TAB G Compliance and Ethics Program

Size: px

Start display at page:

Download "TAB G Compliance and Ethics Program"

Avice Wheeler
5 years ago
Views:

1 TAB G Compliance and Ethics Program Executive and Audit Committee October 15, 2015 Educational Session

2 Compliance and Ethics Program - Importance OSU model: Federal sentencing guidelines for establishing an effective compliance and ethics program (CEP) Purpose of the program: Demonstrate that OSU exercises due diligence to prevent and detect criminal, illegal, and/or unethical conduct Promote an organizational culture that encourages ethical conduct and a commitment to compliance with the law Benefits: Increased health/life safety of OSU community Model ethical behavior for OSU community including students Retain credibility with key stakeholders Reduce penalties and liability of unforeseen non-compliance 1

3 Compliance in Higher Education Higher education is very heavily regulated. Here is a small sampling of regulatory schemes with which OSU must comply: Campus Operations: environmental regulations, lab safety, nuclear reactor safety, crime reporting Employment: discrimination laws, variety of reporting and process requirements Financial and Asset Management: IRS rules Research: research integrity (including human and animal research), sponsored programs Information Technology Student: Title IV student financial aid, Title IX sexual harassment, Family Educational Rights & Privacy Act ( FERPA ) Athletics: NCAA rules 2

4 Compliance and Ethics Program Elements 1. Standards and procedures 2. Oversight: management, executive, and board 3. Due diligence in delegating authority 4. Education and training 5. Auditing and monitoring 6. Enforcement and discipline 7. Response and prevention Overarching - Risk Assessment 3

5 Standards and Procedures University Policies and Standards Provide the governing framework within which the institution functions Promote compliance with the law and align university activities with the strategic plan Structure: Executive Policy and Standards Committee Office of University Compliance History: Oregon University System dissolution Large number of decentralized policies and standards, overdue for review and updating Plan: Establish policy development and review process Develop required new policies while reviewing existing 5-10 year plan to update policy library based on risk profile 4

Oversight Process 1. Individual units responsible for managing daily risk 2. Office of University Compliance provides guidance, tools, and escalates risk to the Compliance Executive Committee 3.

6 Oversight Process 1. Individual units responsible for managing daily risk 2. Office of University Compliance provides guidance, tools, and escalates risk to the Compliance Executive Committee 3. Office of University Compliance consults with the Office of Audit Services and Office of General Council on risk elevation 4. Compliance Executive Committee oversees progress towards risk mitigation and allocates resources 5. Executive and Audit Committee to receive annual report on program and periodic risk reports as part of university risk management program to be implemented in

7 Due Diligence in Delegating Authority Office of Human Resources Position descriptions Background check process Training Evaluations Delegation of Authority Contractually binding the university Approving purchases Improvements underway 6

Education and Training Employee education and training: how the university communicates its strategic vision and policies to employees Job-specific education Compliance education Current Environment

8 Education and Training Employee education and training: how the university communicates its strategic vision and policies to employees Job-specific education Compliance education Current Environment Training is very decentralized Required only for certain jobs Exploring Improvements Establish general and job-specific employee education curriculum Learning management system will allow oversight 7

Auditing and Monitoring Department monitoring - providing tools for departments to ensure control structure is designed to monitor for compliance The

9 Auditing and Monitoring Department monitoring - providing tools for departments to ensure control structure is designed to monitor for compliance The Office of Audit Services provides independent assessment of individual and overall program effectiveness Hotline with an anti-retaliation policy in existence 8

Auditing and Monitoring Hotline administered by a third party with option for caller to remain anonymous Independent office (OAS) oversees administration of hotline Routine communication of hotline

10 Auditing and Monitoring Hotline administered by a third party with option for caller to remain anonymous Independent office (OAS) oversees administration of hotline Routine communication of hotline resource to campus Escalation of complaints with potential for universitywide implications to president and Executive and Audit Committee Annual summary and complaint analysis provided to the Executive and Audit Committee 9

11 Enforcement and Discipline Methods for OSU to enforce its compliance rules against: Employees Students Contractors Campus visitors by license (i.e., ticket holders) Members of the public Exploring avenues for more consistent reporting of enforcement/discipline to Executive Compliance Committee 10

12 Response and Prevention Actions taken as a result of identified non-compliance, fraud, waste and abuse include: Police and DA involvement if crime suspected Termination of employment Repayments to OSU Organizational restructuring Prevention and detection controls Training and education Tone at the top Continual risk assessment 11

13 Reporting and Monitoring Monitoring is a process that assesses the quality of the program over time. Board monitoring and oversight process: Serious incident protocols Audit reporting (internal and external) Annual CEP report Office of General Counsel updates Future university wide risk management 12

14 Questions?