The U.S. Department of Justice (DOJ) has rolled out a new, unified Corporate Enforcement Policy (CEP) for all criminal cases. While that may sound like just another regulatory update, it signals a broader shift in how corporate misconduct is evaluated and ultimately resolved.

For healthcare organizations and compliance leaders, this is more than just a compliance update. It represents another clear indication that expectations around compliance, transparency, and governance are continuing to advance.

A More Consistent Approach to Enforcement

Historically, corporate enforcement policies varied across DOJ divisions. That lack of consistency made it difficult for organizations to know exactly what was expected when it came to self-disclosure or cooperation.

 The new CEP aims to change that by creating a more uniform framework across DOJ criminal matters (excluding antitrust). In practical terms, organizations now have a clearer and more consistent playbook.

At the core of that playbook there are three expectations most organizations will recognize:

  • Voluntary self-disclosure
  • Full cooperation with investigations
  • Timely and effective remediation

Organizations that meet these expectations may receive significant benefits, including the possibility of avoiding prosecution in certain circumstances. On the flip side, delays or failure to act can significantly increase risk.

There is also an added layer of judgment built into the process. The DOJ has signaled more flexibility in “near miss” situations, meaning organizations won’t just be evaluated on whether they checked the box—but on how effective their compliance efforts truly are.

What This Means for Governance

Beyond enforcement mechanics, the CEP has important implications for organizational governance. There is a growing expectation that boards and executive leadership should be aware of compliance programs and actively involved in overseeing them.

That includes understanding risk, asking the right questions, and ensuring the organization is positioned to respond when issues arise.

For healthcare organizations, this is especially important. Regulatory scrutiny is already high, and this policy reinforces the need for strong alignment between compliance, legal, and operational teams.

Why This Matters for Healthcare Providers

While the CEP applies across industries, many of the underlying risks it addresses are already front and center in healthcare—billing accuracy, documentation, and quality of care.

The policy underscores several critical priorities:

1. Proactive Compliance Programs Are Essential

A reactive approach is no longer sufficient. Organizations must have systems in place to identify potential issues early—before escalation.

2. Internal Reporting Pathways Must Be Effective

With increased incentives for whistleblowers and self-disclosure, it’s critical that staff feel comfortable raising concerns internally—and trust that those concerns will be taken seriously.

3. Documentation Matters More Than Ever

Accurate and complete documentation is not just about reimbursement; it’s about demonstrating that issues were identified, investigated, and addressed appropriately.

Final Thoughts

As enforcement frameworks evolve, the organizations that will be in the strongest position are the ones that treat compliance as part of their day-to-day operations. It must be more than just a set of policies on paper.

The DOJ’s updated Corporate Enforcement Policy sends a straightforward message: organizations that are transparent and responsive will be in a much better position than those that do not.

For healthcare leaders, now is a good time to take a step back and ask a simple question—if something were to surface today, could we clearly show how we identified it, addressed it, and prevented it from happening again?

How LW Consulting, Inc. Can Help

At LW Consulting, Inc., we understand that compliance is no longer just about avoiding risk—it’s about demonstrating accountability, transparency, and operational excellence.

Our team supports organizations by:

  • Assessing and strengthening compliance programs
  • Identifying documentation and coding vulnerabilities
  • Supporting internal investigations and corrective action plans
  • Aligning operational practices with regulatory expectations

LW Consulting, Inc. (LWCI) offers a comprehensive range of services that can assist your organization in maintaining compliance, identifying trends, providing education and training, or conducting documentation and coding audits. For more information, contact LWCI to connect with one of our experts!

Sources:
Department of Justice releases First-Ever Corporate Enforcement Policy. (2026, March 10). https://www.justice.gov/opa/pr/department-justice-releases-first-ever-corporate-enforcement-policy-all-criminal-cases
Peregrine, M., & Hoff, A. (2026, March 20). AHLA – The governance implications of DOJ’s new corporate enforcement policy. https://www.americanhealthlaw.org/content-library/health-law-weekly/article/5a5a26dc-24e2-4d5a-b9e6-97291b505f5f/the-governance-implications-of-doj-s-new-corporate