2023 Board Resources

reports any significant compliance matters to the full Board. In addition, depending on the materiality of the issue, between quarterly meetings, the Audit Committee, the Audit Committee’s Chair, or the Board’s Executive Committee is kept informed about any urgent compliance issues by the Chief Compliance Officer. 3. What are the goals of the organization’s compliance program? What are the inherent limitations in the compliance program? How does the organization address these limitations? • The goals of Banner’s Compliance Program are the following: o Comply with the requirements of Banner’s Corporate Integrity Agreement (CIA) with the Office of Inspector General (OIG) of the Department of Health and Human Services (effective April 9, 2018); o Timely completion of Banner’s mandatory compliance training; o Ensure timely reporting of suspected violations; and o Evaluate and implement remedial measures. • The health care industry is complex and heavily regulated with complicated and frequently changing laws and regulations. Banner itself is one of the nation’s largest nonprofit healthcare systems and provides a broad range of healthcare and related services concentrated in three regions. • Banner’s Compliance Program is designed to have Compliance Officers at the hospitals, provider groups, ancillary service areas, research, and insurance divisions to address compliance issues. The goal is to have these individuals integrated into the applicable C-suite, administration, or leadership team so that they can effectively identify and mitigate risks to the system. 4. Does the compliance program address the significant risks of the organization? How were those risks determined and how are new compliance risks identified and incorporated into the program? • Banner’s Compliance Program addresses the significant risks of the organization, including those related to Federal health care programs. In addition to its ongoing monitoring of the health care environment, the Ethics & Compliance Department and the Internal Assurance Department conduct a formal annual assessment of the system’s risks based on the likelihood of occurrence and the significance of the exposure. The OIG’s Annual Work Plan is reviewed, and various senior leaders are polled to determine the most significant risks to the system. Based on the results of this survey, the Ethics & Compliance Department develops an annual audit plan to appropriately address the risks identified. The audit plan is presented to the Audit Committee for its review and approval. This risk assessment and internal review process complies with the requirements of Banner’s CIA.