Optional_2023 Board Resources
BOARD OF DIRECTORS COMPLIANCE PROGRAM RESOURCES
Januar y 202 3
Ethics & Compliance
BANNER BOARD OF DIRECTORS COMPLIANCE PROGRAM RESOURCES
Table of Contents
1. Board Member Fiduciary Duties ........................................................................... . . ...... . . 5 2. Overview of Compliance Programs ............................................................. . ............ . . . . 1 9 3. Corporate Responsibility and Corporate Compliance: A Resource for Health Care Boards of Directors .................................................................................................... . .. . 23 4. Practical Guidance for Health Care Governing Boards on Compliance Oversight ...... . 43 5 . Department of Justice Evaluation of Corporate Compliance Programs...................... . . 67 Chart Comparison of the Anti-Kickback Statute and the Stark Law ........................ . ... 8 9 Common Fraud and Abuse and Other Issues ............................................................. . .. 93 8 . 6. Executive Summary of U.S. ex rel. Cecilia Guardiola v. Banner Health and NCMC, Inc. and Banner Health’s Corporate Integrity Agreement ........................ . . . 1 19 7 . Board Compliance Program Oversight and Resolution Process Policy ............... . . ..... 129 9 .
(New) DOJMemo:Revisions toCorporateCriminalEnforcement Policies .......... . . ..... . 1 36 10 .
Board Member Fiduciary Duties
Ethics & Compliance
BOARD MEMBER’S FIDUCIARY DUTIES OVERVIEW Banner Board members act as trustees of the organization’s assets. As fiduciaries, board members have three fundamental duties: a duty of loyalty, a duty of care, and a duty of obedience. Duty of Care • Definition: A fiduciary must act in good faith with that level of care that an ordinarily prudent person would exercise in like circumstances and in a manner that he/she reasonably believes is in the best interests of Banner. o Decision-making Function : The application of duty of care principles to a specific decision or a particular board action; and o Oversight Function : The application of duty of care principles with respect to the general activity of the board in overseeing the day-to-day business operations of the corporation, i.e., the exercise of reasonable care to assure that corporate executives carry out their management responsibilities and comply with the law. • Example: Board members should follow deliberate procedures and consult with appropriate committees, officers, or employees of Banner or other outside experts in making corporate decisions. Duty of Loyalty • Definition: A fiduciary must avoid self-dealing, misuse of funds, and other misconduct and maintain the confidentiality of Banner’s affairs. o Requires a director to act solely in the best interests of Banner rather than in his/her own interests, or those of his/her associates. o Encompasses a Board member’s obligation to avoid conflicts of interest. • Example: Board members may violate their duty of loyalty if they fail to disclose conflicts of interest in accordance with Banner’s policy or pursue opportunities for others or themselves at Banner’s expense. Duty of Obedience • Definition: A fiduciary must observe, and be faithful to, Banner’s mission. o Upholding Banner’s mission – “Making health care easier, so life can be better.” • Example: Board members may violate the duty of obedience if they perform acts contrary to Banner’s mission.
CONFLICT OF INTEREST SCENARIOS TONY MAIDA, MCDERMOTT WILL & EMERY
Hypo 1: Board Conflicts – Duty of Care and Loyalty 1
Jim Ramone served as both the President of Nashville University, a non-profit, private university, and CEO of the Nashville University Foundation, which controls the school’s endowment and receives all donations to the University. Mr. Ramone also served as a board member with voting rights on the Foundation board and the permanent chair of the Foundation board’s Nominating Committee. A disgruntled former employee filed a complaint with the Tennessee Attorney General alleging that Mr. Ramone paid himself and certain members of his staff amounts well in excess of fair market value and engaged in business transactions without University or Foundation board approval. The complaint further alleged that: • Foundation board members failed to properly oversee Foundation spending; • Foundation officers exceeded their authority and failed to provide the board of directors with sufficient information to make informed decisions, presenting insufficient or misleading information; 2 • Foundation officers took action beyond what the board approved and acted without board knowledge or approval. For example, the Foundation loaned a subsidiary $10 million in endowment funds for a grant without approval from its board of directors; • Foundation officers paid out compensation beyond amounts its board of directors approved and that the additional amounts paid were not transparent; and • Foundation’s board of directors failed to oversee the finances of the foundation, approving property acquisitions without identifying a source of funding and continually spending at rates above its endowment spending policy. The Foundation engaged a respected valuation firm to review the executive compensation. The valuation firm concluded that the compensation of Mr. Ramone and four of his top aides exceeded fair market value by a total of $3.9 million over the 2010-2016 period. This valuation took into account both the University and Foundation executive position duties and the relative size and standing of the University. The valuation firm set fair market value at the 50 th percentile because the University itself ranked significantly below the median in three major categories: academic ranking (16 th percentile), endowment (37 th percentile), and enrollment (16 th percentile). However, the compensation exceeded the 90 th percentile by almost $1 million over the 2010-2016 period. The Foundation made the study public following a meeting in which the nonprofit organization’s board voted to amend Ramone-era disclosures to the IRS that claimed the compensation was reasonable, and to pursue Mr. Ramone and the other aides to recover the “excess benefits.” The Foundation board chair said the Foundation has alerted the IRS that it will be amending previous years’ disclosures to reflect the excess compensation. 1 http://www.wdrb.com/story/38300816/study-university-of-louisville-foundation-overpaid-ramsey-aides-by-39- million 2 Alvarez & Marsal Disputes and Investigations, LLC, Procedures & Findings Report, June 8, 2017 https://www.dropbox.com/s/48kkkd2hb8yk5qi/Final-AM-Report-6.8.17.pdf?dl=0 [hereinafter Alvarez and Marsal Report].
