WHAT IS EFFECTIVE COMPLIANCE? Darrell Armer & Chris Davis Gray - - PowerPoint PPT Presentation

what is effective compliance
SMART_READER_LITE
LIVE PREVIEW

WHAT IS EFFECTIVE COMPLIANCE? Darrell Armer & Chris Davis Gray - - PowerPoint PPT Presentation

Nov 06, 2022 191 likes •519 views

WHAT IS EFFECTIVE COMPLIANCE? Darrell Armer & Chris Davis Gray Reed HFMA Lone Star Winter Conference January 2020 Darrell Armer Gray Reed Dallas Managing Partner, Leader of the Healthcare Transactions Practice Group Education

slide-1
SLIDE 1

WHAT IS EFFECTIVE COMPLIANCE?

Darrell Armer & Chris Davis Gray Reed

HFMA Lone Star Winter Conference January 2020

slide-2
SLIDE 2

Gray Reed Education

Darrell Armer

  • Dallas Managing Partner, Leader of the

Healthcare Transactions Practice Group

  • B.B.A., The University of Texas
  • J.D., Texas Tech University

Primary Clientele

  • Hospitals, ambulatory surgery centers,

physical therapy companies, diagnostic imaging centers, medical and dental practices, and home health agencies, as well as various provider networks.

slide-3
SLIDE 3

Gray Reed Education

Chris Davis

  • Partner, Leader of the White-Collar

Defense Practice Group

  • B.B.A., Baylor University
  • J.D., The University of Texas

Before joining Gray Reed …

  • Senior Trial Counsel in the SEC's Fort

Worth Regional Office

slide-4
SLIDE 4

The Landscape

slide-5
SLIDE 5

Many agencies cover the waterfront,

  • ften with overlapping jurisdiction.

Federal-Criminal

  • DOJ
  • FBI

Federal-Civil

  • DOJ
  • HHS/HHS-OIG
  • CMS
  • FTC (Cyber)

State and Local

  • Attorney General
  • Texas Medical

Board

  • HHS
slide-6
SLIDE 6

Regulatory Focus on the Healthcare Industry

  • 2019: $2.6 out of $3 billion in DOJ settlements and

civil judgments (almost 90%) healthcare related

  • 10th consecutive year to exceed $2 billion
  • Hot areas: managed care providers, labs,

pharmacies, physicians

  • 633 whistleblower actions filed in FY 2019; $2.1

billion recovered in whistleblower-related actions

  • HCF Strike Force (Dallas and Houston)
  • 2018 HCF takedown: 601 individuals, including

76 doctors charged (most ever in a single

  • peration)
slide-7
SLIDE 7

DOJ’s April 2019 Guidance on Corporate Compliance

  • What is it?
  • Standardized set of factors DOJ will consider when deciding:
  • Whether to charge;
  • How much to fine (if any);
  • Whether a monitor is required;
  • Disclosure requirements
slide-8
SLIDE 8

DOJ’s April 2019 Guidance on Corporate Compliance

Framework - three fundamental questions:

  • “Is the corporation’s compliance

program well designed?“

  • “Is the program being applied

earnestly and in good faith?“ In other words, is the program being implemented effectively?

  • “Does the corporation’s compliance

program work“ in practice?

slide-9
SLIDE 9

Is the program well designed?

slide-10
SLIDE 10

Is the program well designed?

  • Key Factors
  • Is it customized?
  • Is it comprehensive?
  • Is it aligned with employee incentives?
slide-11
SLIDE 11

Is the program well designed?

  • Risk Assessment
  • What are the particular types of misconduct most likely to
  • ccur at this particular company?
  • “Prosecutors may credit the quality and effectiveness of a

risk-based compliance program that devotes appropriate attention and resources to high-risk transactions, even if it fails to prevent an infraction in a low-risk area.”

  • Deploy resources appropriately: “Does the company devote a

disproportionate amount of time to policing low-risk areas instead of high-risk areas?”

  • Regularly re-assess
  • Prosecutors should consider “revisions to corporate

compliance programs in light of lessons learned.”

slide-12
SLIDE 12

Is the program well designed?

  • Policies and Procedures
  • “As a threshold matter, prosecutors should examine

whether the company has a code of conduct that sets forth, among other things, the company’s commitment to full compliance with relevant Federal laws that is accessible and applicable to all company employees.”

slide-13
SLIDE 13

Is the program well designed?

  • Training and Communications
  • Especially for employees in high-risk areas.
  • Tailored and risk-based?
  • Senior management involvement/emphasis?
slide-14
SLIDE 14

Is the program well designed?

  • Confidential Reporting Structure and Investigation Process
  • DOJ says “highly probative” of whether a company has

established mechanisms that can effectively detect and prevent misconduct.

