Back in the Dark Ages when I served two stints as head of the DOJ’s Antitrust Division, young prosecutors often would complain that in-house lawyers were impeding, if not obstructing, their investigations. Their concerns centered around issues such as the formation of joint defense groups, company counsel representing employees who were not targets, payment of legal fees for executives under investigation and, of course, the assertion of legal privileges. Ordinarily, I would offer the prosecutors fatherly consolation and explain that the lawyers were “mounting a defense,” as it used to be called.
But the corporate scandals of 2000 and beyond ushered in a brave new world. With the enactment of SOX, the publication of the now-infamous Thompson Memorandum and a major attitudinal change by law enforcement personnel at all levels of government, the concept of mounting a defense has become all but extinct.
In today’s world, law enforcement personnel expect that a mere government letter questioning company behavior will prompt the company to launch a comprehensive investigation and deliver the results to government enforcers. The government also expects that a company of any significant size will maintain its own internal police force–not just a passive organization that comes when called, but rather one that aggressively patrols, monitors, detects and investigates all aspects of legal compliance.
This brings me to the true matter at hand for in-house counsel: Should corporate legal departments also act as the corporate police or, more politely, the corporate compliance group?
Understanding the law is certainly a critical element of compliance, so there is a natural tendency to believe that the general counsel should either supervise or act as a company’s chief compliance officer. However, some aspects of modern corporate compliance militate against the general counsel serving in that role.
First and foremost, there’s the question of resources. A corporate compliance scheme that meets current government expectations must involve ongoing monitoring, testing and auditing programs. These activities, which must be integrated into daily business operations, are more in line with what auditors and accountants typically do. If the corporation is going to task its legal department with performing such duties, it must be prepared to provide the expertise and resources necessary and to deploy those resources in a manner that provides a clear line of sight to potential problem areas.
The company also has to consider if performing this function will compromise the ability of its lawyers to provide sound legal advice. For instance, will clients who view the lawyers as the internal police actively seek out legal advice? And will lawyers in a dual role change the nature of the legal advice they render?
Finally, to the extent that legal privileges once again become meaningful, the company must consider how making the legal organization responsible for compliance could actually undermine the assertion of privileges. Because compliance has become a business duty, general counsel and the legal team would have to walk a fine line to distinguish between their advisory and compliance roles.
At Chevron, we keep the compliance organization distinct from the law function. Our CCO reports to the vice chairman and has a staff that primarily consists of finance and audit professionals. We have expert lawyers who specialize in critical areas of corporate compliance, and our compliance officer can call upon them for legal guidance. Similarly, both the finance function and the internal audit department stand ready to assist the compliance department as needed.
Our circumstances and corporate culture led us to this particular solution. There are, of course, a number of ways to skin this cat, and I am always interested in seeing how other companies have integrated compliance into their daily operations.
Charles A. James is the vice president and general counsel of Chevron Corp.