Question: What are the conflict issues?
There are multiple conflict issues in this actual situation involving James Ramsey and the University of Louisville. First, Mr. Ramone has potential breaches of his fiduciary duty of loyalty as a Foundation board member and duties of loyalty as an University and Foundation executive based on the allegations of paying himself and others excessive compensation (self-dealing) and duty of care in failing to properly manage the University and Foundation finances and business affairs. The other Foundation and University board members have potential violations of their duty of care for failure to exercise appropriate oversight of executive management. In setting compensation, board members should have asked questions to ensure that the compensation was appropriate. Further, board members should have exercised better oversight over spending and other activities to ensure that management was following board-approved direction and properly exercising management’s authority. One of the causes of this situation could have been Mr. Ramone’s role as permanent chair of the Foundation’s board member nominating committee. This role creates potential personal conflicts in Mr. Ramone influencing the nominating process to favor individuals with which he has a personal relationship, and once on the board, those members either feel indebted to him for the position or are inclined to defer to him and not question his activities because of their personal relationship. For much of its existence, Walt Disney Co. has pursued new and innovative media ventures as a growth strategy. In recent years, this growth strategy has included online media outlets. Disney also has developed close ties with the tech industry, beginning with the late Steve Jobs serving as a board member (and once the largest shareholder). For the past five years, Sheryl Sandberg, the COO of Facebook, and Jack Dorsey, the CEO of Twitter, served as directors on Disney’s board. During that time, Disney pursued an attempted acquisition of Twitter. Twitter and Facebook have also bid on, and in some cases won, the rights to stream live sporting events – in competition with Disney’s ESPN cable network. Both Twitter and Facebook have expanded their relationships with other media companies in the last year to add to their online video presence. Hypo 2: Board Conflicts – Duty of Loyalty Ms. Sandberg andMr. Dorsey have essentially the same type of conflict issue – their Disney director duties of loyalty are impacted by their duties of loyalty to their respective companies as officers. Specifically, directors owe a duty of loyalty to their organization to not pursue business opportunities for others (or themselves) that would be in the interest of the organization. Question: Assuming Sandberg and Dorsey disclosed their outside relationships to Disney before being elected to the board, doesn’t that disclosure address the conflict issue? No. Disclosure of outside interests and activities that could pose a conflict to the organization is a way to manage conflicts. Once on the board, Ms. Sandberg, Mr. Dorsey, and the rest of the board would need to actively manage their work with those conflicts in mind. Most obviously, Mr. Dorsey would have Question: What are the conflict issues?
needed to recuse himself from any discussions and involvement in Disney’s examination of acquiring Twitter. These recusal considerations would also occur upon Ms. Sandberg and Mr. Dorsey becoming aware that their respective companies were planning on competing with Disney on bidding for streaming rights. This situation shows that having a conflict of interest does not mean someone did something wrong. Both Ms. Sandberg and Mr. Dorsey have excellent reputations and likely brought valuable expertise to Disney as Disney explored expanding into online media. However, the director duty of loyalty can create a conflict simply by virtue of the director’s industry involvement when those activities compete with the organization. In 2018, Disney announced that Ms. Sandberg and Mr. Dorsey decided not to run for re-election on Disney’s board because of these recurring conflict/recusal issues. Hypo 3: Conflicting Financial Relationships St. James has engaged in a nationwide search for a new System CFO for the last nine months using a reputable executive search firm. The search firm has identified Nancy Moneypenny as its top candidate. She graduated summa cum laude from Harvard Business School and, for the last 20 years, has held several high-level finance positions, including as an investment banker at Goldman Sachs, JPMorgan, and as CFO of a Fortune 100 company. • Ms. Moneypenny is currently a member of NW Capital, LLP, an investment management firm. – St. James has a long-term contract with NW Capital to manage the portfolio of St. James Foundation. The contract is up for evaluation and renewal in 2020. NW Capital has achieved an average rate of return over the last five years well in excess of the S&P 500 average. – The Foundation’s CFO reports to the System CFO. • Ms. Moneypenny’s husband, Mr. Greenback, is CEO and shareholder in Castlight Health, a health technology company. – Castlight is one of the main vendors for St. James Accountable Care Organization (“ACO”). For the last five years, it has had a contract to provide all IT and other technology services, data analytics, and web-based services to the ACO. Compensation under the contract is $500,000 a year. The contract’s initial term was three years. It was renewed two years ago for another three-year term, which means the contract is up for evaluation and renewal in 2019. • Ms. Moneypenny and Mr. Greenback are old college friends of St. James CEO. The search firm has conducted an extensive background check of Ms. Moneypenny (and her spouse Mr. Greenback) and has concluded both have impeccable personal reputations and an absence of any other material financial or personal relationships with St. James or other members of the executive team or board. Question: What are the conflict issues?
