Questions and Answers
- What is institutional compliance?
- Why is there an emphasis on "compliance" within the UH System?
- When did the Institutional Compliance Program begin at UHV?
- Why does UHV need a Compliance Program?
- Who is the UHV Institutional Compliance Officer?
- How does the campus Institutional Compliance reporting structure work?
- As an employee, what is my role in institutional compliance?
- If I have questions about compliance, who can answer them?
- What should I do if I suspect something is wrong, but I don't know for sure?
- Is there a way to make confidential reports?
- What type of information should be reported?
- Will I need to take compliance training?
- Q: What is institutional compliance?
A: For every employee at UHV, compliance is simply doing the right thing.
At the institutional level, the management of compliance risks is good ethical business practice. Within the university, we operate in an increasingly complex environment of laws, regulations, policies, standards and procedures. We encounter risks on a daily basis. An effective compliance program is knowing what our particular risks are and then putting into place reasonable measures to help insure that the most critical risks are lessened to reasonable levels.
back to top
- Q: Why is there an emphasis on "compliance" within the UH System?
A: In the wake of instances of major non-compliance at various University systems across the United States that resulted in very negative publicity, large fines and/or loss of funding, the UH Board of Regents requested that the System administration develop an Institutional Compliance Program. The Action Plan that was developed includes the following elements:
- Approval of a compliance program following the UT System model;
- Designation of the Director of Internal Auditing as the System-wide Compliance Officer;
- Designation of an Institutional Compliance Officer at each component institution;
- Appointment of an Institutional Compliance Committee at each component institution;
- Requirement for the Institutional Compliance Committee to meet quarterly;
- Adoption of a formal Board policy on institutional compliance;
- Organize, fund and provide oversight for an ongoing and proactive compliance function meeting the criteria of the U.S. Sentencing Guidelines;
- Submission of an annual risk-based plan of compliance activities;
- Establishment of functional liaisons and a support structure to ensure accomplishment of those activities deemed to be high risk;
- Development of a compliance manual that sets forth expectations and standards of conduct for employees;
- Establishment of a confidential reporting mechanism with summary information presented at Compliance Committee meetings;
- Budgeting of sufficient resources to fund compliance activities that reduce compliance risk to acceptably low levels;
- Ensuring that appropriate general and specialized compliance training is provided for employees and that attendance is acceptable;
- Submission of quarterly reports on compliance activities to the System Compliance Officer;
- Follow-up to determine that appropriate corrective actions have been taken in the event of non-compliance;
- Annual auditing of the compliance functions at component institutions by the Director of Internal Auditing
- Q: When did the Institutional Compliance Program begin at UHV?
A: The development of UHV's Compliance Program began in 2002 as a directive from the UH Board of Regents. It is an ongoing process. At UHV there is/are:
- Compliance Officer
- Compliance Committee
- Employee Standards of Conduct
- Compliance Training Program (in development)
- Risk Assessment of Known External Compliance Issues
- Mitigation focused on the Highest Rated Risks
- Quarterly Reporting of Compliance Related Activities
- Confidential Reporting Line
- Scheduled auditing of the campus program by the UHS Internal Auditing Department (to be scheduled beginning FY05)
- A campus Institutional Compliance Website
- Q: Why does UHV need a Compliance Program?
A: To reduce our highest known risks to acceptable levels. The campus Compliance Program goals are to achieve the following objectives:
- Comply with the UH Board of Regents and System mandates;
- Reduce the risk of non-compliance that could result in significant harm to the institution's operations, finances or reputation;
- Provide evidence to external entities, e.g., Texas Legislature, Federal oversight authorities, and UH System that UHV has a system in place to identify and actively manage its highest risks;
- Develop and then maintain a campus compliance program that has the following elements:
- Existence of written standards
- Effective oversight
- Due care in delegation of authority
- Corrective action
- Q: Who is the UHV Institutional Compliance Officer?
A: The campus Institutional Compliance Officer is Tim Michalski, Director of Business Services. E-mail: firstname.lastname@example.org telephone 361-570-4107.
- Q: How does the campus Institutional Compliance reporting structure work?
