SCCE Higher Education Compliance Conference
SCCE HIGHER EDUCATION COMPLIANCE
CONFERENCE
Austin, TX
Sunday May 31, 2015 – Session P2
CHALLENGING! EXCITING?
REESTABLISHING THE COMPLIANCE AND
ETHICS PROGRAM
Sonal Shah, CPA, MSPA, CHC
Senior Director, Compliance and Ethics
Stanford
Office of Audit,
Compliance and Privacy
Stanford
Office of Audit,
Compliance and Privacy
COMPLIANCE…
2
1
SCCE Higher Education Compliance Conference
YESTERDAY…
3
Stanford
Office of Audit,
Compliance and Privacy
Stanford
Office of Audit,
Compliance and Privacy
TOMORROW…
4
2
SCCE Higher Education Compliance Conference
YESTERDAY…
5
Stanford
Office of Audit,
Compliance and Privacy
Stanford
Office of Audit,
Compliance and Privacy
TOMORROW…
6
3
SCCE Higher Education Compliance Conference
Stanford
7
Office of Audit,
Compliance and Privacy
SONAL SHAH - BIOGRAPHY
 Responsible for:
 Accounting, Internal Audit, Compliance, Ethics,
Privacy, Risk, Conflict of Interest, Enterprise Risk
Management, Investigations…
 Organizations:
 Aetna, Yale New Haven Health Services, Landmark
Medical Center, Tufts Medical Center, Hartford
HealthCare, Harvard School of Dental Medicine…
 Currently at Stanford University
 Senior Director, Compliance and Ethics
8
Stanford
Office of Audit,
Compliance and Privacy
4
SCCE Higher Education Compliance Conference
Stanford
9
Office of Audit,
Compliance and Privacy
REESTABLISHING
THE COMPLIANCE AND ETHICS PROGRAM
 Strengthening the Foundation
– The Seven Elements
 Reinforcing The Pillars
– The 4 Committees
 Reconditioning The Roof
– Tone at the Top, and
– 5 Values
10
Stanford
Office of Audit,
Compliance and Privacy
5
SCCE Higher Education Compliance Conference
MISSION
TO PROVIDE INDEPENDENT, OBJECTIVE ASSURANCE,
CONSULTING AND INVESTIGATIVE SERVICES DESIGNED TO
ADD VALUE AND IMPROVE OPERATIONS.
______________________________________
Assurance
Services
Consulting
Services
Investigative
Services
A
C
P
Stanford
11
Office of Audit,
Compliance and Privacy
VISION
TO BE A VALUED PARTNER AND ADVISOR TO
MANAGEMENT, FACULTY AND THE AUDIT AND
COMPLIANCE COMMITTEE
_______________________________________________________________________________________________
 CHARTER
– THE
AUDIT AND COMPLIANCE COMMITTEE
 CHARTER
– COMPLIANCE AND ETHICS PROGRAM
12
Stanford
Office of Audit,
Compliance and Privacy
6
SCCE Higher Education Compliance Conference
SENIOR MANAGEMENT’S PRIORITIES
_______________________________________________________________________________________________
 BALANCED SCORE CARD OBJECTIVES
 GOALS
 DIRECTIVES
 BIG 5
 TOP 10
Stanford
13
Office of Audit,
Compliance and Privacy
LISTING OF RISKS
_______________________________________________________________________________________________
 ENTERPRISE RISKS
• RISK MATRIX, RISK PROFILES
 COMPLIANCE RISKS
• RISK LIST, DATA COLLECTION FORMS
14
Stanford
Office of Audit,
Compliance and Privacy
7
SCCE Higher Education Compliance Conference
ORGANIZATION CHART
 Pictorial Representation
 Reporting Structure
 Functionally, Administratively
Stanford
15
Office of Audit,
Compliance and Privacy
