Compliance Program Policy

I. Purpose

As an institution of higher education, °Ç¸ç³Ô¹Ï has myriad obligations for compliance with external and internal mandates and standards. Sources for such standards include (1) federal, state and local laws; (2) accreditation standards; (3) auditor mandates; and (4) internal policies and procedures. Many college offices and members of the °Ç¸ç³Ô¹Ï community have long been engaged in compliance for coordinating and monitoring these efforts.

The Compliance Program takes into account the decentralized nature of the College. It seeks to avoid the creation of new bureaucracy and redundancy of efforts. While assigning responsibility for designated compliance areas to administrators with the most pertinent knowledge of the relevant college operations, the Compliance Program also provides for institution-wide oversight.

II. Definitions

Responsible Senior Staff Members: Members of the President’s Cabinet who have overall operational responsibility for designated compliance areas. Their compliance role is to oversee policies and procedures relevant to their compliance areas, to monitor compliance efforts by the Compliance Partners and receive from them periodic reports on compliance initiatives and new compliance obligations; to oversee follow up and response measures to reports of potential violations of law or other external standards in their compliance areas; and to provide leadership and authority for coordination of compliance activities. Responsible Senior Staff Members have authority to communicate personally with the Chair of the Audit Committee regarding compliance programs and/or conduct that could expose the College to liability.

Compliance Partners: Administrators responsible for the day-to-day functional obligations relevant to an assigned compliance area. Their compliance role is to be responsible for the day-to-day functional compliance activities attendant to their designated compliance areas, whether that involves personally carrying out such obligations or seeing to the assignment of compliance activities and confirming that they have been appropriately carried out. Compliance Partners are also responsible for monitoring compliance obligations in their areas, including new and newly modified compliance obligations and seeing that compliance obligations in their areas are handled in a timely fashion. Compliance Partners are expected to collaborate with the Office of Risk Management on ongoing compliance matters. Compliance Partners are also expected to brief their Responsible Senior Staff Members at least annually on compliance initiatives and new compliance obligations and promptly alert Responsible Senior Staff Members to conduct that could expose the College to liability.

Compliance Areas: Include clusters of laws, risks, contractual duties, etc. and one or more Responsible Senior Staff Members and Compliance Partners for each compliance area. It is designed to provide for coordination and documentation of existing and ongoing institutional compliance initiatives to meet increasing federal regulations, external standards, and best practices.

III. Procedures

The College has developed this framework for its institutional compliance program to satisfy the legally recognized elements of an effective compliance program:

  1. standards and procedures to prevent and deter violations of law,
  2. overall responsibility assigned to personnel with appropriate resources and authority, who have authority to communicate directly with the governing body,
  3. the governing body is knowledgeable about the program and exercises reasonable oversight,
  4. responsible personnel with substantial authority, chosen for high integrity and with due diligence,
  5. effective training programs and dissemination of information,
  6. monitoring of compliance activities, reporting mechanisms for concerns of unlawful conduct, and effective follow up and investigation of reports,
  7. consistent enforcement of standards through incentive and discipline, and
  8. appropriate responses to violations of law, including modifications to the compliance program as needed.

Responsible Senior Staff members will be responsible for preparing an annual report of risk management programs within their areas of responsibility. These reports will be submitted to the Director of Risk Management on or before August 15 of each year, in time for presentation to the Audit and Governance committee of the board at the September board meeting.

Responsible Senior Staff Members and Compliance Partners will focus on specific issues in the compliance area that pose relatively high risk of material non-compliance; relatively high risk may arise from, for example, the particularly significant nature of the compliance obligations, the complexity of compliance, new or newly revised regulations or other obligations, or information regarding areas of particular regulatory scrutiny. With regard to these issues, the Responsible Senior Staff members will describe their compliance procedures and explain in their report to the Director of Risk Management how they keep apprised of regulatory developments and respond to those developments.

If the Responsible Senior Staff Member or Compliance Partner identifies any areas of material noncompliance, they will promptly alert the Director of Risk Management so that they can assess and address the situation and identify any areas in which further efforts would materially improve compliance (such as, for example, the development or revision of relevant policies or procedures or the provision of guidance or training to relevant staff).

The College also has promulgated a Whistleblower Policy, which provides that any College employee who has knowledge of or information about misconduct in college operations should report the misconduct to the Vice President for Human Resources or the Director of Risk Management. Such reports may also be made anonymously.

Prior to each academic year’s first meeting of the Audit Committee of the Board of Trustees, the Director of Risk Management will, in consultation with and on behalf of the Responsible Senior Staff Members, prepare a report to the Audit Committee regarding the College’s compliance efforts during the prior year and plans for the coming year.

IV. Responsibilities

The Director of Risk Management of the College is responsible for developing the overall compliance plan, including a schedule for reviewing compliance in selected areas, and ensuring that Responsible Senior Staff Members are adequately supervising the areas of risk within their responsibility. The Director of Risk Management is also responsible for making reports to the President and the Audit Committee regarding the College’s compliance program.

The Director of Risk Management serves as a resource for all Responsible Senior Staff Members, Compliance Partners, and other college constituents engaged in compliance activities in order to provide coordination and documentation of institutional compliance efforts. Where appropriate, the Director of Risk Management may seek guidance from outside consultants or expert outside counsel.

The Audit Committee of the Board of Trustees will exercise reasonable oversight of the compliance program and provide reports on the compliance program and, in its discretion, particular compliance matters, to the full Board of Trustees.

V. Responsible office

Questions about this policy should be addressed to the office of Risk Management at risk.management@goucher.edu.

VI. History

Updated: August 2019; August 2023.

All Policies