Provided by George S. May International Company 

 LEGAL GUIDELINES AND RESOURCES

Home > Create A Corporate Compliance Program

Any business that has Officers and a Board of Directors needs to pay increasing attention to the liability of the actions of management. This article discusses several actions that should be considered by the Officers and Boards of Directors to insulate the corporation and reduce the potential for criminal liability.

Unfortunately, it is becoming more apparent that corporate criminal liability may be very widespread as the indictments for alleged criminal activity by major corporations mount. This liability is now reaching to the Officer and Boardroom level as prosecutors are becoming more aware of the actions (or inactions) taken at the highest levels of management to comply with the law.

Potential Federal Criminal Liability

Most federal laws (including OSHA, EPA, securities laws) contain criminal penalties for failure to comply. For example, under OSHA, if an employee fatality occurs due to a willful violation of a safety or health regulation, the corporation faces $500,000 penalty per fatality; individuals face a $250,000 penalty, with the potential of six months imprisonment.

There also are potential criminal penalties under OSHA for:

• obstructing an inspection
• lying during an inspection
• falsification of required records

For publicly traded corporations, the Sarbanes-Oxley Act of 2002 (SOX) imposes substantial potential civil and criminal liability for failure to develop and enforce compliance policies and codes of ethics. The Code of Ethics requirement (SOX § 406 and Regulation S-K 229.406) mandates a corporate ethics policy and compliance policy.

Many privately held businesses have voluntarily decided to adopt these same policies.

Collateral Impact Of Criminal Activity

In addition to the potential criminal penalties themselves, the indictments alone can have severe collateral impact on several other areas:

• the corporation's reputation within the industry, particularly its customer base
• potential shareholder lawsuits
• potential civil actions by third-parties damaged by the underlying conduct
• related litigation expenses and penalties

The U.S. Federal Sentencing Commission, which was established to develop standards for evaluating criminal conduct and subsequent sentencing of the convicted party, issued Federal Sentencing Guidelines for Organizations in 1991. Under these Guidelines, a corporation (or other business entity) receives sentencing mitigation if it is convicted of a federal crime if the compliance program is found to be "effective." In addition to potentially mitigating a sentence, prosecutors may be influenced by the compliance program in exercising discretion whether to pursue potential criminal conduct.

Guidelines

The Guidelines set forth seven basic criteria as follows:

• Establish standards and procedures reasonably capable of reducing the chances of criminal conduct.
• Appointment of compliance officer(s) to oversee plans.
• Take due care not to delegate substantial discretionary authority to individuals who the organization knows, or should know, are likely to engage in criminal conduct.
• Establish steps to effectively communicate the organization's standards and procedures to all employees.
• Take reasonable steps to ensure compliance through monitoring and auditing.
• Employ consistent disciplinary mechanisms.
• When an offense is detected, take all reasonable steps to prevent future similar offenses, including modifying the compliance plan, if appropriate.

On April 8, 2004, the U.S. Sentencing Commission unanimously approved a series of amendments to the Guidelines that toughen the seven criteria listed above. The proposed amendments, scheduled to go into effect on November 1, 2004, add Section 8B 2.1 which elevates the seven requirements from commentary to guideline status. They require an organization to exercise due diligence to detect and prevent violations of law (not just criminal law), and to promote an organizational culture that encourages compliance. They also require that businesses periodically assess the risk that criminal conduct might occur notwithstanding the organization's compliance and ethics program.

Compliance training is explicitly required, and delay in reporting an offense to authorities can disqualify an organization from eligibility. Another change disqualifies an organization if a high-level official in the organization participated in, condoned or was willfully ignorant of the offense.

Also controversial is a requirement that a company must waive the attorney-client privilege if "such waiver is necessary in order to provide timely and thorough disclosure of all pertinent information known to the organization."

Conclusion

In view of the potential criminal liability under the myriad of federal laws, a corporation (and its officers and Board of Directors) are putting themselves at significant risk if they fail to consider these Guidelines and develop (or update) their compliance programs to meet these requirements.

About the author: Mark A. Lies, II is a labor and employment law attorney and partner at the law firm of Seyfarth Shaw LLP, 55 East Monroe Street (Suite 4200), Chicago, IL 60603, (312) 269-8877; mlies@seyfarth.com.

This information is compiled and provided by George S. May International Company.
Visit the George S. May International Company Web site to learn more about our services.