Ready, Set, Go! Identifying Emerging Risks in Your 2024 Compliance Workplan 

emerging risks in compliance with Jenny O'brien

I always find it energizing to look back at the past year, and shift focus to what sits at the top of the risk list for the upcoming year. Here are some best practices and tips for both! 

Insights and Feedback from 2023 

Before moving on from 2023, it is important to take time and get feedback from business partners to ensure an “outside-in” perspective is included in your 2024 plan. A simple and effective approach is to survey key stakeholders by asking, “How has the compliance team been most effective and valuable to you?” This helps recognize and celebrate successes as well as validate what is working well and what work should continue. It is also critical to follow up with: “How can our team be even more effective and valuable to you?” By doing this, you will gain unique insights that could strengthen your program. 

Strategically Prioritizing Risks for 2024  

In addition to capturing the core elements of an effective compliance program, the most strategic part of plan development involves the work the team does to identify and prioritize emerging risks. There are three areas that support moving from a reactive to a proactive compliance program.    

  1. Optimizing Regulatory Guidance – State and federal regulators are providing more clarity around expectations and signaling where they will focus their resources. There are two key sources of these items:   
  • The U.S. Department of Justice’s (see https://www.justice.gov/criminal/criminal-fraud/page/file/937501) Criminal Division released the Evaluation of Corporate Compliance Program document in March 2023 to assist prosecutors in evaluating a corporate compliance program as part of their investigation. 
    • Compliance teams should review the document and assess how their program measures up to expectations. Any gaps identified should be reviewed by leadership and the Board of Directors as appropriate. This will ensure awareness and enable preparation for any known risks related to three fundamental questions that will be asked of the organization: 
      • Is the corporation’s compliance program well designed? 
      • Is the program being applied earnestly and in good faith? 
      • Does the corporation’s compliance program work in practice? 
  • The Office of Inspector General’s (see https://oig.hhs.gov/compliance/compliance-guidance/) new General Compliance Program Guidance document, released in November 2023, provides helpful information around relevant federal laws and other resources.  
    • Compliance teams should recognize and utilize the GCPG for insights around regulator expectations that are included in the tips, definitions, and FAQs. It is also an excellent resource to use when developing and refreshing content for employee and/or Board orientation. 
  1. Aligning with 2024 Business Priorities – It’s the compliance team’s responsibility to understand and awareness of the organization’s 2024 business goals and priorities. This serves two purposes: to signal to your business partners that priorities are aligned and to better position compliance to anticipate and support emerging operations risks.    

As part of the ongoing development of your compliance team, focus on business acumen as much as developing technical compliance skills. This is accomplished by encouraging all team members to read leadership messages, attending business updates, and listening to how compliance can better support business imperatives. If you are a public company, listen to earnings calls and investor meetings to better understand how the company performed and performance commitments for future growth. Team members at all levels, from entry level to experienced managers, will benefit from becoming more astute business leaders as they also focus on developing compliance skillsets.  

  1. Understanding Industry Trends – As a leader in the organization and the expert on regulatory and compliance issues and trends, it is important for you to stay current on industry news. This means investing time in publications, websites, and blogs on what is happening across the industry. C-suite colleagues, Board members and other key stakeholders are looking to you for help prioritizing and identifying emerging risks that you will find by doing so. 

It may help to create a cross-functional group to review and assess emerging risks. Examples to consider for 2024 include:  

  • Artificial Intelligence (AI) and Investments in Data Analytics 
  • New Partnerships (Private Equity and Strategic Investors)  
  • Outsourced Services (IT, Revenue Cycle) 
  • Financial Stress and Operating Margins 
  • ESG and Sustainability 
  • Politics and Impact on the Regulatory Trends 

As we pause to strategize and prioritize, the good news is there is no shortage of advice, regulatory guidance, and opinions about what to consider including in our compliance plans. That said, keep in mind that more is not necessarily better. In fact, it is essential that we be disciplined and bring strategic insight into what NOT to include as well. This will ensure a systemic and realistic approach to mitigating and prioritizing the key risks for our organizations. 

Jenny O’Brien, JD, MS, CHC serves on the advisory board for YouCompli. She is also president and principal at BlackBridge Advisors. She has been the chief compliance officer (CCO) at multiple companies, including UnitedHealthcare, as well as a state assistant attorney general and a partner at a law firm. She is a past president and board member of HCCA/SCCE, serves on the boards of Bon Secours Mercy Health System and St. Charles Health System, and the advisory board of Stellar Health. 

Qualified compliance professionals do the heavy lifting for you, simplifying regulatory change management    

Our in-house team works tirelessly to monitor US regulators, carefully read the regulations in their entirety, and translate the information into simple regulatory intelligence you can use. We deliver model procedures and expert tools that can be used to fulfill your business requirements. Everything is validated by a third-party law firm. Follow the button below to get a tour of our healthcare compliance software.  

Get the latest from healthcare compliance experts   

Never miss an article by Jenny O’Brien. Sign up for YouCompli’s weekly email if you haven’t already.