The recent Request for Information by the Federal Trade Commission (FTC), Department of Justice (DOJ) and Department of Health and Human Services (HHS) seeking input on the effects of private equity (PE) investment in the healthcare sector underscores the importance of an effective compliance program. The best way to limit your exposure as a PE firm is to avoid a compliance misstep in the first place. Additionally, an effective and robust compliance program for your portfolio company makes it much more attractive to potential buyers and helps avoid an unexpected and costly investigation or valuation hit down the road. Use this checklist to assess whether your portfolio company’s compliance “house” is in order.
Confirm the portfolio company has established an effective compliance program that is aligned with Office of Inspector General’s General Compliance Program Guidance.
- Is there an appropriate “tone at the top” and compliance culture? Has the entity designated a compliance officer or a person responsible for ensuring compliance activities are completed? Does that person have a direct reporting line to the board?
- Has the organization adopted written policies and procedures, including a code of conduct, that address the appropriate risk areas for the particular company at an enterprise-wide level? Is the organization providing appropriate training, including mandatory compliance training on an annual basis, on these policies and procedures?
- Does the organization promote open communication with the compliance officer and a method for anonymously reporting compliance concerns, such as a compliance hotline?
- Has the organization’s leadership and board identified and analyzed the key regulatory risks to the portfolio company? Does the organization periodically conduct audits based on those identified risks? For example, has the organization recently conducted an internal billing and coding audit and an audit of other areas of high compliance sensitivity (including HIPAA)?
- Is the portfolio company following obligations to report and refund overpayments, Stark Law violations or similar obligations relating to federal healthcare programs? Don’t wait for a potential buyer to discover this (or other compliance issues) in due diligence.
Identify the PE firm’s role and risk profile in the portfolio company’s overall organizational structure.
- Do members of the PE firm or its operating partners hold legal officer titles at the portfolio company level? Although it is expected that members of the PE firm will serve on the board of directors of the portfolio company, holding an officer title presents additional oversight obligations for day to day operations beyond the board level that could result in exposure for the PE firm.
- How involved are you in hiring executives for the portfolio company and do you directly oversee those executive officers? Consider the optics of setting performance metrics or expectations based on growing federal healthcare program business and specific service lines.
- Are you directly facilitating or implementing new business programs at the portfolio company that involve revenue growth from federal healthcare program business? Seek regulatory guidance on the front end before implementing new programs that potentially implicate federal and state laws.
- What is the portfolio company’s market share in individual markets? To the extent the portfolio company is engaged in acquisitions, the PE firm and the board should analyze potential antitrust issues that may result from increased market share. Work with antitrust counsel to determine how a “market” should be defined and the market penetration that a proposed acquisition may bring. Transactions may be challenged as anti-competitive under federal and state laws, even though pre-transaction notice filings under antitrust laws are not triggered based on the size of the transaction and parties.
- Does the portfolio company intend to make equity incentive awards to physicians or others who have the ability to drive business? If so, consult outside counsel before awarding any equity to assess whether the transaction complies with both the Stark Law and the federal Anti-Kickback Statute.
Ensure that attorney-client privilege protects both the PE firm and the portfolio company.
- When engaging legal counsel, who is named in the engagement letter as the client? Should the engagement of outside counsel cover both the PE firm and the portfolio company?
- If the portfolio company has separate counsel and receives advice that needs to be shared with the PE firm, are appropriate measures taken to avoid a possible waiver of the attorney-client privilege?
- Is outside counsel being included in all email communications regarding sensitive issues between management and the board, retaining the argument that the attorney-client privilege protects the communication?
- Consider whether outside counsel should be included in board meetings to protect the attorney-client privilege with respect to discussions of sensitive issues.
- Engage outside advisors for valuations, billing and coding audits, and internal investigations through outside counsel to maintain attorney-client privilege.
With the potential for PE investment in the healthcare industry to come under added government scrutiny, taking these steps will help PE firms avoid possible compliance missteps and avoid an unexpected and costly investigation.