New DOJ Compliance Evaluation Criteria 'Virtually Unenforceable,' Former Official Says
A recent announcement by DOJ that revises how it assesses corporate compliance programs’ approach to communications platforms (see 2303030056) may be “impractical” and “could threaten the more important, everyday work being done by compliance departments,” said Billy Jacobson, former assistant chief for Foreign Corrupt Practices Act Enforcement at DOJ. Although the revised policies seek to update the criteria the agency uses in its Evaluation of Corporate Compliance Programs guidance document to take into account a company’s approach to messaging applications -- including WhatsApp -- they may not work well in practice, Jacobson said.
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
“A company’s ability to enforce the type of policy the DOJ is now encouraging is dubious at best,” Jacobson, an Allen & Overy lawyer, said in an April 5 post for the The FCPA Blog. “WhatsApp and other messaging apps are now ubiquitous,” and in “trying to stem their use, the DOJ appears to be on the wrong side of history.”
The new policies make clear that a company being probed by DOJ is expected to provide the agency with employee emails and other forms of relevant communications, but, Jacobson said, that requirement leaves some questions unanswered. “Whether the DOJ is expecting companies to audit employees’ personal devices and messaging apps is very much an open question and fraught with privacy issues.”
“It is compliance personnel who are on the front lines of trying to enforce this virtually unenforceable policy,” Jacobson said. “Doing so will take time and effort away from the everyday compliance blocking and tackling that is challenging enough to achieve.”