Compliance Week Coverage

Electronic Information Deluge Putting a Strain on Records Management

May 22, 2012

Despite increased resources and good intentions, companies are still fumbling when it comes to executing a comprehensive information management program that balances the unique needs of physical and electronic documents. A recent survey from Iron Mountain found that nearly three-quarters of respondents said they lacked a cohesive, multi-year strategy for records and information management. More survey results inside.
 

Maintaining an Effective Compliance Program

May 22, 2012

Building out a first-rate compliance program is no easy task, but it's still only the start of the process. Maintaining its effectiveness by keeping up with rapidly changing regulations, assessing compliance gaps and filling them, and mitigating ongoing compliance risks are all necessary to ensuring that a compliance program stays on track. Details inside.
 

JPMorgan Loss Illustrates Difficulties of Adopting the Volcker Rule

May 22, 2012

JPMorgan Chase's $3 billion loss on derivatives trades has reignited a debate over what the final version of the Volcker Rule should include. A problem flagged by the bank's debacle is that there is no clear-cut answer to whether its actions would have violated the rule in its current form. "The fact is that proprietary trades and hedges look very much alike," says Peter Wallison, former general counsel of the Treasury Department.
 

Next XBRL Hurdle Approaches

May 22, 2012

Come June 15, as many as 7,000 non-accelerated filers will need to imbed all financial statements, including footnotes, with the XBRL interactive data tags. Plenty of companies are finding the undertaking to be daunting and a drain on resources. "It's like the days of Sarbanes-Oxley," says Ron Baden, chief customer officer at financial applications provider Host Analytics. "They're scared to death." Details inside.
 

Court: Disclosing to the Government Waives Privilege

May 22, 2012

The Ninth Circuit Court of Appeals recently joined several other courts in striking down the idea of "selective waiver," when it ruled that a company or individual couldn't voluntarily disclose information to the government and retain attorney-client privilege on it. "You should just assume that a document that goes to the government will no longer be privileged," Michael Doluisio, a partner with law firm Dechert, says.
 

Proxy Access Efforts Starting Slow

May 15, 2012

Efforts by shareholders to win the right to nominate board members directly haven't fared well so far this proxy season. Many companies successfully petitioned the SEC for permission to ignore proxy access proposals. Of 22 proposals, only three have gone to a vote and all of them lost. Still, shareholder activists say they aren't about to give up the fight. Details inside.
 

Integrating Risk Appetite and Risk Management

May 15, 2012

Three years after the financial crisis, it's clear that companies still struggle with how to manage risk in the organization; just ask JPMorgan. Part of the difficulty: Getting a handle on risk across the organization is a complex undertaking which requires a careful balancing act. Integrating a formal statement of risk appetite with the risk-management program is an important step. Details inside.
 

Shareholders Weigh Derivative Suits to Push Governance Change

May 15, 2012

A shareholder derivative lawsuit brought this month by the California State Teachers Retirement System—its first ever—against Walmart is creating concern among companies that such suits could become a more common tool to push for governance changes. "The focus of this action, unprecedented in CalSTRS history, is corporate governance reform," said CalSTRS Chief Executive Officer Jack Ehnes.
 

Supreme Court Rules Against Corporate Liability Under TPVA

May 15, 2012

The U.S. Supreme Court ruled that companies can't be held liable for claims under the Torture Victim Protection Act, because the law only applies to individuals. And while the high court has yet to rule on another case that asks whether companies can be held liable in the United States for human rights abuses abroad under the Alien Tort Statute, it may have tipped its hand on where it stands. Details inside.
 

A Push for Audit Quality Could Send Costs Higher

May 15, 2012

After several large audit firms scored poor marks on their most recent round of audit inspections, many are responding by stepping up their game. They are investing more in training and staff, and planning on giving problem areas more scrutiny—all of which could drive costs higher. "We are doing a number of things differently," says Robert Moritz, chairman of PwC's U.S. operations. More inside.
 

What's the Holdup With Dodd-Frank Rulemaking?

May 08, 2012

The Volcker rule is slated to go into effect this July. One problem: A final version of the rule still doesn't exist. In fact, many of the final Dodd-Frank Act rules still aren't written. So what's the holdup? One impediment is that regulators must do better cost-benefit analysis after a court ruling last year. "That's a huge undertaking, and it's going to slow things down," says Hal Scott, a professor at Harvard Law School.
 

Recipe for Anti-Corruption Successes: Due Diligence, Diverse Messaging

May 08, 2012

Much goes into doing anti-corruption properly, but there are four broad categories that top companies focus on: assessing corruption risks, devising controls against them, implementing those controls and procedures with the local workforce, and then following up with constant monitoring. Inside, more lessons for building an effective anti-corruption program.
 

