Skip to main content

Compliance and Ethics FAQs

Fraud FAQs

Q: What is fraud?

Fraud is the use of your occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization's resources or assets. Fraud is normally considered to be a criminal act, and employees who commit fraud may be terminated, fined, and/or imprisoned depending on the severity of the fraudulent act. For additional information, see System Administrative Memorandum 01.C.04 - Reporting/Investigating Fraudulent Acts


Q: What are some examples of fraud?

Examples of fraud include, but are not limited to:

  • Stealing cash or checks
  • Falsifying timesheets or workers comp claims
  • Falsifying expense reimbursements
  • Personal use of university credit cards or long distance codes
  • Stealing property or supplies
  • Personal use of university assets (occasional local phone calls are okay)
  • Outside employment that conflicts with university employment
  • Awarding contracts to friends or relatives
  • Awarding scholarships/grants based on personal or financial relationships as opposed to merit
  • Seeking or accepting gifts or favors from vendors or contractors in exchange for placing orders or awarding contracts
  • Purposefully falsifying financial statements


Q: What types of issues should NOT be reported through the Fraud & Non-Compliance Hotline, and what are the other avenues for reporting these issues?

Examples of issues that should not be reported through Fraud & Non-Compliance Hotline include:

Issue in the Workplace Contact
  • Employee/supervisor disputes
  • Affirmative Action/EEO issues
  • Harassment or misconduct
Campus Relations/Affirmative Action Officer
Phone: 713-221-8060
  • Violent crimes, breaking and entering, or burglary
  • Medical emergencies
  • Fire
UHD Police Department
Phone: 713-221-8065 or 713-221-8911
  • Hazardous waste spill
  • Problem with the building
Environmental Health and Safety
Phone: 713-221-8040
  • Problem with the building
Facilities Management
Phone: 713-221-8026

Compliance FAQs

Q: What is the Institutional Compliance Program?

Board of Regents Policy 42.01, established a framework for an Institutional Compliance Program for the UH System.  The UHD Compliance Program was established to develop standards and procedures to help ensure UHD's compliance with federal and state laws and regulations as well as UHD and UHS policies. 

Examples of external rules and regulations:

  • Federal information security laws (FERPA, GLB, HIPPAA, etc.)
  • State purchase and payment regulations
  • Sponsor requirements on research grants


Q: What are the elements of an effective Compliance Program?

The elements of an effective Compliance Program are based upon the requirements of the United States Sentencing Guidelines, revised in November 2018. They include:

  1. Existence of written standards
  2. Effective oversight
  3. Due care in delegation of authority
  4. Training
  5. Monitoring
  6. Discipline
  7. Corrective Action
  8. Periodic assessment of risks
Q: What are the consequences of non-compliance? 

The consequences of non-compliance can negatively impact UHD as well as the individual(s) involved.

The University could suffer:

  • Fines, penalties and legal fees
  • Negative media coverage
  • Imposed compliance "settlement" requirements
  • Loss of funding sources
  • Increased regulatory and audit agency scrutiny
  • Increased bureaucracy
  • Reduced faculty and staff morale
  • Management, faculty and staff turnover
  • The lingering effect of a tarnished reputation in higher education

Involved individuals could suffer:

  • Disciplinary action up to and including termination
  • Fines
  • Tax proceedings
  • Imprisonment (depending on the severity of non-compliance)


Q: What if I see something that is wrong? What should I do?

You have several options for reporting another employee's conduct that you suspect may not be in compliance with applicable laws, rules, regulations, and policies.

  1. Notify your Supervisor or UHD Management
  2. Notify the Compliance Officer (Stefany Records at 713-221-8636)
  3. Notify the UHS Internal Auditing Department (713-743-8000)
  4. Use the Fraud & Non-Compliance Hotline


Q: Am I protected against retaliation if I report suspected fraud or compliance violations?

Yes. Employees who report unlawful activity in good faith are protected by The Texas Whistleblower Act (Texas Government Code, Chapter 554.002. The reporting employee cannot be suspended or terminated from employment.


Q: What are types of risks?

We typically associate risks with financial matters; however, any issue or circumstances that negatively impacts the ability to meet our business objectives represents a risk to UHD.  This includes:

  • Strategic Risks: Risks that affect our ability to achieve our goals and mission
  • Financial Risks: Risks that may result in a loss of our assets
  • Operational Risks: Risks that affect our ongoing management processes, such as the installation of a new administrative system
  • Compliance Risks: Risks that affect our adherence to externally imposed laws and regulations as well as internal policies and procedures
  • Reputational Risks: Risk that affect our reputation as an institution of higher education


Q: With all of the concerns about risk, who is responsible for resolving the risks?

Compliance with applicable laws, rules, regulations, and policies is the personal responsibility of every employee at UHD. Each one of us is a risk manager because we are all presented with risk each day in the workplace. We all have resources at our discretion, such as staff, finances, property, and information. What we do or do not do with those resources can either cause risk or mitigate risk.

The UH System Internal Auditing Department identifies risks in the course of doing audits and brings those concerns to our attention.

The Compliance Officer and members of the Institutional Compliance Committee at UHD coordinate the oversight of the identified high level "A" risks via a Risk Management Program that includes the monitoring of controls, training of policies and procedures, implementing predefined consequences for non-compliance and taking appropriate action to mitigate the risks.