How does DOJ policy and guidance affect E&C programs?


What you'll learn on this podcast episode

Over the last few years, federal regulators have provided detailed guidance on what they expect to see in E&C programs when it comes to misconduct inquiries or investigations. What do these recent reports, policies, and guidance mean for compliance professionals? In this episode of the Principled Podcast, LRN Director of Thought Leadership and Best Practices Susan Divers is joined by Jon Drimmer, a partner at the law firm Paul Hastings. Listen in as the two discuss the recent guidance from the US Department of Justice as well as DOJ policy impacting corporate compliance programs and ethical culture.   

Where to stream

Be sure to subscribe to the Principled Podcast wherever you get your podcasts.

Listen on Apple Pocasts Listen on Spotify Listen on Audible Listen on Google Podcasts_@2x Listen on TuneIn

Listen on Amazon Music Listen on iHeart Radio Listen on Podyssey Listen on Listen notes Listen on PlayerFM


Guest: Jon Drimmer


Jonathan C. Drimmer is a partner in the Investigations and White Collar Defense practice and is based in the Washington, D.C. office of Paul Hastings. He resolves complex cross-border problems with the benefit of having sat in every chair at the table: senior legal officer for a global 500 company, federal prosecutor, and seasoned advocate. He is a recognized international expert on anti­corruption and business and human rights, and is a frequent speaker, author, and commentator on issues related to both topics.

Before joining Paul Hastings, he was Deputy General Counsel and Chief Compliance Officer of Barrick Gold, one of the world’s largest mining companies, with operations on five continents. The compliance program he built at Barrick has served as an industry standard, and elements of it have largely been duplicated by numerous other companies inside and outside of the extractive sector.

Mr. Drimmer has directed hundreds of investigations around the world related to anti-corruption, human rights, AML and export controls, tax controversies, environmental incidents, public disclosures, fatalities and health and safety injuries, sexual harassment and discrimination, and other areas. He has represented companies and individuals in numerous government enforcement proceedings in the U.S. and overseas, in relation to FCPA and bribery claims, human rights issues, and a wide array of other matters. He has participated in dozens of major disputes in the U.S., Canada, and abroad, including transnational torts, anti-corruption claims, environmental cases, international arbitrations, tax disputes, construction claims, and land controversies.

He previously served in the Justice Department as Deputy Director of the Criminal Division’s Office of Special Investigations, where he led cross-border investigations, first-chaired numerous prosecutions, and argued federal appeals. He was a partner at an Am Law 100 law firm in Washington, D.C., a former Bristow Fellow in the Office of the U.S. Solicitor General, and a judicial clerk on the U.S. Court of Appeals for the Ninth Circuit. Mr. Drimmer served on the board of directors of the Voluntary Principles on Security and Human Rights Initiative from 2012-2014, and again from 2015-2017. He served on the board of TRACE International from 2012 until 2018, and currently sits on the board of the TRACE Foundation. He has also taught international law courses at Georgetown University Law Center for nearly 20 years.


Host: Susan Divers


Susan Divers is the director of thought leadership and best practices with LRN Corporation. She brings 30+ years’ accomplishments and experience in the ethics and compliance arena to LRN clients and colleagues. This expertise includes building state-of-the-art compliance programs infused with values, designing user-friendly means of engaging and informing employees, fostering an embedded culture of compliance, and sharing substantial subject matter expertise in anti-corruption, export controls, sanctions, and other key areas of compliance.

Prior to joining LRN, Mrs. Divers served as AECOM’s Assistant General for Global Ethics & Compliance and Chief Ethics & Compliance Officer. Under her leadership, AECOM’s ethics and compliance program garnered six external awards in recognition of its effectiveness and Mrs. Divers’ thought leadership in the ethics field. In 2011, Mrs. Divers received the AECOM CEO Award of Excellence, which recognized her work in advancing the company’s ethics and compliance program.

