Saturday, June 1, 2013
In a previous post, we noted how one law school administrator is advising students to seek jobs doing legal compliance work since that's where some of the action is these days (at least in comparison to pursuing the traditional law firm route which is a dead letter for many). OK, but that means schools need to start offering a course that teaches students how to do that sort of work. Over at Law.com's corporate counsel blog, Morgan Lewis partner Ryan McConnell describes the new legal compliance course he and another just finished teaching at the U. Houston Law Center. Remember to take good notes.
Most U.S. law schools have been slow to respond in adding courses to meet this demand. Jay Martin (chief compliance officer at Baker Hughes) and I came up with the compliance class after we held a successful symposium on the topic at UHLC in 2012. Our goal was to organize a course that focused on systems and processes over a particular subject matter. We organized the class around basic building blocks for a compliance program:
- Standards and controls
- Risk assessment (and forecasting)
- Monitoring and response
We drew these from the U.S. Sentencing Guidelines, settlement agreements between companies and the U.S. Justice Department (so called deferred and non-prosecution agreements), guidance from the OECD, the recent DOJ/SEC FCPA Guidance, and the U.K. Ministry of Justice’s Adequate Procedures Guidance. We also drew on material risk-based programs (what we called the Moneyball approach to compliance) that I put together with Daniel Trujillo (an innovative chief compliance officer who now works at Walmart).
The first thing we did was agree that the course would not emphasize any particular compliance subject matter. It could not be a Foreign Corrupt Practices Act class or a class focused on trade controls. It had to focus on processes that were applicable to any compliance risk and use subject matter (such as the FCPA) to apply the processes. The course focused on teaching students how to design a program by mapping the risk areas to these key elements. For some companies the risk areas may be international, for others they may be purely domestic. The approach to assessing and mitigating compliance risk (or the risk-based approach) was designed to Bayesian—examining probabilities for different types compliance events based on known historical data and the potential for compliance failures, and the risk of a specific compliance failure for a particular compliance risk. The main course book was Nate Silver’s The Signal and The Noise. Students were able to hear from different in-house lawyers who came in as guest speakers to discuss their compliance program and challenges.
Class discussion included not only the subject matters that are most often associated with compliance, such as the FCPA and internal investigations, but such topics as whether compliance officers should be lawyers, whether compliance advice was privileged (and when), how to build a compliance program into a business, and how to make online training effective. The students tested our views on how to make a compliance program effective and the best internal communication methods. Although the course was only offered as a test class by the law school, next year it will be a full semester, three-hour course, with a number of class sessions devoted to making predictions about future compliance failures.
Continue reading here.