The parameters set forth in the DOJ's memorandum have implications not only for the government's evaluation of compliance programs in the context of criminal charging decisions, but also for how defense counsel structure their conference-room advocacy seeking declinations or lesser sanctions in both criminal and civil investigations.

An effective compliance program is essential for any business, allowing the organization to identify potential vulnerabilities and to minimize risk. It is also relevant in defending against government investigations and prosecutions, criminal or civil. In fiscal year 2016, 132 organizations were sentenced (129 pleaded guilty; only three went to trial); however, according to the U.S. Sentencing Commission, only 2.1% of organizations seeking acceptance of responsibility credit under U.S. Sentencing Guideline § 8C2.5 had an “effective” compliance program. See U.S. Sentencing Commission Sourcebook at Tables 53, 54 (2016).

The effectiveness of an organization's compliance program is important to the government, too. It often assesses this factor in determining whether a business will be prosecuted; if so, whether the prosecution will be civil or criminal or both; and if found liable or guilty, the severity of sanctions to seek. The government's assessment of compliance program effectiveness has evolved. The more generalized criteria for a “good” compliance program once extrapolated from the Sentencing Guidelines, the U.S. Attorney's Manual or guidance documents from the DOJ, Securities and Exchange Commission (SEC) or Health & Human Services (HHS), now must give way to the DOJ's recently issued memorandum titled “Evaluation of Corporate Compliance Programs,” a seven-page, single-spaced inventory of “sample topics and questions.” DOJ Criminal Division, Fraud Section, “Evaluation of Corporate Compliance Programs” (Feb. 8, 2017).