Before joining AECOM, she worked at SAIC and Lockheed Martin in the international compliance area. Prior to that, she was a partner with the DC office of Sonnenschein, Nath & Rosenthal. She also spent four years in London and is qualified as a Solicitor to the High Court of England and Wales, practicing in the international arena with the law firms of Theodore Goddard & Co. and Herbert Smith & Co. She also served as an attorney in the Office of the Legal Advisor at the Department of State and was a member of the U.S. delegation to the UN working on the first anti-corruption multilateral treaty initiative. 

Mrs. Divers is a member of the DC Bar and a graduate of Trinity College, Washington D.C. and of the National Law Center of George Washington University. In 2011, 2012, 2013 and 2014 Ethisphere Magazine listed her as one the “Attorneys Who Matter” in the ethics & compliance area. She is a member of the Advisory Boards of the Rutgers University Center for Ethical Behavior and served as a member of the Board of Directors for the Institute for Practical Training from 2005-2008. She resides in Northern Virginia and is a frequent speaker, writer and commentator on ethics and compliance topics. 



Principled Podcast transcription

Intro: Welcome to the Principled Podcast, brought to you by LRN. The Principled Podcast brings together the collective wisdom on ethics, business and compliance, transformative stories of leadership, and inspiring workplace culture. Listen in to discover valuable strategies from our community of business leaders and workplace change makers.

Susan Divers: Good afternoon. From time to time, but particularly in the last few years, federal regulators have provided detailed guidance on what they expect to see in ethics and compliance programs when companies present them as a defense to misconduct inquiries or investigations. What do the recent flurry of reports, policies and guidance mean for compliance professionals? How should they be applied to improve E and C programs?

Hello, and welcome to another episode of LRN's Principled Podcast. I'm your host, Susan Divers, director of thought leadership and best practices at LRN. And today, I'm joined by Jon Drimmer, a partner at the international law firm of Paul Hastings. We're going to talk about the recent DOJ guidance and policy impacting corporate compliance programs and ethical culture, and hopefully help everyone understand what it is and how they should apply it to their programs. Jon is a real expert, as well as a friend in this space. He has the unusual distinction of serving in three of the principal seats that affect ethics and compliance, once as a federal prosecutor at DOJ, another time as a chief ethics and compliance officer and deputy general council for a large mining company, and now as an ethics and compliance advocate with a leading law firm. Jon, thanks so much for joining me at Principled Podcast.

Jon Drimmer: Thanks, Susan. It's great to be with you.

Susan Divers: Super. Well, let's jump right in. Last week, we saw a new policy come out of the Department of Justice that both Lisa Monaco and also Ken Polite have talked about with great emphasis. We've also seen the report come out of the sentencing commission about their 30 years of accomplishments. And we've also seen some major guidance in the last two years. Can you put it in perspective for us and talk about how it fits together, and how they interplay. And then we can jump in and start figuring out what they mean.

Jon Drimmer: Yeah. No, happy to do it. So let me take each one in sequence. So what we saw come down from the deputy attorney general was a new policy memo. And in essence, what that means is policies are, they are the rules that apply to federal prosecutors and prosecuting entities around the country. They are the standards that are going to be applied. Guidance, which is something that we see come out in a number of different ways through formal guidance as well as through statements and speeches and other informal approaches, this is basically how those rules are interpreted, how prosecutors should be thinking about the application of those policies as they're applied to any given circumstance. And then finally, reports, and you mentioned the sentencing commission's 30 year look back, those are more general. And they do tend to come out for transparency purpose, they're often retrospective, like the sentencing commission report. But they generally talk about how these rules have been applied. So policies are the rules, the guidance effectively aids in their interpretation, and the reports generally are a bit of a look back as to how they have been applied to date.

Susan Divers: That's really helpful. It really helps me put all of those in perspective. Talk a little bit more than about the policies and the guidance. Are they mandatory? Are they voluntary?

Jon Drimmer: Well, for prosecutors, they're mandatory. So when you look at the policies, this is effectively how prosecutors are to approach any given situation. It is a directive to them in terms of how it is they should go about doing their jobs. And I'll tell you it's critical. It's critical for chief compliance officers to understand those types of initiatives, those types of emphases. It's critical to prosecutors as well, as they get that direction in terms of what they should be focusing on. So really, it's a very important part of the process and helping to shape how investigations are run and scoped from the government's end, and what can be expected on the company side as well for chief compliance officers.

