Compliance Standards and Procedures

Appendix 3-H: Model Policy Management Policy

Function

Effective Date

Pages

Revision Date

Global Compliance

[Effective Date]

3

[Revision Date]

Scope: This Compliance Management Policy applies to the creation, approval, adoption, and maintenance of all compliance policies along with all related procedures (together, the “compliance policies and procedures”) of [INSERT COMPANY NAME] (the “Company”).

Purpose: Company compliance policies and procedures are designed to ensure compliance with our Code of Conduct and with applicable laws. Our compliance policies and procedures are managed by the Company’s Global Compliance Committee (GCC). Only the GCC has the authority to issue or revise the Company’s compliance policies and procedures. This policy is intended to ensure we have a uniform process for the creation, approval, adoption, and maintenance of such policies.

Policy

Definitions

  • “Compliance policy” means any compliance and ethics policy or other document reflecting standards or rules that regulate or guide organizational actions and employee conduct and are applicable to the Company and its subsidiaries (e.g., Conflict of Interest Policy, Anti-Corruption Policy, Insider Trading Policy, Data Privacy Policy).

  • “Compliance policy owner” is the content owner of the policy who serves as the subject matter expert with primary responsibility for compliance policy governance in their area of expertise. The compliance policy owner will also determine the appropriate individuals/departments that should be involved in the compliance policy governance process in their area of expertise. This person’s approval is required before the compliance policy or procedure can be presented to the chief compliance officer and GCC for approval.

  • “Compliance policy standard format” is the uniform format and style for all compliance policies attached as Exhibit A.

  • “Designated compliance policy manager” is the individual(s) designated as responsible for reviewing, updating, and/or recommending compliance policies within their areas of responsibility. They collaborate and coordinate with policy stakeholder(s) for input prior to submission of final draft policy for review and approval by the compliance policy owner.

  • “Procedure” means a document describing the stages or steps necessary to complete a particular process intended to supplement and/or support a compliance policy.

Compliance Policy Creation and Update

The Company maintains an appropriate portfolio of compliance policies and procedures to address and takes into account the various risks arising from or related to the Company’s various businesses, the interests of the Company’s various stakeholders, industry best practices, compliance program best practices, and applicable laws. To assure compliance policies are consistent with legal requirements, our Code of Conduct, and our other compliance policies, compliance policy owners shall: (a) initiate/promote compliance policies, (b) periodically review such compliance policies and propose appropriate amendments thereto, and (c) propose the elimination of any compliance policies that are obsolete or unnecessary. Compliance policies should be initiated or reviewed primarily in response to a change in the nature or extent of Company business activity, regulatory requirements, best practices, recognized policy weaknesses, or when recommended by key stakeholders (e.g., the board of directors, senior management, in-house counsel, industry associations, consultants). In any event, each compliance policy shall be reviewed no less than once every three years.

Procedure Creation and Update

A Region/Legal Entity or Function may initiate/propose additional or complementary compliance policies and procedures of limited scope and for limited use within such Region/Legal Entity/Function only if they are consistent with and not duplicative of existing compliance policies. All such proposed compliance policies or procedures shall be reviewed and approved by the compliance policy owner and, where appropriate, the Company’s chief compliance officer and/or the GCC for consistency with existing compliance policies.

Compliance Policy and Procedure Content

Compliance policies and procedures shall consist of concise descriptions of expected behavior, practice, or standard presented in simple wording so they are easily understood (and translated). Compliance policies shall be in the standard format (See Exhibit A) and shall be assigned a distinctive number and effective date and submitted for approval. After approval, such compliance policies shall be translated into all the Company’s official languages and shall be uploaded to the Company’s intranet site. No compliance policy shall be published to the Company’s corporate intranet site without the concurrence of the Company’s general counsel and chief compliance officer and the approval of the Company’s CEO. New and updated compliance policies and procedures shall be communicated across the organization with a dedicated communication campaign in coordination with Internal Communications.

Document and Archive of Compliance Policy Modifications

The Company’s chief compliance officer shall designate one or more people to create and maintain a historical database to track and document all compliance policy changes and updates.

This document is only available to subscribers. Please log in or purchase access.
Purchase Login

About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook X LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings