Blog Post

Mitigating Conflict of Interest (COI) Risks

Richard P. Kusserow | January 2022

Key Points:

  • COI continues to be a top-ranked compliance issue
  • Tips for Compliance Officers

Annual Compliance Benchmark Surveys conducted by Strategic Management and SAI Global continue to identify Conflict of Interest (COI) as a major high-risk area warranting close ongoing monitoring and auditing for compliance. COI was repeatedly addressed by the Department of Health and Human Services Office of Inspector General (OIG) in its compliance guidance documents. The Department of Justice’s (DOJ) “Evaluation of Corporate Compliance Programs” guidelines lists many questions used by prosecutors on this topic.

A COI exists in any situation where financial, business, medical, or other personal considerations may compromise or appear to compromise: (1) a person’s judgment; (2) delivery of patient care; (3) making business decisions; (4) purchasing decisions; or (5) ability to carry out job responsibilities. COIs occur when an employee’s actions may be based on personal interest (whether actual, potential, or perceived) that may be at odds with the interests of their employer or business partner. The actions may result in personal gain for the employee or a relative.

A COI can potentially be found in virtually every aspect of health care activity, such as research, teaching, business operation, finance, hiring, purchasing, clinical care, etc. It can range from a simple matter of nepotism in hiring to a more complex situation implicating federal laws (e.g., Stark Law, Anti-Kickback Statute, and IRS Private Inurement). COI can arise in a variety of ways whenever activities, or relationships potentially compromise loyalty or independent judgment, such as: (1) conflicts between an individual’s obligations and their financial or other self-interest; (2) conflicts resulting from an individual’s divided loyalties, dual roles, or conflicting duties; and (3) compromising professional medical judgment.

Below are tips for Compliance Officers to consider in managing  COI risks:

  1. Have a policy that describes COI and makes the reporting requirements clear.
  2. Ensure policies address COI in other areas, such as purchasing, research, contract management, staffing, etc., and describe the consequences of non-compliance.
  3. Implement an annual COI disclosure process and establish a committee to resolve issues.
  4. Identify who must submit COI information (e.g., physicians, board members, executives) and require them to make annual disclosures.
  5. Define when off-cycle COI disclosures must be made and to whom.
  6. Use a detailed questionnaire for individuals to identify and explain business relationships.
  7. Develop and implement a disclosure form for reporting actual or potential COI.
  8. Determine how COI information will be collected, reviewed, controlled, and tracked.
  9. Develop a method to monitor and verify disclosure mandates are being followed.
  10. During onboarding for new employees and vendors, require disclosure of potential COI.
  11. Establish a system to manage and track COI disclosures.
  12. Require COI disclosures when negotiating contracts.
  13. Establish guidance for business relationships with third parties and determine how they are checked for COI.
  14. Ensure compliance training includes COI and encourage all employees to report suspected non-compliance.
  15. Review employee files, including workplace correspondences, to determine COI.
  16. Identify sources of information and evidence when responding to COI allegations.
  17. Define the scope of COI investigations.
  18. Take stock of what is known before investigating potential COI violations.
  19. Ensure those conducting COI investigations are properly trained to do it. 
  20. Identify and interview those who may have information about the matter.
  21. Identify and interview the subject of any COI allegation.
  22. Develop a written report documenting all findings of COI investigations.
  23. Identify all risks and issues associated with potential COI violation reports.
  24. Debrief complainants about potential COIs with as much information as possible.
  25. Identify the parties needed to resolve COI issues (e.g., HR, Legal, etc.).
  26. Consult with Legal Counsel on potentially serious COI issues.
  27. Alert executive leadership of any potential COI.
  28. Have an independent review conducted by COI experts across all programs.
  29. Inform the Executive Compliance Committee on the results of the COI program.
  30. Maintain a centralized repository of all COI disclosures.

For more information on this topic contact Richard Kusserow at rkusserow@strategicm.com.

About the Author

Richard P. Kusserow established Strategic Management Services, LLC, after retiring from being the DHHS Inspector General, and has assisted over 2,000 health care organizations and entities in developing, implementing and assessing compliance programs.

Subscribe to blog