Lessons in Cardiac Company Fraud Settlement
A medical device company based in Oregon has agreed to pay $12.95 million to settle charges that it ran a sham training program as a vehicle to pay kickbacks to doctors, in a case that offers compliance professionals plenty of lessons about internal controls and third-party risk.
The company is Biotronik, a maker of defibrillators, pacemakers, and other cardiac devices. The company and the Justice Department announced their settlement Friday afternoon for misconduct that allegedly transpired from 2013 through 2021. Two employees who first filed a whistleblower lawsuit on behalf of the U.S. government will also receive $1.25 million split between them.
The heart of Biotronik’s scheme, so to speak, was a training program the company required for new employees. Biotronik hired physicians to train those new employees on how to assist doctors when implanting Biotronik’s cardiac devices. Except, the Justice Department said in the settlement agreement, Biotronik’s sales team had too much influence in the selection of training physicians, and sent employees “to an excessive number” of training sessions that had little or no value. In some instances, doctors ran training sessions where no trainees were present at all.
In other words, Biotronik’s sales team used the employee training program as a vehicle to funnel bribes to doctors, who would then use Biotronik medical devices sometime in the future.
Biotronik also had a second line of misconduct where the company paid for lavish meals, travel, and entertainment for doctors. For example, Biotronik routinely didn’t require sign-in sheets for meals with physicians; nor did the company have adequate procedures to verify the number of attendees or to confirm whether the meals had a legitimate business purpose. In absence of such controls, Biotronik employees sometimes falsified receipts and participant lists to make it seem like spending stayed within compliance limits.
To be clear, Biotronik denies the allegations on behalf of itself and its physician partners, and both parties stipulate that the settlement is not an admission of liability. Still, the compliance community can draw plenty of lessons from the conduct in question here.
Third Parties and Documentation
What struck me most was that the allegations described here almost perfectly fit the issues raised in the Justice Department’s FCPA Resource Guide for handling third parties. Right there on Page 62, the guide lists several steps a company should have in place to manage third parties. For example:
- Understand the qualifications of the third party you plan to use;
- Have a clear business rationale for the third party you plan to use;
- Understand the payment terms, and whether the money you’re paying to the third party is a fair and reasonable amount for the work provided.
Obviously the FCPA Resource Guide is intended for compliance with the Foreign Corrupt Practices Act, and the three steps above are meant to apply to overseas agents and intermediaries you might use in foreign markets. Nevertheless, those three steps are just as useful for companies in the healthcare sector, which need to navigate their own set of anti-bribery statutes right here in the United States.
So when compliance officers at pharma or medical device companies are looking at their company’s interactions with physicians, and wanting to develop anti-bribery policies and procedures, use those three bullet points from the FCPA Resource Guide as a starting point. You can ask, “How would we establish criteria for doctors we might invite to run training or speak at conferences? How do we define the value we get from such appearances, and whether we’re paying a fair price?”
From there, compliance officers can collaborate with sales, product, and medical affairs teams at your company to devise specific policies, procedures, documentation demands, and other controls.
Let’s go back to Biotronik. Hiring doctors to train employees on your products isn’t unreasonable unto itself, but that means you need a logical, thoughtful plan for which employees get what sort of training — a “clear business rationale” for the third party you want to use.
According to the Justice Department, Biotronik didn’t do that. It sent employees to attend that “excessive number” of training sessions without first conducting an adequate assessment of trainees’ need for additional training. In some instances, Biotronik salespeople, including managers, intentionally prevented otherwise qualified trainees from completing the training program simply so doctors could rack up more billable hours with the company.
We could apply that same approach — “Why are we using this third party? How are we justifying the business purpose? What are we getting for this amount of payment?” — to other anti-bribery compliance obligations, too. For example, to demonstrate the legitimate business purpose of a doctor speaking at a conference, you would need to know the number of attendees and the program’s agenda; so you’d need policies and procedures to collect that information. Again, the Justice Department says this is something Biotronik didn’t do.
That’s the bigger picture here for compliance professionals. To satisfy the FCPA Resource Guide’s recommendations on managing third parties, you’ll need documentation explaining why you’re engaging with the third parties you use. Those three bullet points above help you bridge the gap between documentation you’ll need to provide, and the procedures you impose upon employees and third parties to generate it.
Importance of Compliance Culture
By now many of you might be thinking, “I already know all this, and we’re trying to implement that at my company — but the sales team keeps sidelining us!” That’s a fair point, and actually is the other significant lesson from the Biotronik case.
Time and again, the Justice Department said, Biotronik compliance staff wanted to exert some authority over the employee training program and other spending showered upon doctors; but the sales team overruled their efforts.
For example, several times during the period in question, Biotronik’s compliance and training departments warned that the sales team had too much influence in selecting doctors to lead training. (Question that the board, auditors, or others could ask: Why should the sales team have any influence at all over the selection of corporate trainers?)
In dribs and drabs, Biotronik moved toward a more compliance-focused approach to training and spending. In 2017, the company added new compliance measures to govern the training program, limited the number of training events, and started paying doctors less (the amount had originally been $400 per employee session). The company hired a new CEO in 2019 who put more emphasis on compliance. Most recently, in April 2021 Biotronik hired a new vice president of compliance, Jason Spinazzola, who has been working in medical device compliance for nearly 20 years.
So the bottom line is that, as always, senior-level support for a strong compliance function matters most. Meanwhile, Biotronik is also a fascinating look at how bribery violations can happen at a business, and the steps a compliance officer can take to understand the policies and procedures that will help your company avoid that fate.