Compliance Programs

COMPLIANCE PROGRAMS generally refer to internal policies and procedures that private sector companies must implement to ensure adherence to specific government-imposed laws and regulations. Requiring compliance programs in the private sector is part of a broader government regulatory enforcement strategy. The application of the so-called compliance strategy by governments has increased in recent years to help stem both regulatory and criminal infractions committed by or against private-sector companies. Compliance programs are meant to reinforce a broad fiduciary duty on companies, requiring them to act in the best interest of their clients, stockholders, or society in general. They are also meant to protect the company, by forcing them to enact policies and procedures to protect against fraud, money-laundering, or other crimes.

Compliance strategies derive from the nature of regulatory law which produces a situation in which an organization's main role is seen to be the maintenance of high standards and compliance with regulations. When compared with criminal sanctions, compliance strategies are often pursued by governments as a less punitive method of regulating industries.

Moreover, compliance programs differ from more punitive, (reactive) enforcement approaches in that they are largely proactive: compliance strategies are meant to encourage companies to have policies and programs in place to ensure that unethical behavior, regulatory infractions or criminal behavior does not occur in the first place.

Some experts have criticized this compliance approach, arguing that it can be easily circumvented and treats the perpetrators of white-collar crime (individuals in the upper classes) much too leniently, especially when compared with property crime offenders,[Page 187] which is more often committed by those with lower socioeconomic status.

The Securities and Exchange Commission (SEC) and the Federal Reserve Board (FRB), two of the American government regulators of the private sector, have both increasingly relied on compliance strategies in relation to its regulated entities. In 2003, the SEC proposed new rules that would require investment companies and advisers regulated by the SEC “to adopt and implement policies and procedures reasonably designed to prevent violation of the federal securities laws, review those policies and procedures annually for their adequacy and the effectiveness of their implementation, and appoint a chief compliance officer to be responsible for administering the policies and procedures.” The proposed rules, entitled Compliance Programs of Investment Companies and Investment Advisers, are ultimately designed to protect investors “by being the first step toward enhanced compliance achieved through private initiative.”

The SEC conducts examinations to determine whether its regulated entities are adhering to federal securities laws. They are also meant to “identify compliance problems at an early stage, identify practices that may be harmful to investors, and provide a deterrent to unlawful conduct.” However, like most government regulatory agencies, it is limited in its capacity to examine the thousands of companies that fall under its authority. As such, regulators like the SEC are beginning to require companies to put in place their own internal compliance policies and procedures, including a designated compliance officer as well as measures to audit and test the compliance program. The SEC believes that regulated entities with effective internal compliance programs administered by competent compliance personnel are much less likely to violate the federal securities laws.

...