Monitoring institutional compliance and compliance risks is a component of the Enterprise Risk Management Program at Georgia Tech. The Compliance Partners Group (“CPG”) is a partnership between compliance units at the department level. The CPG works in tandem with ongoing department level compliance operations to enhance effective compliance work, provide compliance communication, and highlight compliance resource needs. The CPG is made up of administrators responsible for the day-to-day functional obligations relevant to an assigned compliance area and for coordinating interdepartmental compliance activities with one another.
The CPG takes into account the decentralized nature of compliance work, as well as the value of shared governance. It avoids the creation of new bureaucracy and redundancy of efforts, while assigning responsibility for designated compliance areas to those administrators with the most pertinent knowledge of the impacted operations. The CPG has the ability to leverage resources and expertise among compliance projects that cross specialties. The CPG adds value by focusing attention on compliance areas of greatest impact to Georgia Tech.
Compliance Partners personally carry out compliance obligations or see to the assignment of compliance activities, and confirm that they have been appropriately carried out. Compliance Partners are responsible for ensuring that reporting deadlines applicable to their respective compliance areas are met.
Compliance Partners confer with the Office of Legal Affairs on legal questions regarding legal compliance and regulatory matters. Compliance Partners also inform the Compliance and Risk Management Network about compliance risks in their respective compliance areas.
The Institute has myriad obligations for compliance with external and internal mandates and standards. There are multiple sources for such standards, from laws and agency regulations to accreditation standards to internal and external policies and procedures.
The Compliance Matrix involves a decentralized matrix of the offices and administrators responsible for specific legal and regulatory compliance obligations of the Institute. The Compliance Matrix is maintained by the CPG to help identify and organize department and interdepartmental responsibilities for compliance with federal and state laws, regulations, other external standards, and policies and procedures (both Institute as well as the University System of Georgia). The Compliance Matrix is designed to provide coordination and documentation of existing and ongoing institutional compliance initiatives to meet increasing federal regulations, external standards, and best practices.
The Compliance Matrix has five main components:
- Law or Regulation – the title and short summary of the legal or regulatory compliance obligation
- Lead Contact – the individual assigned to take the lead in monitoring and responding to the law or regulation for the Institute
- Coordinating Offices – the other offices the Lead Contact will work with to help ensure compliance with the law or regulation
- Reporting Deadline – any external reporting deadline associated with the law or regulation
- Training Requirement – any external training requirement associated with the law or regulation
The Compliance Calendar is a shared calendar populated by the Compliance Partners containing Institute-level compliance reporting deadlines.
The Compliance Calendar has five main components:
- Title – the name of the compliance reporting requirement
- Date – reporting deadline
- Description – a summary of the compliance reporting requirement
- Department – the department or office coordinating the compliance report or event
- Primary Contact – the individual assigned to take the lead on the compliance report or event
The CPG keeps a shared document library with copies of compliance documents and research applicable to their respective compliance areas. This document library serves as a resource for Compliance Partners to share compliance information, documents, and best practice material. Original compliance documents are kept by the Compliance Partners within individual departments.
The CPG has a Sharepoint site where the Compliance Matrix, Compliance Calendar, and Compliance Documents are kept for CPG editing and use. The Compliance Partners Group Sharepoint site is available to CPG members at: http://cpg.gatech.edu
USG Ethics Policy – Section 6. Comply with all applicable laws, rules, regulations and professional standards.
Compliance with laws, rules and regulations governing USG institutions is both a legal and an ethical mandate. The risks associated with non-compliance can be significant. Significant risks include loss of reputation, loss of external funding, financial penalties, loss of accreditation and potential criminal prosecutions. Members of the USG community shall seek the advice of USG legal counsel to clarify the laws, rules and regulations impacting official duties.
USG Compliance Policy – Section 7.16.3. Compliance Framework
An effective Compliance Program is designed to meet the following elements and ensure that:
- Standards have been adopted that require compliance with applicable law;
- High-level personnel have been assigned the authority and responsibility to implement the Program and that the Board of Regents is periodically updated on Program status;
- Individuals with substantial discretionary authority and/or charged with implementing the Program have not engaged in illegal activities or other conduct inconsistent with an effective compliance program;
- Program requirements and ethical standards are periodically communicated to all employees through effective training and regular communication;
- Effective monitoring is implemented to detect misconduct, evaluate Program effectiveness, and provide a reporting system whereby employees can report misconduct without fear of retribution;
- Program standards are enforced through appropriate incentives and sanctions; and,
- Responses to misconduct are appropriate and that reasonable steps are taken to prevent further offenses to include modifying the Program to prevent and detect violations of the law.
Read Full USG Compliance Policy here.