USSC revises corporate sentencing guidelines

Amid the current flood of regulatory debate in Washington, an important change has taken place that will affect all compliance and governance officers and the companies they serve, and it took place largely unnoticed. In mid-April the United States Sentencing Commission (USSC) voted to officially submit to Congress this year’s round of revisions to the Federal Sentencing Guidelines. If Congress approves the changes, as is expected, the updated guidelines will take effect on November 1.

The proposed amendments include some unanticipated tweaks to Chapter Eight, the corporate sentencing guidelines and de facto framework for corporate compliance programs. When the USSC unveiled its original proposals back in January, Susan Hackett, senior vice president and general counsel of the Association of Corporate Counsel (ACC), recalls, ‘Frankly, most of us who follow this were kind of surprised, so we had to scramble a little bit to take a look at what the USSC was doing.’

Overall, Hackett says she wouldn’t describe this amendment cycle as particularly significant; she sees the proposed changes as really more ‘tweaky’ than ‘groundbreaking’. Perhaps the most welcome tweak – and one governance professionals may want to pay particular attention to – is the one that modifies the provision prohibiting companies whose top executives were involved in criminal activity from receiving sentence-mitigating credit for an effective compliance program.

‘Empirically there is very little evidence that anyone who has been sentenced under these guidelines has received credit for an effective compliance program,’ explains Hackett. ‘In many cases the fact that someone high level was involved is more a reflection of the fact that he/she has the power to circumvent the system more easily than a line manager or factory-floor worker. There’s been a gripe that to completely eliminate a company’s ability to even argue for credit is unreasonable, so it’s significant that USSC members are actually reaching out to the community in response.’

Crucial criteria
The commission’s response takes the form of a so-called application note that describes the criteria a company must meet in order to receive mitigation credit for its compliance program. This includes the standard requirements that the compliance program successfully uncovered the criminal activity – and promptly reported it to the authorities – before someone outside of the organization did so or was ‘reasonably’ likely to do so.

The most notable criterion, which raised the most controversy during the comment period, stipulates that companies must be able to provide evidence that those within the organization who have what the proposal refers to as ‘operational responsibility for compliance’ are granted ‘direct reporting’ authority to the board.

Perhaps not surprisingly, the USSC does not define ‘operational responsibility’ or specify which individuals may have it. During the comment period, many, including the ACC, raised concerns that without a more precise definition, the person with operational responsibility may vary according to the proverbial eye of the beholder.

The commission refused to provide further clarification, citing the usual battery of reasons regarding a company’s right to choose. For governance professionals, this means your organization may want to start considering which people should be allowed to report directly to the board and assigning those people ‘operational responsibility for compliance’.

Hackett suggests writing something along the lines of: ‘This person is designated under the US sentencing guidelines as having operational responsibility for our compliance programs’ into the job description. ‘The point of this is for you to be able to show that you’ve tried to meet the requirement,’ she explains. ‘Maybe the prosecutor won’t like how you’ve defined the terms, but at least you will be able to prove that you have made an effort to comply with the guidelines.’

Direct lines
The next step is establishing ‘direct reporting’ between those with operational responsibility and the board. The ambiguity of this term raised concerns during the comment period. ‘Does this mean there need to be 800 hotlines?’ asks Hackett. ‘Is it a red phone on the audit committee chairman’s desk?’ This time, however, the commission agreed to include a few parameters: the person with operational responsibility must be able to get in touch with someone on the board if a problem arises, and at least once a year that person must give a sort of State of the Union speech to the board.

‘What I’ve suggested in my practical advice is that you may want those people charged with operational responsibility to report regularly to the audit committee chairman or other person on the board who is designated,’ Hackett says. ‘Then make sure those people have the opportunity to report directly to the board or audit committee during executive sessions.’

Indeed, the bottom line in terms of what needs to be evidenced, as Hackett puts it, is that ‘those folks reporting should feel they can speak freely without it becoming a career-ending move.’

That being said, Hackett cautions companies to carefully weigh how burdensome this could be and consider how the board will react. On the one hand, the guidelines are rarely applied to a corporation’s sentencing process. On the other, Hackett points out, ‘if there is a failure that involves high-level people and you are able to show evidence of effective compliance, it’s a huge bonus. It’s the kind of thing that moves a sentence from something that cripples a corporation’s existence to something that is just about fixing the problem and moving on.’


Mitigation credit criteria from the guidelines

1. The individual or individuals with operational responsibility for the compliance and ethics program have direct reporting obligations to the governing authority or an appropriate subgroup thereof.
2. The compliance and ethics program detected the offense before discovery outside the organization or before such discovery was reasonably likely.
3. The organization promptly reported the offense to the appropriate governmental authorities.
4. No individual with operational responsibility for the compliance and ethics program participated in, condoned or was willfully ignorant of the offense.

Source: USSC, proposed amendments to the Federal Sentencing Guidelines, May 3, 2010