Susan Divers: But it's not technically a rule, if I'm correct. But it sounds like you strongly recommend that ethics and compliance professionals pay great attention to it.

Jon Drimmer: Yeah, yeah. No, that's fair. It's not a regulation. It isn't something that goes through a formal regulatory process. It's not the equivalent of a law. It's a direction. It's a directive that's basically given. And so it doesn't have the force of law, but it is a very important set of instruments to understand the relevant DOJ policies, the justice manual. So yeah, that's a fair assessment. I do strongly recommend understanding it in detail, but it isn't technically a law or regulation.

Susan Divers: And if I understand correctly, and I've been in this situation myself too as a chief ethics compliance officer, if there's a misconduct inquiry or investigation, and 95% of those are resolved without prosecution or probably more, basically, you'll be asked to come in and meet with the Department of Justice prosecutors, possibly the SEC too, and part of that is talking about your ethics and compliance program. Can you put that in context and explain why they want you to do that, and how you should do it?

Jon Drimmer: Yeah, absolutely. So what they're really looking for is a discussion of A, what the compliance program was at the time of the incident in question, and where it is today at the time of charging. It's really both time periods are really quite important to them. And they want to understand how with a compliance program the issue or event might have occurred. But they also want to understand what changes have been made to improve its effectiveness since that time period. And often, given the way that investigations go and timelines, there may be a good bit of time between the original incident and the time a formal compliance program presentation is ultimately made. And in making that presentation, the guidance, the policies, these are incredibly important in shaping the factors that you're ultimately going to present on.

But the real tip is not just presenting on the formal approach, the formal program, the policies, procedures. But how do you know they are working in practice? And that has been a huge emphasis from the government in the last couple of years, and one that ethics and compliance professionals should take heed of. It's not just a matter of rolling out the program, but with the rollout, including those steps to validate its effectiveness in mitigating the relevant risks it's designed to address.

Susan Divers: I want to get into that in more depth in just a second. But before we leave sort of setting the scene for why this is so important. So if you go in and you meet with the Department of Justice and its prosecutors, and you do a good job, a credible job, of presenting your ethics and compliance program, and it's clear that it's a strong program, and you've got hopefully evidence of effectiveness, what's the consequence of that?

Jon Drimmer: Well, at the end of the day, I mean, the most significant issue is monitors. And if you've been involved in an issue that violates a federal law, federal criminal law, and the question is: Are you sufficiently capable of addressing your compliance issues going forward without day to day regular oversight from a monitor? That is a critical inquiry, and so number one, an effective compliance program and design and implementation is really important for a monitor. It's also important in charging decisions. It can be important in terms of disgorgement and fines and penalties as well. It's taken into account in the federal sentencing guidelines. So in the end, an effective compliance program really is a critically important part of a resolution process for a DOJ investigation.

Susan Divers: So that's basically why ethics and compliance programs, if I understand correctly, came into being. It's really to mitigate the impact of misconduct investigations, and hopefully allow the company to go forward with it's E and C program. We won't talk about monitors today. That can be another podcast. But that's something that you want to avoid, generally.

Jon Drimmer: Yeah. You generally want to avoid that, yeah. I mean, look, there's another element we probably won't get into today as well, that you and I have talked about extensively, and that is how programs ultimately help shape the values and culture of a company, so aside entirely from proactively mitigating relevant risks, affirmatively driving a culture that does increase productivity, increase retention, increase morale, that's a critical component of a compliance, an ethics and compliance program as well. It does dovetail a bit with culture of compliance, which is something that is important to demonstrate when you're in front of the government. It's something the government is increasingly emphasizing. There's a positive aspect that isn't just preventing potential problems from happening that are associated with ethics and compliance programs, as you've written about quite persuasively.

Susan Divers: Well, you too. And I'm glad you reminded everybody of that because that is a critical reason for having an effective ethics and compliance programs. So let's leave the sort of rewards and penalties side and start talking about: What are the prosecutors and the Department of Justice leadership really saying in this plethora of policies, guidance that's come out in the last couple of years? What are the key messages?

