One of the responsibilities of senior management and department heads is the management of financial resources to accomplish the mission and objectives of the department and university. Management’s attitudes should support ethical values and good business practices. A manager should promote compliance with university policies and procedures through his or her actions as well as through unit policies and procedures. He or she should ensure that employees also support ethical values and have the technical competence for the position. Policies and procedures should be written, provided to all staff and expectations for compliance communicated to staff. There should be no tolerance for fraud or conflicts of interest. Disciplinary action should be consistently applied to all employees.
Managers must support compliance with university policies and procedures if they expect employees to comply with university policies and procedures. Business activities should be designed so that no single employee will be responsible for all aspects of a transaction. This will limit opportunities to misappropriate assets or conceal other intentional misrepresentations in the department’s accounts.
Employees such as department heads, business managers and principal investigators responsible for account accuracy should:
- Ensure that monthly reports of account activity are reviewed to determine that all transactions are accurate and complete, and that adequate supporting documentation exists to substantiate all transactions;
- Verify that all entries made to each account are appropriate; comply with university policy; and are allowable based on the restrictions, if any, of the funding source; and
- Take corrective action to resolve inappropriate transactions posted to the account.
The internal control system provides for safeguarding of assets, proper recording of transactions and the efficient and effective accomplishment of the University’s goals and objectives including compliance with federal, state and university rules and regulations.
The manager, who is responsible for the accomplishment of goals and objectives, is also responsible for establishment; maintenance and monitoring of the internal control system that helps ensure the accomplishment of those goals and objectives. He or she is responsible for the sound financial condition of the unit, protection of the university’s assets, including its human resources, and compliance with federal, state and university rules, regulations and procedures. He or she must ensure that the funds entrusted to the unit are used appropriately.
The manager may delegate some of the related duties but cannot delegate accountability and responsibility.
In addition to Sarbanes-Oxley, USU’s policies and procedures comply with federal regulations including 42 CFR Part 50, “Dealing with and Reporting Misconduct in Science; ” 45 CFR, Parts 46 & 94; and 21 CFR Parts 50 & 56 governing research involving human participants and institutional management of conflicts of interest arising from or related to that research. USU also adheres to cost and accounting principles as set forth in Circular A-21, published by the Office of Management and Budget.
The State of Utah has also enacted laws that require integrity in the conduct of the affairs of government institutions and their employees. These include the “Utah Public Officers’ and Employees’ Ethics Act” (67-16 Utah Code Annotated), and the “State Money Management Act” (51-7 Utah Code Annotated).
USU’s Office of Compliance Assistance is charged with the responsibility, under the direction of the provost, to monitor changes in the regulatory environment within which the University operates; to assist in the campus-wide dissemination of information concerning ethics-based regulations and policies; and to implement appropriate management systems to ensure compliance.
The university is under obligation to comply with HIPAA’s Privacy Rule in order to avoid criminal or civil liability, and to protect its research participants from harm.
All property, supplies and services purchased with university funds should be used only in the operation of the business of the University. Misuse of assets takes on many forms and can involve some deception or misrepresentation of facts and information for personal gain as well as deliberate appropriation of property or funds for personal use.
A major factor in safeguarding assets and ensuring the ethical use of University resources is a departmental organization that establishes clear lines of authority and responsibility and segregates, where practical, the operating and reporting functions of the department. Deans, department heads and administrative personnel are responsible to administer this policy for employees within their departments and coordinate the use and security of University property.
•Education of the university community concerning conflicts of interest
•Reporting of conflicts and potential conflicts by employees and the institution
•Management of identified conflicts
•Transparency of the conflict management process
Individual Conflicts of Interest
Both federal regulations and state statutes require USU to report and manage the conflicts of interest of its employees. USU’s policy states that a conflict of interest exists whenever “a University employee owes a professional obligation to the University, which is or can be compromised by the pursuit of outside interests.” The diagram below illustrates how outside interests may impact university interests by introducing bias into the decision-making process.
This definition draws an important distinction between the existence of a conflict of interest and a potential negative outcome. USU does not take the view that a conflict of interest is inherently bad for the University. In fact, employees who are appropriately engaged in outreach to the community, industry and their professions will often have a conflict arise.
The key to USU’s Conflict of Interest Policy (USU Policy #307) is to avoid allowing bias caused by any secondary interest to influence the discharge of the employee’s university-related duties. This is accomplished by providing for appropriate management of conflicts of interest as they arise. Institutional officials of the University have a duty to work with employees in their areas to provide oversight of conflicts of interest and to ensure that appropriate conflict management plans have been developed and submitted to the Conflict of Interest Committee of the University. USU’s federal compliance manager in the Office of Compliance Assistance provides support to USU’s administration and faculty as they eliminate or minimize the effects of individual conflicts of interest.
Institutional Conflicts of Interest
Institutional conflicts of interest arise whenever the financial or other interests of the university or of an institutional official acting within his or her authority on behalf of the university, may introduce bias into the decision-making processes of the institution. An example might be choosing a specific vendor for a purchase when the individual making the decision will be financially advantaged because of the transaction. Other institutional conflicts can exist when the University owns equity in start-up companies that are based on its inventions.
When conflicts exist, it is in the interest of both the individual and the institution to separate responsibilities for operations from responsibilities for finances. USU’s Institutional Conflict of Interest Policy, No. 310, provides for this separation. Institutional officials are uniquely affected by this policy because of their fiduciary responsibilities at the University – representing the interests of students, employees and the public at large. As with individual conflicts of interest, the university provides for proper disclosure, management and reporting of institutional conflicts of interest. These activities are overseen by the Office of Compliance Assistance.
Internal Audit Service (IAS) has the responsibility for reviewing complaints and allegations of a fiscal or related compliance nature. This includes complaints and allegations made under the statutes of the State of Utah and university policy.
IAS performs these duties through an investigative process designed to address the complaint issues and to provide guidance with internal control issues that may develop as a result of the investigation.
There is no specific venue or format limiting how complaints/concerns must be communicated, but there is a basic need/expectation that the information provided will establish sufficient predication for review.
Complaints/concerns are received from a variety of sources and venues:
•Direct from the complainant as a specific communication (in-person, through letter/email or phone call or established hotlines)
•Referral from colleges and university offices
•Audits or other Internal Audit Services engagements
•Through the news media
The Internal Audit Services hotline (435-755-7118) is a resource for all university faculty and staff to raise issues, seek advice and report concerns related to proper business conduct and ethical dilemmas. This telephone hotline has been designated to receive information about improprieties or other concerns. If calling after hours please leave a voice mail. Internal Audit Services will respond to your concern(s) in a timely and professional manner. The hotline has been designed to ensure anonymity unless the caller provides their name.
Overview of Investigation Process
The first step is generally a preliminary fact finding stage to determine if the complaint presents the predication needed for an investigative review. If the complaint may be more appropriately addressed by another area such as Human Resources for personnel issues, Student Services for student issues, Office of Affirmative Action/Equal Opportunity for affirmative action issues, USU Police Department for criminal issues, university counsel for legal issues, it is referred to the appropriate area.
After the preliminary review, assistance may be requested from the unit head, the university’s general counsel, or the university police department. For each investigation, assigned Internal Audit Service’s personnel must document their independence from the issues presented.
Fact-finding and evidence gathering procedures should be as objective as possible. Employee interviews are conducted as necessary. Evidence gathered should be from sources independent of the unit or subject employee when possible.
At the conclusion of the investigation, a report is issued to appropriate management and, if necessary, to prosecuting officials.
Scientific misconduct is defined by federal statute (Title 42 of the Code of Federal Regulations, Section 50), and in USU policy as any incident of fabrication, falsification, or plagiarism in proposing, conducting, or reporting research. It does not include honest error or honest differences in interpretations or judgments of data. Fabrication refers to the making up of data which were not observed as purported. Falsification includes the changing of data or the way in which observations are reported, and spans a broad spectrum, from omitting observed data points from reported data sets to wholesale changing of data to fit the investigator’s hypothesis. Plagiarism is the claiming as one’s own material that is the product of someone else’s work.
USU assures that it supports scientific integrity through an established program of guidelines for reporting incidents of misconduct, and conducting prescribed inquiries and investigations.
USU Policy #306, “Research,” (under development) provides guidance to all university employees and students regarding scientific misconduct. In addition, Policies #407, “Academic Due Process: Sanctions and Hearing Procedures,” and #403, “Academic Freedom and Professional Responsibilities,” address scientific misconduct, also referred to in the policies as “research fraud.”
Whenever an instance of scientific misconduct is observed, employees and students of USU are encouraged to bring an allegation forward, which will be handled in accordance with USU’s most recently published “Scientific Misconduct Procedures.”