Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.
e-Book: Getting a Grip on Third-Party Entity Risk
Most global companies conduct business with thousands of suppliers, resellers, distributors, joint-venture partners, and other third-parties. These business partners create risks, and those risks keep expanding. In this e-Book, produced by Compliance Week in cooperation with NAVEX Global, we look at how companies are assessing third-party risks and adopting strategies to address them. Click here to download.
French power and transportation giant Alstom SA agreed Monday to pay $772 million to settle criminal violations of the Foreign Corrupt Practices Act, setting a record for largest FCPA settlement ever. Deputy Attorney General James Cole called Alstom’s misconduct "astounding in its breadth, its brazenness and its worldwide consequences," involving bribes to government officials around the world. Alstom’s U.S. subsidiaries will work under deferred-prosecution agreements.
MoneyGram International’s former chief compliance officer, Thomas Haider, has been fined $1 million by the Treasury Department’s Financial Crimes Enforcement Network for failing to ensure that his company abided by the anti-money laundering provisions of the Bank Secrecy Act. Concurrently, the U.S. Attorney’s Office for the Southern District of New York is seeking to bar Haider from future employment in the financial industry.
Financial regulators have just updated their examination manual for anti-money laundering compliance, giving financial firms plenty of holiday reading on how they should structure their AML programs. “The big changes are in areas where things have moved forward: virtual currency, prepaid cards, changes in the SAR rules, aggregation for country transaction reports,” says Robert Axelrod, head of AML consulting at Deloitte. “These are areas where there is just more going on.”
It’s official: The SEC will not roast companies over an open flame if they continue to use the old COSO framework for internal controls into 2015. That said, SEC staffers also warned at the annual AICPA conference last week that their largesse will not last long, and a bevy of other experts offered opinions on how to put COSO’s new framework to work as quickly and effectively as possible. Full details inside.
Effective compliance programs hinge on good training and proper metrics to see how your training influences employee behavior. That was the subject of Compliance Week’s latest executive roundtable, held in Washington and sponsored by LRN. Complete coverage is inside, from what effective metrics look like to how effective training works.
A small army of SEC officials attended the annual AICPA conference last week, offering all manner of advice to financial reporting executives struggling to comply with external reporting rules. One subject: how to achieve better disclosure with fewer words. “We are aware there are some registrants that seem to have navigated those challenges in practice,” SEC official Cicely LaMothe said. We have a run-down inside, including good ideas from Intel, Brown-Forman, General Electric, and elsewhere.
Each day, it seems another big-name company falls victim to a cyber-attack. The new framework for assessing the security flaws, developed by the National Institute of Standards and Technology, may be intended for critical-infrastructure companies, but other businesses may find that its guidance offers more help than the mélange of existing regulations and industry standards they already face.
Compliance officers, internal auditors, fraud investigators, controllers—these days, all of them might work at one company together to assist the business in managing risk. The trick to effective governance, however, is to assign all those professionals (and more) to their proper places in the Three Lines of Defense model for assurance and risk management. Inside, columnist Jose Tabuena explores the logic behind that model and how to structure your organization’s control processes to support good governance.