Jon Drimmer: Yeah. I would say in reading through the recent speeches, the policies, coupled with the guidance, I think we can take away several messages. And two of them are, number one, there is this enormous focus on program effectiveness, and I can't say that enough. And as I read the memo from the deputy attorney general colloquially calling the Monaco memo, I see as a major sub theme, and as a former chief compliance officer, this absolute drive towards the effectiveness of programs. And just to take a step back for a minute, in some ways, this is how the sentencing commission's report actually becomes relevant in this discussion, and the 30 year look back report was issued roughly at the same time as the DAG memo.

And if you look at the report, a few interesting statistics jump out. And these again, this is focusing on companies that actually went through a court sentencing, so it isn't settlements, which is typically how corporate resolutions are resolved. But 2021 was the first year that more than half of the companies sentenced under the guidelines had a compliance and ethics program. And the previous high was 2018, when it was about 28%. But in 30 years, since 1992, only 11 companies have had a reduction by a court because their compliance program was effective. That's .5% of all of the companies sentenced, and most of those are actually small companies. So most of the time, for those companies that are going through the process, they aren't getting credit for having an effective program.

And with the Monaco Memo, if you actually look at a lot of what policies are ultimately looking to drive, it does center around effectiveness, driving performance, driving commitment through a focus on individuals. And so it talks about producing information in a timely way, focusing on individuals because that is what incentivizes effective performance. For chief compliance officers, it might mean if you're going to do an investigation, a thorough investigation, you do have to include that within your scope, the focus on individual culpability to a degree that you might not have before.

The same is true with ephemeral messaging, which is a big emphasis in the recent memo. Ephemeral messaging has been part of their calculus for several years now. But here, they do want to focus on whether the company policies regarding ephemeral messaging are effective. Is the company capturing messaging that's occurring on company related devices? Are we allowing personal devices? If so, are they limited to certain apps that are capturing company business related discussions? Is there training? Is there auditing? Are there other steps on ephemeral messaging? So they really want to see not just: Are there policies? But are they effective? And those are just two examples. But if you do dig into what's behind a lot of these policy announcements in the memo, it really is looking to drive effective programs.

Susan Divers: Well, I want to dig in a little bit. And just to clarify by ephemeral messaging, you mean that if we have senior execs using What's App to communicate, rather than company systems that are subject to discovery, then we might have a problem.

Jon Drimmer: Yeah. It can be company, it can be teams messaging, it can be What's App on company issued devices or personal devices. It's any of the messaging systems that are used to communicate that ultimately may not ordinarily be retained by the company in the way that email is.

Susan Divers: So that's an area that the policy makes clear, compliance officers ought to really take a hard look at and may need to make some changes, or at least provide some clarity. I want to get information effectiveness more in a minute too. But just to deal with the other very specific granular recommendation that I saw in the Monaco Memo, it was that you really have to have an incentive system that's aligned to ethics and compliance. And by that, it's both positive and negative. In other words, you have to reward ethical behavior as part of your system of incentives, whether it's bonuses, compensation, promotions. And you have to penalize misbehavior, whether it's bonuses, compensation, promotions, but also claw backs. Can you talk about that a little bit?

Jon Drimmer: Yeah, yeah. It really was fairly prescriptive, as you say, in terms of, in ways that I think should make chief compliance officers happy. That's the stuff that we always advocate for with human resources and with executives. Hey, we want ethics. We want ethics and compliance included in hiring decisions and promotions and bonus frameworks and performance commitments. And that's really what helps integrate ethics and compliance into business operations and prioritize it along with operational considerations, so that should be welcome news for chief compliance officers.

The claw back aspect, which is the stick, that's the carrot, this is the stick, it's interesting. They really emphasize it's not good enough just to have claw back provisions that are theoretically applicable, that are present in policies and are never applied. They want to see them applied in cases where there is appropriate individual culpability. And that may mean applied in different ways. They're clearer that there is no uniform approach to a claw back provision, but it isn't good enough just to have it as a policy. You need to talk about it. You need to train on it. And you need to actually implement it in appropriate situations, which is part of the focus on the individual responsibility and again, driving effectiveness.

