Principles of the Law, Compliance and Enforcement for Organizations, Tentative Draft No. 2 (TD2) will be presented to ALI membership at the 2021 ALI virtual Annual Meeting. The below Introductory Note and black letter is excerpted from this draft, which contains § 4.01. Nature of Compliance Risk and Compliance Risk Management. The full Section, including full Comments and Reporters’ Notes, may be downloaded following the link at the end of this post. TD2 also includes § 4.02. Goals of Compliance Risk Management. Click here to request a copy of this draft.
This Tentative Draft has not yet been considered or approved by ALI membership. Therefore, it does not represent the position of The American Law Institute and should not be represented as such.
PART TWO. COMPLIANCE
CHAPTER 4. COMPLIANCE RISK MANAGEMENT
Introductory Note: This Chapter is about compliance risk management. Organizations manage compliance risk in the context of, and as part of their broader management of, all the risks they face. Organizations also have compliance functions, and their management of compliance risk will be integrally involved with that function. This Chapter references an organization’s broader risk-management and compliance endeavors when appropriate. Given that Chapter 5 expressly deals with the compliance function, this Chapter focuses more on compliance risk in relation to the organization’s overall risk management, characterizing compliance risk management as a type and part of risk management when appropriate.
- § 4.01. Nature of Compliance Risk and Compliance Risk Management
- (a) An organization should manage compliance risk in a manner appropriate for its attributes and circumstances.
- (b) An organization should manage compliance risk through or in coordination with its risk-management function and risk-management program, and through or in coordination with its compliance function and compliance program.