Ruling on Federal Sentencing Guidelines Unlikely to Change Need for Corporate Compliance ProgramsApril 26, 2005
In today’s post-Enron era where corporations are under increased scrutiny for the way they run their businesses, the importance of implementing and maintaining a corporate compliance program cannot be overstated. A recent United States Supreme Court decision, however, has caused observers to wonder whether and how corporate compliance programs should be implemented.
Booker Has Little Impact
On January 12, 2005, the court held in United States v. Booker that the mandatory aspect of the Federal Sentencing Guidelines (guidelines) was unconstitutional. In the months since then, many practitioners and compliance officers have asked whether Booker affects the development and maintenance of corporate compliance programs. While it is difficult to assess the full impact of Booker at this time, a review of the language in the court’s decision affirms that Booker should have very little impact, if any, on corporate compliance programs.
In Booker, the court severed two statutory provisions that rendered the guidelines unconstitutional. The first provision made the guidelines mandatory and the second provision pertained to appellate review of a sentence. As a consequence, these two provisions are now “advisory.” The rest of the guidelines remain intact. Significantly, the court stated that “district courts, while not bound to apply the guidelines, must consult those guidelines and take them into account when sentencing.” The court further stated that on appeal, the reviewing court must review the “reasonableness” of the sentence by referring to various statutory criteria, including the guidelines.
Thus, the court’s decision makes clear that a judge must consider the guidelines and that such consideration necessarily requires the judge to calculate a sentence under the guidelines. Furthermore, judges are required to offer a reasonable basis for refusing to apply that sentence. Because the guidelines remain in effect as an advisory matter, an effective corporate compliance program remains a mitigating factor that may reduce the penalty imposed on an organizational defendant.
Accordingly, organizations should continue to develop and implement corporate compliance programs that prevent and detect violations of law. Such programs should be developed and implemented in accordance with the new guidelines that became effective on November 1, 2004. (The full text of the guidelines can be found at www.ussc.gov/2004guid/RFMay04.pdf.)
Elements of an Effective Compliance Program
Under the new guidelines, an effective compliance program must contain the following seven elements:
- An organization must establish standards and procedures to prevent and detect criminal conduct. Such procedures may include codes of conduct and policies and procedures on specific issues that are not formally part of the code of conduct. The standards and procedures also must include a mechanism for reporting misconduct.
- An organization’s board of directors, or the highest level governing body of an organization, must be knowledgeable about the content and operation of the compliance program. Importantly, the board of directors must exercise oversight of the implementation of the compliance program, which can be done through a committee that periodically reports to the board of directors.
- An organization must use reasonable efforts to screen its work force to prevent individuals who have engaged in illegal activities or other conduct inconsistent with the compliance program from exercising a substantial measure of discretion on behalf of the organization.
- An organization must develop training programs and disseminate information appropriate to an individual’s roles and responsibilities in the organization, including employees and outside workers, such as independent contractors.
- An organization must monitor and audit the compliance program in order to determine if it is effective in detecting criminal conduct.
- An organization must promote and consistently enforce the compliance program in order for it to be successful. Disciplinary actions against individuals who violate the compliance program are an important component of this requirement.
- An organization must take reasonable steps to respond appropriately to criminal conduct and prevent similar conduct from occurring in the future. Recurring misconduct will cast doubt on the effectiveness of the compliance program. For this reason, it is important to respond firmly to problems and modify the program in order to avoid repeated violations.
Despite the ruling in Booker, the requirements for corporate compliance programs under the guidelines remain the gold standard. No doubt, they will continue to serve as the starting point for determining a criminal sentence. Accordingly, every organization should develop and implement a corporate compliance program or review its current corporate compliance program to ensure it includes, at a minimum, the seven elements identified above. Beyond that, each organization’s corporate compliance program may vary, depending on factors such as the organization’s specific industry. For example, public corporations may have corporate compliance programs that focus on Sarbanes-Oxley while manufacturers and distributors may have corporate compliance programs that focus on antitrust.