I.   MISSION

To promote and support a culture at the University of Houston (“UH”) that builds compliance consciousness into the daily activities of the UH community and encourages all employees to conduct UH business with honesty and integrity.

II.  GOALS

To operate a Program that:

• Evaluates and identifies risks that are critical to the institution;
• Ensures that critical institutional risks are properly managed by the appropriate individuals;
• Provides employees with the training necessary to understand the relevant compliance issues;
• Provides effective communication between managers, executive officers, and the Board of Regents regarding the status and management of critical institutional risks; and
• Provides the UH community with an opportunity to report issues of potential non-compliance in a manner that preserves confidentiality and protects against improper retaliation.

III.  PROGRAM ELEMENTS

Institutional Compliance Committee

Composition.  The Institutional Compliance Committee shall be comprised of the Chief Compliance Officer and such other university officials with expertise in and responsibility for an operational or compliance area of the university, as designated by the Chief Compliance Officer, a Responsible Person for the designated compliance areas, or the UH President. 

Meetings.  Meetings of the Institutional Compliance Committee shall be held not less than quarterly.

Responsibilities.  Members of the Institutional Compliance Committee are responsible for:

• Serving as a liaison to their department/division to communicate and implement relevant compliance and ethics initiatives and risk mitigation strategies;
• Providing input to the Institutional Compliance Committee regarding operation of the Program;
• Overseeing the completion of periodic risk assessments for their assigned compliance area and working collaboratively with the relevant Responsible Person, Managers, and Chief Compliance Officer to establish monitoring activities designed to review processes and strengthen compliance;  
• Working collaboratively with the Chief Compliance Officer to prepare periodic reports to apprise the System-wide Compliance Officer and System-wide Compliance Officers Council of the status of the control of compliance risks; and
• Coordinating and overseeing compliance training for their compliance area.

Chief Compliance Officer

Appointment.  The Chief Compliance Officer is the individual appointed by the President of UH to manage the Program.

Reporting Relationship.  The Chief Compliance Officer shall have a direct reporting relationship to the Vice President of Legal Affairs.

Responsibilities.  The Chief Compliance Officer is responsible for:

• Administering the day-to-day operations of the Program, including developing and maintaining a structure that is consistent with UH and System policies that promote a culture of compliance and ethical behavior;
• Serving as the Chair of the Institutional Compliance Committee;
• Coordinating the confidential reporting system for UH compliance matters and ensuring that UH concerns reported through the system are reviewed, investigated when warranted, and resolved in accordance with applicable policies;
• Communicating with the appropriate administrators regarding Program activities and issues of non-compliance;
• Assessing institutional risk on an ongoing basis by (a) identifying high-risk compliance issues; (b) establishing a priority for the issues; (c) working with the relevant Institutional Compliance Committee members, Responsible Persons, and Managers to establish monitoring activities designed to review processes and strengthen compliance; (d) preparing an annual work plan; and (e) periodic assessment to validate the effectiveness of the Program and controls;
• Establishing and maintaining a system that builds compliance and ethics consciousness into daily activities;
• Providing the System-wide Compliance Officer information regarding UH compliance activities, improvement intiatives, compliance concerns, and updates at least quarterly or as otherwise requested by the System-wide Compliance Officer; and
• Providing input and guidance in establishing policies and standards of conduct to be followed by employees and members of the UH community that are reasonably capable of preventing and detecting unethical behavior and criminal conduct.

Responsible Person (Accountable Senior Officer with Oversight Responsibilities)

A Responsible Person is the accountable senior officer with oversight responsibilities for the designated compliance area who is responsible and accountable for management of the institutional risks present in their compliance area.  See UH Compliance Matrix for the Responsible Person assigned to each compliance area. 

Each Responsible Person is accountable for ensuring that the department/division for which he/she has overall operational responsibility:

• Is in compliance with all applicable laws, regulations, and policies;
• Provides its staff with the necessary education and training to have a sufficient understanding of all applicable laws, regulations, policies and compliance expectations;
• Conducts regular assessments to evaluate the adequacy of controls designed to reduce the risk of non-compliance with laws, regulations and policies;
• Implements effective improvements to strengthen controls and enhance staff training as identified by risk assessments and audits; and
• Promotes a culture of compliance and ethical conduct. 

Managers and Supervisors

Each UH manager/supervisor, regardless of their level in the organization, is responsible for:

• Ensuring that their unit or function is in compliance with all applicable laws, regulations and policies;
• Ensuring all staff they manage or supervise receive compliance training, at a minimum, in accordance with institutional policy;
• Maintaining high ethical standards; and
• Promoting a culture of compliance and ethical conduct.

Employees (Faculty and Staff)

Each UH employee is responsible for:

• Complying with the UHS Code of Ethics (Board of Regents Policy 57.01.2), all applicable federal and state laws and regulations, rules adopted by the Board of Regents, System and UH policies, and each UH employee will be held accountable for their actions;
• Completing compliance-related training to ensure understanding of their duties and responsibilities for ethical and legal behavior;
• Maintaining high ethical standards; and
• Reporting suspected violations of law and policy in accordance with System Administrative Memorandum 01.C.04, “Reporting/Investigating Fraudulent Acts.”

Confidential Reporting Hotline

The Program will have in place a confidential reporting hotline or other reporting system allowing employees, students and others to report, either confidentially or anonymously, criminal conduct or other non-compliant behavior by others without fear of retaliation. The identity of reporters of non-compliance shall be confidential in accordance with Texas Education Code 51.971.  The confidential reporting system shall be coordinated with the System-wide Compliance Officer, the Office of General Counsel, and the Office of Internal Audit. 

Protection Against Unlawful Retaliation

The Program prohibits the taking of adverse action against any individual who in good faith reports or causes to be reported possible wrongdoing or noncompliance; participates in an investigation conducted under the Program; or seeks guidance regarding any matter within the scope of a Program.

Self-Reporting.  An individual who reports suspected wrongdoing or noncompliance in which he or she was complicit or otherwise involved is subject to adverse action for engaging in the noncompliant behavior, including dismissal or termination of employment or business relationship. The fact that an individual voluntarily self-reported may be considered in mitigating any adverse action.

Sanctions.  An individual who engages in retaliation is subject to disciplinary or administrative action, including dismissal or termination of business relationships.