ASSESSING STAFFING REQUIREMENTS
1. Qualifications/Skill Sets
2. Number of Staff
3. Attitude/Mindset
16
Stanford
Office of Audit,
Compliance and Privacy
8
SCCE Higher Education Compliance Conference
THE FY 20__ COMPLIANCE WORK PLAN
17
Stanford
Office of Audit,
Compliance and Privacy
STRENGTHENING THE FOUNDATION
THE SEVEN (7) ELEMENTS
18
Stanford
Office of Audit,
Compliance and Privacy
9
SCCE Higher Education Compliance Conference
MISSION – TO ENHANCE COMPLIANCE
ACROSS THE UNIVERSITY
FOLLOW
“ BEST BUSINESS PRACTICES” AND
THE FEDERAL SENTENCING GUIDELINES
19
Stanford
Office of Audit,
Compliance and Privacy
Stanford
Office of Audit,
Compliance and Privacy
THE FIRST ELEMENT
STANDARDS
20
AND
PROCEDURES
10
SCCE Higher Education Compliance Conference
THE SECOND ELEMENT
GOVERNANCE,
ORGANIZATION AND
REPORTING
COMPLIANCE OFFICER, COMPLIANCE COMMITTEE
Stanford
21
Office of Audit,
Compliance and Privacy
THE SECOND ELEMENT, CONTD…
ONLY ENGAGE PERSONNEL
IN APPROPRIATE CONDUCT
22
WHO HAVE
ENGAGED
Stanford
Office of Audit,
Compliance and Privacy
11
SCCE Higher Education Compliance Conference
THE THIRD ELEMENT
TRAINING
AND
EDUCATION
23
Stanford
Office of Audit,
Compliance and Privacy
Stanford
Office of Audit,
Compliance and Privacy
THE FOURTH ELEMENT
MONITORING
24
AND
AUDITING
12
SCCE Higher Education Compliance Conference
THE FOURTH ELEMENT, CONTD…
ASSESSING RISK
Stanford
25
Office of Audit,
Compliance and Privacy
THE FIFTH ELEMENT
REPORTING AND INVESTIGATING
IF YOU HAVE A CONCERN…
_______________________________________________
A
C
P
26
Stanford
Office of Audit,
Compliance and Privacy
13
SCCE Higher Education Compliance Conference
COMPLIANCE AND ETHICS HELPLINE
MEMBERS OF THE STANFORD COMMUNITY
FACULTY, STAFF, STUDENTS, CONSULTANTS, VENDORS, CONTRACTORS AND
VOLUNTEERS
A
LL RESPONSIBLE AND ACCOUNTABLE - TO SUPPORT STANFORD’S MISSION
__________________________________________________________
______
REPORTING AVENUES: IF YOU SEE SOMETHING, SAY SOMETHING
•
•
•
•
SUPERVISOR OR OTHER MANAGEMENT PERSONNEL
HUMAN RESOURCES
OFFICE OF THE GENERAL COUNSEL
OFFICE OF THE OMBUDSMAN
•
COMPLIANCE AND ETHICS HELPLINE
ACP
o
o
CONFIDENTIAL OR ANONYMOUS
NON-RETALIATION POLICY
650-721-2667
COMPLIANCE@STANFORD.EDU
HELPLINE.STANFORD.EDU (WEB FORM)
Stanford
27
Office of Audit,
Compliance and Privacy
THE SIXTH ELEMENT
CONSISTENT ENFORCEMENT
DISCIPLINE
28
AND
APPROPRIATE
Stanford
Office of Audit,
Compliance and Privacy
14
SCCE Higher Education Compliance Conference
THE SEVENTH ELEMENT
RESPONDING TO NON-COMPLIANCE AND
MODIFYING THE PROGRAM AS NECESSARY
29
Stanford
Office of Audit,
Compliance and Privacy
REINFORCING THE PILLARS
THE FOUR (4) COMMITTEES
30
Stanford
Office of Audit,
Compliance and Privacy
15
SCCE Higher Education Compliance Conference
REINFORCING THE PILLARS
THE 4 COMMITTEES
T HE A UDIT AND C OMPLIANCE
C OMMITTEE OF
THE B OARD OF T RUSTEES
31
Stanford
Office of Audit,
Compliance and Privacy
REINFORCING THE PILLARS
THE 4 COMMITTEES
T HE C ABINET
(S ENIOR M ANAGEMENT G ROUP )
32
Stanford
Office of Audit,
Compliance and Privacy
16
SCCE Higher Education Compliance Conference
REINFORCING THE PILLARS
THE 4 COMMITTEES
T HE C OMPLIANCE AND E THICS
S TEERING C OMMITTEE
33
Stanford
Office of Audit,
Compliance and Privacy
REINFORCING THE PILLARS
THE 4 COMMITTEES
T HE C OMPLIANCE AND E THICS
O FFICERS N ETWORK
34
Stanford
Office of Audit,
Compliance and Privacy
17
SCCE Higher Education Compliance Conference
REINFORCING THE PILLARS…
MORE THAN JUST COMMITTEES
STAFF MEETINGS
T HE S ENIOR S TAFF M EETING
T HE M ONTHLY S TAFF M EETING
__________________________________
S TA F F M E E T I N G
APRIL 21, 2015
9 : 3 0 AM – 11 : 3 0 AM
AGENDA
Stanford
35
Office of Audit,
Compliance and Privacy
REINFORCING THE PILLARS…
MORE THAN JUST COMMITTEES
COLLABORATION, REACHING OUT
1.
2.
3.
4.
5.
THE OFFICE OF THE GENERAL COUNSEL
HUMAN RESOURCES
RESEARCH COMPLIANCE
PRIVACY
INFORMATION SERVICES/INFORMATION
SECURITY
6. FINANCIAL MANAGEMENT SERVICES
7. UNIVERSITY COMMUNICATIONS
36
Stanford
Office of Audit,
Compliance and Privacy
18
SCCE Higher Education Compliance Conference
REINFORCING THE PILLARS…
MORE THAN JUST COMMITTEES
COLLABORATION, REACHING OUT
1.
2.
3.
4.
5.
37
THE DEAN OF THE SCHOOL OF MEDICINE
THE PROVOST’S OFFICE
THE REGISTRAR’S OFFICE
THE TITLE IX OFFICE
ENVIRONMENTAL AND HEALTH SERVICES
Stanford
Office of Audit,
Compliance and Privacy
RECONDITIONING THE ROOF
THE TONE AT THE TOP, and
FIVE (5) VALUES
38
Stanford
Office of Audit,
Compliance and Privacy
19
SCCE Higher Education Compliance Conference
RECONDITIONING THE ROOF
TONE AT THE TOP
As a
member of the
Stanford University
c o m m u n i t y, e a c h o f u s i s
responsible for maintaining
the highest ethical standards
and performing activities with
the utmost integrity and
fairness.”
– J o h n H e n n e s s y, P r e s i d e n t
Stanford
39
Office of Audit,
Compliance and Privacy
RECONDITIONING THE ROOF
TONE AT THE TOP AND 5 VALUES
T RUST
40
Stanford
Office of Audit,
Compliance and Privacy
20
SCCE Higher Education Compliance Conference
RECONDITIONING THE ROOF
TONE AT THE TOP AND 5 VALUES
H ONESTY
Stanford
41
Office of Audit,
Compliance and Privacy
RECONDITIONING THE ROOF
TONE AT THE TOP AND 5 VALUES
R ESPECT
42
Stanford
Office of Audit,
Compliance and Privacy
21
SCCE Higher Education Compliance Conference
RECONDITIONING THE ROOF
TONE AT THE TOP AND 5 VALUES
F AIRNESS
Stanford
43
Office of Audit,
Compliance and Privacy
RECONDITIONING THE ROOF
TONE AT THE TOP AND 5 VALUES
I NTEGRITY
44
Stanford
Office of Audit,
Compliance and Privacy
22
SCCE Higher Education Compliance Conference
LIVING 3 ADDITIONAL VALUES
O BJECTIVITY
I NDEPENDENCE
T RANSPARENCY
“A L ACK OF TRANSPARENCY RESULTS IN DISTRUST…”
DALAI LAMA
45
Stanford
Office of Audit,
Compliance and Privacy
PREVENTING
FRAUD, WASTE AND ABUSE (FWA)
_____________________________________________________
A
C
P
46
Stanford
Office of Audit,
Compliance and Privacy
23
SCCE Higher Education Compliance Conference
FRAUD, WASTE AND ABUSE (FWA)
FRAUD
INTENTIONALLY, KNOWINGLY AND WILLFULLY ATTEMPTING TO
EXECUTE A SCHEME TO FALSELY OBTAIN PAYMENT FROM A FEDERAL,
STATE OR OTHER GOVERNMENTAL ORGANIZATION.
____________________________________________________
HOW DOES IT APPLY TO MEMBERS OF THE UNIVERSITY COMMUNITY?
KNOWINGLY PERPETRATING A SCHEME TO DEFRAUD A
GOVERNMENTAL AGENCY OR THE UNIVERSITY OR
ANY OF ITS AFFILIATES.
MERRIAM-WEBSTER’S DICTIONARY:
A
“TO DEPRIVE OF SOMETHING BY DECEPTION OR FRAUD”.
“CHEAT, SHORT-CHANGE, SWINDLE, FLEECE, SKIN, C
BLEED, HUSTLE, VICTIMIZE, ETC.”
P
Stanford
47
Office of Audit,
Compliance and Privacy
FRAUD, WASTE AND ABUSE (FWA), CONTD.…
WASTE
SPENDING THAT CAN BE ELIMINATED WITHOUT REDUCING QUALITY
OF THE SERVICE OR PRODUCT.
__________________________________________________
HOW DOES IT APPLY TO MEMBERS OF THE UNIVERSITY COMMUNITY?
CARELESSLY USING GOVERNMENTAL RESOURCES OR THE
OF THE UNIVERSITY OR ANY OF ITS AFFILIATES.
RESOURCES
MERRIAM-WEBSTER’S DICTIONARY:
“TO DAMAGE OR DESTROY GRADUALLY AND
PROGRESSIVELY”
“TO SPEND OR USE CARELESSLY OR
USELESSLY: SQUANDER”
48
ACP
Stanford
Office of Audit,
Compliance and Privacy
24
SCCE Higher Education Compliance Conference
FRAUD, WASTE AND ABUSE (FWA), CONTD.…
ABUSE
IMPROPER BEHAVIOR OR BILLING PRACTICES THAT CREATE
UNNECESSARY COSTS.
_____________________________________________________
HOW DOES IT APPLY TO MEMBERS OF THE UNIVERSITY COMMUNITY?
IMPROPERLY USING GOVERNMENTAL RESOURCES OR THE RESOURCES
OF THE UNIVERSITY OR ANY OF ITS AFFILIATES SO AS TO RAISE THE
COSTS OF SERVICE OR PRODUCT .
MERRIAM-WEBSTER’S DICTIONARY:
“CORRUPT PRACTICE”
“INCORRECT OR IMPROPER USE: MISUSE”
“TO USE SO AS TO DAMAGE: MISTREAT”
“TO USE TO EXCESS”
49
Stanford
Office of Audit,
Compliance and Privacy
Stanford
Office of Audit,
Compliance and Privacy
FRAUD TRIANGLE
ACP
50
25
SCCE Higher Education Compliance Conference
THE FRAUD EXPOSURE RECTANGLE
Fraud Exposure Rectangle
Management &
Directors
Company’s
Relationship w
Other Entities
1
2
The Organization
&
Its Industry
Financial Results
& Operating
Characteristics
ACP
3
4
51
Stanford
Office of Audit,
Compliance and Privacy
52
Stanford
Office of Audit,
Compliance and Privacy
26
SCCE Higher Education Compliance Conference
53
Stanford
Office of Audit,
Compliance and Privacy
54
Stanford
Office of Audit,
Compliance and Privacy
27
SCCE Higher Education Compliance Conference
55
Stanford
Office of Audit,
Compliance and Privacy
QUESTIONS AND COMMENTS
56
Stanford
Office of Audit,
Compliance and Privacy
28