The Role of the Chief Compliance Officer
The ABA Task Force recommendations did not address the Chief Compliance Officer role. However, it is understood that the Chief Compliance Officer has primary responsibility for the day-to-day functions of the compliance and ethics program. Each company is free to define the responsibilities of its Chief Compliance Officer, but their essential duties are as follows:
- Creating, developing, and implementing procedures, policies, and practices
- Overseeing program implementation and monitoring the results
- Revising or updating the program as necessary
- Creating and coordinating a corporate compliance education program
- Managing internal audits
- Investigating non-compliance reports
- Being available for compliance issues and questions
- Reporting to the CEO, President, and Board of Directors to keep them informed about compliance matters
- Having and updating knowledge of the company’s operations and any applicable regulations and laws.
In the healthcare industry, the Chief Compliance Officer needs to have in-depth experience and knowledge of the strict regulations. Compared to other industries, the U.S. health care industry has complex best practice, ethics, and compliance standards that must be maneuvered. No matter the simplicity of the healthcare company, there will be a number of regulations, laws, rules, and policies that they must navigate in business operations, service-providing, and in receiving reimbursement. For example, Medicare and Medicaid require a complex system of paperwork, rules, policies, and third-party compliance. Therefore, a Chief Compliance Officer in the healthcare industry will need to have considerable experience with the practices of the industry.
Healthcare companies may also have an obligation to disclose adverse findings of employee misconduct or internal audits in some cases. They must take steps to appropriately report program violations or breaches of legal duties. With the Medicare and Medicaid reporting requirements, if a healthcare provider certifies compliance while knowing of a breach, they would be making a false statement. If the healthcare provider operates under the Corporate Integrity Agreement, they must disclose any overpayments or suspected law violations to the OIG.
Failure to comply with any healthcare regulatory requirements or laws can result in:
- False statements being made to the government or a third-party payer
- Civil, criminal, or administrative liability
- The requirement to repay any overpayments with interest
- Financial penalties
- Exclusion from participation in federal healthcare programs
- Criminal prosecution.
Therefore the Chief Compliance Officer and General Counsel must have a strong healthcare background and knowledge of the regulations and related administration.
The Chief Compliance Officer is a key party of a healthcare company’s management team. They must have demonstrated expertise in internal controls, remedial measures, reimbursement matters, and troubleshooting. They must also be trusted enough for employees to raise concerns about the organization.
The Federal Sentencing Guidelines for Organizations have provided new guidance about the reporting relationships and the roles that each personnel category plays in corporate compliance. It rules that while employees may be assigned responsibility for the day-to-day operations of corporate compliance programs, the overall responsibility for the program must lie with a high-level executive. The individual must have direct access to a Board committee, or the Board of Directors must provide them with annual reports. In most healthcare companies, this person would be the Chief Compliance Officer or a member of the General Counsel.
The Healthcare Board
The healthcare board must understand its compliance program and any challenges that may impede the program goals. Our corporate lawyers recommend that the healthcare board consider the following things to ensure that:
- They understand the roles of the Chief Compliance Officer and General Counsel in relation to the corporate compliance program and the Board.
- That processes are in place to ensure the Board receives regular updates and timely notification of any compliance issues.
The healthcare board should consider the following things:
How Does the Board Use the General Counsel For Compliance Advice?
The compliance program must be structured in a way that ensures the Board receives the notification of changes to compliance laws and any compliance issues present in the company. The relationship between the General Counsel and the Board will play a large factor in efficient notification and reporting. The changes to the Federal Sentencing Guidelines for Organizations put a larger onus on the Board to understand the corporate compliance program and to advise changes and re-evaluations based on compliance risk assessments. To do this, the Board must be aware of any risks the company has and how the compliance program mitigates or fails to mitigate those risks.
Is the General Counsel Involved in Each of the Main Elements of the Corporate Compliance Program? How Are They Involved?
Because of the General Counsel’s responsibility to keep the Board appraised of all compliance risks and issues, the General Counsel must be involved in the fundamental elements of the program. This ensures they have a good knowledge of the program operations and if it is effective. Even if the Chief Compliance Officer is overseeing the compliance program, the General Counsel should be involved to provide insights into the implications of government policy on the program. They can also advise on potential legal implications of ideas in the brainstorming or implementation process. By giving the General Counsel and the Chief Compliance Officer clearly defined and interlocking roles, the Board will enhance its ability to oversee the program.
The Method of Notifying the General Counsel and Allowing Their Insight of Compliance Failures
A key feature of a compliance program is to layout an appropriate response to suspected law violations. This is the feature that requires optimum cooperation between the Chief Compliance Officer and General Counsel.
The Chief Compliance Officer must investigate suspected compliance failures and oversee the organization’s response. The General Counsel also plays a key role in managing the organization’s response to these failures, especially if they trigger liability. The Chief Compliance Officer must involve the General Counsel in a timely manner so they can carry out a risk assessment and support the investigation. This will allow the organization to respond immediately to a compliance failure.
What Are the Roles of the General Counsel and the Chief Compliance Officer in the Program’s Operations? Who Is Responsible For Reporting to the Board?
The roles of the General Counsel and the Chief Compliance Officer will vary between companies. However, the roles should be clearly defined and complementary without overlapping. One of the key differences is that the Chief Compliance Officer does not act as counsel for the organization; the General Counsel does. The Chief Compliance Officer must present regular status reports to the Board so that they can oversee the compliance program.
By giving the General Counsel and the Chief Compliance Officer distinct roles, it creates a system of checks and balances to ensure the compliance program is operated and overseen in an independent manner. The General Counsel must be involved in the compliance program, as they serve to advise the Board and provide analysis of the program. Their primary responsibility is to protect the legal interests of the company by counselling the Board on any manner of legal issues.
The responsibility of the Board is to create a harmonious and complementary working relationship between the General Counsel and the Chief Compliance Officer and to ensure they receive sufficient reporting to fulfil their oversight responsibilities.
How Is the Board Notified of Disagreements Between the General Counsel or Chief Compliance Officer and Management?
Disagreements may arise from time to time between compliance roles and management, especially when an evaluation may have significant legal and financial implications for the business. It is important that the Board understand that these issues may arise and to understand how each party responds to such issues. They should consider implementing policies that standardize the way investigations are reported to the Board.
The U.S. Sentencing Commission and the OIG recommended that compliance officers be given a direct line of access to the Board and CEO. By offering direct reporting, the Board can ensure the compliance program’s integrity. If their communication has to go through other managers or even the CFO or General Counsel, their communication may be changed or other concerns added onto their report. If the structure of the company makes this unfeasible, then the compliance officers should ensure there are multiple recipients of their reports to ensure one party does not change the reports.
The Board must ensure there are no obstacles to the compliance program and that the Chief Compliance Officer is able to freely provide the Board with information, recommendations, and analyses.
Does the Board Understand Attorney/Client and Work Product Privileges and How the Organization Must Use this Privilege When Responding to Requests For Information From a Third Party?
Investigating suspected law violations can have major legal implications for a company. The Board must be able to seek timely and objective legal advice to decide on a course of action. Confidentiality privileges between attorneys and their clients exist to ensure candid communication between clients and their legal counsel.
However, in corporate compliance, while certain investigations may be protected by these privileges, some legal violations may require reporting to a government agency. This may be the case for suspected violations as well as uncovered violations. The Board must seek legal advice on how they may use these confidentiality privileges and when they may be limited.
Does the General Counsel Have Sufficient Processes in Place to Report Legal Compliance Issues to the Necessary Organizational Authorities?
There is continued debate surrounding the duty of outside counsel to report legal concerns such as breach of duty and legal violations. While some situations have clear guidelines of when matters should be brought to the Board’s attention, other situations have no such guidelines.
The Board must ensure clear and impartial communication lines between them and the General Counsel so they can receive timely notification of issues. They may decide to implement regular executive sessions to give the General Counsel a forum to discuss any compliance issues or risks.
Considerations to Enhance Corporate Compliance
The following list of considerations will enforce a system of checks and balances to enhance the effectiveness of the corporate compliance program.
If the General Counsel Serves As the Chief Compliance Officer
-
- Implement a process that allows the General Counsel to recuse themselves from a compliance investigation if it may implicate the General Counsel. There should also be an alternative reporting process in place for issues that may implicate the General Counsel.
- Conduct Board-initiated third-party assessments and audits of the compliance program
- Authorize the Compliance Committee to retain outside consultants or counsel for matters that meet Board-approved criteria
If the Chief Compliance Officer Works Independently From But Still Reports to the General Counsel
-
- Establish an alternative reporting route to be used when the Chief Compliance Officer deems it necessary to report an issue to another member of senior management. This will protect the compliance program from obstructions.
- Implement a procedure that allows a member of senior management to authorize compliance investigations and the hiring of outside counsel.
- Establish a forum for the Chief Compliance Officer to report directly to the Board on a periodic basis.
If the Chief Compliance Officer Works Independently From and Does Not Report to the General Counsel
-
- Consider involving the General Counsel in periodic risk assessments, investigations, review of reports on compliance processes and policy proposals, and brainstorming ways to address violations.
- Require the General Counsel to conduct routine reviews of the matters the Chief Compliance Officer reports to the Board.
- Require the Chief Compliance Officer to consult with and notify the General Counsel if they need to consult with outside counsel.
In Conclusion
Healthcare organizations have focused on their systems for reporting potential or existing corporate misconduct in light of recent high-profile corporate misconduct cases. Because of the number and complexity of healthcare laws and regulations, it is important for healthcare companies to marry their legal and compliance functions. They should operate independently from each other but combine in a complementary manner to protect their organization from violations.
Ultimately, the Board must ensure it receives regular and detailed reports to inform its compliance oversight. Giving the Chief Compliance Officer and General Counsel distinct roles and responsibilities can ensure that each role is able to best serve the company and the Board.
https://california-business-lawyer-corporate-lawyer.com/wp-content/uploads/2024/01/incorporator-vs-promoter.jpg
756
1339
Nakase
http://california-business-lawyer-corporate-lawyer.com/wp-content/uploads/2022/05/Nakase-Wade-logo-transparent-200x54px.png
Nakase2024-01-11 18:32:202024-01-11 18:32:21What are the differences between incorporator and corporate promoter?
