The Chief Compliance and Risk Officer (hereafter, the CCRO) is a new position at Towson University. The CCRO reports to the University’s General Counsel, with a dotted-line report to the President. This position oversees and manages the University’s compliance function and compliance risk management, and is an integral part of the University’s Enterprise Risk Management (ERM) program. The CCRO works in a consultative and collaborative manner with other established compliance functions throughout the University, and provides leadership in managing numerous compliance obligations. As the compliance and risk management leader, the CCRO is responsible for establishing policies, standards and implementing procedures to ensure that the compliance programs throughout the University encourage a culture of integrity, accountability and transparency, and that compliance risk owners are effective and efficient in identifying and correcting noncompliance with applicable rules and regulations and ensuring that reporting obligations are met, that risk is properly assessed and mitigated. Description The CCRO oversees and coordinates all University compliance and risk areas, working with relevant compliance function experts/owners, including (but not limited to) all compliance aspects of research activities, academic programs, human resources, finance/tax, export controls, and health and safety. Owns and maintains the compliance risk portfolio; chairs the University’s Enterprise Risk and Compliance Committee (ERCC), a group of professionals throughout the University who oversee all compliance risks. Conducts a regular, semi-annual facilitated compliance risk assessment with senior leadership. Develops and chairs appropriate committees and working groups to monitor on-going compliance and risk issues and new compliance obligation(s). Oversees and manages SpeakTU-- a confidential hotline of reports of noncompliance with law or policy, and ensures tracking, investigation and resolution of such reports.
This position develops, initiates, maintains, and revises policies and procedures for the general operation of the University’s compliance and risk function and its related activities to prevent illegal, unethical, or improper conduct. Coordinates with the Director of Management, Advisory and Compliance Services at the University and with the Internal Auditor at the University System of Maryland (USM). Develops the annual compliance and risk work plan, which reflects the University’s highest-priority compliance risks as denoted in the ERCC’s compliance risk portfolio. Coordinates all reporting requirements per USM ERM policies and procedures; develops University compliance and risk management policies and procedures, as needed; identifies potential areas of compliance vulnerability and risk through peer and subject matter expert interactions, develops and implements corrective action plans for resolution of problematic issues. Provides sound and risk balanced guidance to University leadership, faculty, and staff on compliance obligations. Responds to alleged violations of rules, regulations, policies, procedures, and other standards of conduct by evaluating or recommending the initiation of investigative procedures through established policies and procedures and in close collaboration with the Office of General Counsel, the Director of Management, Advisory and Compliance Services, and USM Internal Audits. Works in collaboration with the Director of Management, Advisory and Compliance Services, and USM Internal Audits, investigates and acts on allegations, including the design and coordination of internal investigations and any resulting corrective actions. Assists the Office of the General Counsel in responding to government investigations and queries as appropriate. Maintains current knowledge of laws and regulations, keeping abreast of recent changes. Directs the University’s compliance and other risk management partners at the divisional level in establishing methods to improve efficiency and quality of services, and to reduce the vulnerability to fraud, abuse, and waste. Develops, coordinates, and participates in a multifaceted educational and training program (in concert with Human Resources and other offices) that focuses on the elements of the compliance program, and seeks to ensure that all University members are knowledgeable of, and comply with, applicable federal and state standards. Works closely with the Office of Information Security, Environmental Health & Safety and Accreditation and Compliance Services. |