How can a Compliance Program Save your Bacon?



In 2011 the Federal Sentencing Guidelines were revised to strengthen that due consideration be given to organizations found guilty of wrongdoing when an organization has a “reasonably effective compliance program”. This does not require that a compliance program be perfect, just that there is a great likelihood that a situation that is not caught likely would have been caught at some point in time because an organization has an internal audit and review process in place and the six other core elements expected of reasonably effective compliance program.

See organizations cannot go to jail, but the responsible persons of an organization can. When an organization and responsible persons are sentenced the courts, according to the Federal Sentencing Guidelines have to give consideration in cases where a reasonably effective compliance was in place at the time of the violation(s). If so, according to a series of calculations, have to give consideration, which can reduce fines and penalties by up to half.

The Federal Sentencing Guidelines set forth seven steps that are required "at a minimum". The steps include:

1.   The organization must establish standards and procedures to prevent and detect criminal conduct to be followed by its employees and other agents that are reasonably capable of reducing the prospect of criminal conduct.

2.   The organization's governing authority must be knowledgeable about the content and operation of the compliance and ethics program and must exercise reasonable oversight with respect to implementation and effectiveness of the program. Specific individual(s) within high-level personnel of the organization must be assigned overall responsibility to oversee compliance with such standards and procedures. Further, specific individual(s) within the organization must be delegated day-to-day operational responsibility for the compliance and ethics program. These specific individual(s) must be given adequate resources, appropriate authority, and direct access to governing authority. They must periodically report on the effectiveness of the compliance and ethics program to high-level personnel and the governing authority.

3.   The organization must use reasonable efforts not to include within the substantial authority personnel of the organization any individual who the organization knew, or should have known through the exercise of due diligence, has engaged in illegal activities or other conduct inconsistent with an effective compliance and ethics program.

4.   The organization must take reasonable steps to communicate effectively its standards and procedures to members of the governing authority, high-level personnel, substantial authority personnel, the organization's employees, and the organization's agents — for example, by requiring participation in training programs or by disseminating publications that explain in a practical manner what is required.

5.   The organization must take reasonable steps to achieve compliance with its standards — for example, by utilizing monitoring and auditing systems reasonably designed to detect criminal conduct by its employees and other agents, periodically evaluating the effectiveness of the compliance and ethics program, and by having in place and publicizing a reporting system whereby employees and other agents could report criminal conduct by others within the organization without fear of retribution.

6.  The standards must have been consistently promoted and enforced throughout the organization through appropriate incentives for employees to follow the compliance and ethics program and appropriate disciplinary mechanisms, including, as appropriate, discipline of individuals responsible for the failure to detect an offense. Adequate discipline of individuals responsible for an offense is a necessary component of enforcement; however, the form of discipline that will be appropriate will be case specific.

7.   After a criminal conduct has been detected, the organization must take reasonable steps to respond appropriately to the criminal conduct and to prevent further similar criminal conduct — including any necessary modifications to its compliance and ethics program.

If you read my previous article on the OIG recommended core elements for establishing a compliance program you will notice the similarity of the OIG recommendations and the FSGs, which are nearly identical, though they are listed in a different order. It is pretty clear the FSGs and OIG recommendations require that compliance programs be far more than mere lip service, a one-time ‘thing’ that providers ‘do’ and that they expect compliance to be of lifeblood importance to any organization to demonstrate its effectiveness.

I mentioned how FSGs can affect a criminal case. However, they are applicable outside a criminal action as well. We have heard of a number of civil cases that were settled for six and seven figures (one case proposed a settlement of $2.5 million). Now suppose the providers in those cases had reasonably effective compliance program in place during the time period from which their claims were called into question. If that were the case the dentists’ settlements could be up to half.

Do your own math and consider if this were to happen in your practice. Is it worthwhile to you to invest money in a compliance program as a preventive measure to minimize your risk of six and seven figure fines and penalties? Seems like a no-brainer!

I challenge you to liken a compliance program for your practice as an oil change and other preventive maintenance for your automobile. A little investment up front to save you from high expenses that can leave you stranded on the side of the road later.