1. Business relationship with NW Capital If Ms. Moneypenny retains her NW Capital ownership interest as St. James CFO, she would be in the position of overseeing the work of the firm in which she has a financial interest. She would logically be expected to monitor NW Capital’s performance, which could put her personal financial relationship with, and fiduciary duty to, NW Capital in conflict with her duty of loyalty as an officer of St. James. Even if she relinquished her ownership interest, she likely has personal relationships with other members of NW Capital that could conflict with her duties. 2. Business relationship with Castlight Health Through her husband’s ownership interest and executive position, the current business relationship between St. James and Castlight creates a second conflict for Ms. Moneypenny. As CFO, Ms. Moneypenny would logically be expected to monitor the financial success of St. James ACO, including Castlight’s contractual performance, and advice St. James CEO and board on subsequent decisions with respect to the ACO and continued use of Castlight Health. Mr. Greenback’s executive and ownership positions with Castlight Health would place Ms. Moneypenny in a conflict between her family relationship and her employment responsibilities. 3. Personal relationship with St. James CEO While many conflicts of interest policies do not address the potential for bias created by friendship or personal relationship, more fulsome approaches to conflicts issues recognize the potential for such relationships to affect (or create the appearance of affecting) business decisions. While the standard for resolving the conflicts issues associated with such relationships is usually lower, that does not diminish the related potential for bias. Question: What are the risks presented by the conflicts? • Internal workforce concerns of favoritism and inappropriate benefits extended to Ms. Moneypenny and Mr. Greenback, which could result in internal whistleblower reports or external disclosures to the media, regulators, or other third parties; • Scrutiny from a regulatory agency with plausible jurisdiction over St. James, on the basis of concerns with self-interest, exercise of fiduciary duty, and/or the reasonableness of individual transactions; • The potential that, due to the relationships, appropriate oversight of NWCapital, Castlight Health, and/or Ms. Moneypenny’s job performance is not exercised by St. James executive team; and • The reputational damage that could accrue to St. James and its officers and directors from any of the above circumstances. Question: What are some mitigating factors present in the hypo that suggest it would be a reasonable decision to hire Ms. Moneypenny? • The impeccable personal reputations of Ms. Moneypenny and Mr. Greenback and the absence of any other material financial or personal relationships with St. James or other members of the executive team or board;
• The participation of a recognized national executive search firm in the search process, and its confirmation of the leading qualifications of Ms. Moneypenny; • The existence of a formal, detailed written articulation of St. James Foundation’s investment strategy and Castlight’s performance matrix that would theoretically frame the direction of the CFO; and • The historical success of Castlight Health and NW Capital’s performance and the reasonable return received from NW Capital. Question: What would a conflict management plan look like to effectively address her conflicts? The purpose of a conflicts management plan (the “Plan”) would be to monitor the performance of the CFO with respect to the potential for conflicts of interest to arise in the performance of her duties—and resolve those conflicts to the extent possible. The basic elements of the Plan would include, but would not be limited to, the following: • Direct supervision by the General Counsel and the Compliance Officer, who would be able to seek the advice of outside advisors on matters relating to the conflicts issues; • Periodic reporting by the General Counsel and the Compliance Officer on the progress of the Plan to the appropriate committee of the St. James board; • Specific provisions in Ms. Moneypenny’s employment agreement obligating her to a higher standard with respect to the prompt disclosure of actual or apparent conflicts; • Including provisions in Ms. Moneypenny employment agreement relating to satisfaction of this higher standard, her evaluation and compensation, and the continuation of her employment status; • A mechanism (e.g. hotline) intended to alert the CFO, the General Counsel, the Compliance Officer, the CEO, and other interested parties of circumstances likely to arise in the future that could give rise to an actual or apparent conflict; and • A series of options, including but not limited to CFO recusal or the receipt of confirming or supporting opinions of outside advisors, to evaluate the performance of NW Capital and/or Castlight Health during the contract term and at renewal.
CONFLICT OF INTEREST SCENARIOS TONY MAIDA, MCDERMOTT WILL & EMERY
Hypo 1: Board Conflicts – Duty of Care and Loyalty 1 Jim Ramone served as both the President of Nashville University, a non-profit, private university, and CEO of the Nashville University Foundation, which controls the school’s endowment and receives all donations to the University. Mr. Ramone also served as a board member with voting rights on the Foundation board and the permanent chair of the Foundation board’s Nominating Committee. A disgruntled former employee filed a complaint with the Tennessee Attorney General alleging that Mr. Ramone paid himself and certain members of his staff amounts well in excess of fair market value and engaged in business transactions without University or Foundation board approval. The complaint further alleged that: • Foundation board members failed to properly oversee Foundation spending; • Foundation officers exceeded their authority and failed to provide the board of directors with sufficient information to make informed decisions, presenting insufficient or misleading information; 2 • Foundation officers took action beyond what the board approved and acted without board knowledge or approval. For example, the Foundation loaned a subsidiary $10 million in endowment funds for a grant without approval from its board of directors; • Foundation officers paid out compensation beyond amounts its board of directors approved and that the additional amounts paid were not transparent; and • Foundation’s board of directors failed to oversee the finances of the foundation, approving property acquisitions without identifying a source of funding and continually spending at rates above its endowment spending policy. The Foundation engaged a respected valuation firm to review the executive compensation. The valuation firm concluded that the compensation of Mr. Ramone and four of his top aides exceeded fair market value by a total of $3.9 million over the 2010-2016 period. This valuation took into account both the University and Foundation executive position duties and the relative size and standing of the University. The valuation firm set fair market value at the 50 th percentile because the University itself ranked significantly below the median in three major categories: academic ranking (16 th percentile), endowment (37 th percentile), and enrollment (16 th percentile). However, the compensation exceeded the 90 th percentile by almost $1 million over the 2010-2016 period. The Foundation made the study public following a meeting in which the nonprofit organization’s board voted to amend Ramone-era disclosures to the IRS that claimed the compensation was reasonable, and to pursue Mr. Ramone and the other aides to recover the “excess benefits.” The Foundation board chair said the Foundation has alerted the IRS that it will be amending previous years’ disclosures to reflect the excess compensation.
