Oftentimes incoming Compliance Officers will inherit significant compliance problems when they join an organization or step into the role. In many of these cases, Compliance Officers are blamed as the ones causing or prolonging the problems. The best way for incoming Compliance Officers to approach the new role is to seek an independent, outside assessment of the Compliance Program to identify its strengths and areas of concern. In fact, the Department of Health and Human Services (HHS) Office of Inspector General (OIG) calls for such reviews on a periodic basis according to their compliance program guidance documents¹. Organizations that fail to evaluate their Compliance Program effectiveness prior to engaging a new Compliance Officer are only creating more work and stress for a position that is crucial for organizational success.
Assessing the Compliance Program
Prior to filling the Compliance Officer position, organizations should conduct an assessment of the Compliance Program that covers:
- Establishing the state of the Compliance Program and how well it functions in ensuring proper ongoing monitoring and auditing of high risk compliance areas.
- Identifying what elements of the Compliance Program need the most improvements and developing a road map to implement those improvements.
- Providing objective evidence of the scope and needs for the Program.
If a compliance program assessment is not part of the employment negotiation process, the incoming Compliance Officer should request one soon after accepting the position. He or she should cite the importance of knowing the status of the Compliance Program and compliance operational high risk exposure. It is important for the Compliance Officer to analyze the Compliance Program and conduct necessary research on the organization in order to know what to expect from such a review.
In establishing the conditions and criteria for a compliance program assessment, organizations should consider the following tips:
- Price is important, but organizations should consider the old adage, “you get what you pay for.” Selecting a firm to review the Compliance Program that presents a low priced proposal and conducts a shallow and incomplete review would be a waste of money and could even mislead management on the state of the Compliance Program.
- Establishing the seven standard elements of a compliance program is important, and only having a simple checklist to review the elements will not provide enough useful and in-depth intelligence. A proper review should provide deep research and analysis on the compliance program operations as they relate to the seven elements.
- Ensure that the assessment focuses on ongoing monitoring by operational managers of high risk compliance areas and ongoing auditing to verify and validate that monitoring efforts are addressing compliance risks adequately.
- Use an external compliance firm with extensive related experience to fully benefit from their experience and knowledge.
- Request and review references from the firm’s previous clients who received similar compliance program assessments to ensure the review will cover all essential topics.
- Request that the firm describes their methodology and approach to conduct the assessment in sufficient detail to be able to understand precisely how they will conduct the assessment.
- Ensure that the firm identifies specific individuals who will perform the review and their individual experience. Avoid allowing the firm to use a “bait and switch” approach by using a high level employee to present the proposal only to be replaced by junior staff to actually perform the work.
- Have the selected firm certify that their results comply with generally-accepted operational and consulting review standards, preferably signed by the head of the firm.
Having to fill a Compliance Officer position can seem like a daunting task. However, organizations can make the incoming Compliance Officer’s transition much more seamless and less stressful by properly preparing for his or her engagement. Organizations should hire an outside compliance firm to assess and evaluate the existing compliance program to gauge its strengths and weaknesses and to develop a work plan for the incoming Compliance Officer. This kind of assessment limits the added burden on the Compliance Officer so he or she can immediately start working on improving and maintaining proper functions of the compliance program at the start of the engagement.
¹Federal Register.Vol.63.No. 35.Page 8987 (Published 1998).