October 19, 2022
Compliance Officer Certification Statement
- by Sean Weiss, Partner & VP of Compliance
“The New DOJ Standard”
I want to talk about compliance officer certification statements introduced by Kenneth Polite of the DOJ! I mentioned this in a blog while I was at the American Health Law Association in Baltimore a couple of weeks ago but feel that topic requires a much deeper dive and exploration of what that certifying statement really means. On March 25, 2022, Mr. Polite provided prepared remarks at the NYU Law Program on Corporate Compliance and Enforcement, and I strongly suggest you read this: (Prepared Remarks by U.S. Assistant Attorney General Polite at the NYU Law Program on Corporate Compliance and Enforcement | Compliance and Enforcement).
Compliance for many years has been a punchline with a lot of executives and physician owners, despite significant recoveries by the OIG and DOJ; not to mention Relators. Compliance was something put in place to appease counsel (general and external) and usually given very little thought and, more often than not, ignored. Other organizations blur the lines between compliance and human resources, which led to ineffective investigations and systemic failures to comply with regulations, code, statutes and acts specific to Fraud, Waste, and Abuse.
The DOJ is now requiring all settlement agreements to contain a certifying statement by the compliance officer of the organization to ensure they not only have a seat at the table but that their voice is being heard. The DOJ is working to ensure compliance plans are not just paper plans but that they actually work in practice and more so that they are a living, breathing document. However, Mr. Polite has indicated that the DOJ is not just looking for these in settlement agreements; he wants compliance plans certified by the compliance officer annually to demonstrate that the program is, in fact, functioning and ensuring a culture of compliance within the organization!
As a third-party compliance officer to a number of small, medium, and large physician groups across the country, I share with my clients the critical importance of our plan being functional but, more importantly, that we truly have established a culture of compliance. I have been asked in recent weeks by one of my larger physician groups if I would be willing to generate a compliance certificate for the organization. My response was this, “We are very close to full compliance, and when we get there, I will generate the certifying statement with pleasure.” Now you may be wondering why, if I (The Compliance Guy) am the compliance officer for an organization, how it’s possible we are not at full compliance. I, just like the rest of you serving in this capacity, have stakeholders and board members to deal with who oftentimes want to bury their heads in the sand or wish something away. The good news is that the areas I am pushing back on are not those that would violate any potential law but rather are areas where I feel if an investigator or AUSA wants to nitpick, they could, even though we would have more than a suitable arguable defense/position. For me, I would rather not have to argue things on the back end with OIG or DOJ, so while these areas may be recommendations or best practices, I still want them in place before my name goes on anything, and so should you.
In closing this piece out, I am sure many of you, if not all of you, would be interested in what a certifying statement would be, so here is an example:
CERTIFICATION AND STATEMENT OF COMPLIANCE. I ____________, Compliance Officer of ____________, hereby certify the program is reasonably designed and implemented to detect and prevent violations of the law and is functioning effectively. _______ __________, complies with all Federal and State of ____________ laws and regulations pertaining to Fraud, Waste, and Abuse. I further certify _____________ has created a culture of compliance by ensuring the following:
- has invested—not just from a financial perspective, but from a concerted commitment from the top down—in implementing a strong compliance program;
- has been able to test its controls and demonstrate they are effective;
- has made relevant updates to its program to adapt to changing risks;
- and has cultivated a strong culture of compliance and ethical values.
This statement is accurate and truthful at the time of affixing my signature.
Your Name, Compliance Officer Date of Certification
*Disclaimer – The above sample statement is for demonstration purposes only. It is not to be used in its current form. The sample statement is not a replacement for legal representation/guidance. Please consult with your legal professional to create a certificate and statement of compliance specific to your organization. The Author and DoctorsManagement, LLC, and its affiliates bear no liability if the information contained within this article is used without first obtaining legal opinion(s).
About the Author: Sean Weiss