Compliance Perspectives

By Adam Turteltaub There’s a lot of discussion about the relationship between compliance and the general counsel. Less words, though, have been dedicated to the important relationship between compliance and HR. Netherlands-based Asaf Shalev, Global Ethics, Risk & Compliance Lead for DLL rightly observes that maximizing synergy between the work of HR and compliance is a key for success of both the compliance program and the business. The departments share overlapping interests in a number of areas, including the code of conduct. He advocates both sides working closely together to ensure that it is human centric. When it comes to compensation, HR can help by building in compliance-related metrics. When it comes to discipline, HR can ensure that it is documented, consistent and fair. They can also be helpful for navigating local the labor laws that may apply. Listen in to learn more about how to make the compliance-HR relationship work from recruiting and onboarding through the entire employee lifecycle. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub Stress can be a good thing. Burnout, though, is something altogether different and very real for compliance professionals. Sarah Hadden (LinkedIn), CEO and Publisher of Corporate Compliance Insights shares in this podcast the not always encouraging data on stress and burnout from their 2025 Compliance Officer Working Conditions, Stress & Mental Health survey. The research did reveal some very good news. Compliance officers are generally happy with their work. They have a sense of purpose and feel that what they are doing is important. The findings also revealed a small but notable increase in the belief that the organization is supportive of compliance efforts. On the other side of the coin, though, only 7% said that job stress was not an issue. More concerning, 51% reported that they are experiencing burnout. What causes that burnout? A variety of factors are in play including the fast pace of regulations, personal liability fears, lack of time and resources and even AI. One of the greatest causes of stress, the survey revealed, is reporting structure, with those reporting to legal, rather than to leadership or the board, being the least satisfied and most stressed out. Listen in to learn more, unless, of course, it’s going to stress you out. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub There is a tendency to think of risk assessment as one thing and demonstrating the value of the compliance program as another. In this podcast, Catherine Bruno, Assistant Director Office of Integrity and Compliance (OIC) at the FBI shows that the risk assessment process can also be a great way to demonstrate the value of a strong compliance program. So how do they make that happen?  First, the OIC ensures that individuals who are closer to the risk, the subject matter experts at each of the divisions at FBI headquarters, as well as each field office, are involved both from the start and on an ongoing basis. Every six months the OIC requires them to spend time assessing compliance risk and put forward at least one. This process ensures participation without demanding too much of the field’s time. In advance of that meeting, the OIC conducts a training session, provides a model agenda, and may do a presentation on a particular risk area. They also require that, at the meeting, the participants also spend time examining the tier 1 risks that the OIC has identified. In the future, she is looking to better spell out the cost of non-compliance and the savings of proactive measures. But, she cautions, quantifying the benefits does not have to be based on dollars exclusively. Reputational factors can and should also be considered. Each field office is also required to provide data on the risk areas that they are tracking. That data gets compiled and gives them an opportunity to compare themselves to each other. The information is also shared at higher-level branch meetings a month later, and it helps executive assistant directors understand where field offices are focused in terms of their risks. In sum, the process provides both a better understanding of risk and demonstrates the value of the compliance program. Listen in. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub The words “works council” inspires fear and dread in the hearts and minds of many who have never worked with them. They need not, says Lisanne Winde, attorney at law at Wybenga advocaten and Alain Lambert, regional ethics and compliance officer for Central Europe at WSP. In this podcast, they share how the works council can actually help compliance teams. These entities are not unions but are specific to the company. They can be helpful for facilitating communication with employees and giving greater legitimacy to company policies. In practice they collaborate with management and can be more helpful than those unfamiliar with them may think. However, there are times when working with the works council is not just a nice to have but a requirement. Issues relating to whistleblowing and disciplinary policies are two examples. And there may be others, as well.  The laws vary by country. To make the most out of the relationship they recommend taking time to listen to what the works council says. Make sure they understand your role and the independence it has from management, and invite their participation early. It’s better to find out what issues are and benefit from their expertise early rather than too late. Listen in to learn more, then, take a deep breadth and relax next time you hear the words “works council.” Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub An audit by a Unified Program Integrity Contractor auditor, better known as a UPIC audit, can be a very scary thing. Providers are often shocked and even indignant to receive a letter notifying them of the audit and alleging fraud. Jon Rawlson (LinkedIn), President & Founder of Armory Hill Advocates, reminds us that the audit was likely not triggered by an allegation but by an algorithm catching outlier events such as a provider processing claims outside of their normal daily work, utilizing a DME, a skin substitute or some other expensive item that is outside the norm. Once you have calmed down after reviewing the letter, he advises acting immediately but calmly. Begin reviewing the documents you have been providing the Medicare program and bring in whatever help you need. And, don’t forget you have a five step appeal process that enables you to prove  your innocence. But, be mindful of the timeline the government gives. The consequences can be grave if you miss a deadline. Listen in to learn more, and if you’re a member of SCCE or HCCA, be sure to read his article on the subject in Compliance Today magazine. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub As the sun set, the chief compliance officer stared out the window, wondering how she would communicate with her workforce in a way that they would understand. As much as she looked, the answer wasn’t outside in the skies turning from blue to black. She wasn’t finding it under the white LEDs in the ceiling above her desk, either. Feeling a bit desperate, and a little bit bored, she decided to walk the halls to see if perhaps the answers were there. She got all of ten feet before a colleague stopped her,  eyes open wide and voice a little breathless, to tell her about an incident discovered and resolved. As she listened to him speak, she realized the answer was right there in front of her in the power of storytelling. Janine Fadul, Compliance and Privacy officer at GW Medicine, learned long ago to focus on the story she was trying to tell people, not just the facts. By following the elements of storytelling, she explains, you can grab people’s interest, keep it, and help them understand what you are trying to communicate. That doesn’t just apply to training. It can also be useful for communicating with leadership. Listen in to learn more about the elements of good storytelling. Then, apply them, and your compliance program may live happily ever after. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub In addition to releasing its General Compliance Program Guidance, the OIG at HHS announced plans to publish a series of Industry Segment-Specific Compliance Program Guidances (ICPG). The first of these, addressing nursing facilities, was released in November 2024. As CJ Wolf, Professor in healthcare Administration at BYU Idaho explains in this podcast, the first ICPG is instructive both for skilled nursing facilities (SNFs) and those looking to anticipate what will be coming in future ICPGs. Currently, three more are expected to be published in 2025: Medicare Advantage, hospital and clinical laboratories. Two additional ICPGs – pharmaceutical manufacturers and hospice – are also planned, but with a publication date as yet to be determined. There are several notable elements to the SNF ICPG. First, it interlinks compliance, quality of care and quality of life for patients. Second, there is an entire supplement focused on reimbursement, raising the scrutiny level of billing compliance. It addresses the prospective payment system, value-based payment models, Medicare Part D, Medicare Advantage, and Medicaid managed care, amongst other issues. When it comes to Anti-Kickback, the ICPG provides specific examples that are close to home for skilled nursing facilities. These hot points include free or below fair market value goods and services, discounts, arrangements for services and supplies, pharmacist relationships, care coordination, value-based care arrangements and join ventures. It is expected that future ICPGs will also have a focus on the Anti-Kickback statute. CJ also anticipates future guidances to continue to focus on greater accuracy and quality of care. Listen in, whether you are working at a SNF or looking to learn what likely comes next with ICPGs. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub Sevda Huseynova is the Ethics and Compliance Officer for SOCAR Midstream, a state-owned enterprise (SOE) in Azerbaijan. The company manages the oil and gas export pipelines of the country. If you think working for an SOE means you don’t have to worry about compliance, she warns you to think again. SOEs still faces risk in a wide range of areas including anticorruption, sanctions, third parties and more. Investors want to ensure that the company operates up to global standards, which isn’t always easy since compliance is relatively new in Azerbaijan. SOCAR midstream is up to the task, though, she reports. The company seeks to comply with local laws as well as international standards such as those of the OECD and the UN Convention on Corruption. To meet its goals, the compliance program is based on the seven elements approach found in most compliance programs and has three tiers addressing prevention, detection and corrective actions. She advises others working in SOEs to embrace five key strategies: Gain leadership buy-in and the corresponding tone at the top Customize the program to the SOE context Build a strong compliance infrastructure with adequate support Strengthen third party management Monitor, measure and improve on a continuous basis Listen in to learn more about the challenges and opportunities of compliance programs in an SOE. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub KISS takes on a new meaning in this podcast: Keep it Streamlined & Strategic. Keeping it streamlined and strategic is also the topic of a session at the 2025 HCCA Compliance Institute that will be led by Krista Muszak, Senior Manager, Process Optimization at Pfizer and Angela Smart, Senior Compliance and Ethics Partner, Intermountain Healthcare. Specifically. they’ll be applying this new take on KISS to the topic of program effectiveness. So how does it work? How do we keep our programs streamlined and strategic?  First, we avoid scope creep and remain focused. That, they explain, begins with having and continuously referring back to a program charter that keeps you and everyone else involved from pursuing all the tangential issues that could derail your efforts. Second, they advise following the PDCA formula: Plan, Do, Check and Act. Third is conducting a root cause analysis that helps you understand not what happened but why. It will keep  you thinking strategically and not just about the particular incident that called for the analysis to be done. Want to learn more about KISS? Listen to this podcast and then join them in Las Vegas for the 2025 HCCA Compliance Institute. Listen now Sponsored by Bluesight, providing industry-leading privacy monitoring with fast, reliable patient data violation detection.

By Adam Turteltaub Business people are given all kinds of goals for revenues, profitability, efficiency and more. For compliance, though, not so often. Many organizations struggle with how to set compliance goals, or even if they should set them. Madrid-based, Juan Ignacio Paillás, Head of Global Compliance Business Sectors for Merck KGaA, Darmstadt, Germany, explains how it should be done. First, he advises, understand the context in which you are working, particularly about how your organizations manages objectives. For example, some organizations embrace very rigid goals, while others take a more flexible approach. When approaching management and the business unit about setting objectives, he cautions that you should expect pushback. To counter it, remind them this is about taking the company’s values and turning them into concrete, measurable behaviors. It is also an exercise in setting priorities within compliance efforts to have the greatest impact on the organization and its performance. As you go to set the goals, determine which levels of the organization you will cover and what is important for each of them. Start with leadership and then enlist them in the efforts Also, he advises being open to business people setting their own goals. Listen in to the interesting goal one person set, and what impact it had. Listen now Sponsored by Bluesight, providing industry-leading privacy monitoring with fast, reliable patient data violation detection.