Attention! This web page is hosted on EthicsPoint's secure servers and is not part of the EngenderHealth website or intranet.

Compliance Program Policy

1. Objective

   The objective of the Compliance Program Policy is to ensure that EngenderHealth, Inc., maintains an adequate and efficient control structure that ensures adherence to all applicable rules and regulations, laws, policies, and procedures. Compliance is the responsibility of ALL staff. The EngenderHealth compliance program is designed to promote an atmosphere of ethical conduct, sound compliance practices, and accountability for each staff member’s roles and responsibilities, and to ensure that staff have been provided with the tools, training, and resources to be in compliance. A key function of the compliance program is to work with staff across the organization to prevent instances of fraud, abuse, negligence, or other lapses through the maintenance of clear and appropriate policies, establishment of efficient standard procedures for following those policies, and provision of training and ongoing guidance in the implementation of those procedures.

2. Definition of Compliance/Role of Compliance Function

   Compliance has a dual function: to assist all staff in adhering to internal policies and procedures and to ensure that policies and procedures address legal and regulatory needs in an efficient manner. These internal policies and procedures are based on EngenderHealth’s code of conduct and standard operating procedures (SOPs) covering the following areas:

   • Code of ethics
   • Human resources
   • Financial
   • Contracts
   • Travel
   • Technology
   • Conflicts of interest and staff gift acceptance
   • Fraud and whistle-blowing
   • Safety and Security

   The Director of Compliance provides support, training, and technical assistance to the program and staff to ensure that any compliance issues are adequately addressed and that the program has the resources and tools to be in compliance.

   The Director of Compliance relies upon the Internal Auditor in addition to routine monitoring in order to identify non-compliance across the organization and will work directly with staff involved to develop appropriate solutions to be subsequently implemented by staff. Likewise, the Director relies upon information provided by all staff members when they encounter any obstacles or conflicts created by policies or procedures in the course of their operations.

3. Responsibilities for Compliance

   Compliance responsibilities are shared among ALL staff members, as well as across all programs of EngenderHealth, the most notable of which are the following:

   • The Senior Leadership Team (SLT), Program Managers, Project Directors, and Country Office Technical and Operations leaders have responsibility for compliance in the organization.
   • Managers across the organization, in Programs, Finance, Contracts, HR, etc., identify and assess compliance risks on an ongoing basis with guidance from the Director of Compliance. The Director of Compliance also provides training to educate staff on compliance issues; and performs a monitoring and reporting role in cooperation with Contracts Managers and the Internal Auditor.
   • The Internal Auditor, reviews the adequacy of controls established to ensure compliance with policies, plans, procedures, and business objectives, in accordance with the Internal Audit Charter.
   • In addition to the training on compliance issues, Managers across the organization and the Director of Compliance provide technical assistance and training on SOPs, systems, and donor requirements to ensure that programs and staff are able to and have the resources and tools to fulfill the requirements of compliance.
   
   
   
4. Compliance and Internal Audit

   The role of Compliance and Internal Audit is to assist EngenderHealth’s management in ensuring, on a reasonable basis, that EngenderHealth’s activities are conducted in conformity with applicable laws and regulations, with EngenderHealth’s code of conduct, and with all relevant rules, policies, and procedures.

   Specific responsibilities of the Compliance Director

   The Director of Compliance shall have the following specific responsibilities:

   Establish and update polices and SOPs

   • Manage the updates of EngenderHealth’s policies and SOPs and the provision of updates to appropriate staff. In order to prevent lapses and violations during routine operations, policies must remain in line with applicable regulations and donor requirements as they evolve while also staying appropriate to the organizational culture and context. Likewise, SOPs must continue to support organizational policies while also facilitating the work that is being conducted. Strict controls and redundancies must be balanced against operational efficiency to achieve optimal policies and SOPs.
   • On a proactive basis, identify, document, and assess compliance risks associated with EngenderHealth’s activities, and establish and/or supervise appropriate compliance checks for the organization independent of other considerations that might hinder objectivity or cause a conflict of interest in the planned scope of work.
   • Assess the appropriateness of EngenderHealth’s compliance procedures and guidelines, promptly follow up on any identified deficiencies, and make recommendations for amendments where necessary.
   • Advise management on applicable laws, regulations, rules, and standards and inform them about any developments in these areas.
   • Develop and routinely use mechanisms for updating rules, regulations, laws, and procedures, to ensure continued EngenderHealth compliance.

   Orient and train staff

   • Use available data, feedback, and discussions with managers to identify training needs specific to each operating unit. Provide such training and supervise the implementation of corrective measures to mitigate identified deficiencies.
   • In cooperation with Internal Audit, work with the SLT, the Operations Division, the External Relations Division, and the Programs Division to educate and advise staff and to provide guidance on the appropriate implementation of relevant laws, rules, and standards through the establishment of internal policies and procedures.
   • In cooperation with Country Office Technical and Operations leaders, ensure that all country offices and programs are educated on compliance, have received training, tools, and resources to be in compliance, and have compliance policies, procedures, and monitoring systems in place.

   Monitor and follow up on compliance issues

   • Monitor compliance by performing sufficient compliance risk assessment and testing. (This includes visiting field offices to test compliance with policies and procedures, to make inquiries into deficiencies, and to carry out investigations.)
   • Report monitoring results on a regular and prompt basis to the Internal Auditor for the SLT.
   • Collaborate with the Operations teams, Programs teams, and the Internal Auditor, to identify programs or projects that require monitoring and to ensure the implementation of recommendations formulated in internal and external audit reports.

