Overview
On September 23, 2024, the US Department of Justice (DOJ) updated its Evaluation of Corporate Compliance Programs guidance (ECCP). The ECCP updates expand upon the DOJ’s recent enforcement priorities in the context of emerging technologies like artificial intelligence (AI) and their associated risks.
During this webinar in our Enforcement Outlook series, Anne Murray and Amy Bentsen provided an in-depth overview of the revised guidance and highlighted critical areas of focus for companies navigating the DOJ’s updated priorities for corporate compliance.
Top takeaways included:
- Managing evolving risks with technology: The DOJ expects companies to assess and mitigate risks associated with the use of emerging technologies, including AI. This involves developing a governance strategy, implementing controls to ensure compliance, and maintaining human oversight to prevent misuse.
- Empowering compliance with data and resources: Companies should leverage data analytics to monitor and test compliance programs. Ensuring that compliance personnel have timely access to relevant data sources is crucial for creating efficiencies and measuring program effectiveness.
- Promoting a speak-up culture and protecting whistleblowers: The revised guidance emphasizes the importance of a speak-up culture and robust whistleblower protections. Companies must establish internal reporting channels, implement anti-retaliation policies, and train employees on both internal and external reporting mechanisms.
- Learning from others and continuous improvement: Companies are encouraged to learn from both their own experiences and those of others in their industries. This involves regularly updating risk assessments, policies, and training programs based on lessons learned.
- Post-M&A integration: Compliance and risk management personnel should be actively involved in post-transaction integration planning. This includes assessing the risk profile of the acquired company and ensuring that compliance practices are harmonized.
- Third-party management: Effective third-party management processes are essential. The DOJ’s guidance highlights the need for the timely review of vendors and emphasizes the risks associated with third-party misconduct.
- Proportionate resource allocation: The DOJ stresses the importance of allocating resources proportionately to compliance functions. This means making sure that compliance teams are equipped with the resources and technology they need to administer the program
McDermott’s Enforcement Outlook webinar series is designed to keep you up to date on the enforcement trends that might impact your organization’s compliance strategy. For more materials related to past episodes, visit our Enforcement Outlook Series hub.