OSHA Memo Cautions Against Discriminatory Workplace Safety Policies

May 08, 2012

An internal notice at the Occupational Safety and Health Administration contains several warnings for employers on workplace policies and procedures that could be considered as retaliation against whistleblowers. Among the potentially questionable practices are awards and bonus programs tied to injury rates. Details inside.
 

PCAOB Contemplates Its Next Move on Improving Audit Quality

May 08, 2012

The Public Company Accounting Oversight Board may be cooling on its idea of mandatory audit rotation, but don't expect it to walk away from the idea of putting new measures in place to improve audit quality, including strengthening the role of the audit committee. "We're all anxiously awaiting exactly what they'll decide to do," says James Comito, a shareholder at audit firm Mayer Hoffman McCann.
 

Compliance Rescues Morgan Stanley From FCPA Prosecution

May 08, 2012

Morgan Stanley was exonerated from Foreign Corrupt Practices Act violations last month, despite a guilty plea by one of its top executives. The Justice Department and the SEC are citing the bank's strong compliance program for why it declined to pursue charges. "Corporate America has been sent a clear message that those who try will be rewarded," says Roy Snell, CEO of the Society of Corporate Compliance and Ethics.
 

How Not to Go Public

May 01, 2012

Online coupon purveyor Groupon got a rude awakening early in its public-company life: The Internet darling was forced to drastically revise down earnings and to admit to several internal control weaknesses. Shareholders quickly filed lawsuits. Such suits are likely to become more common now that the JOBS Act makes it easier for companies to go public without proper control systems. More inside.
 

Banks Collaborating on Account Management Automation

May 01, 2012

The world's largest banks are working together to build a system that will standardize and simplify the management of their corporate clients' bank accounts. Known as eBAM, the system automates the process and uses common terms to manage accounts. It also simplifies creation of reports that aggregate and analyze data, makes it easier to audit the accounts, and improves security features for clients. Details inside.
 

Enterprise GRC Systems: Ready When You Are

May 01, 2012

After years of industry consolidation, integrated enterprise governance, risk, and compliance systems are ready for prime time. The systems can produce sophisticated risk analytics, real-time reports, and alerts on control failures. To take advantage of these GRC system features, however, internal processes must be thoroughly understood and cataloged. Details inside.
 

Finding FCPA Violations in Employee Expense Reports

May 01, 2012

Travel and entertainment expenses have long been a haven for abuse, but since the dollar amounts are often insubstantial, companies don't always pay close attention to them. Companies are now finding, though, that they can be a conduit for bribes. "If T&E goes unchecked, it can make a company susceptible to allegations of corruption," says Andrew Levi, head of the Miami office at investigation firm Nardello & Co. How to root out fraud? More inside.
 

SEC Churns Out JOBS Act Guidance

April 24, 2012

Since the JOBS Act was signed into law early this month, the SEC has issued three separate sets of guidance and called for a round of comments. The swift action is surprising to some given the JOBS Act's not-so-investor-friendly reputation. "The SEC is known to dislike the JOBS Act, but this shows good sportsmanship by jumping in," says Andrew Fabens, partner at the law firm Gibson, Dunn & Crutcher.
 

Rethinking Segregation-of-Duties Systems

April 24, 2012

Many companies haven't reassessed their segregation-of-duties strategies since Sarbanes-Oxley forced them to nearly a decade ago. Now second-generation governance, risk, and compliance systems are providing far more sophisticated tools to manage segregation of duties and provide a better grasp on internal controls. Details inside.
 

How Compliance Officers Conquer Stress

April 24, 2012

The compliance officer job is a stressful one, and the pressures are only getting worse. Finding ways to cope can make the difference between just treading water and running an effective compliance function. Successful compliance officers find ways to garner support from top management and the board, work across the organization to partner with business units, and make a business case for their organization. More details inside.
 

COSO Framework Overhaul Sparking Deeper Debates

April 24, 2012

COSO's effort to update its famed, but 20-year-old, framework for managing internal controls has sparked a deeper debate this spring about how companies should approach internal control overall. "Some of COSO's own members are critical of the draft. It speaks to the fact that these organizations took their role seriously," says Norman Marks, vice president at SAP. A closer look is inside.
 

Finding the Corruption Needle in the Haystack

April 24, 2012

Every organization should have a strong anti-corruption program that includes detection systems and processes and a response plan to assess, investigate, and resolve issues. Inside, the latest installment of our GRC Illustrated series outlines the major steps for implementing and refining a corruption investigation process.
 

International Compliance Programs: Think Globally, Act Locally

April 24, 2012

Squaring the need for a single global ethics and compliance program with the diverse range of cultures around the world has never been easy. Monitoring and reporting tools help, but there's no substitute for in-person visits. "All too often compliance teams make themselves unapproachable. You have to avoid that at all costs," says Greg Triguba, principal at Compliance Integrity Solutions.
 

