New DOJ Guidance on Compliance Programs Released March 2023

Incentives, Compensation Structures, and Consequence Management for Healthcare Compliance

Incentives, Compensation Structures, and Consequence Management for Healthcare Compliance

A new document from the Department of Justice (DOJ) will give you reason to revisit some of your healthcare compliance benchmarks.

Deputy Attorney General Lisa Monaco recently delivered remarks to the American Bar Association on corporate crime. She also introduced a concept of promoting compliance through compensation clawback programs, consequence management and more.  

This article will focus on two of the topics she addressed in the DOJ Evaluation of Corporate Compliance Programs (ECCP) released in March.  These topics are incentives within healthcare compliance as well as compensation structure and consequence management. The article will also look at ways to partner with Human Resources to implement the additional expectations in the ECCP.  

Healthcare compliance officers previously benchmarked the 2020 DOJ ECCP’s document in an effort to assess their Compliance Program with the expectations of the DOJ. It would be prudent to conduct the same exercise now with the 2023 EECP document.  

Incentives Within Healthcare Compliance

The new guidance released by the DOJ elevates the importance of compliance incentives far beyond the common approach of providing pens, pizza parties and logo-wear. Historically, securing a budget for compliance incentives was not always viewed as a high priority, dismissed as unnecessary and easily eliminated. The updated ECCP creates an unprecedented tone to hardwire salary, compensation, promotions, and dismissals directly to the incentives. These steps are an effort to elevate the level of compliance effectiveness. While the intent is understood, practical application of this guidance for employment contracts, unions, and recruitment may be challenging. State law, employment law, and unions (where applicable) will be factors in establishing clawbacks, promotions and dismissals for compliance-related matters. 

Compensation Structures and Consequence Management

The June 2020 ECCP guidance that referenced “Incentives and Disciplinary Measures” was replaced with “Compensation Structures and Consequence Management.” This includes a specific bulleted paragraph on “Financial Incentive System.” The updated DOJ Evaluation of Corporate Compliance Programs (ECCP) states, “the design and implementation of compensation schemes play an important role in fostering a compliance culture. Prosecutors may consider whether a company has incentivized compliance by designing compensation systems that defer or escrow certain compensation tied to conduct consistent with company values and policies.”  

Within the Compensation Structures and Consequence Management, prosecutors are to consider the following four factors:

  1. Human Resources (HR) Process
  2. Disciplinary Measurers
  3. Consistent Application
  4. Financial Incentive System

An example is provided in the Human Resources Process section that pertains to transparency with the terms of an executive that exited due to a compliance violation. The question is raised whether the reason for discipline due to a compliance violation was communicated to all employees and if not, why not? The sensitivity surrounding the circumstances of an executive’s departure could be multi-faceted and may create complexity with an attempt to be transparent to employees. Either way, establishing clarity upfront with the compensation nuances regarding recoupment and clawbacks in employee handbooks, policies, and employee documents will be necessary. Consequence management is definitely a more sophisticated term that encompasses disciplinary action as well as targets middle and upper management accountability.

Disciplinary Measures now includes a reference to recoup compensation for misconduct. The expectation is that policies and practices are to be in place to put employees on notice that they will not benefit from misconduct.

Consistent Application was included in the previous DOJ 2020 version and in 2023 language was added that the measures be applied to all units, geographies, and levels of the organization.

The fourth area pertains to Financial Incentive System. The question is raised as to what role the compliance function has when it comes to awarding financial incentives for senior levels of the organization.  Questions are raised on the establishment of ethical business objectives and recouping compensation that was paid when there has been misconduct.  Compliance input on financial incentives for senior executives and recoupment for misconduct would be awkward, at best, if the compliance function is not at the same level in the organization. Fortunately, that dynamic will not be an issue for organizations with a healthy culture.

Partner with Human Resources

Implementation of the additional expectations outlined in the ECCP will require commitment from the leadership specifically to apply “consistency” with practice.  Due to the fact that several of the incentives are directly within the scope of human resources, it would be prudent to partner early in the process to brainstorm about an efficient and effective approach.