Susan Divers: That's a very good segue into effectiveness. I do want to emphasize what you said, which is this is something that ethics and compliance professionals need to pay attention to. And it should be a welcome development to have that kind of accountability and importance placed on ethics and compliance considerations. But it's: What do you do about it, as you said, if you've got claw back? I think the SEC says that about 50% of publicly traded companies have claw back, but you have to use it. Otherwise, you're probably worse off if you have it as a tool and then you don't use it if you've got senior level misconduct.

Jon Drimmer: Yeah, I think that's right. But better to have it than not have it, and if you've got it, you've actually got to apply it, is kind of what they're signaling. But look, this is hard. I mean, it is really hard when you are doing investigations of your own people. As a chief compliance officer, this was the least favorite part of my job is doing investigations into people I work with, people I knew, people who in other aspects of my job, I had to trust. I had to trust them in terms of implementing or overseeing certain aspects of the program. And when you have to do an investigation into them, it feels lousy. It screams out for why independence is important. And those particular instances is just a matter of investigative integrity, but it's a lousy part of the job. And applying a claw back provision to senior executives who you have worked with, who you have traveled with, whatever it is, it's a lousy part of the job, but they are saying it is an important part and a part that has to be applied in practice.

Susan Divers: Yeah. I agree with you. That is really the worst part of being a chief ethics and compliance officer, for sure. Let's dive deeper into effectiveness. As I've gotten to know you and worked with you on thought leadership, I've always been extremely impressed with you focus when you're a chief ethics and compliance officer on effectiveness. And I remember some of the things you did, even including short pulse surveys in your investigations to get feedback from employees, so that's just one example. But can you talk about what do we really mean by effectiveness in terms of ethics and compliance programs? What should we be measuring? What should we be looking at? And where should the focus be?

Jon Drimmer: Yeah. I mean, really what effectiveness means is: Are the goals of any particular element of your program being achieved? Are you meeting the goals that you have set out for that particular element of the program? So for instance, your goal might be to roll out a new training, and to roll it out to 90% of everybody on a mapped basis. That isn't going to get into effectiveness. Effectiveness is: How well do they retain the critical aspects of the content that is being conveyed? And that can be done through surveys, that can be done through tests, et cetera. But when we're talking about effectiveness here, again, it isn't just about roll out, it isn't just about robustness and good faith commitment to implementing a program. But is it working in practice? How do you know it? How do you test it? How do you validate it? Often, that's done through KPIs and through metrics. I personally like surveys, sentiment survey, I've always liked surveys as a way of getting information.

And beyond that, it brings employees into the program when they are talking to you, providing information about their own experiences. I think that's a very effective way to do it. I think 360s in terms of reviews that include ethics compliance is another important part, so you do again get perspectives of employees on individual performance, particularly for supervisors, from an ethics and compliance standpoint. I think you need to look at audit results. I think you need to look at investigations. I think you need to look at a number of different factors that all indicate on a lag indicating basis, what is working and what isn't working. But I think that should be a relentless focus, personally. And I think for every element of your program, you should be looking at multiple ways to try to assess. Is what I'm doing actually working to the degree that I want it to, and in the way that I want it to? And if not, you have to make an adjustment. That's what effectiveness is about.

Susan Divers: That's a really good definition. I think one of the traps people can fall into easily is to focus on activities rather than impact. And I like your phrasing of it as a relentless focus on effectiveness. I mean, one of the things we're just doing is rolling out a short, I think it's 10 question ethical culture pulse survey that comes up at the end of a code of conduct course. And it asks questions about respect and trust and organizational justice, which as you know are key elements of an ethical culture. So always trying to get at perceptions and concerns and to the degree that you can measure how that's playing out, I think is really essential to effectiveness.

I want to talk about in a minute how non US companies are affected by all this, and also the most common mistakes you've seen people make in your long and in depth, varied career. But before we get there, I was just looking at some of the DOJ material, and I see that Matt Galvin has joined the team. And now I think there's at least three or four former chief ethics and compliance officers. And Matt came for Anheuser, and he has a particular focus on data analytics. What are you seeing in terms of using data analytics for effectiveness? And what do you recommend in that area?

