All component institutions of the University of Houston System are required to have an Institutional Compliance Program that follows the guidelines set forth in the University of Houston System Action Plan to Ensure Institutional Compliance. Some key elements of the Action Plan are:
The appointment of a Compliance Officer at System Administration and each component institution.
The mandate for a continuous and proactive compliance function which reports to the Institutional Compliance Officer.
The allocation of sufficient resources at each component institution and at System Administration to fund compliance activities (including information resources, training, and monitoring activities) that reduce compliance risk to an acceptably low level.
- The requirement that the Institutional Compliance Officers and Committees at the component institutions and System Administration report their activities to the UH System-wide Compliance Officer at least quarterly.
The purpose of the Institutional Compliance Program (the Program) at UHS is to promote and support a culture, which builds compliance consciousness into the daily activities of the University. This is accomplished by establishing an infrastructure that provides ongoing assurance to management that risks, particularly compliance risks, are being mitigated to acceptable levels. Continuous management of high risks by those involved in each process is an essential element of the Program and is necessary in order to minimize threats to the achievement of UHS's goals and objectives.
To promote and support a culture at the University of Houston-Downtown which builds compliance consciousness into the daily activities of the University and encourages all employees to conduct University business with honesty and integrity.
To develop an institutional compliance program that:
We typically associate risks with financial matters; however, any issue or circumstance that negatively impacts the ability to meet our business objectives represents a risk to UHD. This includes:
Strategic Risks: Risks that affect our ability to achieve our goals and mission
Financial Risks: Risks that may result in a loss of our assets
Operational Risks: Risks that affect our ongoing management processes, such as the installation of a new administrative system
Compliance Risks: Risks that affect our adherence to externally imposed laws and regulations as well as internal policies and procedures
Reputational Risks: Risk that affect our reputation as an institution of higher education
Employees (Faculty and Staff)
Each employee is responsible for the following:
Maintaining high ethical standards,
Compliance with laws, regulations, policies, and procedures applicable to the performance of their job, and
Reporting instances of non-compliance in an appropriate manner.
Every manager, regardless of their level in the organization, is accountable for compliance in their operational unit.
These individuals are responsible and accountable for management of the institutional risks identified in risk assessments. Each risk must have one Responsible Person who meets the following criteria:
Exclusive responsibility for managing the risk,
Knowledge to manage the risk, and
Authority to manage the risk.
The Responsible Persons work with the Compliance Officer and members of the Compliance Committee to develop the necessary monitoring, training, and reporting plans to manage institutional compliance risks and may be asked to present information to the Compliance Committee or internal audit regarding their risk areas.
Administers the day-to-day operations of the Compliance Program. Some specific responsibilities include:
Conducting risk assessments for the Committee Member's assigned Compliance Area. Where others complete the assessments, the Committee members are responsible for the accuracy of the information within their compliance area.
Working with responsible persons to create monitoring, training, and reporting plans.
Developing and administering general compliance training for their Compliance Area and ensuring that specialized training is adequate.
Providing input and recommendations on Training issues that relate to the Institutional Compliance Program.
Ensuring oversight in areas with risk that are critical for the institution.
Providing input on policy and operational issues relevant to a successful compliance effort.
Working with the Compliance Officer to prepare reports which provide UHD and UH System administrators information concerning the status of the control of compliance risks.
The Compliance Committee Members are advocates for compliance. They are a communication avenue between the Compliance Committee and first line management and staff. They work within the University community to raise and maintain the compliance consciousness in daily departmental activities.
Oversees the Compliance Program to ensure that the infrastructure of the program is adequate and that it is operating effectively. Some specific responsibilities include:
Establishing and maintaining a system that builds compliance consciousness into daily activities.
Monitoring the various compliance program activities to ensure that they are being performed as designed.
Communicating with the appropriate University of Houston-Downtown administrators regarding compliance program activities and issues of non-compliance.
Coordinating the Confidential Reporting Mechanism to ensure that concerns regarding non-compliance are reported and are handled appropriately