Research Compliance Structures: Assessing the Effectiveness of Your Institution s Program

Transcription

1 Research Compliance Structures: Assessing the Effectiveness of Your Institution s Program 2014 Research Services Summer Webinar Series June 25, 2014 YOUR MISSION OUR SOLUTIONS Huron Consulting Group Inc. All Rights Reserved. Huron is a management consulting firm and not a CPA firm, and does not provide attest services, audits, or other engagements in accordance with the AICPA's Statements on Auditing Standards. Huron is not a law firm; it does not offer, and is not authorized to provide, legal advice or counseling in any jurisdiction.

2 Agenda TODAY S SESSION WILL INCLUDE THE FOLLOWING TOPICS. Current research compliance environment Effective structures and programs Sample models for compliance Compliance focus topics 2

3 Today s Speakers Leah Guidry Managing Director Huron Consulting Group [email protected] (202) Anne Sullivan Senior Director Huron Consulting Group [email protected] (312)

4 Current Research Compliance Environment

5 Current Research Compliance Environment PERSPECTIVE ON THE CURRENT INDUSTRY LANDSCAPE Research compliance impacts: Academic Medical Centers Cancer Centers Healthcare Systems with Research Research Institutes Universities General themes in today s landscape: Relative youth of research compliance in university settings Tendency to conflate operational structures with research compliance (e.g., IRB, IACUC, Sponsored Programs) Need for independent, objective oversight of all of the research functions 5

6 Current Research Compliance Environment PERSPECTIVE ON THE CURRENT INDUSTRY LANDSCAPE The research administration environment grows increasingly complex with changing regulations, inconsistencies among agencies, lack of information (meaningful and timely reports), thus generating more risk than institutions recognize. There remains a vast disconnect between: The award environment, during which the funding agency and the PI focus primarily on the research itself The degree of flexibility that is perceived to exist while the research is being conducted The audit environment when an award is closed and subsequent audits take place Current environment will likely place increased emphasis on accountability during a time when many institutions are faced with significant financial pressures and pressures to reduce staff. 6

7 Current Research Compliance Environment COMPLEXITY AND DIVERSITY Complexity is found in research and fiscal areas and in the diversity of constituents: Research & Fiscal Areas Genomics Stem cell research Clinical trials Technology transfer Faculty owned start-ups University equity interests Conflict of interest International collaborations Interdisciplinary research Subcontracts Human subject protections Electronic payment Grants.gov Cost accounting standards Constituents Investigators, research assistants, staff, technicians Students, grad students, parents of students Board members, taxpayers Federal agencies, external auditors Suppliers, donors, corporate sponsors, investors Human subjects, advocacy groups (PETA, etc.) University administration, college and departmental administration 7

8 Receivables in Billions Current Research Compliance Environment REGULATORY ENVIRONMENT Regulatory Trends: Recoveries from federal investigations/audits are significant and receivables resulting from penalties increased in recent years. In FY 2013, OIG reported $5.8 billion in financial penalties resulting from federal audits and investigations consisting of: $850 million in audit receivables $5 billion in investigative receivables Additionally, in the first half of FY 2013, the number of annual criminal actions against individuals or entities totaled 960 and 472 civil actions. These civil actions include false claims, civil monetary penalties, and administrative recoveries. $8.0 $7.0 $6.0 $5.0 $4.0 $3.0 $2.0 $1.0 $- Investigative Receivables by Fiscal Year $6.9 $5.0 $4.6 $4.0 $3.8 $ Fiscal Year Source: Department of Health and Human Services Office of the Inspector General Semiannual Report to Congress

9 Current Research Compliance Environment CONSEQUENCES OF NON-COMPLIANCE Exceptional status of awards Suspension/termination of award Special terms and conditions of award Greatly reduced flexibility in the management of federally provided resources Negative publicity Large financial settlements Audit findings Disallowance of costs Significant difficulty negotiating F&A rates Extrapolation to additional grants 9

10 Current Research Compliance Environment AREAS OF CURRENT COMPLIANCE EMPHASIS This widespread, yet non-exhaustive, list of diverging fiscal and regulatory compliance issues creates a complex charge for the research compliance program at an institution. Financial Cost Transfers Cost Sharing Effort Reporting Extra Service Compensation Clinical Trial Billing Direct Charging Practices Equipment Claims Financial Reporting Other Support Recharge Centers Program Income Reporting Unallowable Costs Regulatory Animal Subject Protections (IACUC) Human Subject Protections (IRB) Conflicts of Interest Data Management Environmental Health & Safety Export Controls HIPAA Privacy Laws Invention Disclosures and Reporting Responsible Conduct of Research Scientific Overlap Scientific Misconduct Sub-Recipient Monitoring 10

11 Poll #1: Does your institution have a designated research compliance program? Yes, independent program Yes, part of healthcare compliance No No, but being considered Do not know 11

12 Effective Structures and Programs

13 Effective Structures and Programs BENEFITS OF AN EFFECTIVE COMPLIANCE PROGRAM A proactive approach to creating a compliance program will allow an institution to manage its compliance risk without imposing unnecessary constraints on the institution s operations Strong compliance programs benefit research institutions by reducing the risk of significant non-compliance Compliance programs reduce the negative impact of having noncompliance discovered by regulators or funding agencies The accountability, clarity, and information requirements of a strong compliance program are often beneficial in terms of institutional management 13

14 Effective Structures and Programs KEY ELEMENTS OF EFFECTIVE COMPLIANCE PROGRAMS In 2005, the DHHS Office of the Inspector General (OIG) issued a draft Compliance Guidance with the following eight elements considered as necessary for a comprehensive compliance program*. 8 Elements 1. Compliance Leadership 2. Policies and Procedures 3. Training 4. Communication 5. Monitoring 6. Enforcement 7. Corrective Response 8. Roles and Responsibilities 14 * for research awards from the National Institutes of Health (NIH) and other agencies of the US Public Health Service (PHS)

15 Effective Structures and Programs KEY ELEMENTS OF EFFECTIVE COMPLIANCE PROGRAMS 8 Elements How Institutions Should Respond Compliance Leadership: Designating a compliance officer and compliance oversight committees Policies and Procedures: Implementing written policies and procedures that foster an institutional commitment to stewardship and compliance Training: Conducting effective training and education Communication: Developing effective lines of communication Monitoring: Conducting internal monitoring, quality review, auditing, and assurance Enforcement: Enforcing standards through wellpublicized disciplinary guidelines Corrective Response: Responding promptly to detected problems, undertaking corrective action, and reporting to the appropriate agencies Roles and Responsibilities: Defining roles and responsibilities across the institution and assigning oversight responsibility Adequate institutional and Board-level oversight of the compliance function Designation of a compliance officer with appropriate level of authority with direct access to the governing body Explicit written policies, institutional codes of ethics and conduct Training programs supported by leadership Adoption of adequate procedures, resources, and systems to permit compliance Maintenance of a process to allow anonymous reporting of alleged non-compliance Protection of employees who file reports Regular monitoring and quality review audits to test compliance with mechanisms to enforce rules, take corrective action and communicate results Clearly define roles for all personnel involved in federally sponsored research 15

16 Effective Structures and Programs SIZE AND STRUCTURE Structure Define the scope of the research portfolio and the scope of the research compliance program o o Identify which compliance areas should have their own compliance infrastructure (financial and/or regulatory) Establish segregation or integration of health care compliance from research compliance Document roles and responsibilities delineating tasks and authority across functional lines o Resources For research programs with narrow scope or volume, define rules of engagement for referrals to other related oversight areas Develop tools to support the technical, financial and compliance operations o Trained and knowledgeable personnel regarding when to escalate issues Evaluate and make priority-based decisions on financial investment in research and build an overall research strategy 16

17 Effective Structures and Programs ASSESSING YOUR COMPLIANCE ENVIRONMENT What can institutions do to minimize their risk in each of these areas and ensure they are doing everything they can to remain in compliance? The right types of internal controls will help you and your institution mitigate risk. 17

18 Effective Structures and Programs ASSESSING YOUR COMPLIANCE ENVIRONMENT Issues to Consider: History and culture of the institution, barriers to change, mission and vision Commitment of institution s leadership to invest in improvement and champion change initiatives Effective mechanisms for internal controls across organizational units Optimization of information flow within and between compliance, administration and operating units Staffing levels, roles, responsibilities & delegated authorities Revamping policies & procedures Training & education for compliance Desired level of service and delivery of superior customer service while maintaining an appropriate level of compliance Coordinated and focused change by capitalizing on strengths and improving areas needing attention 18

