Kusserow on Compliance: Senior executive exposure to liability for failing to embrace compliance

As the headlines continue to point to major misconduct and scandals involving senior corporate executives, compliance officers need to refocus their efforts and address a critical need. All too often, compliance officers have difficulty in requiring board members and senior executives to be briefed on the compliance program activities, undergo annual compliance training, and generally provide serious oversight and support for the compliance program. Many Board members and senior executives dismiss this as a waste of time that can be better used to carry out the mission of the organization.  The reality is just the opposite.  Over the last couple of years, the rumblings have increased significantly from regulatory and enforcement authorities concerning executives and Board members failing in their fiduciary compliance responsibilities.  Just listing the names of some of the initiatives and policy statements on the subject should be sobering, such as the following:

  • Responsible Corporate Officer Doctrine, in which the HHS Office of Inspector General (OIG) used enhanced  program exclusion authority against owners, officers, and managing employees of companies that are subject to criminal or administrative sanctions;
  • Yates Memorandum, which seeks greater accountability from executives of organizations found to engage in wrongdoing by placing higher prospective priority on executives over organizations;
  • Evaluation of Corporate Compliance Programs,” guidance issued by the Department of Justice (DOJ) Fraud Section, which is being used to assess “top-down” compliance programs, beginning at the Board and executive levels and cascading down through all levels of management; and
  • corporate integrity agreements negotiated by the OIG with entities found engaging in wrongdoing that create many stringent requirements on corporate officers and Board members, including personal certifications under penalty of law and requirements for compliance for leadership.

All of this movement by the DOJ and OIG make it clear that regulators and enforcement agencies consider failure of executives and Board members in supporting, empowering and overseeing compliance as the most significant compliance risks for any organization. This places a great deal of pressure on compliance officers, who must find ways to engage senior executives and the Board to understand their personal exposure to liability for failing to meet their fiduciary obligations towards the compliance program.  This in turn needs to move toward comprehensive training and education on compliance and executives’ and Board members’ roles in ensuring its effectiveness.   Compliance officers should consider reviewing all the material, including that in the hyperlinks provided in this blog to gain a fuller understanding about executive and Board member liability for not paying sufficient attention to and support for the compliance program.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Tips for getting the most from your CIA

This was the title of a section in a presentation by Laura Ellis, HHS Office of Inspector General (OIG) Senior Counsel, at the recent Health Care Compliance Association (HCCA) Compliance Institute, where she explained that the settlement process is very lengthy, and that compliance officers should spend that time period preparing for what is to come. Even before matters are referred to the OIG for settlement negotiations, the matter will have been with the Department of Justice (DOJ) for a long time.  It is only after the DOJ turns matters over to the OIG that the agency determines whether or not a corporate integrity agreement (CIA) is necessary, and if so, what terms and condition should be included in the agreement.  Ellis stated that negotiations with the OIG may take up to a year before a CIA emerges.   It is during this rather long lead-up period that the compliance officer should be very busy preparing for what is to come.  Ellis offered a number of suggestions for the compliance officer to follow while this process is underway, including:

Thomas Herrmann, J.D., was previously responsible for negotiating CIAs on behalf of the OIG and in providing monitors with a number of years’ consulting experience, working with more than a dozen clients with CIAs and as an Independent Review Organization (IRO). He agreed with the Ellis statement about the long lead time before a CIA is signed, and that the compliance officer should not waste that valuable time.  Once executed, the clock begins ticking and a lot has to be accomplished in a relatively short time.   Among the most important tasks needing immediate attention is finding and vetting potential outside experts to be the IRO and, in some cases, compliance experts for the Board and quality monitors. The responsibility for selecting these experts lies with the organization, not the OIG.  This may take a lot of time and warrants serious consideration as in all likelihood, the organization will have them for five years.  A mistake in selection will come back to haunt the organization and may aggravate matters with the OIG.  The compliance officer should be very much involved in finding and selecting the right experts with the right expertise.   The more experience the firm selected has in performing this type of work, the less likely there will be problems.  An experienced firm won’t have the learning curve of an inexpert firm that oftentimes adds cost to the engagement and results in poor reports to the OIG.  For an organization that is already in hot water with the DOJ and OIG, this kind of complicating matter is not wanted.

Carrie Kusserow has over 15 years’ compliance officer and consultant experience, and was brought in to be the compliance officer to an organization under a CIA while Laura Ellis was the monitor. Kusserow echoes Ellis’ advice to organizations to take steps to “get the most out of the money” expended on these resources. The more expert they are in the health care sector, the better.  The more experience the individuals assigned to do the work have, particularly experience with the OIG, the better.   The one thing to avoid is hiring an IRO and then paying it to learn about the type of work being done by the organization or how to interact with the OIG. Having top-notch experts can impart considerable added value from prior experience of doing this kind of work. She also pointed out that once these outside experts are engaged, there is another lag period before they begin their work and again when they present reports on the results of their work.  It is a huge mistake to allow these gap periods to elapse without doing serious preparation work.  It is important to begin planning at the earliest date for what is needed to meet CIA terms and conditions, which will assist in this effort, and development of a project plan for execution.   The planning process and timelines for meeting CIA requirements will have to take into account when reports by the IRO, and possibly the compliance expert, are due to the OIG.

Steve Forman, CPA, has over 35 years’ experience, having served as both as a compliance officer and as an IRO many times, and as a compliance expert four times under a CIA. He advises compliance officers that one step that cannot be undertaken too soon is getting the Executive/Management Compliance Committee and Board Compliance Committee involved. They need to understand fully in practical and operational terms their personal obligations, along with what is needed from them to meet CIA obligations.   He also strongly recommends at the first indication that a CIA may be in the future to begin reviewing posted agreements on the OIG website, especially those that involve similar types of organizations.   One point of caution is that the OIG has been changing CIAs significantly as to new requirements, conditions, and certifications by board members and executives. Information derived from these reviews should be translated into a plan of action to ensure the organization is in tune with what the OIG will expect.  He strongly suggests that compliance officers consider engage compliance experts to do two things:

  1. Have the compliance program conduct an independent evaluation and act on findings and recommendations. Having such a report with evidence of correcting any deficiencies can be invaluable evidence to the OIG in making a determination as to whether a CIA is necessary and, if so, mitigating terms and conditions. It will be looking for this evidence.
  2. Once a CIA is executed, immediately engage experts to conduct a mock audit to test the terms and conditions that must be met under the CIA and to have them addressed before the IRO or compliance expert under the CIA begins work.

Taking these two steps can avoid a lot of problems, expenditures and complications under a CIA. The OIG takes evidence of independent experts serious. That is why they rely upon them as IROs, Compliance Experts, and Quality Monitors.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on
Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Compliance officers should have active roles in CIA negotiations

Laura Ellis, HHS Office of Inspector General (OIG) Senior Counsel, has a reputation for managing the most difficult and complicated corporate integrity agreements (CIAs) on behalf of the OIG. At the recent Health Care Compliance Association (HCCA) Compliance Institute, she urged compliance officers not to sit on the sidelines while a CIA is being negotiated with the OIG.   They should be actively involved in all facets of negotiation and should not wait to be involved until the agreement is signed and put into effect. She reminded everyone that once the CIA is signed, the compliance officer will be the face of the company to the OIG, not the attorneys.   From years of experience, she has found attorneys negotiating terms and conditions of a CIA often don’t have the operational experience to fully understand all the implications of what is being committed to in terms and obligation. As a result, it is not uncommon for attorneys to come back to the OIG after a CIA has been executed to try to renegotiate points.   This is triggered as result of management and the compliance officer realizing what is involved in meeting the terms and condition.   Ellis stated that the OIG is not inclined to reopen CIA negotiations.  The mistake was not having the compliance officer on the front end of negotiations and present during the negotiation process.  As the CIA settlement process takes shape, the compliance officer needs to:

  • be part of the negotiations;
  • review and comment on all drafts;
  • create a basic plan from the draft to determine what it takes to meet obligations;
  • conduct a min-gap assessment of what it takes to do what the CIA would require;
  • begin work on implementation strategies; and
  • start the process to determine resource needs to meet obligations.

Ellis also made the point that attitude matters once a CIA is in place, and compliance officers should work with the monitor in an open and honest way. A positive working relationship between the monitor and the compliance officer is to everyone’s best interest.  The earlier in the process that they get to know each other, the better.

Thomas Herrmann, J.D., was previously responsible on behalf of the OIG for negotiating CIAs and providing monitors, and subsequently gained many years of consulting experience working with more than a dozen clients with CIAs and as an independent review organization (IRO).  He says that what many fail to understand is that, although the OIG is involved in the Department of Justice (DOJ) settlement process, a different OIG attorney will be assigned as negotiator for the CIA.  Once the agreement is executed, it is passed on to a different OIG attorney to be the monitor to assure compliance with the terms of the CIA.   A very common mistake is for attorneys to deal with issues handled by someone earlier in the process, or in effect, re-litigate.  This is a big mistake.  The OIG will not re-litigate or interpret decisions made by the DOJ.  At the same time, the OIG monitor is definitely disinclined to deal with issues that were or should have been addressed with the OIG negotiator.  Herrmann goes on to explains that the OIG views the organization’s legal counsel as filling an adversarial role, but once things are executed, the OIG does not want to continue dealing with the advocate.  The focus of the relationship with the OIG should be on meeting the terms of the CIA. Herrmann sees it as a huge mistake for the legal counsel to continue making arguments or try to modify terms with the monitor, as this frequently leads to aggravation of matters and creates additional problems for the organization.  The monitor wants to deal with how the organization will meet its obligations, and that means working with the compliance officer to determine how the terms and conditions of the CIA will be fulfilled.  It behooves compliance officers to get to know their monitor as quickly as possible, evidence their commitment, and exhibit an attitude to work out what it takes to get the job done.

Carrie Kusserow has over 15 years’ compliance officer and consultant experience; in fact, she was brought in to be the compliance officer to an organization under a CIA while Laura Ellis was the monitor. Her experience with Ellis was precisely what Ellis explained during her presentation.   Maintaining the focus on meeting the obligations of the agreement is very important for credibility and permits ironing out of issues. By listening carefully and responding to Ellis’ questions openly in a forthright manner, Kusserow developed a very good working relationship.  This made work easier for everyone.  Compliance officers need to listen carefully to what the monitor expresses, working as needed and then immediately following up to report actions taken. The focus must stay on getting the job done to the satisfaction of the OIG.  It is also critical that the compliance officer at all times be “straight up” and honest with the OIG.  If this is done, then a bond of trust can be developed that can iron out details that are sure to arise. This can permit seeking non-adversarial clarification of terms and conditions. On the other hand, failing to develop a proper working relationship with the monitor can result in lack of understanding and increased work for everyone. As such, as soon as the CIA is signed, the compliance officer should come into direct contact with the OIG monitor.

Suzanne Castaldo, J.D., has worked both as a litigator and compliance consultant dealing with numerous organizations with CIAs. She confirmed what Ellis noted about attorneys negotiating with the OIG without active involvement of either management or the compliance officer. In almost every case, it has created avoidable issues.  She strongly recommends that anyone engaging a law firm to assist with CIA negotiations insist on including knowledgeable members of management and the compliance officer in all meetings with the OIG.  All terms that are being negotiated should be reviewed and assessed by them to understand all implications and resulting work obligations. Many attorneys will not find this to their liking and may argue against it.   However, not being part of this process reminds one of “arriving at the dance after it is over.”

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

 

Kusserow on Compliance: OIG imposed penalties for noncompliance with corporate integrity agreements

Health care organizations continue to enter into corporate integrity agreements (CIAs) with the HHS Office of Inspector General (OIG) in exchange for the OIG not seeking an exclusion from participation in federal health care programs. There are serious “stipulated penalties” or, in the case of a material breach, possible exclusion from Medicare and Medicaid for non-compliance with CIA terms and conditions.

Carrie Kusserow, a nationally recognized expert on CIA compliance, found that a real “game changer” has been the inclusion of certifications in CIAs by members of the board, executive leadership, and compliance officers. Under the CIA, there are stipulated penalties for false certifications.  Furthermore, they could also be considered a material false statement or representation implicating the False Claims Act. To take away any defenses to false certifications by board members, the OIG requires they engage a compliance expert to assist them in meeting their obligations. The expert reports must be included with those provided to the OIG. This places direct burden on board members for compliance with the CIA and subjects them to personal peril for non-compliance.  This, in turn, adds pressure on the compliance officer and executive leadership to be able to evidence meeting all the compliance obligations.  Many boards and executive leadership members wake up after a CIA is signed to realize how much must be done to meet the tight deadlines required under the agreement.

Stipulated penalties

Stipulated penalties include:

  • Daily penalties for failure to (a) comply with terms and conditions related to the compliance program; (b) engage and use an independent review organization (IRO); (c) submit a complete implementation report, annual report, or any certifications on time; and (d) submit any mandated claims review report.
  • $50,000 per false certification in (a) implementation reports, (b) annual reports, and (c) other OIG requested documentation.
  • $1,000 per day for each compliance failure with any obligation of the CIA.

Material breaches

Material breaches include:

  • Not responding to an OIG demand letter;
  • Not reporting a reportable event;
  • Not taking corrective action of CIA violations;
  • Not making appropriate refunds of overpayments;
  • Not responding to demands for stipulated penalties payments; and
  • Not engaging and using an IRO.

Enforcement actions

Tom Herrmann, J.D., former executive in the Office of Counsel to the Inspector General and an appellate judge for the Medicare Appeals Board, notes an organization can request a hearing before an HHS administrative law judge to dispute the OIG’s determination of noncompliance resulting in a stipulated penalty or exclusion, but this rarely proves to be a viable alternative. The OIG is not reluctant to use its authority to enforce compliance with CIAs and noted the following recent examples of enforcement actions taken by the agency for violations of CIA terms and conditions:

  1. Special Care Hospital Management Corp. and its CEO paid $30,000 for failure to conduct legal review of new, renewed, and existing focus arrangements and to timely submit its first annual report.
  2. Kindred Healthcare paid $3,073,961 for failing to correct improper billing practices in the fourth year of its CIA.
  3. A Maryland cardiology practice and physicians paid $2,800 for failure to timely submit its second annual report.
  4. A North Carolina physician paid $10,000 for not prominently posting the HHS OIG Fraud Hotline telephone number; failing to provide the required amount of compliance training within 60 days of the CIA; not screening employees and contractors; and submitting the implementation report late.
  5. Roberts Physical and Aquatic Therapy and its owner were excluded for six years for failing to report and to repay an IRO-identified overpayment and stipulated penalties.
  6. A pain management company was excluded for five years for not paying stipulated penalties of $34,000 and $239,961.80 in overpayments identified by its IRO.
  7. A Florida physician paid $20,000.00 for late submission of his first annual report.
  8. A renal dialysis company paid $450,000 for failure to comply with focus arrangements procedures and requirements.
  9. A Florida physician paid $12,000 for failure to: timely submit his third quarterly claims review report, provide training, retain an IRO, perform sanction screening, and timely submit an implementation report.
  10. A health services company was excluded for failing to timely retain an IRO and had to retain a quality monitor and extension on its CIA.
  11. A sleep clinic paid $5,000 for failure to disclose two reportable events involving the Anti-Kickback Statute.
  12. A Florida medical device company paid $15,000 for failure to: screen employees and contractors, distribute revised policies and procedures, and provide parties to focus arrangements with a copy of its code and Anti-Kickback Statute policies and procedures.
  13. A Puerto Rican physician paid $6,300 for failure to engage a new IRO within 60 days of terminating his previous one.
  14. A Maryland practice management company was penalized for failure to timely submit an implementation report and thereafter filed for bankruptcy.
  15. A health management company was excluded for failure to: implement compliance policies and procedures; report quality of care reportable events; develop and maintain a disclosure program and log; hire regional dental directors; perform onsite review; report and refund overpayments; conduct training and education; provide accurate certifications; and report quality of care reportable events.
  16. A pain management company, ambulatory center, and owner paid $5,000 for failure to designate and maintain a compliance contact, as required.
  17. A California hospital paid $105,000 for failing to comply with arrangements procedures and focus arrangements requirements.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.