The High Cost of FCPA Investigations

April 17, 2012

Forget about fines and penalties to settle a Foreign Corrupt Practices Act investigation; simply conducting one can run into the hundreds of millions of dollars. Just ask Avon: The cosmetics company has spent $249 million since 2009 to investigate charges of FCPA violations. Inside are more examples of those racking up massive FCPA costs and tips to hold down expenses.
 

Sustainability Grows on the Shareholder Agenda

April 17, 2012

Social and environmental issues continue their upward march in importance to shareholders, comprising 46 percent of the shareholder proposals filed so far this proxy season. "It's really about transparency: reporting what you're doing so that investors can decide if they agree with it or not," says Steve Starbuck, leader of Ernst & Young's climate change and sustainability practice. How can companies avoid nasty proxy fights? Read inside.
 

Regulators Move Closer to Deciding Who's 'Too Big to Fail'

April 17, 2012

Regulators are one step closer to putting the "Systemically Important Financial Institutions" label on several large, non-bank financial institutions. Companies swept into the SIFI net will face huge regulatory demands. "Those institutions have to develop much more seamless, more sustainable, robust infrastructure for complying with these reporting requirements," says Jitendra Sharma, head of global financial risk management for KPMG.
 

Outlook for Data Security in the Cloud Starting to Brighten

April 17, 2012

Cloud computing has a long list of benefits, and two big risks: data security and compliance weakness. Take heart, however; while those problems are still a long way from being solved, cloud providers are starting to make inroads. Providers are doing more to certify their compliance strength and to create service agreements that make moving data onto the cloud much less of a leap of faith. Details inside.
 

Shop Talk: Dodd-Frank and Data Overload

April 17, 2012

Every compliance officer working on Wall Street these days seems to be drowning in data, from the Dodd-Frank Act requirements to report on risk management to the new supervisory standards from the Federal Reserve. Two weeks ago in New York, a group of compliance officers from some of Wall Street's biggest firms met to discuss the deluge. Inside is our complete rundown of the conversation.
 
 

How Individuals Can Win Non-Prosecution Agreements With the SEC

April 10, 2012

The SEC announced a landmark non-prosecution agreement last month, declining to prosecute a person (rather than a corporation) after he provided significant assistance during an investigation. The agency also issued guidance on how to win such credit. But rather than give executives a pathway to their own personal NPA, the guidelines illustrate just how difficult it will be to earn such a pass. More details inside.
 

Sunshine Act Putting the Heat on Healthcare Firms

April 10, 2012

Drug companies and medical device makers still await final language for the "Sunshine Rules" of healthcare reform, but most are already building systems to comply with the disclosure requirements to come. Worry No. 1: that they won't be able to verify data that third parties give to them. "It's a fairly complex task to pull all the information together in a usable format," says Glenn Engelmann, former general counsel for the U.S. unit of Astra Zeneca.
 

With Pay-for-Performance, It's the Performance That Really Counts

April 10, 2012

New evidence is emerging that for all the complex calculations that go into tying executive pay to performance, investors view it pretty simply: If they don't like the company's performance, they'll vote against the pay package, details be damned. "Overwhelmingly, it's the criteria investors across the spectrum use to evaluate whether they'll vote for the pay plan," says Tim Smith of Walden Asset Management. More inside.
 

Remaking Internal Audit to Focus More on Strategic Risks

April 10, 2012

Once upon a time, internal audit departments were busy enough with reviewing financial statements and Sarbanes-Oxley compliance. But as company risks have exploded in recent years, the modern audit department has had to reconfigure its skills and priorities to match. The emerging result: audit departments pressured to understand what drives the business and to build deeper relationships with top managers. More inside.
 

Obama Administration Issues New Data Privacy Standards

April 10, 2012

The federal government's latest attempt to protect consumer privacy—a set of privacy standards published by the Obama Administration six weeks ago—doesn't have the force of law behind it. But the standards do suggest where privacy law may go in the future, and companies would do well to study the standards' core principles. "Consumer trust is vital," says Fred Humphries, vice president of U.S. government affairs for Microsoft.
 

New Tax Man Tactics in United Kingdom

April 03, 2012

The United Kingdom begins another fiscal year this week with the country short on cash, meaning yet another year of the Crown stepping up collection of corporate taxes to help close the gap. This year, however, the government will employ a new tool to force companies to disclose possible tax evasion more quickly if they want to stay on the government's good side. Full details inside.
 

