Pharmaceutical Compliance Program Elements

Pharmaceutical Compliance ForumSeptember 15, 2009Bridgewater, NJ

John T. BentivoglioSkadden, Arps

Matthew D’AmbrosioProstrakan, Inc.

2

Topics of Discussion

• U.S. Sentencing Guidelines

• HHS OIG Guidance

• DOJ Guidance on Compliance Programs

• Advanced Pharma Compliance Issues

• Discussion

A Brief History of Corporate Compliance

1991

U.S. Federal Sentencing Guidelines

1996

CaremarkDecision

2001

Enron Collapse &

TAP Settlement

2002

PhRMACode

&

SOX

2004

Amended SentencingGuidelines

1997

OIGModel

ComplianceGuidelines

(Clinical Labs)

2003

OIGPharma

Guidelines

&DOJ’s

ThompsonMemo

Compliance Time Line

2005

Corporate Sentencing Guidelines provide

reduction in fines for “effective” compliance

programs.

“Seven Elements” introduced.

Creates a cause of action against board members for

failing to take minimal steps to achieve legal compliance –now known as a “Caremark

Claim”. Guidelines for US Attorneys in charging corporations.

Focus on real v. “paper” programs.

Focus is on creating a “culture of compliance”

2007

FAR3.10

California Compliance Law

2008/ 2009

New Pharma

CIAs

&

New PhRMA

Code

4

U.S. Sentencing Commission Guidelines• Sentencing guidelines for individuals and corporations

mandated by Sentencing Reform Act of 1984

• Chapter 8 contains the “Organizational Guidelines” – First issued in 1987– Included definition of an “effective compliance program” for

purposes of sentencing (Section 8B2.1. Effective Compliance and Ethics Program)

– Set forth “seven elements” of an effective compliance program

• Significant changes in 2004– Added ethics/cultural component – Added periodic risk assessment (effectively an eight element)

U.S. Sentencing Commission Guidelines

• 2004 – Amendments: – Broadens the goal of an effective compliance and ethics program to include

promoting a culture of compliance rather than just deterring wrongdoing.• The carrot and stick approach.

– Establish standards & procedures to prevent & detect criminal conduct.

– Imposes increased responsibilities for compliance on directors, officers, and other senior management

– Program must have adequate resources and appropriate authority.

– Training at all levels now a requirement.

– Maintain and publicize a reporting system.

– Risk Assessment required to design, implement, modify seven elements.

6

(1) The organization should develop standards and procedures to prevent and detect criminal conduct.

(2) The organization’s governing authority shall be knowledgeable and exercise reasonable oversight of the program and high-level person shall be assigned responsibility for compliance program implementation.

(3) The organization shall use reasonable efforts not to include within the substantial authority personnel the organization knew or should have known has engaged in illegal activities or other inappropriate conduct.

(4) The organization should communicate and train employees on compliance issues

“Effective Compliance Program” Defined

7

(5) The organization should monitor and audit to detect criminal conduct; periodically evaluate program effectiveness, and have an internal system to report misconduct

(6) Compliance rules should be promoted and enforced consistently through (A) incentives; and (B) disciplinary measures for engaging in criminal conduct and for failing to take reasonable steps to prevent or detect criminal conduct.

(7) Where misconduct is detected, organization shall respond appropriately, including making changes to compliance program.

“The organization shall periodically assess the risk of criminal conduct and shall take appropriate steps to design, implement, or modify each requirement set forth in subsection (b) to reduce the risk of criminal conduct identified through this process.” [Added in 2004]

“Effective Compliance Program” (cont’d)

8

Pharma Guidance: HHS OIG

HHS OIG: Roles and Activities

• Civil and criminal investigations involving Federal HCPs

• Negotiation of Corporate Integrity Agreements

• Anti-kickback regulations, safe harbors, and advisory opinions

• Compliance Program Guidances for industry sectors

• Program oversight & evaluation

9

HHS OIG: Activities of Interest to Pharma Companies

• Compliance Program Guidance for Pharmaceutical Manufacturers

• Anti-Kickback Regulations, Safe Harbor and Guidance

• Corporate Integrity Agreements (CIAs)

• Other HHS OIG Guidance Activities

10

HHS OIG Compliance Program Guidance

• Issued May 2003

• Based on seven elements framework in USSC Guidelines

• Guidance notes relevance to device manufacturers

• Follows guidance for hospitals, physicians, DME suppliers, labs, etc.

11

HHS OIG Guidance (cont’d)

12

HHS OIG Guidance for Pharma

“B. Application of Compliance Program Guidance

Given the wide diversity within the pharmaceutical industry, there is no single ‘‘best’’ pharmaceutical manufacturer compliance program. The OIG recognizes the complexities of this industry and the differences among industry members. Some pharmaceutical manufacturers are small and may have limited resources to devote to compliance measures. Conversely, other companies are well-established, large multi-national corporations with a widely dispersed work force. Some companies may have well-developed compliance programs already in place; others only now may be initiating such efforts. The OIG also recognizes that pharmaceutical manufacturers are subject to extensive regulatory requirements in addition to fraud and abuse-related issues and that many pharmaceutical manufacturers have addressed these obligations through compliance programs. Accordingly, the OIG strongly encourages pharmaceutical manufactures to develop and implement or refine (as necessary) compliance elements that uniquely address the areas of potential problems, common concern, or high risk that apply to their own companies (or, as applicable, to the U.S. operations of their companies).”