Jon Drimmer: I think that's a great hire. I think it'll be great for Matt, and I think that's a great hire for the government, really bringing in somebody who ran a compliance program and who has had a very substantial focus on data analytics. And at AB InBev, the Brew Right program that he put together is one that's usually been held up as an industry leader. I mean, I do think data analytics is critically important. One of the challenges with data analytics that you have to always get around is making sure that your data is good, that things are being recorded and described in like manners that allows for apples to apples comparison. And you have to understand what to do with that information. And so it's not enough to run the analytics, but when you get the analytics back, you have to have a program in place, resources in place, to act on it.

And so thinking through holistically what the data is, where it's coming from, how you're going to act on it, depending on what you get is all a really important part of the equation to think about ahead of time before you just start collecting and running. Look, it's critically important. It's been something that's been emphasized for years as a key way of identifying effectiveness, as well as potential risks that you might not otherwise see, and trends, and patterns. So it really is a very important part of a program with the caveat that you've got to make sure that your data is really good and that you know what you're going to do with it on the back end. But that's a great hire, and I'm sure it's really going to advance compliance thinking in the government around the use of data.

Susan Divers: I think that's a good way to characterize the importance of data metrics and particularly stressing that it's not enough to have them and get the insights, you have to act on them. It's similar to risk analysis and risk assessment. It's great that you're running a yearly risk assessment, but are you factoring those results into your training or your policies? So that's part of that focus on effectiveness. Talk to me a little bit, Jon, if you would, about we've been talking about the Department of Justice. It does seem to me that what DOJ does in areas like this has a lot of impact on international companies. It's not limited to the US. And you're in a great position to discuss that a bit, if you would.

Jon Drimmer: Yeah, sure. Of course. No, absolutely. Look, and to be clear, when the government emphasizes things like data and benchmarking and metrics and KPIs, I can't applaud them enough for bringing in someone like Matt, who has seen it on the ground, has put into place a great program to really help educate. And that's going to be true for US and non US companies. The government focuses on violations of the law, where there is jurisdiction, where there's something that will touch the US, or you have US companies or US issuers. But if you're a foreign company and you're doing business in the United States, or you're listed on a US exchange, the US laws very well may apply to you. The FCPA certainly very well may apply to you. And some of the biggest settlements, again just sticking with the FCPA, have been with non US companies in the last two years.

And I don't want to limit this to the FCPA because the memo from Lisa Monaco, it's not limited to the FCPA, but it will extend to throughout the criminal division. And so whether it's antitrust, or healthcare fraud, or other areas that the criminal division might oversee, this is going to apply to companies regardless of whether they're US or non US, depending on the jurisdictional components, so it's a very important part for all companies doing business in the United States, not just US companies.

Susan Divers: And I think sometimes people forget how broad that actually is. People sort of think, "Okay, there's US companies, there's French companies, there's Indian companies," but if you're doing business here, or you're using the banking system, then you are basically within the ambit of US jurisdiction if you commit bribery violations, or antitrust, or sanctions violations, or whatever they happen to be. So it really is a very broad net. And I think for that reason, I think the guidance has driven the evolution of ethics and compliance programs globally, not just in the US. Is that your sense too?

Jon Drimmer: Yeah. Yeah. No question about it. I think if you look around the world, whether it's the UK, or France, or throughout Latin America, for those governments that have formally put out either guidances, or they've integrated into their laws what compliance programs ought to look like, I mean, it really looks a lot like what the Department of Justice and the SEC have put out, which of course is premised on a sentencing guidelines foundation. But really, it is driving global compliance processes and programs around the world, even for those companies that don't touch the US, even in their home jurisdictions. It's driving very similar approaches and ways of thinking about compliance.

Susan Divers: Yes. And I think if anybody needs proof of that, they should read the Glencore CPA settlement, which I was just looking at, which is a huge fine for anti bribery for basically a non US company. But we're starting to run out of time. I could do this all day, as you know. But let's wrap up with: Given your unique perspective, having sat in all of the key positions, what are the most common mistakes you see people make in ethics and compliance programs? And if you can relate some of those to the guidance, that would be great.