   Report the status of compliance to EngenderHealth management and board

   • Present findings at quarterly internal audit meetings and ensure follow-up on recommended action plans.
   • Assist and collaborate with external auditors on compliance issues.
   • Assist in any fraud-related investigations within the organization.

   Authority

   To carry out its mission effectively, the Director of Compliance in the course of activities shall be authorized to:

   • Perform the compliance function in all parts of the organization.
   • Have unrestricted access to any documents and records considered necessary for the performance of its responsibilities.
   • Require all members of management and staff to supply such information and explanations as may be needed within a reasonable period of time.
   • Require adherence by staff to policies and procedures and implementation by them of agreed upon recommendations.

   Standards

• The Director of Compliance shall keep abreast of sound practices in its field and, in particular, shall take into account recommendations on compliance-related issues from program staff and the Internal Auditor, as well as the external auditors.



5. Relationship with Internal Audit

   The compliance function is separate from the Internal Audit function but collaborates closely with the Internal Auditor. The Internal Auditor is responsible for ensuring that internal policies and procedures adhere to applicable rules and regulations, especially audit requirements. The Internal Audits performed by the Internal Auditor are thorough and independent reviews of compliance. Full-scope internal audits are the most thorough method of identifying issues that require action from the Director of Compliance.

   The Director of Compliance is responsible for ensuring ongoing compliance by working with the Internal Auditor and operations and programs staff to develop solutions to compliance issues as they are identified, monitor routine compliance to identify issues as they develop, and update and maintain internal policies and procedures as appropriate.

   The Internal Auditor and Director of Compliance collaborate in the identification of issues by combining the Internal Auditor’s full scope audits with the Director of Compliances’ routine monitoring. They collaborate in the development and finalization of solutions to ensure that they both adhere to applicable requirements and are operationally feasible with management buy-in.

6. Compliance Mechanism

   In order to prevent instances of fraud, abuse, negligence, or other lapses in routine operations, the Director of Compliance relies upon sound policies and SOPs and routine monitoring of performance. The audit function supplements this with in-depth reviews.

   However, non-routine situations also frequently arise in which policy and SOPs do not provide a clear and easy route to conducting business. These may involve new actions that we have not conducted in the past, new regulations or rules for which we have not yet written policies, and/or special cases in which existing policies or SOPs are either unclear or too cumbersome to implement. In these cases, communication with the Director of Compliance as soon as possible is critical. Actions taken may range from simple clarification of policy language, creation of new forms or other job aids, or even readjustment of company policy in consultation with the SLT.

   The compliance function is fulfilled through collaboration with different groups across the organization:

   • The Director of Compliance and Contracts Managers conduct routine monitoring of the performance of field-based contract officers. Immediate lapses in compliance are addressed directly by assigned portfolio managers, with any needs for remedial training or process improvement referred to the Director of Compliance. Recurring lapses are referred to the Director of Compliance for more intensive remedial action directly with field staff as appropriate.
   • In a similar manner, the finance team provides information to the Director of Compliance on the performance of field-based finance staff and the efficiency of financial processes. The Director of Compliance works with HQ and field-based finance staff to develop solutions to issues identified.
   • Program managers and leadership identify general operational concerns to the Director of Compliance for action, who then works directly with them and operations staff to develop solutions. Upon agreement with managers, the Director of Compliance will aid in and monitor the implementation of agreed solutions by program managers.
   • The Director of Compliance relies upon input from the Internal Auditor as well as the SLT and external legal resources to ensure that policies and procedures satisfy applicable laws and regulations.
   • The Project Directors/Program Managers (field and HQ-based) will report on compliance issues to the Compliance Director, Regional Directors, and Country Office Technical and Operations leads.

   Reporting

   The Director of Compliance regularly informs the Internal Auditor of the principal compliance risks observed, measures taken to improve control of these, and the progress of work carried out within the context of the function. At least once each year, the Compliance Unit informs EngenderHealth management via the Internal Auditor about the status of the compliance system.

7. Addressing Noncompliance

   The primary function of the Director of Compliance is to assist staff to efficiently comply with policies and procedures. Staff should feel free to openly discuss compliance issues with the Director of Compliance. The primary response of the Director of Compliance usually includes:

   • Providing clarification on policies and procedures,
   • Providing training,
   • Conducting process analysis and improvement to make it easier for staff to comply with policies and procedures in their daily work
   • Developing and distributing new job aids to make compliance easier and reduce human error
   • Updating policies and developing new ones for recommendation to the SLT as appropriate.

   Disciplinary actions in response to egregious errors or repeated non-compliance are not the responsibility of the Director of Compliance. Only managers and supervisors have this authority, and will draw on the Director of Compliance, the HR department, and other departments in an advisory capacity. Before any action is taken, the incident and proposed action must be reviewed and approved by the Director of HR and the Regional Director (for field-based staff). For HQ staff, the incident and proposed action will be reviewed by the Division Vice President or the Head of the Department and Director of Human Resources, as well as by the Project Director or VP, if applicable. Failure to adhere to the policies and procedures associated with the above areas will result in one of the following actions:

   • Additional training
   • Verbal warning
   • Written warning in the employee’s file
   • Termination
   • Prosecution (for harassment, physical violence, fraud)
   • Garnishment of paycheck (for unliquidated advances)