The following Compliance & Ethics Program elements align with DOJ Guidance for Evaluation of Corporate Compliance Programs.

 

Organizational Leadership, Culture and Governance

  • Demonstrate a “tone from the top” through organizational vision, oversight and governance by the Governance Risk and Compliance Executive Council and annual reports to the Audit Committee.

Standards and Procedures

  • Establish standards and procedures to promote operational excellence through ethical behavior. 
  • Establish standards and procedures to prevent and detect criminal conduct and facilitate compliance.
  • Develop and implement a University Code of Conduct for faculty, staff and students.

Education and Awareness

  • Communicate expectations of high ethical standards and adherence to policies and procedures.
  • Provide training and education as part of the onboarding process and in a practical manner as appropriate to an individual’s role and responsibility.
  • Provide regular updates on the compliance webpage and other communication avenues.
  • Require yearly compliance education and attestation.
  • Provide specialized education based on risk analysis and emerging risks.
  • Initiate a University compliance heroes/liaison program.
  • Develop an annual compliance and ethics seminar.

Effective Lines of Communication

  • Market a confidential and anonymous integrity helpline for faculty, staff and students to report potential noncompliant conduct without fear of retaliation.
  • Increase the culture of compliance through awareness that everyone’s voice matters.

Program Evaluation and Guidance

  • Monitor annual compliance work plans, internal audits, compliance inspections, peer reviews and responses.
  • Report results to senior leadership and the Board.

Consistent Application of Standards

  • Promote and consistently enforce standards and discipline throughout the organization.
  • Disseminate a non-retaliation policy for good-faith anonymous reporting.
  • Increase awareness of clear disciplinary policies that are readily accessible to the University community.
  • Advocate for a culture of integrity and compliance to be part of the performance review process and include incentives for demonstrated ethical behavior.

Response and Prevention

  • Respond appropriately to noncompliant acts to prevent further instances. Make any necessary improvements to reduce the risk of future noncompliance and perform outreach to re-align organizational culture. 
  • Promote investigative practices that are fair, objective, independent and consistently managed by qualified personnel.
  • Promote root cause analysis to identify underlying causes.
  • Review tracking of corrective actions to confirm that they have been effective and sustainable.
  • Analyze topical risk patterns and trends for systemic issues and target improving organizational performance.

Periodic Risk Assessments

  • Align compliance and ethics with enterprise risk management and internal audit functions.
  • Support compliance partners in annual work plans that reflect a shared partnership and avoid overlap and redundancy.
  • Engage with compliance partners to enhance understanding of the impact, purpose and functions of the aligned functions of compliance and ethics, enterprise risk, and internal audit.