Jon Drimmer: Yeah, sure. Look, I mean, I think first and foremost, it isn't really understanding and looking to integrate into programs what drives an ethical culture. And we talked before about the absolute importance of organizational justice as one of the key drivers in thinking about how that should get integrated into your program. And another is managerial modeling. And truthfully, what people seem to often forget is that most employees look at their supervisors, and maybe their supervisors' supervisors as the company. They look at them as management. And so focusing on, quote, unquote, tone from the top, and the most senior leaders of a company, to the exclusion of direct supervisors, middle managers, I think is often a mistake. And so driving behaviors expected of managers is critically important. I think people also ignore the absolute singular importance of confidence in internal reporting mechanisms and hotlines, which is often a proxy for whether your culture of compliance is strong, and whether organizational justice exists, whether managerial modeling is occurring.

But I think beyond that, we've talked about the focus on effectiveness. And I think too often, you do see compliance programs that really are driving towards activities and robustness and metrics and numbers that don't take into account. Is it really working in practice? And I do think that has to be, especially in light of the guidance, which talks about culture, it talks about effectiveness, it focuses on effectiveness, I think that's got to be a critical emphasis for any program. And I think a lot of programs aren't sufficiently mature in that particular aspect, which may be why this guidance or this policy is coming out now.

Susan Divers: So it sounds like if you were advising let's say a startup, or a relatively small company that's program is just getting underway, you would advise them to focus very much on the value side on getting organizational justice right, on getting speak up culture going and creating that atmosphere of trust, and also on making sure that managers know what the ethical and compliance considerations that affect them are, and what that means in practice.

Jon Drimmer: Yeah. Yeah, that's exactly right. And look, that relates directly to the guidance as we look at rewards, in terms of pay, of performance commitments, presumably of bonuses, of promotions. So setting those expectations for management, along with organizational justice and speak up, I think are really vital components. And so if you are just starting out, the sooner you look to embed that within the company, the more effective it's going to be hopefully as the company grows.

Susan Divers: Wow, this has been such a terrific, insightful conversation. And I really feel like I've benefited a lot personally just from hearing the way you've wove together the policy, the guidance. And just for one point of clarification before we sign off, I've been looking at the guidance since I think 2013. I've seen an evolution, actually. It's gotten stronger and it's gotten smarter in focusing on the right things like culture. I don't see it really weakening or changing, even during the Trump administration, interestingly. Is that your perception as well? Is that your expectation for the future?

Jon Drimmer: Yeah, yeah, absolutely. Look, they are clearly sharpening the guidance. They are sharpening their policies in a way that is actually quite healthy. And I completely applaud the degree of transparency that we've seen in terms of talking about how these are applied, in terms of talking about how these are to be interpreted. So I applaud the transparency and I completely agree. It is getting much sharper, particularly around those aspects that really impact compliance professionals, like culture, like incentivization, like trying to establish commitments, like integrating compliance into employment processes. So I think it is getting smarter. And again, I think the transparency is really helpful, and particularly for chief ethics and compliance officers.

Susan Divers: Great. And I agree. I mean, it's actually making people's jobs easier if they take the key messages in the guidance and are able to use the guidance to drive change in their organizations. So Jon, thanks so much for joining me on this episode. Just to wrap up, I'm Susan Frank Divers, and I want to thank everyone for listening to Principled Podcast by LRN.

Jon Drimmer: Thank you.

Outro: We hope you enjoyed this episode. The Principled Podcast is brought to you by LRN. At LRN, our mission is to inspire principled performance in global organizations by helping them foster winning ethical cultures rooted in sustainable values. Please visit us To learn more. And if you enjoyed this episode, subscribe to our podcast on Apple Podcasts, Stitcher, Google Podcasts, or wherever you listen, and don't forget to leave us a review.

Be sure to subscribe to the Principled Podcast wherever you get your podcasts.

Listen on Apple Pocasts Listen on Spotify Listen on Stitcher Listen on Audible Listen on Google Podcasts Listen on TuneIn

Listen on Amazon Music Listen on iHeart Radio Listen on Podyssey Listen on Listen notes Listen on PlayerFM