Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.
e-Book: What to Look Out for When Implementing the COSO Framework Update
In this e-Book, produced by Compliance Week in cooperation with Workiva, we consider some of the challenges companies are facing as they work to implement the updated COSO internal control framework and improve their control systems. We also look at some of the strategies they are taking as they assess what they need to do to adopt the revised framework. Download here.
Be careful what you call a “foreign business.” The Securities and Exchange Commission says it is seeing too many instances of companies trying to call their joint ventures “foreign businesses” for financial reporting purposes. Perhaps that’s because the reporting requirements might be easier to meet. See inside.
2014 was a banner year for enforcement of the False Claims Act, with more civil fines and damages than ever before—but the penalty amounts aren’t what should alarm companies; the growing list of industries in the government’s crosshairs is. “Virtually any industry that does business with the federal government is affected,” says Craig Margolis of the law firm Vinson & Elkins. Details inside.
While companies await results of the SEC’s ongoing review of its disclosure regime (hint: do not hold breath), they can just as well try the same at home. Creating a disclosure committee, cutting redundancy in 10-K risk factors and MD&A sections, spotlighting material information, and using charts and graphs are some ways to do the task yourself. We have more inside.
As we move into 2015 and the good economic times that seem to be carrying the United States along, it’s time for a refresher course in Why Ethics & Compliance Matter. We have two new examples of misconduct—one from Brazil, the other from New York—that can go straight into your training materials. Compliance Week Editor Matt Kelly has more inside.
The Federal Trade Commission is cracking down on companies with questionable advertising disclosures. The Food and Drug Administration, meanwhile, may allow shorter lists of side effects in drug and medical device ads, even as it prepares tougher standards for how these companies use online advertising and social media. The focus on fine print is prompting businesses to re-evaluate policies and approval processes for these needed caveats.
Internal auditors with not enough to do, cheer up: Digital marketing risk is emerging as a new headache to keep you busy. Data theft and fraud are rampant, and ways to find and seal up those weaknesses aren’t entirely clear. “It’s a newer area,” says Bill Michalisin of the Institute of Internal Auditors. “There is a need for peers to share strategies they can start to put into place to address this.”
Compliance Week columnist Jose Tabuena continues his look at the Three Lines of Defense model this month by examining how a company can parcel out all its oversight functions across the three lines. Can compliance report to the risk-management function? (Yes.) Can internal audit and compliance be combined? (Only if you avoid several pitfalls that undermine independence.) How would an Office of Governance work? His thoughts inside.