1 http://www.wdrb.com/story/38300816/study-university-of-louisville-foundation-overpaid-ramsey-aides-by-39- million 2 Alvarez & Marsal Disputes and Investigations, LLC, Procedures & Findings Report, June 8, 2017 https://www.dropbox.com/s/48kkkd2hb8yk5qi/Final-AM-Report-6.8.17.pdf?dl=0 [hereinafter Alvarez and Marsal Report].
Question: What are the conflict issues? There are multiple conflict issues in this actual situation involving James Ramsey and the University of Louisville. First, Mr. Ramone has potential breaches of his fiduciary duty of loyalty as a Foundation board member and duties of loyalty as an University and Foundation executive based on the allegations of paying himself and others excessive compensation (self-dealing) and duty of care in failing to properly manage the University and Foundation finances and business affairs. The other Foundation and University board members have potential violations of their duty of care for failure to exercise appropriate oversight of executive management. In setting compensation, board members should have asked questions to ensure that the compensation was appropriate. Further, board members should have exercised better oversight over spending and other activities to ensure that management was following board-approved direction and properly exercising management’s authority. One of the causes of this situation could have been Mr. Ramone’s role as permanent chair of the Foundation’s board member nominating committee. This role creates potential personal conflicts in Mr. Ramone influencing the nominating process to favor individuals with which he has a personal relationship, and once on the board, those members either feel indebted to him for the position or are inclined to defer to him and not question his activities because of their personal relationship. Hypo 2: Board Conflicts – Duty of Loyalty For much of its existence, Walt Disney Co. has pursued new and innovative media ventures as a growth strategy. In recent years, this growth strategy has included online media outlets. Disney also has developed close ties with the tech industry, beginning with the late Steve Jobs serving as a board member (and once the largest shareholder). For the past five years, Sheryl Sandberg, the COO of Facebook, and Jack Dorsey, the CEO of Twitter, served as directors on Disney’s board. During that time, Disney pursued an attempted acquisition of Twitter. Twitter and Facebook have also bid on, and in some cases won, the rights to stream live sporting events – in competition with Disney’s ESPN cable network. Both Twitter and Facebook have expanded their relationships with other media companies in the last year to add to their online video presence. Question: What are the conflict issues? Ms. Sandberg and Mr. Dorsey have essentially the same type of conflict issue – their Disney director duties of loyalty are impacted by their duties of loyalty to their respective companies as officers. Specifically, directors owe a duty of loyalty to their organization to not pursue business opportunities for others (or themselves) that would be in the interest of the organization. Question: Assuming Sandberg and Dorsey disclosed their outside relationships to Disney before being elected to the board, doesn’t that disclosure address the conflict issue? No. Disclosure of outside interests and activities that could pose a conflict to the organization is a way to manage conflicts. Once on the board, Ms. Sandberg, Mr. Dorsey, and the rest of the board would need to actively manage their work with those conflicts in mind. Most obviously, Mr. Dorsey would have needed to recuse himself from any discussions and involvement in Disney’s examination of acquiring Twitter. These recusal considerations would also occur upon Ms. Sandberg and Mr. Dorsey becoming aware that their respective companies were planning on competing with Disney on bidding for streaming rights. This situation shows that having a conflict of interest does not mean someone did something wrong. Both Ms. Sandberg and Mr. Dorsey have excellent reputations and likely brought valuable expertise to Disney
as Disney explored expanding into online media. However, the director duty of loyalty can create a conflict simply by virtue of the director’s industry involvement when those activities compete with the organization. In 2018, Disney announced that Ms. Sandberg and Mr. Dorsey decided not to run for re-election on Disney’s board because of these recurring conflict/recusal issues. Hypo 3: Conflicting Financial Relationships St. James has engaged in a nationwide search for a new System CFO for the last nine months using a reputable executive search firm. The search firm has identified Nancy Moneypenny as its top candidate. She graduated summa cum laude from Harvard Business School and, for the last 20 years, has held several high-level finance positions, including as an investment banker at Goldman Sachs, JPMorgan, and as CFO of a Fortune 100 company. • Ms. Moneypenny is currently a member of NW Capital, LLP, an investment management firm. – St. James has a long-term contract with NW Capital to manage the portfolio of St. James Foundation. The contract is up for evaluation and renewal in 2020. NW Capital has achieved an average rate of return over the last five years well in excess of the S&P 500 average. – The Foundation’s CFO reports to the System CFO. • Ms. Moneypenny’s husband, Mr. Greenback, is CEO and shareholder in Castlight Health, a health technology company. – Castlight is one of the main vendors for St. James Accountable Care Organization (“ACO”). For the last five years, it has had a contract to provide all IT and other technology services, data analytics, and web-based services to the ACO. Compensation under the contract is $500,000 a year. The contract’s initial term was three years. It was renewed two years ago for another three-year term, which means the contract is up for evaluation and renewal in 2019. • Ms. Moneypenny and Mr. Greenback are old college friends of St. James CEO. The search firm has conducted an extensive background check of Ms. Moneypenny (and her spouse Mr. Greenback) and has concluded both have impeccable personal reputations and an absence of any other material financial or personal relationships with St. James or other members of the executive team or board. Question: What are the conflict issues? 1. Business relationship with NW Capital If Ms. Moneypenny retains her NW Capital ownership interest as St. James CFO, she would be in the position of overseeing the work of the firm in which she has a financial interest. She would logically be expected to monitor NW Capital’s performance, which could put her personal financial relationship with, and fiduciary duty to, NW Capital in conflict with her duty of loyalty as an officer of St. James. Even if she relinquished her ownership interest, she likely has personal relationships with other members of NW Capital that could conflict with her duties.
