Evidencing Compliance Program Effectiveness
(Remember to register for the complimentary SAI Global Webinar on “Evidencing Compliance Program Effectiveness,” that will be held on August 16, 2022, at 2 PM, Eastern.)
Key Points:
- Evidencing Compliance Program effectiveness is a major challenge
- Internally generated process metrics lack credibility of evidencing effectiveness
- Effectiveness is evidenced by value created (outcome), not process numerical outputs
Evidencing Compliance Program effectiveness is a major challenge to meeting expectations of government enforcement agencies. The Department of Health and Human Services Office of Inspector General (OIG) calls for it, the United States Sentencing Commission’s Guidelines expect it, and the Department of Justice’s (DOJ) June 2020 “Evaluation of Corporate Compliance Programs” focuses on it when making prosecutorial decisions.
Much has been made of the benefit of evidencing an effective compliance program and how it could result in penalty reductions, and even avoiding legal enforcement actions entirely. As a result, Compliance Officers expend a lot of time and energy to build a program that provides the needed evidence. It is the subject of every conference and appears in all publications directed toward compliance. In recent years, executive leadership and boards have increasingly looked for such evidence to warrant the investments made in supporting their compliance programs. All this has added pressure on Compliance Officers to find means to provide credible evidence.
Results from the 2022 Compliance Benchmark Survey make it clear that this remains a serious challenge. There really has been very little concrete advice on how this is to be done. Many Compliance Offices rely upon metrics generated from internal reviews of process, including: compliance training statistics, number of hotline reports received and resolved, results of sanction-screening, etc. All this relates to output, not outcome. Effectiveness is associated with the result of the process in terms of value created, in other words, outcome. Using process numbers when reporting periodically to executive and board level compliance committees often raises more questions and concerns than satisfaction. Presenting periodic reports summarizing results in terms of process may fall very short of persuading leadership that the compliance program is effective in reducing the likelihood of unwanted events that could give rise to liabilities.
Another challenge in providing convincing evidence of an effective compliance program to enforcement authorities is that enforcement authorities question programs in response to a violation of law or regulation, such as a false claim or corrupt arrangement. Otherwise, they would never be questioning the program. Therefore, they will not likely accept any representations or evidence by the Compliance Office without independent supporting evidence. The OIG has mentioned three major methods described in their Compliance Program Guidance for producing convincing evidence. First, produce the results of an independent evaluation of the Compliance Program by experts. Second, produce the results of an independent survey of employees on their compliance knowledge, attitudes, and perceptions. Third, produce supportable evidence that, as result of an active compliance claims processing Quality Assurance Program with Quality Control Reviews, there has been a decline in errors. The focus is on independently supportable evidence from sources outside the control of the organization.
For more information on this topic, contact Richard Kusserow at [email protected].
Keep up-to-date with Strategic Management Services by following us on LinkedIn.