A: The UHV Compliance Officer is appointed by and reports to the President and is the campus liaison to the System Compliance Officer. The Compliance Officer serves as the chair of the campus Institutional Compliance Committee and is a member of the UHS Institutional Compliance Officers Committee. The campus compliance officer monitors the various compliance program activities to try to help ensure that compliance activities and the program in general is operating the way it should. The campus Compliance Officer also prepares formal quarterly campus compliance activity reports to the System Compliance Officer and campus Administration. Report information is also available to all employees on the campus Institutional Compliance website which is also maintained by the campus compliance officer.
The System Compliance Officer, in turn, is responsible to the Chancellor and the Board of Regents. The System Compliance Officer, who is also the UHS Director of Internal Auditing, chairs the System-wide Institutional Compliance Committee and is responsible for auditing the component compliance programs.
- Q: As an employee, what is my role in institutional compliance?
A: Your role, basically, is "to do the right thing." Each of us are faced with various risks and compliance issues in the workplace and in our particular positions of responsibility. Many of us have resources at our discretion, such as staff, finances, property, and information. Each of us is entrusted with responsibilities associated with our positions at the University. It is how we handle our responsibilities and what we do with and how we use the resources available to us that either increases risk or lessens it.
As a faculty or staff employee, your role is to understand the various types of risks you may encounter as part of your job and the proper and correct way to respond. As part of your involvement in campus compliance, you have an obligation to take any required general or specialized training required for your position or for employees in general. You need to keep abreast of the laws and regulations that may affect your area of operations. You need to be knowledgeable of the Board, System and Campus policies and procedures that affect your position and responsibilities.
back to top
- Q: If I have questions about compliance, who can answer them?
A: The answers to many common compliance questions can be found in the Employee Standards of Conduct Guide. Every employee has access to the guide on the Institutional Compliance website.
- If the Guide does not answer your question, you are encouraged to go to your supervisor with questions.
- If your supervisor cannot answer your question or you feel uncomfortable asking your supervisor, you have a variety of offices you can go to depending on the issue you are trying to resolve. These offices and their phone numbers are also listed in the Employee Standards of Conduct Guide.
- The Office of Institutional Compliance may be able to answer your questions or put you in contact with someone who can.
- Q: What should I do if I suspect something is wrong, but I don't know for sure?
A: Discuss it with your supervisor. If you feel uncomfortable asking your supervisor, there are other offices you can go to. These offices and their phone numbers are also listed in the Employee Standards of Conduct policy.
Federal and state laws and university policy prohibit retaliation against employees who report violations of possible illegal activities in good faith. The University encourages employees to make good faith reports of alleged illegal activity and is committed to maintaining the confidentiality and anonymity of all individuals who make such reports to the extent allowed by law.
Your assistance may also help the University to comply with the law, thereby possibly preventing or lessening fines, regulatory penalties, negative publicity and embarrassment to the University.
back to top
- Q: Is there a way to make confidential reports?
A: Yes. The University uses a personal incident reporting system called MySafeCampus. You may report allegations of fraud, waste or other regulatory compliance issues anonymously and confidentially from any phone or from any computer with internet access. To make a report online, go to www.MySafeCampus.com. To make a confidential report by phone, you may call toll-free 1-800-716-9007. MySafeCampus services are available 24/7 and are not affiliated in any way with the University of Houston System. To learn more about MySafeCampus, click here.
back to top
- Q: What type of information should be reported?
A: The information should be limited to potential violations of laws, regulations or rules such as fraud, embezzlement, time and expense abuse, conflicts of interest, kickbacks, or other illegal activities rather than employee dissatisfaction issues or complaints. Personal concerns about individual employee matters, e.g., complaints concerning wages, hours of work, performance evaluations, merit raises, etc., should be handled in accordance with other University policy in place.
back to top
- Q: Will I need to take compliance training?
A: It is very important that as an employee, you are aware of the compliance issues that impact you or your position on a daily basis. Awareness of the Employee Standards of Conduct is the first place you should start. General compliance training will be used to broaden awareness. More specialized training for higher risk operations identified through the risk assessment process, e.g. life safety, financial aid, may also be required. All employees may be expected to participate in any General and/or Specialized Compliance Training developed.
back to top