a practical guide to addressing conflicts of interest june ... · scce higher education compliance...

SCCE Higher Education Compliance Conference

1

MADONNA DOUGHERTYE T H I C S O F F I C E R

J O H N S H O P K I N S U N I V E R S I T Y

A P P L I E D P H Y S I C S L A B O R A T O R Y

A Practical Guide to Addressing Conflicts of Interest

June 1, 20151

• Finance Industry– Dual roles – lobbying– Fiduciary duties

• Healthcare– Advising patients– Research affiliations

• Media– Issues that affect media itself

– Advertising• Murdock example• Less investigative journalism

Types of COI…..• Universities

– Publications /Research

– Mandatory Book requirements

– Romancing students

• Legal Firms– Opposing clients

– Advising clients

• Stockbrokers– Concealment

– Dis‐Information

– “Pump & Dump”2


2

Why it matters……

Lockheed Martin CEO‐to‐be resigns over affairChristopher Kubasik, 51, had been in line to become CEO

3

Trends

4


3

• Guidance?

– No one area of law for reference

• SOX, EEO, OSHA, RICO, Anti‐trust, FAR,

the list goes on…………

– Definition of COI is often

broken down even further

• Variety of everyday activities can lead

to a COI, no one type of activity to track

• COI can be both Personal or Organizational

– Personal is just that, thus easy to conceal

– Organizational is across the organization,

and/or with other orgs, can be hard to reign in or detect

Guidance

5

• Define/Identify COI for YOUR organization– Industry variations– Company culture – Fiduciary Duties– Professional Credos/Oaths– External Organizations

• Regulators? • Auditors? • Industry Analysts?

– Management Levels• Varies according to job duties (opportunity, motivations, incentives)

• Varies according to position (the higher the level, the higher the exposure/risk)

Identifying COI/Risk Assessment

6


4

• Eliminating COI is not always possible or desirable– Cost effectiveness / Shared resources– Reach back to technical expertise– Productivity/Positive motivations

• Varies according to position (the higher the level, the higher the exposure/risk)

• Covered by Policies in Place/Code of Ethics and Conduct?

• Mitigation possible?• Discipline? • Authority over review?

– Ethics Office– Legal Office– HR Specialist

Management

7

• Usually starts with Code of Ethics and Conduct/SOX §406

• Financial COI ($$)– Outside activities

• Moonlighting/Volunteerism/Public Service– Outside Interests

• Stocks / Ownership of competitor or supplier– Inside interest (joint venture, partnership, or other business with your company)

– Acceptance of Gifts/Gratuities/Entertainment

• Personal Relationships– Familial / Nepotism– Same‐sex relationships– Romantic relationships

• Regulatory requirements specific to your industry/company

Policies

8


5

• Common area of perceived COI– Define based on your industry

• Regulated? – Certain industries are so regulated your policies are practically written for you

• Government contracting• Stock brokerages

• Fair and Consistent application of policy• Reporting?

– Every instance? Under defined conditions?

• Tracking– Every instance? Under defined conditions? – Administrative costs v benefits?

Gifts, Gratuities

9

• Avoid entirely, e.g. blind trusts, prohibitions (on accepting gifts, on relationships, etc.)

• Disclosure Requirements

• Certifications

• Waivers / Pre‐approvals

• Recusal

• 3rd Party Evaluators / Multi‐Party Contributors

• Monitoring (not audit of your COI program but monitoring of approved situations)

• Regulatory requirements

• Training and awareness are important, don’t rely on just one method ,e.g. annual compliance training, use varied media (live briefings, company articles, COI surveys, etc)

Controls/Mitigation

10


6

• Personal COI: employee vs. company interests, looking to avoid conflict

with company’s business interests or avoid risk of favoritism/discrimination allegations

• OCI: company and 3rd party interests

– Customers

– Clients

– Government: federal contractors must adhere to Federal Acquisition Regulations (FAR) §9.5, as well as revolving door (former gov’t officials) and acquisition functions (trusted advisor support)requirements

PCOI vs. OCI

Both PCOI and OCI mitigation should address even a perception of COI

11

• Mitigating familial or other relationship type COI– Policy decision on what will or will not be permitted

• Define to what degree (cousins? romantic? “close”?, etc) • Prohibit relationships? Allow for mitigation? Waivers for unique situations?

