Protecting Your Business: Non-Compliance & DOJ Penalties - McDermott

Top Takeaways | 2023 Enforcement Outlook Webinar Series | Protecting Your Business Against Non-Compliance and DOJ Penalties


In this session on March 23, 2023, McDermott Partners Julian André, Justin Murphy, Michelle Strowhiro, Sarah Engle and David Saunders provided in-depth guidance on DOJ’s recent policy announcements to the way they will evaluate corporate compliance programs and their impacts on your company. Our panel also discussed the legal and practical employment, executive compensation and privacy-related issues your legal and HR teams should consider before making any necessary changes to your compliance programs.

Below are the top takeaways from the discussion:

  1. Developing and maintaining an effective compliance program to proactively identify and investigate potential misconduct early is critical. Regularly updating the program to address and be consistent with evolving policies, regulations and industry practices helps maintain its effectiveness.
  2. Companies are expected to devote time and resources to ensuring existing policies address compensation. Companies should also carefully examine and adjust employment agreements and compensation models throughout the organization to promote compliance. This includes tying performance incentives to ethical behavior and adherence to company policies.
  3. Company policies need to address the use of personal devices or messaging applications (including standard text messaging) for business communications that may occur outside of formal company-provided (and monitored) communication methods. Establishing guidelines and training employees on the proper usage of such communication channels can help mitigate risks.
  4. Notification of privacy and data collection or access practices is critical, especially in certain non-US jurisdictions. There could be legal limits to the acquisition or transfer of employee data.
  5. Document retention and preservation policies must consider the current technology used by employees to conduct business and ensure that the company has the means to access and preserve such communications. This can be achieved by incorporating advanced data management solutions and conducting periodic audits.
  6. One size does not fit all. Companies need to develop policies that make sense for their specific industry and business. Tailoring policies to align with the unique risks and regulatory landscape faced by the organization is essential for effective compliance management.

Dig Deeper

Cambridge, United Kingdom / Speaking Engagements / July 1-3, 2024

Privacy Laws & Business | 37th International Conference

Washington, DC / / May 8-10, 2024

2024 Privacy + Security Spring Academy

Washington, DC / Speaking Engagements / April 3-4, 2024

IAPP Global Privacy Summit 2024

Get In Touch