![Page 1: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/1.jpg)
Building a Sanctioned Provider Testing ProgramSeptember 19th, 2016
Stephen Siano, IT Audit Manager – C.R. BardRobert Luu, Senior Solution Leader - ACL
![Page 2: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/2.jpg)
• Background
• Why are we here?
• Common Challenges
• How can ACL help?
• Who else needs to be involved?
• Quick Demonstration / Overview
• Wrap up / Q&A
Agenda
![Page 3: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/3.jpg)
There are a variety of regulations globally which hinge upon ensuring disbursements are made in accordance with applicable laws in the countries in which a company does business.
• FCPA (Foreign Corrupt Practices Act) - Prohibits companies from paying bribes to foreign government officials and political figures for the purpose of obtaining business.
• PPSA (Physician Payments Sunshine Act) – Part of the Affordable Care Act - payments or other transfers of value to physicians and teaching hospitals must be reported to the Secretary of HHS.
• UK Bribery Act – Passed in 2010, contains 4 general offenses - promising or giving of an advantage, and requesting, agreeing to receive or accepting of an advantage, bribery of a foreign public official, and prevent a bribe being paid to obtain or retain resources.
• Canadian Corruption of Foreign Public Officials Act (CFPOA) – “Every person commits an offence who, in order to obtain or retain an advantage in the course of business, directly or indirectly gives, offers or agrees to give or offer a loan, reward, advantage or benefit of any kind to a foreign public official or to any person for the benefit of a foreign public official” 1
Background
1 http://laws-lois.justice.gc.ca/eng/acts/c-45.2/page-1.html#h-2
![Page 4: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/4.jpg)
Digging into the Details…
What are we really talking about here?
*Comparing your organization’s data against a globally recognized / authoritative source of “bad guys” (individuals and entities)*
Some lists we’ve come across or heard of include:• PEP (Politically Exposed Persons)• OFAC (Office of Foreign Assets Control) list - SDN (Specially Designated Nationals)• SAM (System for Award Management) - entity records from CCR/FedReg and ORCA and exclusion records
from EPLS• OIG LEIE (Office of the Inspector General; List of Excluded Individuals and Entities)
1
1 - https://www.sam.gov
Warning from SAM.gov:
![Page 5: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/5.jpg)
Why?
Why should we perform sanctioned vendor / individual matching?
To help your company avoid fines and other penalties, which,
Saves your company money, which,
May advance your career
Also,
• Reputational Damage – your company’s name in the headlines
• Be a positive influence on the bottom line instead of a cost center
• Sense of Business Ethics (Do you want to fund criminals? (terrorists,
arms dealers, drug dealers, etc.)
Your CEO
![Page 6: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/6.jpg)
There’s A Lot at Stake…
2
2 - http://www.nytimes.com/2010/02/06/business/global/06bribe.html?_r=0
1 - http://www.fcpablog.com/blog/2016/4/1/fcpa-enforcement-report-for-q1-2016.html
![Page 7: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/7.jpg)
Tweetable Takeaways
@ACL_RobLuu
#ACLCONNECTIONS
![Page 8: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/8.jpg)
Common Challenges
![Page 9: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/9.jpg)
• Support from Management
• Gaining access to and retrieving sanctioned vendor lists from online resources
• PEP (Politically Exposed Persons)• OFAC (Office of Foreign Assets Control)
list - SDN (Specially Designated Nationals)
• SAM (System for Award Management) - entity records from CCR/FedReg and ORCA and exclusion records from EPLS
• OIG LEIE
• Multiple Vendor Management or Employee Master data sources
• Complex Name Matching
Common Challenges
SanctionedVendor List
PEP
SAM
OFAC
OIG LEIE
![Page 10: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/10.jpg)
Name Matching - how do we know if we have a hit? How do we know we don’t?• Normalize data• Straight perfect match – higher degree of accuracy, lower # of hits• Removing “extras” (prefixes, suffixes, middle initials?, etc)• Fuzzy matching• SoundEx, Soundslike• DICE Coefficient• NYSIIS
Where do I go for additional help?
■ https://www.treasury.gov/resource-center/faqs/Sanctions/Pages/faq_compliance.aspx
Common Challenges
![Page 11: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/11.jpg)
Tweetable Takeaways
Your analysis will only be as good as your data, so
if relying on a 3rd party source, make sure to get
the best available.
@ACL_RobLuu
#ACLCONNECTIONS
![Page 12: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/12.jpg)
How can ACL help?
![Page 13: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/13.jpg)
Don’t re-invent the wheel
ACL provides Inspirations on how to tackle these challenges and also
provides pre-written scripts within ScriptHub
How can ACL help?
![Page 14: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/14.jpg)
How can ACL help?
![Page 15: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/15.jpg)
How can ACL help?
![Page 16: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/16.jpg)
Who else needs to be involved?
![Page 17: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/17.jpg)
Sunshine Act & FCPA – complying with Anti-Corruption / Compliance Policies
For example, if spending with 3rd parties, need to answer questions:
• Charitable Contribution Due Diligence Checklist• Amount Requested, Who’s Requesting, Purpose of Contribution• Has the entity received contributions in the past?• Is the receiver a government entity or affiliated with a government entity?
• Request For Approval of Sponsorship of Healthcare Professional to Attend a Medical Education Event
• Who is sponsoring the event?• Provide the total budget for the event and provide an itemized cost breakdown
• Gift Giving to Healthcare Professionals or Government Officials• Is the value of the proposed gift over $25?• Does the gift elevate the annual gift to the HCP total to over $250 for the year?• Will the gift be given in the form or cash or a cash equivalent (giftcard, etc.)?
Who else needs to be involved?
![Page 18: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/18.jpg)
Disbursement Categories – How to Mitigate Risk
Disbursements can be broken down into 3 main categories:
1) Expenses Unrelated to Government Officials, HCPs, etc.
- Subject to normal set of data analytics used for audit support (ad-hoc) or continuous controls monitoring (ACL Analytics or AX (Audit Exchange))
2) Reported through approval process of expenditures
- Data Driven Questionnaires in ACL Results Manager– customized for FCPA, Sunshine Act, UK Bribery, etc.
3) Unreported Expenses Related to Government Officials, HCPs, etc.
- Detective Process – Identify expenses “under the radar” (riskiest because they haven’t been reported)
![Page 19: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/19.jpg)
Who needs to see the results?
![Page 20: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/20.jpg)
Let’s take a look!
![Page 21: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/21.jpg)
https://www.justice.gov/opa/file/838386/download
![Page 22: Building a sanctioned provider testing program](https://reader031.vdocuments.us/reader031/viewer/2022030315/587fe1581a28ab46228b46a9/html5/thumbnails/22.jpg)
Q&A