indicated that the department could also “consider a misrepresentation in any such certification, or failure to provide such certification, a breach of the Company’s obligations under the Agreement.”

Assistant AG Polite recently reiterated the Department’s compliance certification policy in prepared remarks at the University of Texas Law School on September 16. In the remarks, Assistant AG Polite acknowledged the concerns raised regarding the compliance certification process and underscored the Department’s position that such certifications will give Chief Compliance Officers a greater voice in corporate decision-making. company. He further said that the certifications “underline our message to businesses: Investing in and supporting effective compliance programs and internal control systems is smart business and the department will take this into account.”

Speaking to compliance professionals at the NYCBA 2022 Compliance Institute, Deputy Chief Smith echoed comments from Assistant AG Polite and said compliance certifications “serve as [tools] for the Department of Justice as it tries to hold individuals accountable for their role in corporate wrongdoing” and “you’re going to see more of that.” Deputy Chief Smith also noted that if a company trying to settle has a relatively unempowered compliance officer, the department may consider urging those companies to empower the compliance role within the organization.

Compliance certifications in practice: Glencore and GOL

Since the certification policy was first announced in March 2022, the Department has required compliance certifications in both a plea agreement and a DPA.

1. Glencore Group Plea Agreement

On May 24, Glencore International AG and Glencore Ltd. pleaded guilty and reached a $1.1 billion settlement agreement with the Department on charges stemming from alleged commodity price manipulation and violations of the Foreign Corrupt Practices Act (FCPA).

The plea agreement was the first to include certification of compliance. Schedule H of the Plea Agreement requires that 30 days prior to the expiration of Glencore’s obligations under the Plea Agreement, the CEO and CCO certify under penalty of perjury that (1) they are aware of the Company’s compliance obligations under the Plea Agreement, (2) the Company has implemented a compliance program that meets those requirements, and (3) the compliance program is “reasonably designed to detect and prevent violations of the Foreign Corrupt Practices Act and other applicable anti-corruption laws throughout the company’s operations.”

In addition to the certification of compliance, the Glencore regulations require the company to set up two independent monitors, one in the United States and one abroad, to prevent the repetition of crimes.

2. GOL Linhas Aéreas Inteligente DPA

The GOL entered into a DPA and $41 million settlement with the Department on September 15, in connection with charges stemming from alleged violations of anti-corruption provisions and FCPA books and records.

While the GOL agreement did not mandate a monitor as was the case in Glencore, it included an almost identical compliance certification. Like the certification in the Glencore agreement, the DPA requires that 30 days before the agreement expires, the CEO and CCO of GOL certify that they are aware of the company’s compliance obligations and that the company has implemented a compliance program that is “reasonably designed to detect and prevent” violations. Assistant AG Polite referenced the use of compliance certification in the GOL resolution in his September 16 remarks and said the DOJ “will continue to use similar certifications in our corporate resolutions as appropriate.” appropriate for each case”.


In remarks to the University of Texas Law School on September 16, assistant AG Polite warned that “a business leader who ignores our emphasis on compliance does so at his own peril and perils”. Clearly, the DOJ’s focus on corporate compliance programs and its intention to use compliance certifications as a tool both to hold individuals accountable and to encourage companies to hold CCOs accountable is there. to stay. In light of this, companies would be well advised to ensure that their CCOs have sufficient authority within the organization and that their compliance programs are adequately resourced and otherwise “reasonably designed” to detect and prevent mistakes.

[View source.]

Previous Workers' Compensation Leaders Honored with IAIABC President's Awards | Company
Next Amex sets aside $387 million for bad loans