2. Business relationship with Castlight Health Through her husband’s ownership interest and executive position, the current business relationship between St. James and Castlight creates a second conflict for Ms. Moneypenny. As CFO, Ms. Moneypenny would logically be expected to monitor the financial success of St. James ACO, including Castlight’s contractual performance, and advice St. James CEO and board on subsequent decisions with respect to the ACO and continued use of Castlight Health. Mr. Greenback’s executive and ownership positions with Castlight Health would place Ms. Moneypenny in a conflict between her family relationship and her employment responsibilities. 3. Personal relationship with St. James CEO While many conflicts of interest policies do not address the potential for bias created by friendship or personal relationship, more fulsome approaches to conflicts issues recognize the potential for such relationships to affect (or create the appearance of affecting) business decisions. While the standard for resolving the conflicts issues associated with such relationships is usually lower, that does not diminish the related potential for bias. Question: What are the risks presented by the conflicts? • Internal workforce concerns of favoritism and inappropriate benefits extended to Ms. Moneypenny and Mr. Greenback, which could result in internal whistleblower reports or external disclosures to the media, regulators, or other third parties; • Scrutiny from a regulatory agency with plausible jurisdiction over St. James, on the basis of concerns with self-interest, exercise of fiduciary duty, and/or the reasonableness of individual transactions; • The potential that, due to the relationships, appropriate oversight of NW Capital, Castlight Health, and/or Ms. Moneypenny’s job performance is not exercised by St. James executive team; and • The reputational damage that could accrue to St. James and its officers and directors from any of the above circumstances. Question: What are some mitigating factors present in the hypo that suggest it would be a reasonable decision to hire Ms. Moneypenny? • The impeccable personal reputations of Ms. Moneypenny and Mr. Greenback and the absence of any other material financial or personal relationships with St. James or other members of the executive team or board; • The participation of a recognized national executive search firm in the search process, and its confirmation of the leading qualifications of Ms. Moneypenny; • The existence of a formal, detailed written articulation of St. James Foundation’s investment strategy and Castlight’s performance matrix that would theoretically frame the direction of the CFO; and • The historical success of Castlight Health and NW Capital’s performance and the reasonable return received from NW Capital.
Question: What would a conflict management plan look like to effectively address her conflicts? The purpose of a conflicts management plan (the “Plan”) would be to monitor the performance of the CFO with respect to the potential for conflicts of interest to arise in the performance of her duties—and resolve those conflicts to the extent possible. The basic elements of the Plan would include, but would not be limited to, the following: • Direct supervision by the General Counsel and the Compliance Officer, who would be able to seek the advice of outside advisors on matters relating to the conflicts issues; • Periodic reporting by the General Counsel and the Compliance Officer on the progress of the Plan to the appropriate committee of the St. James board; • Specific provisions in Ms. Moneypenny’s employment agreement obligating her to a higher standard with respect to the prompt disclosure of actual or apparent conflicts; • Including provisions in Ms. Moneypenny employment agreement relating to satisfaction of this higher standard, her evaluation and compensation, and the continuation of her employment status; • A mechanism (e.g. hotline) intended to alert the CFO, the General Counsel, the Compliance Officer, the CEO, and other interested parties of circumstances likely to arise in the future that could give rise to an actual or apparent conflict; and • A series of options, including but not limited to CFO recusal or the receipt of confirming or supporting opinions of outside advisors, to evaluate the performance of NW Capital and/or Castlight Health during the contract term and at renewal.