19 Effective Structures and Programs SCORECARD FOR COMPLIANCE 19

20 Effective Structures and Programs SCORECARD FOR COMPLIANCE (CONT.) 20

21 Sample Models for Compliance

22 Sample Models for Compliance PROGRAM MODELS Low Centralization of Roles & Responsibilities High Dispersed High Oversight & Attention to Compliance Activities Potential for COI Concentrated Low Model 1: Decentralized Compliance functions may exist but are embedded in the local areas - defined by organization i.e., school, department, etc. Roles & responsibilities sometimes filled by Administrators or assigned to Deans or Directors in Schools causing potential COI Tasks spread across personnel Model 2: Hybrid Compliance functions at campus/school level who have primary compliance oversight and QA roles Oversight by an institutionwide Compliance Officer (Staffing in central office is low) Local officers report to central Compliance with dotted line to executive leadership at local level Model 3: Centralized Central compliance responsibility over activities of campuses/schools Roles & responsibilities are clear and focused Tasks concentrated in personnel responsible for broader terrain 22

23 Sample Models for Compliance FRAMEWORK FOR COMPARING MODELS S T R E N G T H S W E A K N E S S E S Decentralized Centralized Hybrid Traditional structure, wellunderstood in higher education Oversight by the areas that are closely aligned with primary functions/viewed as part of the team Can ensure appropriate controls and compliance as its more closely connected w/ operations function High possibility of COI and role confusion Potential for gaps in communication Potential for duplication in efforts Enables increased communication Less possibility for duplication of effort Strong leadership presence that allows for consistency across the University/system Clarity of role and tasks that minimizes potential for COI Potential for being viewed as out of touch and/or playing into the us vs. them mentality Potential risk for compliance issues not being escalated in timely fashion requires heightened auditing and monitoring Allows for customization for the best fit Capitalizes on the best of both worlds Potential for less of a focus on services and more of a focus on compliance thus being viewed as an outsider Potential risk for jurisdiction and management conflicts 23

24 Sample Models for Compliance SAMPLE KEY ELEMENT: COMPLIANCE LEADERSHIP Common oversights: No compliance officer or one that lacks a position of authority Compliance roles and responsibilities are separated among several individuals who do not coordinate their activities Compliance officer is not supported by adequate number and diversification of staff Best practices: Compliance Officer who has broad responsibility for compliance and reports directly to leadership/governing authority Compliance Committee consisting of senior administration staff that support the Compliance Officer Separation of responsibilities for different types of compliance e.g. research compliance versus health care compliance 24

25 Sample Models for Compliance SAMPLE KEY ELEMENT: COMPLIANCE LEADERSHIP A Comprehensive Research Compliance Office would: Raise campus awareness of research compliance and how/where to report issues or suspected wrong-doing Elevate the crucial role of compliance monitoring/oversight Provide comprehensive, mandatory compliance training for PIs and staff while monitoring the effectiveness of the training Increase operational efficiencies in research administration and lower institutional research compliance risk Clarify roles and responsibilities for faculty and staff who undertake tasks and duties that fall within the scope of research compliance Organize and consolidate the elements of effective compliance programs and bridge compliance services more directly to participating faculty members Enable a higher degree of research compliance program evaluation, quality assurance, training, and education for faculty and staff 25 25

26 Poll #2: If you have a research compliance program, where does the office report? President A VP Provost or VP for Academic Affairs Chief/Corporate General Counsel Internal Audit None of the Compliance above Office 26

27 Sample Models for Compliance This organizational structure consolidates oversight for research compliance functions within a single office under the VPR: Provost and Vice President for Academic Affairs Vice President for Health Sciences Vice President for Research Senior Vice President for Finance Associate Vice President for Research Compliance Compliance Oversight & Coordination Research Subjects Protection Research Education and Training Responsible Conduct of Research Conflict of Interest Financial Compliance Compliance Monitoring, QA/QR Research Compliance Program Development: Establish program and performance standards Clarify and communicate R&Rs Monitor national trends and regulations Establish University-wide policies outlined in compliance program Facilitation & Faculty Support Amplify research subject advocacy Coordinate education and training opportunities Quality Assurance & Review Conduct monitoring activities as defined in R&Rs Perform quality reviews Substantiate quality assurance 27 27

28 Sample Models for Compliance DAY-TO-DAY OVERSIGHT It is important to distinguish day-to-day oversight for research compliance versus day-to-day operations. Depending on research volume and diversity, the responsible individuals for compliance oversight may be the following: 28

29 Compliance Focus Topics

30 Compliance Focus Topics HOT TOPICS IN 2014 Regulatory Financial OMB Uniform Guidance Export Controls Intellectual Property/Patents Investigator Administrative Workload Clinical Trial Disclosure Requirements Clinical Research Billing NSF Data Analytic Audits DHHS/NIH Subaccounting and Closeouts 30

31 Questions?