Institutional Compliance – Mission Statement and Charter
Compliance Mission Statement
To promote and support a culture at the University of Texas at San Antonio (UTSA) which builds compliance consciousness into the daily activities of the University and encourages all employees to conduct University business with the highest standards of honesty and integrity.
To partner with UTSA administration, staff and faculty to develop a comprehensive compliance program that:
- Evaluates and identifies risks that are critical to the institution;
- Ensures that critical institutional risks are being properly managed by the appropriate individuals;
- Provides all employees with the training necessary to perform their jobs and understand the relevant compliance issues;
- Provides ongoing positive assurance to managers, executive officers, and the Board of Regents regarding the status of critical institutional risks; and
- Provides all employees with an opportunity to report issues of potential non-compliance in a manner that preserves confidentiality.
This Charter describes the mission, authority, independence, and principal responsibilities of the Office of Institutional Compliance and Risk Services (OICRS) at The University of Texas at San Antonio.
OICRS is dedicated to furthering UTSA’s mission and strategic plan by proactively partnering with faculty, staff and management to:
- Ensure compliance risks are identified, prioritized and managed appropriately;
- Establish a control environment, level of accountability, and ethical framework that promotes compliance with applicable laws, regulations, agreements and internal policies and procedures;
- Foster strong stewardship and management accountability at all levels;
- Provide general compliance training to employees and faculty and guidance to managers;
- Provide an avenue for anonymous reporting of potential non-compliance or unethical behavior
OICRS activities are governed by policies established by the University of Texas System and the executive officers of this institution. The Executive Compliance Committee provides oversight for the compliance related activities of OICRS and the scope of OICRS activities is subject to review by the Executive Compliance Committee but is not otherwise restricted.
To be effective, it is essential there be mutual cooperation between management, faculty, staff, and OICRS. OICRS, with stringent regard for information safekeeping and confidentiality, and subject to the applicable policies of this institution, will have access to all institutional activities, records, property, and employees as may be necessary to fulfill its responsibilities.
- The Director of OICRS reports functionally to the Chief Legal Officer and indirectly to the President.
- OICRS staff members have no authority over the areas they provide services for and should not be the Institutional Risk Owner for compliance high risks.
- The Director of OICRS serves as the Compliance Officer for this Institution and reports as stated above.
Institutional Compliance and Risk Services
OICRS’ services reflect the institution’s commitment to the highest standards in all of its activities. OICRS services include, but are not limited to:
- Assisting management with the identification and prioritization of compliance risks.
- Assisting management with the development of mandatory risk management plans for compliance high risks.
- Ensuring that compliance high risks are being properly managed by the designated responsible parties.
- Promoting compliance awareness.
- Providing compliance advisory services to management, faculty, and staff.
- Evaluating emerging compliance trends in higher education and government and implementing best practices.
- Facilitating the identification and prioritization of risks (compliance and other) at the operational and institutional levels.
- Facilitating the development of management plans to mitigate the high risks identified throughout the institution.
- Providing ongoing positive assurance to managers, executive officers, and the Board of Regents regarding the status of critical institutional compliance risks.
- Administering annual management certifications based on the Management Assessment Tool.
- Providing assurance regarding adherence to the practices outlined in the Management Assessment Tool.
- Providing assistance to managers in identifying areas where improvement may be needed and providing suggestions regarding best practices.
- Assisting in the development and delivery of general compliance training necessary for employees to perform their jobs and understand the relevant compliance issues.
- Coordinating awareness initiatives to ensure that the university community is aware of the UTSA Hotline and Whistleblower protections.
Investigations of Non-Compliance
- Providing all employees with an opportunity to report issues of potential non-compliance in a manner that preserves confidentiality.
- Conducting investigations into claims on non-compliance, including confidential reports via the Hotline.
Handbook of Operating Procedures (HOP)
- The Director of Institutional Compliance and Risk Services serves as the Chair of the HOP Committee
- Facilitates all stages of the HOP approval process by providing administrative support to the HOP Committee with no involvement in the development of policy content
- Provides guidance to the HOP Committee for timely review and maintenance of existing policy
Retaliation/Whistleblower Protection for the Reporting of Wrongdoing
- Director of Institutional Compliance and Risk Services is the Retaliation Officer
- Providing all employees with an opportunity to report issues of potential retaliation for the reporting of wrong doing
- Conduct investigations into claims of the violation of UTS 131 and other applicable state and federal laws relating to retaliation/whistleblower protection
- Consultation with members of the UTSA community in areas of compliance, compliance training, risk assessments, assurance and HOP processes