Nov. 6, 2024

DOJ’s 2024 Edits to the ECCP: Some History and AI Expectations

The DOJ has updated its Evaluation of Corporate Compliance Programs document (ECCP) – a year after it hired former AB InBev CCO Matt Galvin to take the lead on evaluating compliance programs. Galvin, an evangelist for the use of data analytics and artificial intelligence (AI) to improve compliance programs, clearly influenced the edits, which heavily focus on the use of new technologies and data. In this article, we examine the history of edits to the ECCP and the new changes related to AI. A future article will explore other changes in the ECCP, such as an increased focus on protecting whistleblowers from retaliation, how compliance is viewed within an organization, how companies should be incorporating lessons learned into their programs and the DOJ’s continued focus on data analytics. See “Revisiting Compliance Programs in Light of the DOJ’s Updated ECCP” (Sep. 30, 2020).

How to Build a Sustainability Plan After Settling With the DOJ

In recent years, the DOJ has added a requirement to Attachment D in its settlement agreements – companies must develop a sustainability plan that lays out how they will maintain and improve compliance after the settlement obligations come to an end. This article examines how implementing a sustainability plan is instrumental to ensuring a compliance program works in practice and to meeting the obligations of a settlement agreement with the DOJ. It includes insights from experts in the field, including Andrew McBride, Albemarle’s former chief risk and compliance officer and Michael Koenig, JBS’ global chief ethics and compliance officer. See “Meeting DOJ Expectations Post-Resolution Requires Realism and Accountability” (Sep. 11, 2024).

A Side-by-Side Look at the 2024 ECCP Edits

In September 2024, the DOJ announced its first comprehensive revisions to the Evaluation of Corporate Compliance Programs (ECCP) since 2020. While a new version was published in March 2023 reflecting updates related to compliance incentives and companies’ use of messaging apps, these newest edits include “critical additions in three main areas,” Deputy Assistant Attorney General Nicole Argentieri said in her speech announcing the edits. The Anti-Corruption Report has put together this side-by-side comparison of relevant portions of the March 2023 and September 2024 ECCP versions to show exactly what has changed. See “DOJ’s 2024 Edits to the ECCP: Some History and AI Expectations” (Nov. 6, 2024).

To Work Effectively, CCOs Need Authority, Autonomy and Information

Compliance professionals’ seniority within a company, their contact with top decision-makers, and their access to necessary information are critical to success in their roles. So is the ability to influence company culture more broadly within an organization. During a recent panel hosted by the Practising Law Institute, McDermott Will & Emery partner Anne Elkins Murray, Miller & Chevalier counsel Richard Gallena and Booking Holdings vice president Sonia Rye discussed how empowering gatekeepers such as CCOs can enhance compliance. The panel was moderated by Robert Stern, a partner at Weil, Gotshal & Manges. This article distills some of the insights shared by the panelists. See “Thoughts From DOJ Experts on Using Data Analytics to Strengthen Compliance Programs” (May 22, 2024).

Emerging Issues in Workplace Privacy: Data Collected and Employees’ Perspectives

Companies have an increasing range of technological tools at their disposal to monitor employee behaviors. For all the opportunities such tools may bring, the collection of employee data raises risks, including employee resentment and scrutiny from regulators. Counsel from the California Privacy Protection Agency, Sidley Austin and Center for Democracy & Technology recently delved into workplace monitoring trends and issues at IAPP’s Privacy.Security.Risk. 2024 conference. This first article in a two-part series distilling their insights covers the types of employee data companies are collecting and how and why they collect it, as well as employees’ concerns and how to navigate them. Part two will address the law and regulatory efforts relevant to employee monitoring as well as best practices and compliance strategies companies should consider when collecting employee data. See “Navigating U.S. Privacy Laws in Internal Investigations” (Aug. 28, 2024).

OpenAI Hires Former DOJ Official As First-Ever CCO

OpenAI has announced that former DOJ Associate Deputy Attorney General Scott Schools has joined the company as its first-ever CCO. He arrives from Uber Technologies, where he served as chief ethics and compliance officer for the past six years. For insights from OpenAI, see “Welcome to the GPT Store – and Its Three Million Security Uncertainties” (Jul. 3, 2024).

Former Federal Prosecutor Joins Gibson Dunn in New York

Gibson Dunn has announced that Dani James has joined as a partner in New York. She arrives from Kramer Levin. For insights from Gibson Dunn, see “Answers to Six Key Questions About How Enforcers View Gatekeepers” (Oct. 9, 2024).