Overview of Compliance Programs
Ethics & Compliance
HISTORY OF COMPLIANCE PROGRAMS
A Historical Perspective In the 1970s and early 1980s, it became clear that the Department of Defense was paying exorbitantly high prices for military supplies. Under the direction of June Gibbs Brown, the Defense Department’s Inspector General, the defense industry developed voluntary self-regulatory guidelines, called “Compliance Programs,” designed to help eliminate waste and bring prices into line. In the early 1990s, the government became concerned about fraud and abuse in health care. In 1993, Ms. June Gibbs Brown was appointed Inspector General at the Office of Inspector General (OIG) for the U.S. Department of Health and Human Services (HHS), and she immediately began working with the industry to develop Compliance Programs like those in the defense industry. Under Ms. Gibbs Brown’s eight years of guidance, the OIG promoted the development of Compliance Programs while aggressively pursuing any questionable activities. In her first full year at the OIG, prosecutions resulted in savings of the record amount of $6 billion. During her tenure, the OIG settled LABSCAM cases for over $300 million, National Medical Enterprises netted over $370 million, Caremark, Inc. was settled for $161 million, and the Columbia/HCA case obtained an unprecedented $745 million. By the time Ms. Gibbs Brown retired in January 2001, the OIG was receiving as many as 50,000 hotline calls a month. Since Ms. Gibbs Brown’s retirement, the OIG has continued to aggressively police the industry. In 2017, the National Health Care Anti-Fraud Association conservatively estimates that health care fraud costs the nation about $68 billion annually – about 3% of the nation’s $2.26 trillion in health care spending. Other estimates range as high as 10% of annual health care expenditure, or $230 billion. The Importance of Compliance Programs With health care fraud such a priority for the government, the stakes are high. Compliance programs help organizations comply with all applicable laws and regulations. An effective compliance program should: • Demonstrate to the community that an organization has a strong commitment to honesty and responsible corporate citizenship; • Help the organization fulfill its legal duty to government and private payors; • Ensure that the organization understands what type of behavior may result in fraud, waste, and abuse; • Encourage staff to refrain from involvement in illegal, unethical, or other improper acts; • Provide procedures to promptly identify and correct misconduct; and • Mitigate any sanctions imposed by the government. The Essential Elements of an Effective Compliance Program At a minimum, an effective compliance program must include the following seven essential elements: 1. Compliance Personnel & Structure: The designation of a Chief Compliance Officer and other appropriate bodies ( e.g. , a corporate compliance committee) charged with the responsibility of operating and monitoring the compliance program and who report directly to the CEO and the governing body. 2. Compliance Documents: The development and distribution of written standards of conduct and written policies and procedures that promote the commitment to compliance and that address specific areas of potential fraud, such as claims development and submission processes, code manipulation, and financial relationships with physicians and other health care professionals. 3. Compliance Training & Education: The development and implementation of regular, effective education and training programs for all affected employees.
4. Lines of Communication: The maintenance of a process, such as a hotline, to receive complaints, and the adoption of procedures to protect the anonymity of callers and to protect whistleblowers from retaliation. 5. Monitoring & Auditing: The use of evaluation techniques and audits to assess compliance and assist in the reduction of identified problem areas. 6. Response & Prevention: The development of a system to respond to allegations of improper or illegal activities and the enforcement of appropriate disciplinary action against employees who have violated internal compliance policies, applicable statutes, regulations, or federal health care program requirements; 7. Enforcement & Discipline: The investigation and remediation of identified systemic problems and the development of policies addressing the non-employment or retention of sanctioned individuals.
Corporate Responsibility and Corporate Compliance:
A Resource for Health Care Boards of Directors
Ethics & Compliance
CORPORATE RESPONSIBILITY AND CORPORATE COMPLIANCE: A RESOURCE FOR HEALTH CARE BOARDS OF DIRECTORS
In 2003, the American Health Lawyers Association (AHLA) and the Office of Inspector General (OIG) of the Department of Health and Human Services jointly released a publication for those serving on the boards of health care organizations. Entitled Corporate Responsibility and Corporate Compliance: A Resource for Health Care Boards of Directors, the brochure provides board members with background information and a series of questions regarding compliance issues facing the organizations that they serve. The brochure includes an introduction, a description of a board member’s general “duty of care,” an overview of the unique challenges faced by health care organization’s directors, and a brief background on the development of compliance programs. The brochure then provides eighteen suggested questions for those serving on boards so that they can educate themselves on how the organization handles compliance issues. For purposes of assisting the Board better understand Banner’s Compliance Program, the Ethics & Compliance Department developed responses to the eighteen questions contained within the publication. By reviewing these responses, the Board will have a better understanding of the scope and vitality of Banner’s Compliance Program.
C ORPORATE R ESPONSIBILITY AND C ORPORATE C OMPLIANCE : AResource forHealthCare Boards of Directors
THE O FFICE OF I NSPECTOR G ENERAL OF THE U.S. D EPARTMENTOF H EALTHAND H UMAN S ERVICES AND THE A MERICAN H EALTH L AWYERS A SSOCIATION
A CKNOWLEDGEMENT
This educational resource represents a unique collaboration between the American Health Lawyers Association and the Office of the Inspector General of the United States Department of Health and Human Services. This publication would have not been possible without the dedicated effort of numerous individuals at both organizations. It is intended to be a useful resource for those serving on the Boards of Directors of our nation’s health care institutions.