Risk Analysis

Predominantly, the responsibilities are within the purview of compliance. It is very important that the CEO is apprised and understands the key concepts. Performing a risk analysis of current status with the updated DOJ guidance would be the next step. Suggested questions for consideration in performing a risk analysis on the compensation and consequence management components are as follows:

  1. Who (which areas of expertise) in your organization should be at the table?
    • Consider partnering with HR to develop the team.
    • Consider IT, risk, marketing, operations, and/or others based on the size of your organization.
    • Consider consulting legal to establish a platform for misconduct financial penalties and more.
  2. Are the substantiated compliance-related allegations tracked across the levels, departments, and geographical units of the organization?
    • Compliance tracking systems are available via third party vendors.
    • Developing compliance tracking internally may save financially on the front end but costs as much, if not more, long-term due to the time required for development and maintenance.
  3. Has a tracking system/spreadsheet been established to demonstrate consistent disciplinary action?
    • Consider automated tracking of disciplinary action for monitoring consistency with compliance events.
    • It is important to note that not ALL disciplinary actions are to be shared with Compliance, only those pertinent to Compliance.
  4. Is the effectiveness of an investigation and consequence management measured?
  5. Is the time to complete an investigation tracked and monitored?
    • This practice can demonstrate competence, cooperation and identify hurdles that are preventing closure to an investigation.
    • The data could be shared with the compliance committee and is a measure of accountability for the compliance team.
  6. Is the compensation system tied to conduct to support the company values and policies?
  7. Are there financial penalties for misconduct?
  8. Is recoupment and/or reduction of compensation imposed due to compliance violations?
  9. Do policies and/or practices exist to put employees on notice that they will not benefit from misconduct?
  10. Is compliance a means for career advancement?
  11. Do metrics exist for compliance that are directly related to management bonuses and/or other compensation?
  12. What role does the Compliance team have in designing and/or awarding financial incentives at the senior levels of the organization? 

Risk Management

The questions and analysis above must also align with company policy and applicable laws. A summary of the key elements and/or changes may be beneficial for multiple levels of the organization as well as assist with communication to the CEO and executive management. Once the risk analysis is complete, then the following steps could be taken:

  1. Create a checklist with the results of the risk analysis.
    • The checklist results can be prioritized into low, medium, and high risk.
    • Target and address the high-risk areas identified.
  2. Assess deficiencies, risk tolerance, and areas in need of improvement. 
  3. Consult with legal counsel on matters involving employment expectations, contracts, and employee onboarding documents.
  4. Educate the board on key highlights of the DOJ’s ECCP.
    • Recitation of a regulation is burdensome to a board.
    • Create an analogy that would be applicable to a community non-healthcare business that board members could easily understand and relate to. 
    • Summarize the key additions to the ECCP into an action plan for compliance.
  5. Monitor consistent application of modified policies and/or processes with compensation and disciplinary action.

These steps will help you manage risk throughout this process.

2023 EECP: Actions for Healthcare Compliance

This new memo from the Department of Justice creates opportunities for Compliance to influence and add value in areas in which we have traditionally been less involved. It’s important to note, though, that incentives directly tied to compensation are very personal. Organizations with compensation clawbacks and recoupment for violations of misconduct may initially cause alarm. Your transparency upfront may cause pushback and impact recruitment on some level. However, pushback may be an indication of the character of an individual the organization is recruiting. Hesitancy may be in order. 

Compliance departments that have been relying on the 2020 ECCP document will want to undertake a new benchmarking exercise with this new memo. The good news is that while consequence management is new for compliance programs, the application of disciplinary action and data relating to disciplinary actions to measure effectiveness is not new. You can use your experience with that application to apply the guidance in the 2023 ECCP document.

Compliance effectiveness reviews sometimes reveal inconsistent application of policies, practices, and disciplinary action. This should be concerning to compliance teams, because it appears that the DOJ is concerned as well. 

Subscribe to weekly emails from YouCompli to make sure you get our expert articles

We never sell or share your contact information.

Shawn DeGroot

Shawn DeGroot CHC-F, CCEP, CHRC, CCPC serves on the advisory board for YouCompli. She is also president of Compliance Vitals, providing consulting services for clients in need of practical guidance in a complex healthcare regulatory environment. Previously she served as president of the Health Care Compliance Association (HCCA) and the Society of Corporate Compliance and Ethics (SCCE).

Manage your healthcare regulatory change process effectively and efficiently

YouCompli enables the compliance officers to assign ownership and oversight of tasks to different department heads, functional leaders, or specialists. The solution prompts users to accept, reject, or reassign the task by a stated deadline. Manage the rollout and accountability of new requirements with the best workflow in the business.