University Compliance Program Fundamentals
An effective and resilient compliance program fundamentals are comprised of seven core elements.
Cornell strives to include the following in its University Compliance Program Fundamentals:
Caption: A visual depiction of the University Compliance Program Fundamentals and its core elements
The core elements of the Cornell University Compliance Program Fundamentals are detailed further here and can be used as a general guide to support compliance obligations and mitigate compliance-related risks across the university.
Oversight and Accountability
The Board of Trustees, Oversight Councils and Committees, University Compliance Office, and Compliance Owners and Partners play critical check and balance roles in oversight and accountability for compliance obligations.
Policy and Procedures
University-wide ethical standards, University policies, written programs, and unit procedures establish the hierarchy of written documentation that collectively guide behavioral expectations and procedural tasks associated with compliance obligations.
Outreach and Education
Compliance-focused trainings, tabletop exercises, partner meetings, and workshops provide different mechanisms for conveying and reinforcing knowledge and awareness of compliance obligations, as a forum for consensus building and to identify key gaps and needs
Auditing and Monitoring
Risk assessments, risk assurance, institutional risk management, and audits provide proactive means to review and assure that compliance obligations are being managed to the university's expectations.
Communication and Reporting
A university-wide regulatory reporting calendar, annual report, website, and leadership meetings provide transparent and effective mechanisms to convey emerging regulations, regulatory reporting obligations and deadlines, compliance-related accomplishments and key compliance focus areas
Investigations of compliance concerns or complaints
Issue tracking, due process, legal counsel, an ethics hotline, and incident response are varied mechanisms that collectively manage compliance concerns, complaints, and incidents at the university
Progressive corrective action plans, continuous improvement goals, and updates to policies and procedures are means to correct, close out, and prevent further compliance gaps