Some COs Are at High Risk; ‘Will Their Hair Go on Fire When I Come in With My Toolkit?’

By Nina Youngstrom

Although compliance officers have access to an abundance of materials to help them identify risks facing their organizations—on the HHS Office of Inspector General (OIG) website and webinars, for example—there’s not as much help available to “understand what’s putting us at risk,” according to a compliance officer. They may want to take some steps to secure their own “safety net” especially now that some compliance officers are asked to sign certifications as part of corporate integrity agreements (CIAs) and corporate criminal fraud settlements.

“We are really good at protecting our colleagues, organizations and leadership from harm by putting our programs in place and being diligent,” said Regina Morano, chief legal and compliance officer at Premier Biotech LLC and executive regulatory and compliance counsel at Liles Parker PLLC. “But it’s time for us to put ourselves on the same level of concern and manage our own risks and our own careers and our own reputations.”

Compliance by definition is high risk because it’s designed to ward off fraud, waste and abuse and be a “culture builder,” Morano said at the Health Care Compliance Association’s Compliance Institute April 24. Even so, there are “high-risk environments.” Here are signs that a compliance officer may be at high risk:

  • The compliance officer is recruited to manage a company’s way through its CIA. It’s a red flag if organizations under a CIA continue to insist they didn’t do anything wrong a year or two into it. It’s one thing when you come in on the heels of the CIA “and folks are saying ‘we didn’t do anything wrong. We settled it because there’s wear and tear on the organization,’” but if leadership is singing the same song to the workforce much later, “you have to question whether your organization is at readiness level for building out and supporting the compliance program and moving the culture in the way you want to move.”

  • You’re recruited to help a company prepare for a merger or acquisition. “Either they haven’t had a compliance program until now or it’s time to upgrade because they want the company to look as good as possible,” she said.

  • The organization is upfront in disclosing the compliance program “has been deficient,” she said. Maybe the C-suite was swept out and a compliance program never got off the ground. As good as you are at setting up the essential elements of a compliance program and a compliance committee, “it takes a long time to change the culture of an organization, and in that respect, you are in a high-risk environment.”

  • You’re recruited to establish and run a compliance program for a start-up. Start-ups “have all these expressions: ‘we will build the plane while flying’ and ‘we all wear many hats.’ It’s just risky because the investment [in compliance] isn’t there. The knowledge isn’t there,” Morano said. “Typically, they’re new folks with dollar signs in their eyes. They’re not creating a start-up because they want to be the world’s most compliant organization.”

This document is only available to subscribers. Please log in or purchase access.
Purchase Login
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field

First name field cannot be blank!
Last name field cannot be blank!
We will send you an email that will give you access to this entire article.
Email field cannot be blank!
Enter a valid email!
Company field cannot be blank!
Enter a valid company!
Title field cannot be blank!

We're committed to your privacy. The Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA) uses the information you provide us to contact you about our relevant content, products, and services. For more information, check out our Privacy Policy.


About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook Twitter LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings