Integrity and Compliance Charter
To describe the authority of the University of Kansas Office of Integrity & Compliance.
All University of Kansas employees and employees of University-controlled affiliated corporations.
- Provide strategic guidance, inform best practices, and identify program priorities to assess and enhance the effectiveness and efficiency of University compliance processes and response to changes in the law, regulations, and policies.
- Lead the development and implementation of policies and procedures to ensure alignment with policies and government laws and regulations across the University.
- In collaboration with risk owners, regulatory compliance program administrators, and other stakeholders, identify, prioritize, and remediate institutional compliance risks.
- Develop, implement, and manage effective, compliance-related educational and training programs to make sure employees and leadership are knowledgeable of institutional policies and pertinent state and federal standards.
- In conjunction with Office of Audit, Risk & Compliance (OARC) partners, develop, implement, and conduct a system for internally reviewing University processes, systems, and activities to ensure compliance with federal, state, and local regulatory requirements, as well as University policies and procedures.
- Direct the assessment, management, and investigation of targeted compliance issues and detected offenses arising through the Institutional Hotline or otherwise, and oversee initiatives to prevent potential violations of rules, regulations, policies, and procedures.
- Chair and provide direction to the University compliance governance committees to build a structural foundation to prevent and detect violations of law and policy and assist the University in encouraging ethical conduct.
- Lead committee measures to ensure there are adequate controls in place to reduce risks throughout the University.
- Provide University leadership with reasonable assurance that core compliance management practices are in place across the University for all compliance risk areas.
- Have timely access to records, data, personnel, and physical property relevant to performing compliance reviews and investigations, and to allow for appropriate oversight and guidance related to compliance, ethics, and risk mitigation efforts;
- Allocate resources, establish schedules, select subjects, determine scopes of work, and apply the techniques required to accomplish objectives;
- Perform periodic quality assessments of core compliance areas to assess the design and effectiveness of their risk mitigation activities and recommend improved controls, procedures, resources, or stronger enforcement of regulatory requirements as needed; and
- Obtain the essential assistance and cooperation of personnel in areas of the University where reviews and investigations are performed, as well as other specialized services from within or outside the University.
- Provides input, guidance, and oversight of institutional-level compliance activities and supporting processes;
- Evaluates risks associated with emerging compliance issues;
- Ensures that University policies and procedures are effectively communicated across the University and that training resources are in place;
- Identifies areas where University policies and procedures need to be established or enhanced, including developing a response to new or revised regulatory requirements; and
- Reviews and approves the annual Compliance Work Plan setting forth priority risks to be addressed and mitigation/prevention strategies to be employed in the coming year.
- Provide guidance and oversight of campus-level compliance activities and supporting processes;
- Monitor, evaluate, and track existing, changing, or emerging compliance risks and obligations and communicate those risks/obligations to the Institutional Compliance Steering Committee and the AVC for Integrity & Compliance;
- Implement programming, controls, policies and procedures, or other prescribed elements at the direction of the Institutional Compliance Steering Committee;
- Lead efforts to establish or enhance policies and procedures, including in response to new or revised regulatory requirements; and
- Ensure that University and campus-specific policies and procedures are maintained and implemented.
- Communicate compliance events to the AVC for Integrity & Compliance, such as notification of:
- audits, inspections, investigations, or site visits;
- noncompliance from an external agency or authority;
- all significant compliance events or incidents, including near-misses,; and
- changes in unit leadership or unit operations.
- Develop, administer, and track completion of training or programming requirements by regulations or by specific job responsibilities associated with the mission of the unit.
- Leadership and Oversight. Effective leadership and functional committee structures are in place, with regular reporting to the ERC.
- Policies and Procedures. Clear expectations and practical guidance regarding behavior and decision-making are available and accessible.
- Education and Outreach. Reasonable steps are taken to provide appropriate, relevant, and comprehensive education and outreach about compliance requirements.
- Monitoring and Auditing. Program adherence to compliance requirements is monitored. Emerging and changing laws and policies are tracked.
- Receiving Reports and Investigating. Clear avenues exist to seek guidance or report violations of policy and relevant laws/regulations. Investigations follow appropriate processes and emphasize non-retaliation.
- Accountability, Incentives and Corrective Action. Community members are encouraged to behave ethically and responsibly. Appropriate, fair, and consistent actions are taken in cases of wrongdoing.
- Response and Prevention. Episodes of misconduct and violations of laws, regulations, and policies are responded to appropriately. Systemic issues are identified, root causes determined, and solutions implemented to prevent recurrence.
- Risk Assessment. Regulatory compliance obligations are routinely evaluated and prioritized based on the severity of the potential operational, legal, and financial impact associated with each one. Control measures put in place are reviewed for effectiveness in mitigating identified risk.
Employees who do not provide access to University records, property, and/or personnel necessary to conduct a compliance review or investigation, as required by this Policy, may be subject to appropriate disciplinary action, up to and including termination of employment, in accordance with applicable personnel policies for faculty and staff. In addition, consistent with University Policy and the law, the University may take appropriate remedial measures, including but not limited to disciplinary action against an employee, to address any policy or code of ethical conduct violation.
Associate Vice Chancellor for Integrity & Compliance
11/07/2023: Updated broken link.
10/25/2023: Published in the Policy Library.