Category:
Audit Financial Legal and Compliance Responsible Office:
|
Policy Title:
Compliance Program Document Number:
6701 Effective Date:
August 30, 2024
This policy item applies to:
State-Operated Campuses
|
It is the Policy of the State University of New York (University) to undertake its best efforts to comply with all State and federal laws, rules, regulations, standards, and obligations governing its operations consistent with the highest standards of business and professional ethics and the University’s reputation for integrity and excellence. Given the highly complex structure and operations of the University, the Compliance Program is designed to address and promote greater coordination and consistency among individual campus compliance programs, which cover a large number of compliance areas, including higher education, research, healthcare, human resources, information technology, and athletics, among others. The compliance program outlines institutional infrastructures and processes necessary to prevent, as well as detect, mitigate, and remediate, instances of noncompliance and assigns responsibility for the development of those infrastructures, the implementation of those processes, and the ongoing assessment and oversight of the program itself.
It is the objective of the Compliance Program to implement and maintain a systematic organization-wide approach for identifying, assessing, and managing risks to achieving compliance objectives; developing and maintaining adequate processes to help ensure adherence to applicable laws, rules, regulations, policies and procedures; and preserving its reputation for integrity and excellence. To meet these objectives, the University has developed a Compliance Program that structures compliance obligations and proactively mitigates the risks to fulfilling these obligations in a consistent manner. The Compliance Program is a key component of the University's Enterprise Risk Management (ERM) Program, and will specifically:
The Compliance Program is designed to facilitate the sharing of information to inform the University's functional areas of the laws, rules, and regulations relevant to their operations; educate the University community on the importance of complying with the requirements set forth in these regulations; monitor activities to determine whether the requirements are being satisfied; and evaluate the overall effectiveness of the Compliance Program. Furthermore, the Compliance Program serves as a means of helping to enforce accountability and to further promote ethical behavior and integrity.
As a key component of the ERM Program, the Compliance Program is also designed to assist in identifying and assessing the risks to the University so that its compliance objectives can be met. This function will operate in collaboration with the compliance program of the SUNY Research Foundation.
The Audit Committee of the Board of Trustees has oversight of the ERM Program, which includes the Compliance Program as one of its key components. The design, implementation, and operation of the program is included as part of the ERM Steering Committee's oversight, with the day-to-day responsibilities of executing the program delegated to the Compliance Officer.
The Compliance Program incorporates the nationally recognized framework set forth in the United States Federal Sentencing Guidelines. The key elements of the Compliance Program include:
There are no definitions relevant to this policy.
US Federal Sentencing Guidelines for Organizations
There are no procedures relevant to this policy.
There are no forms relevant to this policy.
On August 30, 2024, the Compliance Policy was updated to reflect the Office of Risk Management, Audit, and Compliance as the responsible office.
June 16, 2015, Board of Trustee Resolution No. 2015-39, Adoption of an Enterprise Risk Management Program
SUNY Enterprise Risk Management Program Policy
November 15, 2018, Upon recommendation of the Chancellor, the Board of Trustees adopted the Compliance Program Policy as University Policy, Resolution #
There are no appendices relevant to this policy.