Both the compliance officer and the audit committee play important roles in a healthcare provider’s compliance program. The compliance officer administers the program and the audit committee has oversight responsibilities. In some organizations the compliance officer may report to the audit committee as well as to a senior management official. As with any form of dual (or matrix) reporting relationship, tensions can arise.
A compliance officer generally understands that keeping the audit committee (and the board) informed and involved is essential, but often struggles to determine when to inform the audit committee and how much information is appropriate. If you asked an audit committee for its perspective on this dilemma, the answer would be simple.
Nearly any audit committee would prefer to have more information than less, and to learn the information sooner, rather than later. Its members have a fiduciary responsibility in governing the organization and, to effectively do so, the audit committee needs complete and timely reports, especially as significant compliance issues or problems arise. Failure to discharge duties properly can result in actions against board members and, in egregious cases, discharging the entire board.
Therefore, compliance officers often struggle with two questions:
- How can the compliance officer strike the happy balance of providing the audit committee the appropriate amount of information at the appropriate time?
- How can the compliance officer engender trust and confidence from both the audit committee and senior management?
Many compliance officers have management experience and, therefore, it may feel more natural to build and maintain a positive relationship with management. Most compliance officers understand organizational structures, reporting relationships, and communication mechanisms in a traditional hierarchical setting. But how do you manage the additional relationship with the audit committee?