With the General Compliance Program Guidance updates released in November 2023, we wanted to take the 7 elements of a compliance program and break it down. What are the 7 elements? Why are they important and how can these elements be implemented? Recap elements 1-4 on Part 1 & elements 5-7 will be reviewed below.

5. Enforcing Standards: Consequences and Incentives

Part of a compliance program includes creating and applying uniform disciplinary actions for non-compliance and possible incentives for staff that maintain compliance. There may be multiple levels of consequences including anything from re-education to termination.

An organization’s compliance program can also include incentives for staff to maintain compliance. Incentives can be linked to metrics in a bonus calculation. For example, % of employees reporting to a manager who completed compliance training on a timely basis.

Why is This Important?

  1. It is important to have disciplinary policies and actions in place that are communicated with staff, so they are aware of the repercussions for any non-compliance actions.
  2. Developing incentives and/or performance review processes which encourage staff to be more aware of and maintain compliance.


  1. Develop disciplinary actions that should be placed in all levels of the organization. It is important to make sure that the actions that are developed are consistently enforced.
  2. In addition to developing disciplinary actions, there should be a process developed for identifying, investigating and proceeding with any disciplinary actions.
  3. Create possible incentives for staff to encourage them to encourage staff to maintain compliance. It is important to make sure that these incentives align with your organization’s ethics and morals.

6. Risk Assessment, Auditing, and Monitoring

While it is great to have a compliance program developed, it is necessary for organizations to maintain and review the compliance program regularly to identify any gaps or concerns. This includes conducting risk assessments, audits and routine monitoring.

Why is This Important?

  1. Completing a risk assessment helps organizations to identify risks, allows them to analyze those risks, and then create a response to mitigate that risk. These risk assessments should be conducted on an annual basis.
  2. Auditing provides additional support in identifying and managing risks. Audits can be conducted on risks that were identified using the risk assessment. Other audits include claims reviews and exclusion checks.
  3. Monitoring helps to review your compliance program effectiveness and review that any implemented processes and systems are effective, and help locate any areas of improvement.


  1. Develop a plan to conduct a risk assessment on your compliance program. This plan should include a schedule for conducting on an annual basis.
  2. Once the risk assessment is complete, determine if there are any additional audits that can be conducted on those areas.
  3. What other audits can you conduct? Are you completing claims review audits or exclusion checks? If not, this would be a great place to start.

7. Responding to Detected Offenses and Developing Corrective Action Initiatives

Compliance programs should also include a process for investigating any concerns, the steps to remediate any violations, and analyzing the root cause of these violations to prevent a reoccurrence.

Why is This Important?

  1. Conducting investigations is necessary to determine the steps for reporting the violations, if necessary. Not doing so, could impact the integrity of the organization. If the investigation results in a violation that should be reported to the government, then ensure that this reporting is completed promptly.
  2. Completing an investigation allows an organization to find the root cause of the violation and make the necessary changes to prevent a reoccurrence. It also allows organizations to make any necessary disciplinary actions.


  1. A process should be developed on the steps of an investigation. This should include the investigation, the reporting process, and the process of implementing corrective actions.
  2. This process should be used to review any risks that were found when completing a risk assessment or audit that was discussed in the previous element. Depending on the frequency of these findings, the Compliance Officer should consider completing a compliance program effectiveness review.

The General Compliance Program Guidance does a great job of breaking down and providing additional details to guide organizations in developing and reviewing their compliance program. It is important to make sure that your compliance program includes all of the areas that are touched in this guidance, although the detail and steps that are taken and implemented will depend on your organizations size.

How Can LW Consulting Inc. Help?

LW Consulting, Inc. can help to alleviate some of the stress that comes with maintaining your compliance program. We have experience completing risk analyses and helping to identify gaps in your current compliance program, as well as helping to guide organizations in creating policies and procedures to fill those gaps.

LW Consulting, Inc. (LWCI) offers a comprehensive range of services that can assist your organization in maintaining compliance, identifying trends, providing education and training,  or conducting documentation and coding audits. For more information, contact LWCI to connect with one of our experts!