Resources

Federal Government Websites
Dept. of Health and Human Services (HHS)
Dept. of Justice (DOJ)
Dept. of the Treasury
Environmental Protection Agency (EPA)
Federal Trade Commission (FTC)
Financial Crimes Enforcement Network (FinCEN)
Occupational Health and Safety Administration (OSHA)
Public Company Accounting Oversight Board (PCAOB)
Securities and Exchange Commission (SEC)
United States Sentencing Commission (USSC)
United States Supreme Court

Federal Agency Resources
EPA: Environmental Audit Policy
FinCEN: Bank Secrecy Act Regs
FTC: Financial Privacy: Gramm-Leach-Bliley Act
HHS: Health Care Compliance Guidance
HHS: HIPAA Compliance
OSHA: Workplace Self-Audit Policy
PCAOB: Audit Standard No. 2
USSC: Organizational Sentencing Guidelines
USSC: Advisory Group on the Organizational Sentencing Guidelines
USSC: Post-Booker Developments

Federal Prosecutorial Resources
Antitrust Leniency Policy (DOJ)
Seaboard Report (SEC)
Thompson Memorandum (DOJ)

Private Organizations
ABA Business Law Section, Corporate Compliance Committee
Association of Corporate Counsel: America
Business Roundtable
The Conference Board
Corporate Compliance Center (South Texas College of Law)
Ethics Officers Association
Ethics Resource Center
Greater Houston Business Ethics Roundtable
Open Compliance and Ethics Group
Texas General Counsel Forum

Private Resources
Industry Specific
Defense Industry Initiative on Business Ethics and Conduct
Health Care Compliance Association
Risk Specific
Association of Certified Anti-Money Laundering Specialists
International Compliance Association (anti-money laundering)
NASD Rule 4350 (Corporate Governance)
NASD Rule 3011 (Anti-Money Laundering)
NYSE Listed Company Manual Section 303A (Corporate Governance)
Aspen
Transparency International (foreign bribery)
Transparency International: USA Anti-Bribery Toolkit

Case Law
Burlington Industries v. Ellerth
Faragher v. City of Boca Raton
Kolstad v. American Dental Association
United States v. Booker
Sentencing Law & Practice

Compliance and Ethics Publications
BNA/ACCA Compliance Manual
ethikos

Related Blogs
White Collar Crime Prof Blog
Sentencing Law & Practice

Free Legal Web Sites
Findlaw
JURIST

Blogware

Powered by TypePad

Notices

© Copyright 2005 by Law Professor Blogs, LLC. All rights reserved.

« KPMG Deferred Prosecution Agreement -- Part I | Main | Compliance and Legal Ethics »

August 30, 2005

KPMG Deferred Prosecution Agreement -- Part II

The KPMG Deferred Prosecution Agreement (DPA) also has a section devoted entirely to what it calls “The Compliance and Ethics Program.”  Note that “compliance and ethics program” is the same phrase used by the United States Sentencing Guidelines for organizations.  This section of the DPA provides as follows:

16.    In addition to the remedial actions that KPMG has taken to date, KPMG shall implement and maintain an effective compliance and ethics program that fully comports with the criteria set forth in Section 8B2.1 of the United States Sentencing Guidelines (the “Compliance and Ethics Program”).  As part of the Compliance and Ethics Program, KPMG shall maintain a permanent compliance office and a permanent educational and training program relating to the laws and ethics governing the work of KPMG’s partners and employees, paying particular attention to practice areas that pose high risks, including the determination whether transactions in which KPMG and its clients are involved constitute “reportable transactions” within the meaning of 26 C.F.R. section 1,6011-4(b), and the determination of whether the appropriate level for opinions and advice set forth in paragraph 6(I) of this Agreement and all applicable laws have been satisfied.  KPMG agrees that all KPMG professionals and any employees of KPMG shall receive appropriate training pursuant to the Compliance and Ethics Program within one year of execution of this Agreement, and shall be given such training on a regular basis but in any event no less than annually for the tax practice and no less than every two years for other practices at KPMG.  Also as part of the Compliance & Ethics Program, KPMG shall (I) ensure that an effective program be maintained to punish violators of laws, policies, and standards, and reward those who report such violators; (II) ensure that no partner, employee, agent, or consultant of KPMG is penalized in any way for providing information relating to KPMG’s compliance or noncompliance with law, policies, and standards to any KPMG official, government agency, compliance officer, or the Monitor appointed pursuant to paragraph 18; and (III) ensure that all KPMG partners and employees have access to a hot-line or other means to provide information to KPMG’s compliance office relating to KPMG’s compliance or noncompliance with laws, policies, and standards.  KPMG shall take steps to audit the Compliance and Ethics Program to ensure it is carrying out the duties and responsibilities set out in this Agreement.

17.    KPMG shall take such reasonable additional personnel actions for wrongdoing as are warranted.

A few observations here.

1.  Note that the DOJ requires that the “compliance and ethics program” must “fully comport[]” with the sentencing guidelines.  This is powerful proof that the sentencing guidelines are the current gold standard for compliance program criteria.

2.  Also, the DPA shows once again that compliance can either be on an organization’s own terms and timeline, or (if a legal violation intervenes) at the government’s direction.

3.    The DPA not only specifies types of compliance measures, but also requires (in a separate section) that an independent monitor review KPMG’s progress in implementing and complying with the DPA.  So, not only might the government tell you how to design and implement a compliance program, you might have to do so under the watchful eye of a monitor, who will then tell the whole world.

4.  By directing that KPMG “pay[] particular attention to practice areas that pose high risks,” the DPA effectively requires KPMG to conduct a thorough enterprise-wide risk assessment. 

5.  The DPA’s required compliance and ethics program appears to apply to all risks throughout the organization.  So, wrongdoing in one part of the organization involving one risk could lead to government oversight of the entire organization’s compliance and ethics program.

In the end, the scope and terms of each DPA are tailored to the precise wrongdoing and culpability of each organization.  So, one cannot draw universal lessons from and individual DPA.  That said, the above agreement certainly outlines some sobering possibilities for organizations that find themselves in hot legal water.

August 30, 2005 in Compliance in the News, Enforcement Actions, Sentencing Guidelines | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/t/trackback/89778/3091360

Listed below are links to weblogs that reference KPMG Deferred Prosecution Agreement -- Part II: