These comments reflect the government`s recognition that “there is no one-size-fits-all solution” and therefore there is no “good” compliance structure. It is important to note that the compliance structure adopted and implemented is “effective” and includes “measures to prevent, detect and correct non-compliance with CMS program requirements, as well as measures to prevent, detect and correct fraud, waste and abuse.”  The HCCA Compliance Institute 2021 included a session titled “The Roles of the Chief Compliance Officer and the General Counsel,” in which a speaker from the OIG stated that it is not advisable to subordinate compliance functions to the General Counsel. The spokesperson`s position was that an organization`s compliance officer and general counsel should have separate and equal roles. The speaker cited the Office of the Inspector General`s compliance program guidelines for Medicare + Choice organizations and the compliance program guidelines for home health agencies; both were published in the late 1990s, proving that the OIG has held this position for more than 20 years. The OIG`s institutional integrity agreements clearly underscore this position by including the following as standard wording: “The compliance officer shall be an employee and a member of senior management. and does not report to the Advocate General. (Emphasis added.) But the incentives a board creates to align the law and compliance with their respective goals – this is where things can get complicated when both functions are in the hands of one person. At best, others might misinterpret or misunderstand what the board and CEO are trying to achieve. In the worst-case scenario, the board and CEO could undermine their own ability to focus all stakeholders (employees, investors) on the primary task: achieving business objectives with appropriate attention to risk. “With the growing role of the CCO and the growing pressure for an independent voice in corporate governance, it`s probably best for most companies to separate the GC and CCO roles,” says Tanzer.
“However, this is not mandatory and each company needs to assess its own management structure and culture to determine what works best. www.bna.com/chief-legal-officers-n17179891712/ www.corporatecompliance.org/Portals/1/PDF/Resources/past_handouts/CEI/2008/601-3.pdf Perhaps for smaller organizations or organizations with more limited resources, combining compliance and legal is the only viable solution. But if the organization has the resources, there seems to be a better choice. According to CMS, the compliance officer “must have explicit authority to submit unfiltered personal reports to the proponent`s senior official without first being submitted. through operational management such as COO, CFO, GC. or other executives responsible for operational areas. To protect this authority, CMS argues that “best practices allow the compliance officer to participate in the executive session with the governing body [i.e. the Board].”  www.abajournal.com/news/article/pfizer_gc_loses_compliance_chief_role_under_2.3b_drug_marketing_settlement Just because the compliance function was located in the GC office does not mean that the [Chief Ethics and Compliance Officer] was also the GoC. Only about a quarter of those who said compliance was in the GC office also said that CECO was also the GC (26%). Is it because these problems do not occur as often? Or is it because big business believes that if they invest enough money in a problem, regulators will announce a solution and walk away? (Which is really another way of saying that bribery and compliance programs are just a cost of doing business.) Now, the preference, especially among large companies in highly regulated industries, is to separate this high-level position – and even the entire function set – as one realizes that compliance today “often includes issues that are far from legal or regulatory compliance,” such as business ethics, corporate values, and integrity.
Tanzer said. I do not know the answer to that question. But my intuition tells me that assigning compliance and legal functions to one person doesn`t help. At the same time, only 42.5% of respondents said business ethics reports were legal. And of the 57.5 percent who said business ethics is not legal, only 13 percent of that group said business ethics should be. Also look again at the 57.5% who don`t oversee the legal department and the vast majority of that group who don`t want to oversee it. My conclusion is that many general counsel don`t see business ethics as a source of urgent risk – or at least not so urgent that legal teams need to deal with it. Tip. As mentioned earlier, it is advisable that the Compliance Officer work with legal counsel to develop protocols that outline their respective duties and responsibilities, especially when investigating potential misconduct. Doing so in the run-up to conflict can prevent tensions and “territorial issues.” The demarcation, as described, should serve as the basis for such a document. For more information on the relationship between legal counsel and compliance officers, please contact Richard Kusserow at email@example.com. To be clear, neither the CMS regulations nor the CMS guidelines indicate that the mandated OCAC cannot be or be subordinate to the OCOL of an MA organization.
The CMS guidelines recognize that while an MA organization must “ensure that the Compliance Officer`s reports reach the senior management of [the organization] (usually the CEO or chairman)”, that “the direct reporting relationship between the Compliance Officer and senior management is about direct disclosure, not necessarily a prudential reporting relationship”; Therefore, the required direct reporting can be done “using a dotted line or matrix”.  DOJ and OIG: Compliance should be separate and independent of legal counsel. In the wake of changes to U.S. sentencing policies last year and a ruthless regulatory environment at the state and federal levels, companies are increasingly seeing value in compliance officer and general counsel jobs. Richard P. Kusserow founded Strategic Management Services, LLC after retiring from the DHHS Inspector General and has helped more than 2,000 healthcare organizations and facilities develop, implement, and evaluate compliance programs. Compliance is the process of meeting legal and regulatory requirements, industry standards, and community expectations. A business is compliant when it operates in accordance with legal and regulatory requirements, industry standards, and community expectations. Compliance experts often question whether it makes sense to separate a company`s legal and compliance positions.
For an example of how this question can get sticky, look no further than Cardinal Health. www.corporatecomplianceinsights.com/the-roles-of-general-counsel-and-chief-compliance-officers/ The federal government, through the Centers for Medicare & Medicaid Services (CMS), administers the Medicare Advantage (MA) program as an alternative way for Medicare beneficiaries to receive their Medicare health care benefits. In order to provide MA plans, CMS contracts with private health insurance companies. These insurance companies, called MA organizations, are required by applicable CMS regulations to implement and implement an effective compliance program. This Medicare regulatory mandate includes the appointment of a “compliance officer.” who reports directly to and reports directly to the Director-General of the Organization or other senior officials.  This is consistent with what I`ve seen on LinkedIn recently: a flood of people posting news about open compliance jobs at their companies. The exact titles vary widely, and yes, many of the job postings I see are compliance jobs that fall under the legal department – but the jobs are there. In such situations, Crist says, ensure that the company`s structures and processes allow the organization to benefit from both perspectives. “You need to make sure that the compliance officer has access not only to their immediate supervisor, but also to the board and the highest levels of management within the organization,” he says. A positive working relationship between the Compliance Officer and Legal Counsel is essential to maintaining an effective compliance program.
Their roles and objectives are different, but complementary. It is important that their roles and responsibilities do not overlap, as this can lead to the undesirable outcome of a “turf war”. There are certainly areas where the compliance officer should work without the direct involvement of legal counsel. However, there are other areas where legal advisors need to be involved, if they are not liable. Information about conflicting roles, duties, and responsibilities is a completely different topic for future blog posts. See also: compliance.com/blog/legal-counsel-versus-compliance-officer/ and compliance.com/publications/the-dynamic-duo-ensuring-partnership-between-legal-and-compliance/. But if Cardinal has multiple settlements for the same type of misconduct and the board gives Morford a bonus for “his significant leadership in advancing our regulatory and compliance programs in a rapidly changing regulatory landscape” (according to Cardinal`s 2014 proxy circular), what should investors think? The report recommends establishing clear “functional boundaries” for all of these departments in by-laws or other organizational documents, and establishing an expectation of cooperation and collaboration between them.