– If permitted, document mitigation: • the relationship should not influence or appear to influence hiring, performance appraisals, salary, promotions, discipline, task assignments, or other work‐related activities

• employees in a relationship should not occupy a position with the authority or opportunity to affect the other’s career

• Firewall, no access to, personnel files or information of the other• Management chain available, to report or resolve issues, that does not include related employee

• Mitigating outside interests or activities– Depends on type of interest/activity but should consider use of:

• Nondisclosure agreements• Restriction of licensing or other rights• Organizational/Management Chain isolation• Controlled Access to certain company information or facilities

PCOI Policies/Mitigation

12Approvals and execution by all parties recommended


7

• Inability or potential inability to render impartial services, where objectivity may be perceived impaired, or the contractor has an unfair competitive advantage.

• In USA/UK/NATO, there are 3 types of OCI (in USA per GAO decisions):– Unequal Access to Information: nonpublic information during

performance of a contract (e.g. proprietary or financial data of the government or a competitor) which may yield an unfair competitive advantage

– Biased Ground Rules: establishing the “critical baseline” for a contract that your company may compete for (e.g. writing or advising on the SOW, specifications, evaluation criteria, proposal development, etc.)

– Impaired Objectivity: contractor placed in a situation of providing assessment and evaluation over work performed or products provided by the same contractor

OCI: Government Contracting

13

NIH COI Guidance

14


8

NIH COI Guidance

15

NIH COI Guidance

16

• Certifying COI– Each NIH peer reviewer must certify, under penalty of perjury

(US Code Title 18 chapter 47 section 1001), that to the best of his or her knowledge he/she has disclosed all conflicts of interest that he or she may have with the applications or R&D contract proposals; he or she fully understands the confidential nature of the review process and agrees:

– (1) to destroy or return all materials related to it; – (2) not to disclose or discuss the materials associated with the

review, the evaluation, or the review meeting with any other individual except as authorized by the Scientific Review Officer (SRO) or other designated NIH official;

– (3) not to disclose procurement information prior to the award of a contract; and

– (4) to refer all inquiries concerning the review to the SRO or other designated NIH official.


9

• OCI Plans: must meet FAR/Agency requirements – Description of the OCI Situation/Analysis: often left out yet is an

integral element of any mitigation, “why is this Plan necessary”? – Organizational Isolation and Controlled Access to program

facilities – “Firewalls” (Key Principle); includes IT network isolation as required

– Special document handling and storage (information protection)– Employee awareness and training on both OCI generally and on

the specifics related to the OCI Plan– Limitation on personnel transfers, if applicable

• Use this judiciously , restrictions affect individual employee’s ability to work or transfer and can have significant impact on their personal lives

– Flow down of all OCI requirements to subcontractors– Audits

• Many US government agencies now have checklists with required Plan elements

OCI Mitigation Plans

17

• Institution vs. Directors & Officers

– Business Judgment Rule: presumption that directors act on an informed basis, in good faith, in the honest belief that action is in the best interest of the company

– Duty of Loyalty : directors owe duty of loyalty to institution

• Breach of duty? A “Self‐dealing” transaction is not automatically void if the underlying COI is removed by showing the transaction is substantively fair

–Was it procedurally fair, did other directors know and tainted director recuse themselves? OR was transaction substantively fair to the company?

• §8B of Sentencing Guidelines, do you have a monitored, bona fide and effective ethics & compliance program?

Defending the Institution

18


10

• Annual Certification Tools

– “One & done”

– Unstructured

– Limited to interval /leaves time gap

• Dynamic COI Database

– Can be real‐time

– Provides historical/repository reporting

– can breakdown COI data by department, by COI type, etc

– Improves organizational justice

– Provides transparency19

Tracking and Managing COI

• Rely on Self‐Disclosure?

– Confidential reporting

– Anonymous hotlines

• Ensure a feedback mechanism

– Possible gaps

• Require affirmative disclosures

– From all?

– Situational?

20

Disclosure Requirements


11

• Communication Plan is key– Foster a “we are in this together” need to protect reputation of institution

– Choose words wisely• Use “disclose”, not report• Use “save” , not submit• Use “cleared”, not accept/reject• Use “disclose & manage” , not investigate & sanction

– Ensure confidentiality of disclosed data, explain this is similar to other employee data integrity, e.g. HR data, Medical data, payroll data

21

Privacy Concerns

COI is an increasing area of risk for institutions, start with identifying COI for your organization

Robust Ethics & Compliance program which creates awareness a must

Develop ways to mitigate COI to address the risk yet allow maximum use of resources

Take Away ……..

22

a practical guide to addressing conflicts of interest june ... · scce higher education compliance...

Documents