Manatt’s Jacqueline Wolff, a partner in the firm’s investigations and white collar defense practice, spoke with the Anti-Corruption Report on the Department of Justice’s updated guidance on risk assessments.
According to Anti-Corruption Report, the updated Evaluation of Corporate Compliance Programs (ECCP) acknowledges that a compliance program cannot target all areas of risk and provides questions prosecutors are instructed to ask about how a company assesses risk.
Wolff said a risk assessment can help companies identify and categorize its areas of legal, regulatory and business risk.
“One purpose of categorizing risk is to help use a company’s resources intelligently,” she said. “If significant funds are being used to address a low area of risk whereas no monies are being used to mitigate a high area of risk, resources are not being used intelligently.”