Chances are your organization has developed a conflict of interest (COI) policy. But does it have an effective COI compliance program in place? Can you demonstrate it to regulators? If the answer is no to either of those questions, there are three things you need to do now to satisfy regulators that you take COI prevention seriously.
#1: Assess Your Risks
What your organization’s risks are may seem obvious. But you need to go deeper and determine the who, when, where, why and how behind them. It’s crucial to mitigating COI risk since it’s an especially gray and complex are. A more in-depth examination can also help you identify much less obvious risks.
#2: Develop, Communicate and Enforce Policies & Procedures
Based on your organization’s risks, you need to create a standalone COI Policy or simple provision within your code of conduct. Which one you create will depend on the size and complexity of your organization and its risks. Key procedures to include are the disclosure and certification processes. Most companies perform both annually.
3: Train and Audit
A simple training module if fine to use with low-risk employees. But higher-risk employees need in-person training and managers need guidance on how to handle COI disclosures by their employees. All of this can be done as part of broader compliance training. Finally, you need to audit your program to ensure it is working before the regulators do.
For more information on how to create an effective COI compliance program, consider reading Jeffrey Kaplan’s article “Key Ingredients of an Effective Conflict of Interest Program.”
