Skip to main content

Commercial Compliance Readiness

How to establish a proactive compliance program that facilitates profit retention and not profit prevention.


The number of small to medium-sized pharmaceutical (pharma) companies launching a product for the first time has steadily increased over the last few decades. Whether they’re launching their first product or an established product in a new geography, companies are undoubtedly establishing and maintaining an effective compliance program in accordance with local laws, regulations, and country codes. Compliance not only ensures adherence to local laws and regulations but also plays a pivotal role in maintaining profitability rather than becoming an obstacle to it.

While newly appointed General Counsel or Chief Compliance Officers (CCOs) are often tasked with creating compliance program roadmaps to prepare for launch, they rarely have the time, resource(s), and/or experience required to do so. Fortunately, for companies with US operations, the Office of Inspector General (OIG) has provided manufacturers with a roadmap for compliance in their Compliance Program Guidance for Pharmaceutical Manufacturers.2 The OIG’s Compliance Program Guidance includes 7 recommended elements that companies can use as a wireframe, but the OIG expects companies to adapt this guidance to design a program that is deeply aligned with their anticipated business activities. If you operate internationally, enforcement agencies outside the US are also looking for companies to adopt similar compliance programs. For example, the Organization for Economic Cooperation and Development (OECD), a treaty organization of economically developed democracies committed to prosecuting foreign bribery, has also developed standards for a compliance and ethics program in the OECD Principles of Corporate Governance.

International companies with US operations must ensure they meet US standards, and OIG guidance can serve as a reference point in these efforts. For these companies, a global compliance program should be implemented that aligns with the applicable national and international regulations. Additionally, these companies must put in place protocols to comply with the Foreign Corrupt Practices Act, a US law that prohibits bribery and corruption involving foreign officials.

This is no easy feat, which is why first-time pharma product launchers’ General Counsel or CCOs often turn to an experienced partner for help. Amplity Compliance has supported more than 100 commercial launches by conducting assessments of their business activities, developing strategies to implement their commercial compliance program, and ensuring the right mix of people and technologies needed to execute and support it are in place. Read on for a breakdown of our best practices relative to each step of our commercial compliance process.

Commercial Compliance Assessing Readiness

First-time product launchers should start thinking about the people, processes, and technology needed to support their commercial launch anywhere from 12 to 24 months from their anticipated launch date. We recommend companies begin with a readiness assessment before they start drafting their compliance launch roadmap.

This assessment should include an itemization of short- and long-term goals and a gap analysis that considers the current processes, people, and technology as well as the desired future state of the compliance program. While conducting meetings with your medical and commercial teams as part of this assessment, be sure to capture all commercial risks (e.g., potential for off-label use, market access complexities, patient support, etc.). Once you’ve gathered all the necessary information, generate a recommended path forward by considering the results of your assessment with sub-paths for your medical and sales teams tailored to your specified commercial risk areas.

This analysis helps create a clear route forward, addressing potential commercial risks and ensuring a smooth product launch.

Establishing a Commercial Compliance Program

In our experience, a comprehensive compliance program brings business efficiencies and, as a welcome bonus, peace of mind to your commercialization strategies. Therefore, following the completion of a thorough readiness assessment, companies should begin drafting a compliance program that aligns with the philosophy and program structure recommended by the OIG as well as the business goals of the organization.

The OIG Compliance Program Guidance for Pharmaceutical Manufacturers can be used as a starting point, but companies must align their specific compliance policies and procedures with their anticipated business activities. We’ve provided examples for each of the 7 elements included in the OIG’s Compliance Program Guidance for Pharmaceutical Manufacturers:

Written Policies and Procedures

Out-of-the-Box Example

Business-Aligned Example

Drag-and-drop policy templates with irrelevant business practices.

Customized policies designed to enable business success while preventing regulatory risk.

A Compliance Officer and Compliance Committee

Out-of-the-Box Example

Business-Aligned Example

All responsibilities fall to the General Counsel or Chief Compliance Officer.

Strategic oversight provided by the Chief Compliance Officer with designated compliance leads(s) and committees to effectively support the different needs of the business.

Tip: If your company is global or has subsidiaries, consider appointing a country-level compliance officer and country-level compliance committees within each subsidiary. This doesn’t mean you need to hire all different people; you just need the right organization structure.

Employee Training and Education

Out-of-the-Box Example

Business-Aligned Example

Lengthy, plain-text policy document followed by a “check the box to confirm you’ve read and understood the content and the spirit of the content.”

Typically, these forms are scrolled through quickly, with little to no content absorption or comprehension. Blended (in-person and digital) engaging training and education programs designed to drive a thorough understanding of compliant activities and compliant behaviors relevant to individual roles and company expectations.

Blended (in-person and digital) engaging training and education programs designed to drive a thorough understanding of compliant activities and compliant behaviors relevant to individual roles and company expectations.

Customized learning management system that hosts processes and procedures for easy, ongoing reference; continuously improves to adapt to the ever-changing industry landscape; and stores reliable documentation of historical records.

Effective Lines of Communication

Out-of-the-Box Example

Business-Aligned Example

Compliance hotline that’s difficult to find; limited human interaction.

Address compliance questions and concerns in real time via readily available resources (eg, an anonymous reporting system that allows communications with reporters, an ask-me-anything helpline service, a dedicated compliance resource to support the sales team).

Internal Monitoring and Auditing

Out-of-the-Box Example

Business-Aligned Example

Infrequent manual expense report reviews and field ride-alongs (often identifying issues dating back months).

Ongoing risk-based monitoring and auditing with natural language processing and artificial intelligence auditing things like call/interaction records, expense reports, and healthcare professional service arrangements like advisory boards to catch and correct before little things become big problems.

Prompt Response and Corrective Action for Detected Problems

Out-of-the-Box Example

Business-Aligned Example

Recommendations of well-publicized disciplinary guidelines to use as a reference.

A protocol that is integrated into auditing and monitoring activities and is designed to promptly correct problematic behavior before it could lead to severe consequences for both the employee and the company that involves line management.

Enforcement Through Discipline Pursuant to Published Guidelines

Prompt Response and Corrective Action for Detected Problems

Out-of-the-Box Example

Business-Aligned Example

Templated, vague investigation and corrective action process documentation.

Standardized templates and procedures that involve line management in corrective-action decisions designed to prevent future occurrences.

In contrast to the out-of-the-box examples, business-aligned standards are obviously better suited for an effective compliance program. Remember, a company’s compliance program is a representation of its commitment to the highest standards of corporate conduct.

Where to Turn for Help

Adapting the OIG’s guidance to design a program that is deeply aligned with anticipated business activities takes time and expertise. If you do not have the time and internal resources to design and implement a program, you may turn to an external partner for assistance. When engaging a partner, here are a few things to think about:

Are they experts in pharmaceutical compliance, and do they understand your organization’s business objective(s)?

eg, Are you a start-up? Are you under a Corporate Integrity Agreement (CIA)? Do your products have a Risk Evaluation and Mitigation Strategy (REMS)?

Many consulting firms have one-size-fits-all compliance programs staffed by generalists who have never worked with a pharmaceutical manufacturer. As we know, our industry is complex and unique. For example, marketing materials are not regulated in most industries but are an incredibly important component of pharma compliance.

Will this partner understand who you are and what you are trying to do, or will they sell you a generic solution?

Commercial compliance programs should be written with your organization’s specific business goals and company culture in mind. When trying to quickly implement a paper-based compliance program, a partner may be quick to provide templated policies that can be either irrelevant, or worse, contradictory to your anticipated business activities. Irrelevant policies can interrupt sales force effectiveness with hefty administrative processes that distract field forces from meaningful customer engagement. Once exposed, contradictory policies will require huge amounts of time and energy to correct. For example, out-of-the-box policies often state that medical teams can only communicate with healthcare professionals via unsolicited requests for medical information, but many companies now allow their medical science liaisons (MSLs) to proactively communicate with key opinion leaders (KOLs) about a product consistent with the approved label. Therefore, you want your company policies to be written in a manner that reflects the needs of your medical and commercial strategies.

Could your partner have a vested interest in the solution they are recommending?

An honest assessment of what is best for the organization should be the primary focus. When assessing a partner, be sure they don’t have a hidden agenda. The partner should be capable of crafting policies and procedures that align with the company’s needs, without pushing irrelevant or contradictory solutions. Find a partner you can trust to conduct an honest assessment to determine what is best for your organization.


A proactive compliance program is not a barrier to profit but a means to ensure profitability while adhering to legal requirements. Choosing the right partner for compliance assistance is critical. Companies should look for partners who are experts in pharmaceutical compliance and will take the time to understand their business objectives. With the right guidance and partnership, companies can navigate the complexities of compliance and achieve successful product launches and business growth.

With a proven track record of supporting over 100 commercial launches, Amplity Compliance experts can help assess readiness, identify risks, and develop a comprehensive compliance program that aligns with both the OIG’s recommendations and the company’s unique goals and culture. Amplity Compliance is a team of experts who know what to do, when to do it, and how to do it appropriately. If you would like more information on how Amplity Compliance could support your compliance needs, click here.