Charter and Mission Statement

To promote and support a culture at the University of Texas at San Antonio (UTSA) which builds compliance consciousness into the daily activities of the University and encourages all employees to conduct University business with the highest standards of honesty and integrity.

Goals

To partner with UTSA administration, staff and faculty to develop a comprehensive compliance program that:

  • Evaluates and identifies risks that are critical to the institution;
  • Ensures that critical institutional risks are being properly managed by the appropriate individuals;
  • Provides all employees with the training necessary to perform their jobs and understand the relevant compliance issues;
  • Provides ongoing positive assurance to managers, executive officers, and the Board of Regents regarding the status of critical institutional risks; and
  • Provides all employees with an opportunity to report issues of potential non-compliance in a manner that preserves confidentiality.

Compliance Charter

This Charter describes the mission, authority, independence, and principal responsibilities of the Office of Institutional Compliance and Risk Services (OICRS) at The University of Texas at San Antonio.

Mission

OICRS is dedicated to furthering UTSA’s mission and strategic plan by proactively partnering with faculty, staff and management to:

  • Ensure compliance risks are identified, prioritized and managed appropriately;
  • Establish a control environment, level of accountability, and ethical framework that promotes compliance with applicable laws, regulations, agreements and internal policies and procedures;
  • Foster strong stewardship and management accountability at all levels;
  • Provide general compliance training to employees and faculty and guidance to managers;
  • Provide an avenue for anonymous reporting of potential non-compliance or unethical behavior

Authority

OICRS activities are governed by policies established by the University of Texas System and the executive officers of this institution. The Executive Compliance Committee provides oversight for the compliance related activities of OICRS and the scope of OICRS activities is subject to review by the Executive Compliance Committee but is not otherwise restricted.

To be effective, it is essential there be mutual cooperation between management, faculty, staff, and OICRS. OICRS, with stringent regard for information safekeeping and confidentiality, and subject to the applicable policies of this institution, will have access to all institutional activities, records, property, and employees as may be necessary to fulfill its responsibilities.


Executive Compliance Committee

The Executive Compliance Committee (ECC), via the ECC’s charter, provides oversight for the compliance related activities and scope of OICRS.  OICRS activities are not otherwise restricted.

ECC Membership
Members of the ECC (both permanent and ex-officio) are appointed by the President.  Members and terms are as follows:

Executive Members (Permanent)
President
Sr. Vice President of Academic Affairs and Provost
Sr. Vice President of Business Affairs
Vice President for Research, Economic Development and Knowledge Enterprise
Vice President for Information Management and Technology
Vice President for Intercollegiate Athletics

Ex Officio Members (Permanent)
Chief of Staff to the President
Chief Legal Officer
Chief Compliance Officer
Chief Audit Executive
Chief Information Security Officer
Chief Human Resources Officer
Title IX Coordinator
Clery Coordinator
Associate VP Research Integrity
ADA Coordinator
AD Compliance (Athletics)


Independence

  • The Director of OICRS reports to Carlos Martinez, Senior VP for Institutional Strategic Planning, Compliance Risk Management, and Office Operations Chief of Staff.
  • OICRS staff members have no authority over the areas they provide services for and should not be the Institutional Risk Owner for compliance high risks.
  • The Director of OICRS serves as the Compliance Officer for this Institution and reports as stated above.

Institutional Compliance and Risk Services

OICRS’ services reflect the institution’s commitment to the highest standards in all of its activities. OICRS services include, but are not limited to:

Compliance

  • Assisting management with the identification and prioritization of compliance risks
  • Assisting management with the development of mandatory risk management plans for compliance high risks
  • Ensuring that compliance high risks are being properly managed by the designated responsible parties
  • Promoting compliance awareness
  • Providing compliance advisory services to management, faculty, and staff
  • Evaluating emerging compliance trends in higher education and government and implementing best practices

Risk Assessment

  • Facilitating the identification and prioritization of risks (compliance and other) at the operational and institutional levels
  • Facilitating the development of management plans to mitigate the high risks identified throughout the institution

Assurance

  • Providing ongoing positive assurance to managers, executive officers, and the Board of Regents regarding the status of critical institutional compliance risks
  • Verify the integrity of responses to the annual Fiscal Management Sub-Certification and help ensure that responses are in accordance with UT System financial accountability requirements
  • Providing assurance regarding adherence to the practices outlined in the Management Assessment Tool
  • Providing assistance to managers in identifying areas where improvement may be needed and providing suggestions regarding best practices

Training

  • Assisting in the development and delivery of general compliance training necessary for employees to perform their jobs and understand the relevant compliance issues
  • Coordinating awareness initiatives to ensure that the university community is aware of the UTSA Hotline and Whistleblower protections

Investigations of Non-Compliance

  • Providing all employees with an opportunity to report issues of potential non-compliance in a manner that preserves confidentiality
  • Conducting investigations into claims on non-compliance, including confidential reports via the Hotline

Handbook of Operating Procedures (HOP)

  • The Director of Institutional Compliance and Risk Services serves as the Chair of the HOP Committee
  • Facilitates all stages of the HOP approval process by providing administrative support to the HOP Committee with no involvement in the development of policy content
  • Provides guidance to the HOP Committee for timely review and maintenance of existing policy

Retaliation/Whistleblower Protection for the Reporting of Wrongdoing

  • The Executive Director of the Office of Institutional Compliance and Risk Services is the Retaliation Complaint Officer
  • Providing all employees with an opportunity to report issues of potential retaliation for the reporting of wrongdoing
  • Conduct investigations into claims of the violation of UTS 131 and other applicable state and federal laws relating to retaliation/whistleblower protection

Consultation

  • Consultation with members of the UTSA community in areas of compliance, compliance training, risk assessments, assurance and HOP processes