  • Considerations
  • Anonymity
  • Internal publicity
  • Independence
  • Scope and resources
slide-15
SLIDE 15
slide-16
SLIDE 16

Is the program well designed?

  • Third Party Management
  • Compliance doesn’t stop at the company walls.
  • “[P]rosecutors should assess the extent to which the

company has an understanding of the qualifications and associations of third-party partners, including the agents, consultants, and distributors.”

  • “Prosecutors should further assess whether the

company engaged in ongoing monitoring of the third-party relationships, be it through updated due diligence, training, audits, and/or annual compliance certifications by the third party.”

slide-17
SLIDE 17

Is the program well designed?

  • Third Party Management
  • Considerations
  • Business rationale for the use of third parties? Due

diligence on third parties?

  • Mechanisms to ensure that the contract terms

specifically describe the services to be performed, that payment terms are appropriate, and that compensation is commensurate with the services rendered?

  • Ongoing monitoring? Right to analyze the books and

accounts of third parties?

slide-18
SLIDE 18

Is the program implemented effectively?

slide-19
SLIDE 19

Is the program implemented effectively?

  • Prosecutor will probe whether a compliance program is a “paper

program” or one “implemented, reviewed, and revised, as appropriate, in an effective manner.”

  • Commitment by senior management?
  • Cannot just “set it and forget it”
  • The company’s “governing authority shall be knowledgeable

about the content and operation of the compliance and ethics program and shall exercise reasonable oversight” of it.

  • Lead by example (tone at the top)
  • Does management model proper behavior to subordinates?

Do managers tolerated greater compliance risks in pursuit of new business or greater revenues?

slide-20
SLIDE 20
slide-21
SLIDE 21

Is the program implemented effectively?

  • Commitment by senior management?
  • Have the proper skills and expertise
  • Compliance expertise on the board of directors?
  • Have the board of directors and/or external auditors held

executive or private sessions with the compliance and control functions?

slide-22
SLIDE 22

Is the program implemented effectively?

  • Autonomy and Resources
  • Structural considerations
  • Sufficient seniority within the organization;
  • Sufficient resources, namely, staff to effectively undertake

the requisite auditing, documentation, and analysis; and

  • Sufficient autonomy from management, such as direct

access to the board of directors or the board’s audit committee.

  • Not one size fits all
  • Each factor, will depend on the size, structure, and risk

profile of the particular company. “A large organization generally shall devote more formal operations and greater resources . . . than shall a small organization.”

slide-23
SLIDE 23

Is the program implemented effectively?

  • Autonomy and Resources
  • Evaluation framework
  • Structure: Where is compliance housed?

Is there a designated CCO/other compliance person?

  • Seniority and Stature: Rank/title?

Compensation? Access to key decision makers?

  • Experience and qualifications
  • Funding and resources: Are there enough people/resources to

do the job and do it right?

  • Autonomy: Direct reporting line to board/audit committee?

Meet independently of senior management?

  • Outsourcing: If so, why? What level of access does external

consultant have? Independent, qualified, etc?

slide-24
SLIDE 24

Is the program implemented effectively?

  • Incentives and Disciplinary Measures
  • “Another hallmark of effective implementation of a

compliance program is the establishment of incentives for compliance and disincentives for non-compliance.”

slide-25
SLIDE 25

Is the program implemented effectively?

  • Incentives and Disciplinary Measures
  • Carrots and sticks
  • E.g. promotions, bonuses, or other

rewards for ethical leadership.

  • E.g. swift disciplinary action; public

disciplinary action.

  • Other considerations
  • Consistent process for each instance of potential

misconduct?

  • Similar consequences for similar misconduct?
  • Compliance input on compensation, promotions, etc.?
slide-26
SLIDE 26

Does the compliance program work in practice?

slide-27
SLIDE 27

Does the compliance program work in practice?

  • “[M]isconduct does not, by

itself, mean that a compliance program did not work or was ineffective.”

  • “[t]he Department recognizes

that no compliance program can ever prevent all criminal activity by a corporation's employees.”

slide-28
SLIDE 28

Does the compliance program work in practice?

  • Key Components
  • Continuous improvement, periodic

testing, and review

  • Responses to misconduct
  • Identify root causes, system

vulnerabilities, and accountability lapses, including among supervisory manager and senior executives

  • Analyze and remediate
slide-29
SLIDE 29

Other recent DOJ guidance

slide-30
SLIDE 30

Other recent DOJ guidance

  • FCPA corporate enforcement policy (and possible impact on
  • ther areas)
  • Presumption of declination when company:
  • 1. Voluntarily self-discloses,
  • 2. Fully cooperates, and
  • 3. Timely and appropriately remediates.
  • Think about these issues before you have misconduct.
slide-31
SLIDE 31

Gray Reed www.grayreed.com

Thank you!

Darrell Armer

darmer@grayreed.com

Chris Davis

cdavis@grayreed.com