COMPLIANCE PROGRAM OVERVIEW
Xtant Medical (“Xtant” or the “Company”) is committed to compliance with the laws that govern our business, and we have implemented the following to assist us in meeting this commitment.
The Compliance Program is intended to apply to all officers, directors and employees, as well as independent contractors who provide services on behalf of the Company, and is a series of internal controls that promote the prevention, detection, and resolution of conduct that does not conform to the Company’s Code of Conduct. The Program is intended to be an integral and routine part of the Company’s operations and to demonstrate the Company’s commitment to the highest standards of ethics and compliance.
The Compliance Program includes organizational support in the form of a Compliance Committee consisting of:
• Chief Executive Officer
• Chief Financial Officer
• Chief Operating Officer
• General Counsel
The Compliance Committee is responsible for providing advice and guidance to the Board of Directors, and the senior management on matters relating to the operation of the Company’s Compliance Program. The Committee’s functions include analyzing the Company’s legal and operational environment and implementing policy revisions and/or improvements in compliance training to minimize regulatory risks and ensure compliance with applicable laws.
TRAINING AND MONITORING
The Compliance Program also includes periodic training on the Code of Conduct, the legal and regulatory requirements applicable to our business and the Compliance Program’s process for obtaining guidance on compliance issues and reporting possible violations.
In addition, the Company will undertake auditing and monitoring to help ensure that the Code of Conduct and other Company policies are adhered to as a routine part of our operations.
REPORTING AND INVESTIGATING MISCONDUCT
It is the responsibility of each employee to report possible violations of applicable laws or regulatory requirements or of the Code of Conduct. Employees are encouraged to raise their concerns with their supervisor first or, if more appropriate, with a manager or other appropriate personnel. Personnel and human resources issues should continue to be addressed through the Human Resources Department, and policies related to employment matters are contained in the Company’s Employee Handbook.
Possible violations of the Code of Conduct also may be reported directly to the following dedicated e-mail address: email@example.com. In addition, reports may be submitted anonymously in writing to the Compliance Committee at Xtant Medical’s corporate offices at 664 Cruiser Lane, Belgrade, MT 59714. It should be recognized, however, that the submission of an anonymous report limits the Company’s ability to obtain additional information that may be necessary or helpful to the investigation of a reported matter.
The Compliance Committee is responsible for ensuring that all reports are promptly investigated. Where appropriate or necessary, the Compliance Committee may refer such matters to appropriate management personnel for resolution.
The ability to discuss ethical and legal issues without fear of retribution is vital to the effectiveness of the Company’s Compliance Program. Xtant Medical will make every effort to maintain, within the limits of the law, the confidentiality of any individual who reports possible misconduct. Xtant Medical will not tolerate retaliation against any employee who, in good faith, reports an ethical or legal concern.
RESPONDING TO VIOLATIONS
Where an internal investigation substantiates a reported violation, it is our policy to initiate timely and appropriate corrective action. Such action may include, as appropriate and without limitation, notifying government agencies, imposing disciplinary action, terminating contracts or implementing training or systemic changes to prevent similar violations from recurring.
All managers should make consistent and reasonable attempts to identify misconduct committed by employees or others that they supervise. Managers may be sanctioned for failing to instruct their subordinates adequately or for failing to identify noncompliance with applicable policies or legal requirements where reasonable diligence on their part could have identified the problem.
CONTINUOUS DEVELOPMENT AND REFINEMENT OF COMPLIANCE POLICIES AND PROCEDURES
Because compliance is an ongoing process, the Compliance Program will be updated with new and amended policies and procedures that address specific areas of risk to the Company. Towards that end, the Compliance Committee shall be responsible for conducting periodic evaluations of the Compliance Program, and for implementing appropriate measures to enhance the Program’s effectiveness.
In addition, all relevant corporate departments are responsible for developing and distributing written policies and procedures that address issues of compliance risk in their areas.
Questions concerning the Compliance Program should be directed to the Compliance Committee at (406) 388-0480 or firstname.lastname@example.org.
For the complete Compliance Policy, Code of Ethics and Conduct: compliance-policy