Corporate Compliance

DOJ’s updated version Evaluation of Corporate Compliance

February 26, 2024

Trying to juggle two cell phones, one for your work and another for your personal life, is not only a hassle but can sometimes run you afoul of the law. Just ask legendary Breaking Bad antihero Walter White.

White has to confess his Methamphetamine manufacturing and dealing “side hustle” to his wife Skyler, once she figures out that he has a second cell phone. If you’ve watched Breaking Bad (and if you haven’t, start immediately), you know that things continue to unravel from there with Skylar, business associates, and the authorities.

Using just one phone for his personal and “business” communications might not have mitigated Walt’s tragic destiny; but for regular, law-abiding employees like the rest of us, there’s several reasons why we might choose to use our personal phones for work.

We’ve all received that unplanned cell phone call from a manager or colleague while we’re heading out to dinner or sitting at a kid’s soccer game with the other enthusiastic parents. Sometimes our company or a client is hosting an event; and because we’re away from our desks, our cell phone is just more convenient and pragmatic.

Many businesses, recognizing the urgent need for employee mobility, have purchased cell phones for their staff. The downsides? That’s a big expenditure for businesses and most of us are more comfortable with our own phones.

However, there’s also a significant downside to employees practicing “Bring Your Own Devices” (BYOD) at work: corporate compliance and regulatory dynamics that include stricter rules from the U.S. Department of Justice (DOJ).


In March 2023, the DOJ’s Criminal Division issued an updated version of its Evaluation of Corporate Compliance Programs that called out fundamental questions a prosecutor should ask when considering a company’s compliance. The evaluation drills down to specific questions companies need to consider regarding BYOD, among them:

  • What are its policies governing preservation of and access to corporate data and communications stored on personal devices—including data contained within messaging platforms—and what is the rationale behind those policies?
  • How have the company’s data retention and business conduct policies been applied and enforced with respect to personal devices and messaging applications?
  • Do the organization’s policies permit the company to review business communications on BYOD and/or messaging applications?
  • Is the organization’s approach to permitting and managing communication channels, including BYOD and messaging applications, reasonable in the context of the company’s business needs and risk profile?

“Companies need to be able to monitor and address those communications even if they aren’t on an approved platform or device,” Karl Davis, a senior manager with Deloitte Risk & Financial Advisory at Deloitte Transactions and Business Analytics LLP, said in a Wall Street Journal article published last summer. “They should not only consider a framework for addressing such requirements but, if needed, consider developing a framework that is more specific than in the past.”


MultiLine™ by Movius enables employees to have just one phone they can use for work and other dimensions of their lives, giving them a business phone number they can add to any device as an app. Through MultiLine’s simple method of adding a business line to a cell phone, employees are able to manage all their business communications through a single app, resulting in a better digital employee experience while their personal activity remains private and invisible to the business.

MultiLine allows users to call, text, or send WhatsApp messages on a secure, dedicated business number. The user-friendly apps work on smartphones, desktops, or directly inside Microsoft Teams and Salesforce.

Further, MultiLine provides employers with more complete and real-time customer journey management as well as more precise customer experience metrics, because of its ability to retain and analyze employee-customer conversations and business messaging while performing call monitoring.

Another win for businesses is that the customer data captured in MultiLine remains with the employer if the employee, personal cell phone in tow, leaves the organization. While The Godfather’s Peter Clemenza commanded, “Leave the gun, take the cannoli,” Movius empowers employers to tell exiting employees, “Leave the app, take the phone.”

And most importantly, perhaps, the MultiLine app resolves compliance concerns and questions such as the ones posed by the DOJ. Here’s three examples involving complex, highly-regulated industries.


MultiLine captures all client communications and sends data to a firm’s compliance archives, in a manner adhering to key requirements set by Financial Instruments Directive 2014 (MiFID II), Financial Industry Regulatory Authority (FINRA), the Dodd–Frank Wall Street Reform and Consumer Protection Act (commonly referred to as Dodd–Frank), and the General Data Protection Regulation (GDPR).

It also captures all client engagements in a single system of record, to extract business intelligence, surface actionable insights, and draw best practices. Financial services professionals can communicate effectively with their clients on the channels they prefer while delivering exceptional services and experiences.


MultiLine by Movius does not upload, store, transmit, or share any of the contacts used in the app on an employee’s phone. This ensures compliance with the Health Insurance Portability and Accountability Act (HIPAA). In fact, MultiLine was designed to respect HIPAA concerns. In addition, the MultiLine platform is hosted by IBM Bluemix ®, providing a secure cloud platform that healthcare employees can trust that’s built on best-in-industry standards. All text and voice calls are encrypted with ironclad security that meets enterprise-grade standards.


Teachers are in constant communication with students, parents, colleagues, and administrators through email, voice, and text. Protecting the privacy of student records and communications is critical, especially as it relates to the Family Educational Rights and Privacy Act (FERPA) and the Telephone Consumer Protection Act (TCPA). Through MultiLine, teachers can text students and parents using a dedicated app they know is potentially being monitored and reviewed, which helps ensure such communications are professional and not personal. In addition, many schools use corporate devices at heavy expenditures; with MultiLine by Movius, they can reinvest that money back into education and meeting students’ needs.


Are you ready to get started with MultiLine by Movius, ensuring all-around wins for employees, customers, and businesses while remaining compliant with the most current U.S. laws and regulations? Request an introductory call and get a demo today.


John DeMarco

Subscribe for the Latest Posts

Ready to Learn More?