13

Pharma Guidance (cont’d)

“For example, although they are not exhaustive of all potential risk areas, the OIG has identified three major potential risk areas for pharmaceutical manufacturers: (1) Integrity of data used by state and federal governments to establish payment; (2) kickbacks and other illegal remuneration; and (3) compliance with laws regulating drug samples. The risk areas are discussed in greater detail in section II.B.2. below. The compliance measures adopted by a pharmaceutical manufacturer should be tailored to fit the unique environment of the company (including its organizational structure, operations and resources, as well as prior enforcement experience). In short, the OIG recommends that each pharmaceutical manufacturer should adapt the objectives and principles underlying the measures outlined in this guidance to its own particular circumstances.5 “

U.S. Department of Justice (DOJ)U.S. Department of Justice (DOJ)Thompson / McNulty MemorandumThompson / McNulty Memorandum

• Principles of Federal Prosecution Corporations: • Outlines the factors considered by DOJ when deciding whether to prosecute a

corporation for actions taken by employees.– Focuses on past actions in making charging decision (in contrast to OIG exclusion

process, which focuses on integrity of company to participate in Federal HCPs in the future)

• Factors considered:– Nature and seriousness of the offense

– The pervasiveness of wrongdoing in the company

– The corporation’s history of similar misconduct

– The existence and adequacy of the company’s pre-existing compliance program.

– The corporation’s timely and voluntary disclosure of wrongdoing & cooperation

– The corporation’s remedial actions – including compliance programs

– Collateral consequences – shareholders, employees not involved in misconduct

• What is an “adequate and effective” program?• The program is not merely a “paper program”.

• Essentially, DOJ is looking for compliance program elements from USSC Guidelines .

• All Government Contractors with contracts over $5,000,000 must have:– Written code of ethics and business conduct– Established employee ethics and compliance training

programs– Internal control systems to facilitate the timely discovery and

disclosure of improper conduct in connection with government contracts

– Ensure that corrective measures are promptly instituted

• Contractors also must affirmatively disclose potential misconduct when they have credible evidence of certain unlawful activities

Federal Acquisition Regulations – FAR Section 3.10

Advanced Pharma Compliance Issues

• Board Oversight

• Management Accountability

• Compliance Controls for Drivers of Behavior

• Internal Tracking and Monitoring

• Internal Investigations and Follow-Up

Board Oversight

Board Oversight (cont’d)

Board Oversight (cont’d)

Management Accountability

Management Accountability (cont’d)

Management Accountability (cont’d)

Management Accountability (cont’d)

Controls for Drivers of Behavior

Drivers of Behavior (cont’d)

Drivers of Behavior (cont’d)

29

Internal Tracking & Monitoring:Internal Tracking & Monitoring:Financial RelationshipsFinancial Relationships

30

Internal Tracking & Monitoring:Internal Tracking & Monitoring:Financial RelationshipsFinancial Relationships

31

Internal Tracking & Monitoring:Internal Tracking & Monitoring:Medical InformationMedical Information

32

Internal Tracking & Monitoring:Internal Tracking & Monitoring:Field Observations (RideField Observations (Ride--Alongs)Alongs)

33

Internal Tracking & Monitoring:Internal Tracking & Monitoring:Field Tracking SystemField Tracking System

34

Internal Tracking & Monitoring

Pfizer Serono S-P (2006)

Purdue Jazz Cephalon Pfizer

Review of Detailing Records (i.e., Verbatims) x x x x xMonitoring and Review of Requests for Off-Label Information

x x x x x x

Ride-Alongs x x x x

Field Supervisor Monitoring x x

Speaker Monitoring x x

Call Notes and/or Sales Records Review x x

Publication Monitoring x

35

Internal Tracking & MonitoringInternal Tracking & Monitoring

36

Internal Investigations & RemediationInternal Investigations & Remediation

37

Internal Investigations & RemediationInternal Investigations & Remediation

38

Internal Investigations & RemediationInternal Investigations & Remediation

39

Internal Investigations & RemediationInternal Investigations & Remediation

40

Internal Investigations & RemediationInternal Investigations & Remediation

41

Internal Investigations & RemediationInternal Investigations & Remediation

42

Concluding Thoughts

• The “seven elements” establish the basic framework for compliance programs

• But the pharma business model requires a more sophisticated approach to compliance than in other, less-regulated industry sectors

• While the “front end” components (e.g., structure, policies and standards, training) are important, the “back end” components (e.g.,auditing and monitoring, internal investigative procedures, enforcement of discipline, remedial measures) are critical in implementing more than a paper program

• In evaluating a compliance program, prosecutors will examine how the program worked in practice:

• Tone at the top• Forecasts, goals, and strategic plans• Intake and investigation of internal allegations of misconduct• Remedial efforts post-internal investigation