On April 30, 2019, the U.S. Department of Justice (“DOJ”) released an updated version of is guidance known as “The Evaluation of Corporate Compliance Programs” (“2019 Guidance Document”). This document provides actionable guidance for health care providers seeking to assess and enhance their compliance programs. The DOJ’s updates emphasize the government’s view that not only the design but also the implementation and effectiveness of a corporation’s compliance program are important when determining potential resolutions and sanctions for alleged misconduct. In the event of a government investigation, providers who design, implement and continually evaluate and improve their compliance programs are more likely to receive favorable consideration for purposes of negotiating appropriate resolutions, monetary penalties and compliance obligations.
The DOJ released the first version of the Guidance Document in February 2017 (“2017 Guidance”). The 2017 Guidance provided commentary and context to specific considerations known as the “Filip Factors,” which prosecutors and investigating attorneys consider when conducting an investigation of a corporation and determining whether to bring charges or negotiate a plea or other agreements. The 2017 Guidance directed federal attorneys and investigators to ask pointed questions regarding how the organization prepared for, investigated and responded to noncompliant practices when evaluating corporate compliance programs. These questions were organized around key considerations such as: (i) the existence of compliance policies and procedures; (ii) the autonomy and resources available to the compliance program; and (iii) the organization’s conduct in analyzing and remediating identified misconduct. Hall Render’s analysis of the 2017 Guidance is available here. In contrast with the 2019 Guidance Document, the 2017 Guidance placed significantly more emphasis on the design of a corporation’s compliance program.
Increased Focus on Implementation and Effectiveness
The 2019 Guidance Document directs prosecutors and investigating attorneys to expand their view, focusing not just on the design but also the implementation and effectiveness of a corporation’s compliance program. The 2019 Guidance Document is organized around three central questions:
- Is the corporation’s compliance program well designed?
- Is the compliance program being applied earnestly and in good faith? In other words, is the compliance program being implemented effectively?
- Does the corporation’s compliance program work in practice?
The 2019 Guidance Document represents an evolution from the 2017 Guidance. In fact, most of the content of the 2017 Guidance is found under the 2019 Guidance Document’s commentary on the first question—whether the compliance program is well designed. Notably, the DOJ significantly updated its guidance regarding the management of third-party arrangements, instructing investigators to analyze whether the organization “has ensured that contract terms with third parties specifically describe the services to be performed, that the third party is actually performing the work, and that its compensation is commensurate with the work being provided in that industry and geographical region.” This guidance is particularly relevant in the highly regulated health care industry.
In evaluating the second question—whether the compliance program is being implemented effectively—prosecutors and investigating attorneys are directed to ask whether a corporation’s compliance program is a “paper program or one implemented, reviewed, and revised, as appropriate, in an effective manner.” Investigators are also directed to determine “whether the corporation’s employees are adequately informed about the compliance program and are convinced of the corporation’s commitment to it.” In answering these questions, investigators are to consider: (i) whether senior and middle management are visibly committed to compliance; (ii) whether the compliance function is appropriately structured, funded and empowered to perform its duties; and (iii) whether the organization has established and enforced incentives and disciplinary measures to encourage compliance and discourage noncompliant behaviors.
When evaluating the third question—whether the corporation’s compliance program works in practice—prosecutors and investigating attorneys must consider whether the compliance program was working effectively at the time the alleged misconduct occurred. The DOJ acknowledges that the existence of misconduct does not, by itself, mean that a compliance program did not work or was ineffective at the time of the offense. When misconduct is identified, timely remediation and self-reporting are strong indicators of an effective compliance program. Additionally, investigators should consider whether a compliance program evolved in light of past misconduct, including whether the organization conducted a bona fide root cause analysis and made changes to prevent similar misconduct from occurring in the future. Investigators will also consider whether the organization engages in proactive auditing and monitoring of its operations and whether it adequately investigates issues that are brought to its attention.
The 2019 Guidance Document serves as a reminder that an effective compliance program can be a strong defense when misconduct occurs inside a health care organization. Its message is consistent with other indications from the DOJ, the Office of Inspector General and other government actors that a “paper only” compliance program is insufficient. The DOJ’s expanded focus on the implementation and effectiveness of a compliance program signals that providers who take a hands-on, good faith and active approach to compliance will be in a better position in the event a government investigation occurs. The 2019 Guidance Document also emphasizes the importance of regularly reviewing and improving upon an existing compliance program. By significantly expanding on the 2017 Guidance, the 2019 Guidance Document gives providers additional opportunities to demonstrate that the organization’s compliance program operated effectively, potentially leading to more favorable settlements and reduced sanctions.
If you have any questions, or if you would like additional information about this topic or to schedule a compliance program review, please contact:
- Scott Taebel at (414) 721-0445 or email@example.com;
- Katherine Kuchan at (414) 721-0479 or firstname.lastname@example.org;
- Ritu Kaur Cooper at (202) 370-9584 or email@example.com;
- Patrick Garcia at (443) 951-7043 or firstname.lastname@example.org;
- James Junger at (414) 721-0922 or email@example.com; or
- Your regular Hall Render attorney.