Office of Compliance Program Report

Similar documents
Office of Compliance, Risk and Ethics Program Report. January 2016 December 2016

OFFICE OF EQUITY AND COMPLIANCE COMPLIANCE PROGRAM

Audit Committee - Agenda

Developing an Integrated Anti-Fraud, Compliance, and Ethics Program

SHRINERS HOSPITALS FOR CHILDREN CORPORATE COMPLIANCE PLAN

COMPLIANCE AT LARGER INSTITUTIONS. November 11 13, Robert F. Roach Chief Compliance Officer New York University

Title IX, X Topics, XI Grievance Procedures

Compliance Program Effectiveness Guide

Delta Dental of Michigan, Ohio, and Indiana. Compliance Plan

USC Compliance and Ethics Program Governance and Standards

DIRECTOR, INFORMATION TECHNOLOGY PROJECT IMPLEMENTATION/ FISCAL INTEGRATION

UNIVERSITY STANDARD. Title UNIVERSITY OF NORTH CAROLINA AT CHAPEL HILL STANDARD ON ENTERPRISE DATA GOVERNANCE. Introduction

GUIDELINES. Corporate Compliance. Kenneth D. Gibbs President & Chief Executive. Martin A. Cammer Senior Vice President & Corporate Compliance Officer

EY Center for Board Matters. Leading practices for audit committees

This charter defines the purpose, authority and responsibility of News Corporation s (the Company ) Corporate Audit Department.

Corporate Compliance Program

AC C O U N T AN T Schematic Code ( )

DIRECTOR OF COUNSELLING STUDENT WELLNESS CENTRE

BAYLOR UNIVERSITY REPORT OF EXTERNAL AND INDEPENDENT REVIEW RECOMMENDATIONS. Take swift and certain action consistent with these recommendations.

Office of Internal Auditing

Using a Compliance Program Assessment to Elevate Institutional Compliance Effectiveness

UPMC POLICY AND PROCEDURE MANUAL. Links to policies referenced within this policy can be found in Section V.

npliance IN 2008, MICROSOFT CORP. WAS FINED 899 MILLION Auditing for

BUILDING AN EFFECTIVE COMPLIANCE PROGRAM

What We Will Cover Today

Position Description Cover Sheet

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

INTEL CORPORATION BOARD OF DIRECTORS GUIDELINES ON SIGNIFICANT CORPORATE GOVERNANCE ISSUES

The Company seeks to comply with both the letter and spirit of the laws and regulations in all countries in which it operates.

CHARTER OF THE BOARD OF DIRECTORS

UNIVERSITY OF COLORADO DEPARTMENT OF INTERNAL AUDIT 2018 AUDIT PLAN As of June 1, 2017

Equal Employment Opportunity AP 3420

HF GROUP LIMITED BOARD CHARTER

Auditing ADA-IT Compliance: How to Leverage Judgments from Other Institutions

Developing an Integrated Anti-Fraud, Compliance, and Ethics Program

Corporate Governance Principles. As Amended June 7, 2017

SEMPRA ENERGY. Corporate Governance Guidelines. As adopted by the Board of Directors of Sempra Energy and amended through December 15, 2017

INFORMATION GOVERNANCE STRATEGY IMPLEMENTATION PLAN

FRONTERA ENERGY CORPORATION CORPORATE GOVERNANCE POLICY

IMMUNOGEN, INC. CORPORATE GOVERNANCE GUIDELINES OF THE BOARD OF DIRECTORS

CORPORATE COMPLIANCE PROGRAM CHARTER

Mott Community College Job Description

NYSARC/CP Compliance Seminar: Risk Assessments. May 2, 2016 Robert Hussar and Melissa Zambri

European CEI. Compliance 101

Fiscal Year 2016 Audit Plan

MISSISSIPPI STATE UNIVERSITY INTERNAL AUDIT CHARTER

Sheryl Vacca, CHC-F, CCEP-F, CHRC, CCEP-I, CHPC. SVP/Chief Compliance & Audit Officer University of California

Integrity and Compliance Annual Report

Triple C Housing, Inc. Compliance Plan

Immunization Information System (IIS) Trainer Sample Role Description

MAGNA INTERNATIONAL INC. BOARD CHARTER

Statutory report on corporate governance for TORM A/S for the financial year 2014 (regarding the Danish Financial Statement Act sec. 107b).

BOARD GUIDELINES ON SIGNIFICANT CORPORATE GOVERNANCE ISSUES

SETTING POLICIES and GUIDELINES for CONDUCTING INTERNAL INVESTIGATIONS

AFFIRMATIVE ACTION PLAN FOR PROTECTED VETERANS

FY INTERNAL AUDIT ACCOMPLISHMENTS REPORT AND ANNUAL STRATEGIC WORK PLAN

2017 The Global ABB Integrity Program.

A. Independence/Composition. The Committee shall be comprised of not less than three members. The members of the Committee:

That the ISO Board of Governors approve the Compliance Program Policy included as Attachment A to this Memorandum.

INTERNAL AUDIT OF PROCUREMENT AND CONTRACTING

These guidelines describe how Hamilton College approaches the development, measurement and management of information security. Version 3.03.

Effective implementation of COSO s new anti-fraud guidance

Session 7: Corporate Governance

Medicare Compliance and Fraud, Waste and Abuse Detection and Prevention Program

Audit & Risk Committee Charter

We have come a long way!

CODE OF BUSINESS CONDUCT AND ETHICS. FRONTIER AIRLINES, INC. Adopted May 27, 2004

Compliance Program Full Self-Assessment Draft1

In Control: Getting Familiar with the New COSO Guidelines. CSMFO Monterey, California February 18, 2015

August 14, Dear Ms. Gula:

METHANEX CORPORATION CORPORATE GOVERNANCE PRINCIPLES

GENOME CANADA BOARD OF DIRECTORS ANNUAL QUESTIONNAIRE

BOARD OF DIRECTORS MANDATE

Prince William County Public Schools Annual Audit Plan

Code of Business Conduct and Ethics

Corporate Governance Statement. APN Property Group August 2017

ANNUAL CORPORATE GOVERNANCE STATEMENT 2015/16

Checklist for Higher Education

Fraud in focus March Fraud & Corruption in the Victorian Public Sector learnings and insight for 2017 and beyond

10/3/2013 MAPPING YOUR PROGRAM TO THE FEDERAL SENTENCING GUIDELINES FOR ORGANIZATIONS (FSGO) AGENDA HOW MUCH DO YOU KNOW ABOUT THE FSGO?

GOVERNANCE GUIDELINES OF THE NATIONAL ASSOCIATION OF CORPORATE DIRECTORS

KING III COMPLIANCE ANALYSIS

PRUDENTIAL FINANCIAL, INC. CORPORATE GOVERNANCE PRINCIPLES AND PRACTICES

JACOBS ENGINEERING GROUP INC. CORPORATE GOVERNANCE GUIDELINES

Whistleblowing policy

Fraud Risk Management

IMPLEMENTATION GUIDELINES FOR THE PRINCIPLES ON FREEDOM OF EXPRESSION AND PRIVACY

CODE OF BUSINESS CONDUCT PENN NATIONAL GAMING, INC.

TERMS OF REFERENCE OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

Board of Directors and Management Involvement in Consumer Compliance and Consumer Risk:

Mott Community College Job Description

Statement on Risk Management and Internal Control

GATU Webinar Part 1 March 2017 Presented by Carol Kraus, CPA

Southern Oregon University Internal Audit Plan Fiscal Year 2017

Your Guide to the Compliance Process

EXECUTIVE COMPENSATION

Benchmarking 101: Shaping your E&C Program for Maximum Value

ENTERPRISE RISK MANAGEMENT AND COMPLIANCE PROGRAM PROGRAM DESCRIPTION

GOVERNANCE AND HUMAN RESOURCES COMMITTEE TERMS OF REFERENCE

MPAC BOARD OF DIRECTORS MANDATE

Transcription:

Office of Compliance Program Report January 2012 - December 2014

Table of Contents Executive Summary... 1 Background... 1 Compliance Program Strategic Plan... 2 Risk Report and Progress... 3 Compliance Program Milestones... 4 Training and Awareness... 5 Compliance Program Metrics... 6, 7 Conclusion... 8

Executive Summary The Office of Compliance is responsible for overseeing, monitoring, and coordinating compliance matters for the College, including applicable county, state, and federal laws, regulations, and other requirements. The compliance office directs and advises College employees on compliance matters; facilitates communication and education efforts to ensure that the College community is aware and informed of pertinent laws and regulations; works in a collaborative manner toward resolution of heightened compliance risks; monitors the implementation of adequate internal controls and quality assurance processes to consistently meet requirements of the laws and regulations; and informs the president and senior leaders of the current status of compliance risk. The compliance office works with the College compliance risk owners to proactively prevent risk through prevention measures and to assist in the facilitation of risk resolution efforts when risk is at an unacceptably high level. The individual compliance risk owners are the compliance experts in their respective areas. The Office of Compliance coordinates and facilitates compliance risk management, particularly when there are multiple units involved, to assure the president and Board of Trustees that compliance risks are being addressed. Compliance to federal, state, and local laws and regulations is an institution wide responsibility that is shared among all members of the community. The communication, coordination, and high-level management of the regulatory compliance program is the responsibility of the compliance office. In 2012, 35 separate compliance risks were identified. Eighteen of these risks have been mitigated to an acceptable level through the collaborative efforts of the College risk owners. New risks have been identified with the existence of new laws or the increased enforcement of existing laws. The College compliance program is evolving to meet the trends in higher education laws and regulations. Additionally, the compliance office continues to optimally assist the College in reducing compliance risk levels. Background Higher education institutions are experiencing an increasing number of laws and regulations and a higher level of scrutiny and enforcement of those laws. This trend requires institutions to put effective means in place to manage the growing scope and scale of compliance requirements on local, state, and federal levels. To that end, President DeRionne Pollard created the Montgomery College Office of Compliance in 2011. The office reports directly to Dr. Pollard. It encourages and promotes ethical conduct and commitment to compliance with the law. The coordination of the College s regulatory compliance efforts is the responsibility of the Office of Compliance. The compliance office works routinely and closely with compliance risk owners across all College units and with the Office of General Counsel for legal advice and guidance. The office consists of Vicki Duggan, chief compliance officer; Julie Foster, compliance specialist and project manager; and Tonya Buscher, the administrative aide. 1 P age

Compliance Program Strategic Plan The Office of Compliance strategic plan is composed of two main elements: the development of the compliance program to reflect the federal sentencing guidelines that outline the elements considered necessary by the federal government to have an effective compliance program; and the work plan for managing compliance risk through projects, education and awareness efforts, policy development, and incorporating best practices in the College compliance program. All items on the compliance work plan are a result of a requirement to federal, state, or local laws or regulations. Schools offering financial aid to students through Title IV funding are required to adhere to federal laws governing higher education. The laws predominantly protect students: protect the value and integrity of their education, protect their safety while on campus, and protect them as consumers who invest in an education. To have an effective compliance program, an organization must establish and maintain an organizational culture that encourages ethical conduct and a commitment to compliance with the law and exercise due diligence to prevent and detect criminal conduct, US Federal Sentencing Guidelines 8B2.1 (a) (2). The federal sentencing guidelines for effective compliance programs include: 1. Specific individual(s) within the organization shall be delegated day-to-day operational responsibility for the compliance and ethics program. Individual(s) with operational responsibility shall report periodically on the effectiveness of the compliance and ethics program to high-level personnel and, as appropriate, to the governing authority, or an appropriate subgroup of the governing authority. To carry out such operational responsibility, such individual(s) shall be given adequate resources, appropriate authority, and direct access to the governing authority or an appropriate subgroup of the governing authority; 2. Written policies and procedures explain legal requirements so that employees understand their obligations and how to conform their behavior to meet them; 3. Internal compliance monitoring; 4. Response to detected offenses (including remediation of harm caused by criminal conduct) and corrective action plans (including assessment and modification of the compliance and ethics program); 5. Periodic risk assessments; 6. Training and education reasonable and practical steps must be taken to disseminate information about the organization s compliance program, its policies and processes; and share information appropriate to individuals' respective roles and responsibilities; 7. Lines of communication encourage managers and employees to report suspected fraud and other improprieties without fear of and with protection against retaliation; and, 8. Standards consistently enforced throughout the organization including rewards with incentives for compliance. Standards enforced through well-publicized disciplinary guidelines a Code of Conduct. The Office of Compliance is working toward a program that incorporates the guidelines. Efforts continue to complete the outstanding items. A workgroup, led by the College governance 2 P age

councils, are developing an employee code of conduct. The chief compliance officer expressed the institutional value of a code of conduct. Also, the chief compliance officer is seeking a reporting relationship between the compliance office and the Board of Trustees. The compliance work plan, to date, has been to gather and organize compliance data for relevant laws and regulations. The compliance data is used to clarify roles and responsibilities; develop systems and processes to identify, track, monitor, assess, and reduce compliance risk; and provide an assurance that the College will meet compliance requirements. There have been focused compliance risk reduction efforts in the areas of: IT Accessibility Protection of Minors Jeanne Clery Crime Reporting Act Violence Against Women Act (VAWA) Title IX Family Educational Rights and Privacy Act (FERPA) Higher Education Opportunity Act (HEOA) Americans with Disabilities Act (ADA) Payment Card Industry and Data Security Standards (PCI/DSS) Federal Grants Compliance Athletics Compliance (Title IX and NCJAA) Part of an effective compliance program is to proactively educate and build awareness of compliance requirements. Compliance training and awareness is an ongoing activity throughout each year and includes campus events, scheduled webinars, unit informational meetings, online training, and professional development for the compliance office personnel. The office shares information through routine communications, training sessions, awareness events, and newsletters to reach specific audiences. Risk Report and Progress The Office of Compliance maintains and tracks a compliance risk registry of the College s current compliance risks. The risks are assessed on scales of impact, the potential level of effect were the risk to occur, and probability, the likeliness that the risk will occur. Ongoing resolution efforts manage and reduce each risk, with greater focus and emphasis placed on the highest risk categories. Since the inception of the compliance office, 35 separate compliance risks have been identified.. Of the 35 risks, 18 are now mitigated to an acceptable level through the efforts of the College risk owners, with occasional support and coordination from the compliance office. 3 P age

Identify Compliance Risks Assess and Prioritize Inputs: Laws/Regulations Environment Unit Reviews New Processes College Leaders Assess each risk on a scale of impact and probability. Determine priorities for intensive risk mitigation efforts to reduce the highest risks. Monitor and Report Conduct ongoing risk assessments updates. Report and inform the president, senior leaders, and the Compliance Advisory Committee. Risk Mitigated to an Acceptable Level Compliance Program Milestones Over the past year, the Office of Compliance has implemented initiatives including protection of youth and IT accessibility. The Office of Compliance has also provided coordination or support for on-going compliance requirements such as Clery Act, Equity in Athletics Disclosure Act, and the Higher Education Opportunities Act. The office coordinates the distribution of required disclosures to students and employees. Protection of Minors The protection of minors on college campuses has emerged as a critical risk facing higher education institutions. This occurred in response to the Sandusky incident at Penn State University and broad institutional awareness that children are frequent visitors to college campuses every day. The Office of Compliance helped develop the Protection of Minors Policy, which was approved by the Board of Trustees in April 2014. An update to the accompanying procedure is expected in spring 2015. Once implemented, the program will include procedural changes, such as background checks for those with direct interaction with minors, a central registry of all youth-serving programs, and the creation of a youth protection coordinator position to oversee adherence to procedures. Good Faith Reporting Many higher education institutions have established reporting lines in support of their compliance goals. The federal sentencing guidelines provide an available means of confidential reporting within the organization including protection from retaliation for good faith reporting. In support of this initiative, the Office of Compliance developed the Reporting Suspected Fiscal Irregularities and Fraud with Whistleblower Protections policy and procedures. It was approved by the Board of Trustees in April 2014 and has been implemented through the internal audit office of the College. 4 P age

IT Accessibility Over the past five years, an increasing number of colleges and universities have been the target of lawsuits filed by disability rights organizations and students with disabilities regarding inaccessible technology resources and its segregating impact. Colleges and universities under investigation have been issued resolution agreements much broader than the original compliant scope. These institutions have had to ensure that their IT resources be made accessible to those with disabilities. Accessibility to IT resources is driving many colleges and universities to proactively provide accessible electronic resources. The Office of Compliance has led an IT accessibility initiative over the past two years that includes auditing web and multimedia accessibility levels, implementing a plan to increase the accessibility level of existing and future technology, providing training for creating accessible web resources and multimedia, increasing education and awareness efforts, and developing policy. This is anticipated to be a multiyear initiative with an ongoing effort to maintain levels and progress as new standards are implemented. Training and Awareness Training and awareness are critical components of an effective compliance program. College employees and students need to be aware of regulatory compliance expectations and how the law impacts them. Since its inception, the Office of Compliance has used several methods to create a more enlightened and knowledgeable community. Over the past two years during National Compliance Awareness Week, the compliance office hosted activities for both employees and students. The events have been held at all college locations at various times throughout the week. These activities have prompted students and employees throughout the College to build awareness and communicate compliance information. Events for College employees: Sessions during Staff Enrichment Day and Professional Week Compliance Matters workshops, an overview of the MC compliance program Sessions on ADA and accessibility offered through college professional development programs Specialized webinars on compliance topics for specific groups: Clery Act, Violence Against Women Act, Title IX, grants, and copyright Both students and employees are informed on matters of compliance through mandated disclosures. The Office of Compliance collaborates with the College risk owners to compose and distribute required disclosures. Many mandated disclosures are required annually; however, to adapt to the student population trends at Montgomery College, disclosures are sent in both the fall and spring semesters to assure employees and students receive required regulatory information. 5 P age

Compliance Office Outreach and Training Metrics FY 12-14 Ongoing training for the Office of Compliance staff is critical as the increasing number of laws and regulations impact higher education. The office staff participates in webinars, conferences, affinity groups, and self-initiated research. Information is also shared between compliance risk owners and the Office of Compliance as part of a compliance professional network. Compliance risk owners are the experts in their respective areas of compliance. Assuring the College community stays abreast of new and changing regulations and their impact is an essential duty of the College and a key responsibility of the compliance program. This requires an enterprise commitment to ongoing professional development and training in the area of compliance. Compliance Training and Outreach FY12 FY13 FY14 2,378 2,227 795 3 25 104 7 78 # of Outreach Presentations # of Outreach Recipients # Completed FERPA Training FY14 statistics are for July December only 6 P age

Compliance Meetings with Collegewide Units FY12 Compliance Unit Meetings FY14 Compliance Unit Meetings FY13 Compliance Unit Meetings 179 76 61 # of Meetings Office of Compliance Staff Development FY12 FY13 FY14 508 322 13 49 25 90 193 124 231 # of Classes # of Class Hours Total Staff Hours FY14 statistics are for July December only 7 P age

Conclusion The formal compliance program, administered through the compliance office, has been in place since January 2012. The program s initial goals have been met and the foundation pieces are now in place. College employees have demonstrated an understanding of the compliance office s purpose and activities. Many hours of compliance training have been delivered to the College s higher risk areas. Compliance risk owners are identified and their responsibilities are documented and distributed through data matrices and calendars. A collegewide compliance committee is in place, meets throughout the year, and represents broad representation of diverse College functions. The chief compliance officer has presented at a national conference of community college for legal issues and at a Maryland affinity group of community college leaders in technology (MCCTAB). Both the chief compliance officer and the compliance specialist earned the Certified Compliance and Ethics Professional (CCEP) credential in 2014. Work continues to determine how the office optimally works with specific units with significant compliance responsibilities, such as the Office of Human Resources and Strategic Talent Management, Office of Business Services, or Office of Facilities, to name a few. As the work level increases, the office seeks efficiency measures to respond to the increasing number of laws and regulations. A goal in 2015 is to implement an integrated data system to manage compliance data. A comprehensive compliance system would include automatic notifications, tracking of risk resolution plans, automation of risk assessment process, on-demand reporting, and dashboard displays. This goal may be satisfied in collaboration with future enterprise risk management initiative efforts at the College. The progress to date has been aided by support and buy-in from the College president and senior leaders. The senior College leaders continue to be an integral part of advancing the compliance program to a national best among community colleges. Many four-year institutions have compliance offices, but few, if any other community colleges, have formal compliance offices (NACUA study, 2014). The leadership support and tone at the top sends a message that promotes ethical and compliant behavior at the College. This is critical to reduce our future risk overall, particularly with regard to regulatory compliance. 8 P age

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback