Compliance and Enforcement for Organizations

Over the past decade, compliance, risk management, and enforcement, have emerged as fundamental components of internal controls in complex organizations, both in the United States and around the world.

Highly publicized settlements of government enforcement actions are only the most visible markers of the dramatic growth in compliance activities. Other indicators, including increases in hiring in compliance, risk management, and internal audit; growing attorneys’ fees in connection with foreign corrupt practices investigations; rapid changes at the level of the board of directors with establishment of specialized compliance and risk committees; and attention at the highest levels of government and the private sector to the problem of internal controls, triggered in part by the obvious breakdown in control systems that became evident during the financial crisis of 2007-2009.

Principles and suggestions for best practices can be found in a variety of sources. Government materials – including federal statutes, administrative regulations and – most importantly, administrative guidance offered by regulatory agencies – contain valuable recommendations and analysis. Consent decrees and other regulatory settlements contain illustrations and offer ideas about robust compliance and risk management programs. Non-governmental organizations such as the Organization for Economic Cooperation and Development, the Basel Committee on Banking Supervision, and various professional associations issue standards and codes of best practice. Other ALI projects, including the Corporate Governance Project, the Principles of the Law of Aggregate Litigation, and Restatement of the Law Governing Lawyers, offer insight and ideas in the areas they cover. Legal scholars are increasingly writing about compliance and risk management, and courts are beginning to issue opinions on the topic. Several law firms produce newsletters containing current information and practical insights.

Despite this growing body of sources, there is as yet no comprehensive “best practices” document on the law of compliance and risk management. This is the role of this project.

The principal audience for this advice are (a) outside counsel specializing in the areas of compliance and risk management; (b) in-house attorneys, compliance officers, and other personnel who carry out internal control responsibilities; (c) government regulators and prosecutors; and (d) commentators, scholars, and people involved in law reform initiatives.

Tentative Table of Contents

Chapter 1. Definitions and Scope

Chapter 2. Subject Matter, Objectives, and Interpretation

Chapter 3. Governance

Chapter 4. Risk Management

Chapter 5. Compliance

Chapter 6. Enforcement

Project Reporters

Geoffrey P. Miller

Reporter, Compliance, Risk Management, and Enforcement

Geoffrey Miller, Stuyvesant P. Comfort Professor of Law at NYU Law School, is author or editor of eight books and more than 200 articles in the fields of compliance and risk management, financial institutions, corporate and securities law, constitutional law, civil procedure, legal history, jurisprudence, and ancient law. He has taught a wide range of subjects including property, corporations, compliance and risk management, financial institutions, land development, securities, the legal profession, and legal theory.

Jennifer H. Arlen

Associate Reporter, Compliance, Risk Management, and Enforcement

Jennifer Arlen, the Norma Z. Paige Professor of Law at NYU Law School, is one of the nation’s leading scholars on corporate liability, specializing in corporate crime, vicarious liability, and securities fraud. She also has written extensively on medical malpractice liability and experimental law and economics. Arlen received her BA in economics from Harvard College and her JD and PhD in economics from New York University. She is co-founder and director of the NYU Program on Corporate Compliance and Enforcement. She also is a co-founder, director, and past president of the Society of Empirical Legal Studies, is a former director of the American Law and Economics Association, serves on the editorial board of the American Law and Economics Review, and chaired the Law and Economics, Remedies, and Torts sections of the Association of American Law Schools.

James A. Fanto

Associate Reporter, Compliance, Risk Management, and Enforcement

James Fanto, Gerald Baylin Professor of Law at Brooklyn Law School, teaches courses on banking, broker-dealer law, regulation and compliance, corporate and securities law, corporate finance, and comparative and international corporate law and governance. His extensive writings and lectures both in the United States and abroad focus on the law relating to banks, broker-dealers, corporate boards, comparative corporate governance, cross-cultural securities disclosure and merger decision making. He is the co-director of the Center for the Study of Business Law and Regulation, and is affiliated with the Dennis J. Block Center for the Study of International Business Law, and the Center for Law, Language & Cognition.

Claire A. Hill

Associate Reporter, Compliance, Risk Management, and Enforcement

Claire Hill is the James L. Krusemark Chair in Law at University of Minnesota Law School. She teaches corporate law, mergers and acquisitions, contracts, and a seminar in law and economics. She is the founding director of the Law School’s Institute for Law and Rationality, and the associate director of its Institute for Law and Economics. She is also an affiliated faculty member of the University’s Center for Cognitive Sciences. Before becoming a law professor, she practiced corporate law at several law firms. Her research interests include corporate governance, capital structure, structured finance, rating agencies, secured debt, contract theory, law and language, and behavioral economics.

DOJ Announces Revised Export Control and Sanctions Enforcement Policy for Companies, Including Financial Institutions

This article was originally posted on NYU Law School’s Compliance & Enforcement blog.On December 13, the U.S. Department of Justice’s (“DOJ”) National Security Division (“NSD”) announced a new policy designed to encourage business organizations to make voluntary...

Headwinds and Shifting Priorities: Beyond the Numbers in the SEC Enforcement Division’s 2019 Annual Report

This article was originally posted on NYU Law School’s Compliance & Enforcement blog. On November 6, 2019, the SEC’s Division of Enforcement released its annual report (the “Report”) describing its enforcement actions from fiscal year 2019.1U.S. Sec. & Exch....