Here’s another post weighing in on the DOJ’s updated Evaluation of Corporate Compliance Programs (ECCP), this one underscoring two primary DOJ priorities for corporate compliance: (1) how companies are navigating risks relating to artificial intelligence and other “new and emerging technologies,” and (2) how companies are encouraging and protecting corporate whistleblowers.
In support of these points, the Fenwick & West article references a speech in March 2024, by Deputy Attorney General Lisa Monaco of the DOJ. To emphasize the importance of reporting and disclosures, she said the department’s message to companies is: “Knock on our door before we knock on yours.”
In addressing AI risk, Deputy AG Lisa Monaco also stated in her speech:
“And compliance officers should take note. When our prosecutors assess a company’s compliance program — as they do in all corporate resolutions — they consider how well the program mitigates the company’s most significant risks. And for a growing number of businesses, that now includes the risk of misusing AI. That’s why, going forward and wherever applicable, our prosecutors will assess a company’s ability to manage AI-related risks as part of its overall compliance efforts.“
If your company uses AI in its operations or projects, the time to have AI policies, procedures – and a compliance program, is now. (See today’s Cybersecurity and AI post entitled NIST AI Risk Management Good Starting Point for an article about using NIST’s AI Risk Management Framework to help get started.
Source:
Fenwick & West LLP: Don’t Wait for the DOJ to Come Knocking: Important Whistleblower Protection and AI Risk Management Updates