CORPORATE RESPONSIBILITY AND CORPORATE COMPLIANCE
I. I NTRODUCTION As corporate responsibility issues fill the headlines, corpo- rate directors are coming under greater scrutiny. The Sarbanes-Oxley Act, state legislation, agency pronounce- ments, court cases and scholarly writings offer a myriad of rules, regulations, prohibitions, and interpretations in this area. While all Boards of Directors must address these issues, directors of health care organizations also have important responsibilities that need to be met relating to corporate compliance requirements unique to the health care industry. The expansion of health care regulatory enforcement and compliance activities and the height- ened attention being given to the responsibilities of corpo- rate directors are critically important to all health care organizations. In this context, enhanced oversight of cor- porate compliance programs is widely viewed as consistent with and essential to ongoing federal and state corporate responsibility initiatives. Our complex health care system needs dedicated and knowledgeable directors at the helm of both for-profit and non-profit corporations. This educational resource, co- sponsored by the Office of Inspector General (OIG) of the U.S. Department of Health and Human Services and the American Health Lawyers Association, the leading health law educational organization, seeks to assist direc- tors of health care organizations in carrying out their important oversight responsibilities in the current chal- lenging health care environment. Improving the knowl- edge base and effectiveness of those serving on health care organization boards will help to achieve the important goal of continuously improving the U.S. health caresystem. Fiduciary Responsibilites The fiduciary duties of directors reflect the expectation of corporate stakeholders regarding oversight of corporate affairs. The basic fiduciary duty of care principle, which requires a director to act in good faith with the care an ordinarily prudent person would exercise under similar circumstances, is being tested in the current corporate climate. Personal liability for directors, including removal, civil damages, and tax liability, as well as damage to reputa- tion, appears not so far from reality as once widely believed. Accordingly, a basic understanding of the direc- tor’s fiduciary obligations and how the duty of care may be exercised in overseeing the company’s compliance systems has become essential. Embedded within the duty of care is the concept of reasonable inquiry. In other words, directors should make inquiries to management to obtain information necessary
to satisfy their duty of care. Although in the Caremark case, also discussed later in this educational resource, the court found that the Caremark board did not breach its fiduci- ary duty, the court’s opinion also stated the following: “[A] director’s obligation includes a duty to attempt in good faith to assure that a corporate information and reporting system, which the Board concludes is adequate, exists, and that failure to do so under some circumstances, may, in theory at least, render a director liable for losses caused by non-compliance with applicable legal standards.” Clearly, the organizationmay be at risk and directors, under extreme circumstances, also may be at risk if they fail to reasonably oversee the organization’s compliance program or act as mere passive recipients ofinformation. On the other hand, courts traditionally have been loath to second-guess Boards of Directors that have followed a careful and thoughtful process in their deliberations, even where ultimate outcomes for the corporation have been negative. Similarly, courts have consistently upheld the dis- tinction between the duties of Boards of Directors and the duties of management. The responsibility of directors is to provide oversight, not manage day-to-day affairs. It is the process the Board follows in establishing that it had access to sufficient information and that it has asked appropriate questions that is most critical to meeting its duty of care. Purpose of this Document This educational resource is designed to help health care organization directors ask knowledgeable and appro- priate questions related to health care corporate compli- ance. These questions are not intended to set forth any specific standard of care. Rather, this resource will help corporate directors to establish, and affirmatively demon- strate, that they have followed a reasonable compliance oversight process. Of course, the circumstances of each organization differ and application of the duty of care and consequent reasonable inquiry will need to be tailored to each specific set of facts and circumstances. However, compliance with the fraud and abuse laws and other federal and state regulatory laws applicable to health care organizations is essential for the lawful behavior and corporate success of such organizations. While these laws can be complex, effective compliance is an asset for both the organization and the health care delivery system. It is hoped that this educational resource is useful to health care organization directors in exercising their oversight responsibilities and supports their ongoing efforts to promote effective corporate compliance.
CORPORATE RESPONSIBILITY AND CORPORATE COMPLIANCE
II. D UTY OF C ARE Of the principal fiduciary obligations/duties owed by directors to their corporations, the one duty specifically implicated by corporate compliance programs is the duty of care . 1 As the name implies, the duty of care refers to the obliga- tion of corporate directors to exercise the proper amount of care in their decision-making process. State statutes that create the duty of care and court cases that interpret it usually are identical for both for-profit and non-profit corporations. In most states, duty of care involves determining whether the directors acted (1) in “good faith,” (2) with that level of carethatanordinarilyprudentpersonwouldexerciseinlike circumstances, and (3) in a manner that they reasonably believeis inthebestinterestof thecorporation.Inanalyzing whether directors have compliedwith this duty, it is necessary to address each of these elements separately. The “good faith” analysis usually focuses upon whether the matter or transaction at hand involves any improper financial benefit to an individual, and/or whether any intent exists to take advantage of the corporation (a corol- lary to the duty of loyalty). The “reasonable inquiry” test asks whether the directors conducted the appropriate level of due diligence to allow them to make an informed decision. In other words, directorsmust be aware of what is going on about them in the corporate business and must in appropriate circumstancesmake suchreasonable inquiry, as would an ordinarily prudent person under similar circum- stances. And, finally, directors are obligated to act in a man- ner that they reasonably believe to be in the best interests of the corporation. This normally relates to the directors’ state of mind with respect to the issues at hand. In considering directors’ fiduciary obligations, it is impor- tant to recognize that the appropriate standard of care is not “perfection.” Directors are not required to know every- thing about a topic they are asked to consider. They may, where justified, rely on the advice of management and of outside advisors. Furthermore, many courts apply the “business judgment rule” to determine whether a director’s duty of care has been met with respect to corporate decisions. The rule
provides, in essence, that a director will not be held liable for a decision made in good faith, where the director is disinterested, reasonably informed under the circum- stances, and rationally believes the decision to be in the best interest of the corporation. Director obligations with respect to the duty of care arise in two distinct contexts: • The decision-making function : The application of duty of care principles to a specific decision or a particular board action; and • The oversight function :Theapplicationof dutyof care principles with respect to the general activity of the board inoverseeing the day-to-daybusinessoperations of thecorporation; i.e. , theexerciseof reasonablecare to assure that corporate executives carry out theirman- agement responsibilitiesand complywith the law. Directors’ obligations with respect to corporate compliance programs arise within the context of that oversight func- tion. The leading case in this area, viewed as applicable to all health care organizations, provides that a director has two principal obligations with respect to the oversight func- tion. A director has a duty to attempt in good faith to assurethat(1)acorporateinformationandreportingsystem exists,and(2)thisreportingsystemisadequatetoassurethe board that appropriate information as to compliance with applicable laws will come to its attention in a timelymanner as a matter of ordinary operations. 2 In Caremark, the court addressed the circumstances in which corporate directors may be held liable for breach of the duty of care by failing to adequately supervise corporate employees whose mis- conduct caused the corporation to violate the law. In its opinion, the Caremark court observed that the level of detail that is appropriate for such an information system is a matter of business judgment. The court also acknowl- edged that no rationally designed information and report- ing systemwill remove the possibility that the corporation will violate applicable laws or otherwise fail to identify cor- porate acts potentially inconsistent with relevant law. Under these circumstances, a director’s failure to reason- ably oversee the implementation of a compliance pro- grammay put the organization at risk and, under extraor- dinary circumstances, expose individual directors to per- sonal liability for losses caused by the corporatenon-
1 The other two core fiduciary duty principals are the duty of loyalty and the duty of obedience to purpose. 2 In re Caremark International Inc. Derivative Litigation, 698 A.2d 959 (Del. Ch. 1996). A shareholder sued the Board of Directors of Caremark for breach of the fiduciary duty of care. The lawsuit followed a multi-million dollar civil settlement and criminal plea relating to the payment of kickbacks to physicians and improper billing to federal health care programs.
