Sharon Parsley, JD, MBA, CHC, CHRC, is a health law attorney, compliance officer, author, speaker, investigator, and problem solver. She currently serves as the president and managing director of Quest Advisory Group, LLC. She has nearly 20 years of healthcare compliance and legal leadership experience, and she believes that mentorship and on-the-job training are critical to compliance professional success. This is the second article in her monthly series on compliance officer effectiveness for the YouCompli blog.
I have worked with many high functioning board committees where the members knew their oversight responsibilities and had excellent working knowledge of the compliance program. Those committee members were well informed about key compliance risks and issues. They came to meetings prepared to actively participate. And they could easily assess which issues are accompanied by material business, financial, legal, and reputational vulnerabilities. These committees provided meaningful oversight and feedback to the compliance team.
I’ve also seen committees that were not involved enough. In those cases, they tended to get only a perfunctory annual “dog and pony show” report of compliance program materials. This reduced the committee’s ability to fulfill its oversight obligations, ultimately putting the organization and the committee at risk.
Caremark: a cautionary tale
The 1996 Caremark case highlights the duty of care owed by a board in fulfilling its compliance oversight obligations. Caremark shareholders sued the board for a breach of its fiduciary duties. The primary allegation was that the board failed to make reasonable inquiry and take appropriate action to prevent (or at least detect) certain systemic compliance failures. The specific issues alleged involved inappropriate payments to physicians and improper billing to federal healthcare program payers.
The Caremark litigation was preceded by years of multi-state and federal investigation of the company, several officers and executives, and the board. After a four-year investigation, Caremark pled guilty to felony mail fraud, and entered into numerous settlement agreements with the Department of Justice. The organization paid approximately $250 million in damages. The aggregate legal and reputational injury to the company was surely many multiples of the damages amount paid.
The effective compliance officer’s role
We could say a lot about the individual board members and their motivations or lack thereof. But the longer I work in the field, the more I see Caremark as a cautionary tale for the Compliance team, too. The board requires support and buy-in for compliance at the senior leadership level and within other risk assurance functions. Without it, the board will be unlikely to take the program, its value, and the risks arising from an ineffective program seriously.
Compliance officers must continually campaign, sell, cajole, and persuade these stakeholder groups of the value compliance brings to the enterprise. Support from those groups makes a trusted partnership with the board considerably easier to establish.
Develop a trusted relationship with your board committee
We must help the committee understand compliance within the enterprise, to fulfill their oversight responsibilities. Here are ten ways you can help develop and maintain a trusted and transparent relationship with the committee.
- Understand your audience. Every committee has a unique composition and membership. In many non-profit settings, board seats are frequently held by affluent members of the community who can catalyze fundraising campaigns for the enterprise. In for-profit settings, board seats tend to be offered to influential current and retired business leaders from the local community. Are they accountants, lawyers, doctors, or CEOs? Learn about the composition of your committee to gain important insight about how to best communicate material and time-sensitive issues. How we present known or suspected issues, risks, and concerns will differ for the committee than how we might present those same issues to executive and operational leadership.
- Tailor all communication to your committee audience. Time allocated to compliance matters on a committee agenda may be limited and fixed. Ensure that whatever time you do have is optimized and well-supported by providing clear, efficient written materials in advance.
- Continually assess and improve your written meeting materials. Don’t send a 100+ page quarterly packet covering routine issues and program function. The committee will not have time to review and digest that much material. Ability to discern what your board really needs to know about is imperative. Solicit committee feedback regularly and attempt to get information about which topics are likely to be discussed in depth during the meeting.
- Ask the committee about reporting frequency and urgency. Work with them to decide which issues warrant immediate reporting, routine reporting, or no reporting at all. Some larger enterprises create a committee issue reporting matrix and processes to support reporting. While you can’t anticipate every possible issue, having a framework might help you decide how to handle the outliers when they come up. Ultimately you can avoid putting your committee in the uncomfortable position of finding out about an issue or incident from the local news. These are not people who want to be surprised, and they can better help you with your work to remediate the issue if they hear from you first.
- Be intentional about onboarding new compliance committee members. Develop committee onboarding materials to help orient new committee members to their program oversight obligations, material open issues, and the way the committee and you work together. Even better: meet with them in person to deliver the training. Solicit feedback about the onboarding material and refine as needed.
- Know the committee’s strengths. Perform a periodic skills inventory to help assess their collective compliance knowledge and ability to effectuate their oversight responsibilities. Use the skill inventory as a benchmark to tailor ongoing compliance education.
- Attend Board retreats. If you can, carve out time with your board committee. Use that time to educate the committee on current events, enforcement trends, and industry-wide or enterprise-specific risks.
- Survey your committee. You may need permission for this one! Gather information about preferred communication methods and frequencies; and topics that the members have an interest in learning about. Find out how written materials are being received.
- Meet with the committee chairperson regularly. Build your relationship with the chair when things are going smoothly via routine coffees or teleconferences. It is infinitely more difficult for a compliance officer to build trust and confidence when the “sky is falling” than it is when things are going well. Use those conversations to highlight what is working well about the compliance program and strengths and weaknesses of the compliance team. Discuss the resources available and any obvious future resource needs.
- Have scheduled executive sessions with only the committee present. A short minute executive session can highlight new initiatives and significant programmatic accomplishments. Hold the meeting even when there are no material issues that require discussion outside of the presence of executive and operational leaders. Sell yourself and your strategic plan for compliance so they view you as a trusted advisor when things, as they inevitably will, go wrong.
I know what you’re thinking: you can’t control other people and their priorities and behavior. I agree. But we can influence the ways they see their role, and we can equip them to do their job the way we need them to do it. Like any important interpersonal relationship, building a good rapport with your board takes constant care and feeding.
Investing your time and attention here can create meaningful results including
- program support
- counsel and oversight
- meetings that are well run and impactful
- more frequent informal communication
- increased transparency
In an upcoming article I’ll write about ways to make your approach to regulatory change management across the organization more efficient. A scalable, repeatable approach to regulatory change management can help free up time for the approaches I’m recommending here. Fill out the form below to offer suggestions for this upcoming article.
Sharon Parsley and the team at YouCompli believe that effective regulatory change management includes expertise, process, and skills for influence. YouCompli can help with your process – freeing up time for you to focus on relationships, influence, and impact. Learn more.