FASB has issued a proposed update to accounting standards, with new disclosure requirements for financial instruments that contain separately presented embedded derivatives. Companies would be required to disclose the carrying amount, measurement attribute, and line item in both the balance sheet and income statement under certain circumstances. More inside.
Compliance officers have become targets for regulators because of what they (presumably) know and advise about regulatory requirements—including their role in identifying and reporting of violations. Now compliance officers face personal liability even for failure to act, rather than any direct violation. This week, Compliance Week columnist Jose Tabuena explains how escalation processes provide protections for compliance, as well as for the company itself.
Companies that move data throughout Europe, or beyond its borders, face a long and exacting list of privacy and security demands. Some companies are choosing to take advantage of Binding Corporate Rules (BCRs), presenting their data compliance framework for approval by data protection authorities. BCRs, despite a lengthy approval process, may hold numerous benefits. We looked at how First Data, a payment technology company in Atlanta, undertook the process.
Software vendors offer a range of products known as “enterprise legal management” to help the legal department analyze spending, discern patterns, and manage costs. Given that many legal costs are the result of some governance or compliance risk, is there an opportunity to use enterprise legal data to improve your GRC program? The answers aren’t clear yet, but they are intriguing. More inside.
With yet another huge data breach hitting Corporate America—add insurance giant Anthem to the Hall of Shame—internal audit departments are trying to pinpoint what expertise they can bring to the company’s cyber-security risk assessment. Plenty, many audit executives say. “There are technical aspects of these projects, but regardless of the technicality, internal audit can add a lot of value to this,” says Tom O’Reilly, head of internal audit at Analog Devices.
Compliance officers are under constant pressure to demonstrate to senior executives, their boards, and regulators that the compliance function works. That means finding ways to measure compliance program effectiveness. To develop those metrics properly, “you have to define your goals,” says Anne Harris, former chief ethics officer of General Dynamics. Inside, compliance executives share their approaches to capturing and reporting compliance metrics.
Reputation risk is the strategic business issue for many boards and senior executives today, and yet few know how to address it well. “Reputation is an ‘amplifier risk,’ because it attaches itself to other risks,” says Andrea Bonime-Blanc, head of consulting firm GEC Risk Advisory. She and others recommend several concrete steps to manage reputation risk, but they are not the sort of controls and processes you’re used to. More inside.