Compliance Program

What is a compliance program?

W&M's compliance program is the sum of many parts: the policies and other controls designed to ensure W&M satisfies its compliance obligations, the efforts of employees to implement these policies and controls, and the mechanisms for detecting and remedying problems.   A compliance program also can be thought of as a collection of rules and standards and the ways we try to ensure these rules are followed and standards are met.  

The compliance program is endorsed and defined by the Charter approved by the Board of Visitors.   The Chief Compliance Officer has overall responsibility for the program.

The College of William & Mary in Virginia
Compliance Program Charter

William & Mary, as a public institution of higher education, is regulated by both the federal government and the Commonwealth of Virginia.  The responsibility for compliance with these legal obligations is shared by all members of the university community: 

  • Employees must obey the laws, regulations, and policies applicable to their university activities, and report illegal or unethical action that comes to their attention.[1] 
  • Supervisors must ensure that employees have the knowledge and skills to fulfill their obligations, and address or elevate reported violations or similar issues.
  • Members of senior management must promote a culture of compliance and ethical behavior, and ensure that the university has policies and standards reasonably designed to prevent compliance violations in their areas of operation.

As federal and state laws increase and become more complex, the university has charged the Compliance and Policy Office with the coordination, monitoring and, when appropriate, improvement, of the array of compliance functions.  This Office works closely with other offices providing general compliance services, particularly Internal Audit, University Counsel, and Human Resources.  To assist employees, the university also has offices and officers with expertise and responsibilities in various compliance areas, such as the Office of Sponsored Programs for compliance obligations arising in the conduct of research, the Environmental Health & Safety Department for workplace safety compliance, and the Assistant Athletics Director for Compliance and Educational Services, for NCAA compliance. 

Collectively, these institutional expectations, responsibilities, and services comprise the university’s compliance and ethics program.  As defined by federal regulations, the program is “reasonably designed, implemented, and enforced” to prevent and detect illegal conduct through “due diligence and the promotion of an organizational culture that encourages ethical conduct and a commitment to compliance with the law.” 

The Chief Compliance Officer has overall responsibility for the compliance program.[2]  The Compliance Officer, working with senior management and other employees and in close cooperation with Internal Audit, University Counsel, and Human Resources, strives to:   

1.  ensure that the university has policies and procedures reasonably designed to satisfy existing or new legal obligations.   

2.   ensure that the university has procedures aimed at detecting and remedying compliance problems and risks, including methods for employees to “report or seek guidance regarding potential or actual” illegal conduct without fear of retaliation.

3.  conduct or assist with certain internal compliance investigations and otherwise help management address compliance violations reported or detected.[3] 

4.   ensure the university has practices and systems to communicate key policies and other relevant aspects of the compliance and ethics program to affected employees.  The Compliance and Policy Office also directly communicates new and proposed policies to the campus community.  

5.   assist senior management and others promote and enforce the compliance program.

6.   assist in identifying and addressing significant compliance risks, for example by conducting compliance gap analyses and risk assessments (including under the auspices of the university’s Risk Management Committee) and providing compliance resources and guidance.  

The Audit and Compliance Committee of the Board of Visitors provides oversight of the compliance program.  The Chief Compliance Officer reports regularly to the Committee regarding the status and effectiveness of the compliance program, and brings to the Committee’s attention significant compliance risks and matters.

 

Approved, Board of Visitors of the College of William & Mary, February 8, 2013.



[1] Code of Ethics of the College of William & Mary. 

[2] Federal regulations require that a specific, “high-level” individual be given “overall responsibility” for the compliance and ethics program. The Chief Compliance Officer reports to the President and directs the Office of Compliance and Policy.

[3] Reported or suspected violations may be investigated by any number of individuals, committees, or offices, under university policies.