A copy-paste of the letter below:
AHLPA Weekly, By Michael W. Peregrine, McDermott Will & Emery
Health lawyers will want to brief their clients' audit & compliance committees on the substance and
implications of new compliance program guidance issued by the Fraud Section of the Department of
Justice (DOJ). The "Evaluation of Corporate Compliance Programs" (Guidance) is not specific to the
health care industry. Yet, the Guidance provides an exceptionally practical set of benchmarks
against which the audit & compliance committee, in consultation with the general counsel and the
chief compliance officer, can evaluate the effectiveness of the health system's compliance program.
The Guidance was quietly released, without any press announcement, by a February 8 posting on
the Fraud Section's "Compliance Initiative" page on the DOJ website. The absence of any formal
announcement is unusual given the extent to which the DOJ in general, and the Fraud Section in
particular, have tried to be publicly transparent in their discussion of the application of factors that
contribute to a decision whether to charge a corporation. One can only speculate as to the reasons
for this, but in no way should the "stealth release" undermine its materiality.
The Guidance is presented in the form of a series of substantive compliance-focused questions that the Fraud Division frequently considers when evaluating a corporate compliance program, e.g.:
1. Analysis and Remediation of Underlying Misconduct
2. [Role and Involvement of] Senior and Middle Management
3. Autonomy and Resources
4. Policies and Procedures
5. Risk Assessment
6. Training and Communication
7. Confidential Reporting and Investigation
8. Incentives and Disciplinary Measures
9. Continuous Improvement, Periodic Testing and Review
10. Third Party Management
11. Mergers and Acquisitions
These questions are drawn from multiple sources, some of which are somewhat familiar to health
lawyers (e.g., the Federal Sentencing Guidelines and the United States Attorneys Manual), and
some of which are less familiar (the joint DOJ/SEC Foreign Corrupt Practices Act guide and
compliance guidance from the Organization for Economic Cooperation and Development).
Questions particularly relevant to health care organizations include those that focus on the conduct
of senior and middle management; the internal stature of the compliance function; the autonomy of
the compliance function; program funding and resources; corporate response to expressed
compliance concerns; the process for responding to investigative findings; consistency of disciplinary
measures; and periodic updating of procedures and practices.
Important questions focus on the board's exercise of its compliance oversight duties—including
whether relevant expertise is available on the board and how compliance related is information
provided to the board.
The Guidance does not specifically address the appropriateness of a compliance officer-to-general counsel reporting relationship. (This, contrary to the interpretation of some compliance industry leaders). Nor does it comment on whether the roles of compliance officer and general counsel can be held by the same person.
Rather, it emphasizes the presence of a "direct to board" reporting option (as mandated by the
Federal Sentencing Guidelines) and other futility bypass mechanisms indicative of compliance
officer independence. This may serve to continue the debate on the most appropriate staffing,
reporting, and communication relationships between the general counsel and the compliance officer.
One theme that appears to run through the questions is a focus on how the corporation deals with
misconduct after it has been identified. This focus goes beyond the traditional emphasis on proper
incentives and appropriate discipline to an awareness of the root cause of the misconduct and
changes the company made to reduce the potential that similar problems will reappear.
The release of the Guidance is consistent with the Fraud Section's 2015 appointment of an internal
"compliance counsel." The specific role of that position is to help determine whether a corporation subject to DOJ investigation has maintained a good faith compliance program. DOJ's Principles of Federal Prosecution of Business Organizations (a/k/a the "Filip Factors") make it clear that the existence and effectiveness of a corporation's preexisting compliance program is a factor that the DOJ will take into consideration when making a prosecution decision. The new Guidance is reflective of the Fraud Section's interest in applying a deeper analysis of compliance program quality and effectiveness.
The Fraud Section's "common questions" are highly practical in nature and are well-suited for direct
audit & compliance committee consumption. There's no "inside baseball" involved. As such, the
Guidance needs little advance introduction before it is placed on the committee's agenda. And, once
on the agenda, the committee's logical role is to use the Guidance as a baseline from which to
comprehensively evaluate the effectiveness of the health system's existing program.
The release of this Guidance is a significant development in terms of assuring the most effective
possible corporate compliance plan. It is directly relevant to the fiduciary obligations of the board's
audit & compliance committee and should be brought to the committee's immediate attention by the
health system general counsel, in consultation with the compliance officer.
Source:
https://www.mwe.com/~/media/files/press-room/2017/02/weekly022417.pdf