health care provider. In addition to recoupment of improper payments, the Medicare, Medicaid and other government health care programs can impose a range of sanctions against health care businesses that engage in fraudulent practices. Particularly given the current “corporate responsibility” environment, health care organization directors should be concerned with the manner in which they carry out their duty to oversee corporate compliance programs. Depending upon the nature of the corporation, there are a variety of parties that might in extreme circumstances seek to hold corporate directors personally liable for allegedly breaching the duty of oversight with respect to corporate compliance. With respect to for-profit corpora- tions, the most likely individuals to bring a case against the directors are corporate shareholders in a derivative suit, or to a limited degree, a regulatory agency such as the Securities and Exchange Commission. With respect to non-profit corporations, the most likely person to initiate such action is the state attorney general, who may seek equitable relief against the director ( e.g., removal) or dam- ages. It is also possible (depending upon state law) that a dissenting director, or the corporate member, could assert a derivative-typeactionagainst thedirectorsallegedlyrespon- sible for the “inattention,” seeking removal ordamages. Over the last decade, the risks associatedwithnon-compli- ance have grown dramatically. The government has dedicated substantial resources, including the addition of criminal investigators and prosecutors, to respond to health care fraud and abuse. In addition to government investigators and auditors, private whistleblowers play an important role in identifying allegedly fraudulent billing schemes and other abusive practices. Health care providers can be found liable for submitting claims for reimbursement in reckless disregard or deliberate igno- rance of the truth, as well as for intentional fraud. Because the False Claims Act authorizes the imposition of damages of up to three times the amount of the fraud and civil monetary penalties of $11, 0 00 per false claim, record level fines and penalties have been imposed against individuals and health care organizations that have violated the law. In addition to criminal and civil monetary penalties, health care providers that are found to have defrauded the federal health care programs may be excluded from participation in these programs. The effect of an exclu- sion can be profound because those excluded will not
compliance. 3 Of course, crucial to the oversight function is the fundamental principle that a director is entitled to rely, in good faith, on officers and employees as well as corporate professional experts/advisors in whom the director believes such confidence is merited. A director, however, may be viewed as not acting in good faith if he/she is aware of facts suggesting that such reliance is unwarranted. In addition, the duty of care test involving reasonable inquiry has not been interpreted to require the director to exercise “proactive vigilance” or to “ferret out” corporate wrongdoing absent a particular warning or a “red flag.” Rather, the duty to make reasonable inquiry increases when “suspicions are aroused or should be aroused;” that is, when the director is presented with extraordinary facts or circumstances of a material nature ( e.g., indications of financial improprieties, self-dealing, or fraud) or a major governmental investigation. Absent the presence of suspi- cious conduct or events, directors are entitled to rely on the senior leadership team in the performance of its duties. Directors are not otherwise obligated to anticipate future problems of the corporation. Thus, in exercising his/her duty of care, the director is obligated to exercise general supervision and control with respect to corporate officers. However, once presented (through the compliance program or otherwise) with information that causes (or should cause) concerns to be aroused, the director is then obligated to make further inquiry until such time as his/her concerns are satisfacto- rily addressed and favorably resolved. Thus, while the cor- porate director is not expected to serve as a compliance officer, he/she is expected to oversee senior manage- ment’s operation of the compliance program. The health care industry operates in a heavily regulated environment with a variety of identifiable risk areas. An effective compliance program helps mitigate those risks. In addition to the challenges associated with patient care, health care providers are subject to voluminous and some- times complex sets of rules governing the coverage and reimbursement of medical services. Because federal and state-sponsored health care programs play such a signifi- cant role in paying for health care, material non-compli- ance with these rules can present substantial risks to the III. T HE U NIQUE C HALLENGESOF H EALTH C ARE O RGANIZATION D IRECTORS
3 Law is not static, and different states will have different legal developments and standards. Standards may also vary depending on whether an entity is for profitor non-profit. Boardsof publichealthcare entitiesmay haveadditional statutoryobligationsand shouldbe awareof stateand federal statutory requirements applicable to them.
Made with FlippingBook flipbook maker