The seven basic elements of a compliance program are:
1. Policies, procedures, and code of conduct
2. The compliance officer and high-level
3. Education of all staff
4. Auditing and Monitoring functions and
appropriate corrective action
5. A compliance officer who has authority
6. Consistent and fair disciplinary processes
7. Confidential and non-retaliatory mode of
Together, we have more than 25 years of
experience, and our careers have been focused
on assessing, growing, and maintaining com-
pliance programs. Each of the programs we
have been involved with has been set up based
on the Federal Sentencing Guidelines1 and
Office of Inspector General (OIG) Voluntary
Compliance Program Guidance. 2 These pro-
grams were based on the seven elements. But,
in every one of the programs we have worked
with, we have found that the seven elements
were not enough! Let’s talk about
what was missing.
Policies, procedures, and
code of conduct
It is not enough to simply have policies and procedures and a code of
conduct (Code). Policies and procedures are only useful if they are
current, easy to follow, and available
to the staff. It is imperative that the
organization review the policies,
either internally or externally, and
review procedures governing the
compliance and privacy functions
on an annual basis. Policies do not
need to be created by the Compliance
department. Allowing individual
departments to create and monitor policies
allows for inclusion in the compliance initiative. The policies must be reviewed with
senior staff and the board, and there must
be buy-in from all high-level officials of the
organization. The compliance officer must
also remember to discuss policies governing
the program with the staff during orientation
training and during the annual compliance
training. The policies should be written for
ease of reading and comprehension and be
by Mary Ellen McLaughlin, MS, CHC, CPC; and Shawn Seguin, MBA
What it takes:
An effective program
» Ensure direct access to the Board and that there is high-level oversight and buy-in.
» Maintain an “open door policy.” It is best to have an office away from the C-suite.
» Ensure a non-punitive, non-retaliatory program.
» Provide education to the employees so that they know what needs to be reported and where to report concerns.
» Make it a collaborative program, engaging all key department managers to ensure buy-in.
Mary Ellen McLaughlin ( email@example.com) is a Manager
and Shawn Seguin ( firstname.lastname@example.org) is a Consultant with IMA
Consulting in Chadds Ford, PA.