The Future of Compliance: Metrics and Communicating Risks

April 03, 2012

What's on the horizon for compliance and ethics? Metrics and communicating risks will dominate the agenda, say compliance executives. As companies expand overseas, they need better tools to measure and identify risk areas such as corruption. "The compliance function has become much more about metrics, especially for third-party vendors," said Brackett Denniston, general counsel at GE. More inside.
 

Measuring the Effectiveness of Compliance

April 03, 2012

The saying is that what gets measured gets managed. But apply that wisdom to the question of measuring the effectiveness of an ethics and compliance program, and things start to get a bit fuzzy. Inside, we take a look at the art of measurement: the metrics, the people doing the measuring, and how you snap all the data into one picture.
 

Risk Study Outlines Strategic Shift

April 03, 2012

A new study of corporate risk-management efforts has spotlighted a burgeoning effort to shift toward a more strategic, board-level, "are we prepared to recover?" approach that might help companies withstand today's risk environment. "Risks are more interconnected, and the ramifications of risk are happening at a faster pace than they ever have in the past," says Ken Coy, U.S. leader for PwC's governance, risk, and compliance practice.
 

Many Struggling With Risk Disclosures

April 03, 2012

Two years after the Securities and Exchange Commission enacted new proxy disclosure rules requiring companies to reveal more about how their boards oversee risk, many companies are still struggling with how to communicate aspects of their risk-management programs effectively. According to a recent study, disclosures are too basic and lack details on the company's approach to risk.
 

New Swap Rules Put Compliance Burden on Dealers

April 03, 2012

Swaps dealers finally have a clear sense of their new compliance duties—and should prepare themselves accordingly. The new rules require them to measure market, credit, liquidity, and foreign exchange risks daily, and that could have a broad effect on the swaps market. "Corporate treasurers are not paying any attention, but they may find themselves scrambling to comply," says Andrea Kramer, a partner at law firm McDermott, Will & Emery.
 

PCAOB Kicks Off Auditor Rotation Debate

March 27, 2012

A who's who of the auditing world convened at the Public Company Accounting Oversight Board last week for two days of discussion about term limits for audit firms' engagement with clients. Opinions were predictably diverse, and consensus was rare. Goodyear CFO Darren Wells, for example, said auditor rotation should only be required after an audit failure. More views inside.
 

How to Boost Your Merger and Acquisition IQ

March 27, 2012

Merger and acquisition activity is on the rise in high-corruption risk countries, but far too many companies conduct insufficient corruption due diligence, even while regulatory scrutiny of the area has increased. Inside, the latest installment of our GRC Illustrated series outlines the major steps for evaluating corruption risks in acquisitions.
 

SEC Speaks on Proxy Access

March 27, 2012

The SEC's latest batch of decisions on no-action letters offers a bit more insight for companies looking to thwart shareholder proposals about access to the proxy statement. The good news: The SEC did give several companies permission to ignore such proposals. The bad news: Most of those were issued for technical reasons, not any broad attempt by the SEC to limit shareholder proxy access. More details inside.
 

Targeting the Demand for Facilitation Payments

March 27, 2012

A group of energy companies is banding together to press countries where demand for facilitation payments is high to adopt new practices that combat such requests. Among the solutions the group is pursuing are better documentation of government service fees and procedures, automated payment processes, and more training for officials. The group now hopes to expand beyond its own industry. Details inside.
 

How BizJet Convinced the Justice Department to Go Easy

March 27, 2012

After aviation maintenance company BizJet uncovered potential Foreign Corrupt Practices Act violations, the company reacted swiftly, launching an internal investigation and notifying the Justice Department. The actions earned the company goodwill for "extraordinary cooperation," and a 30 percent reduction in its FCPA fines. More details inside.
 

JOBS Act Inspires Criticism of Regulatory and Governance Rollback

March 27, 2012

The newest members of the public company ranks will now have five years to avoid corporate governance requirements, thanks to the JOBS Act passed by Congress last week. Critics say the measure will do little more than play to scam artists. "With securities fraud running at a record level ... any reasonable person would understand there needs to be adequate protection of investors," says Lynn Turner, governance activist and former SEC chief accountant.
 

Building an Effective Global Anti-Corruption Program

March 20, 2012

What are the hallmarks of a best-in-class anti-corruption compliance program? Anti-corruption experts cite five standard elements: a risk assessment, one global set of standards, wise use of technology, a strong tone-at-the-top, and constant monitoring of effectiveness. Companies that incorporate these characteristics will go a long way toward reducing corruption risks. More inside.
 

Remediation Center: Right-to-Audit Clauses in Third-Party Contracts

, March 20, 2012

In our latest Remediation Center, a reader asks about the wisdom of right-to-audit clauses in third-party contracts when you know you have no manpower to do an audit. Inside, two experts offer their (somewhat differing) views on how to square a good idea with our under-resourced reality.
 

Compliance Week Podcasts ...

Every week we chat with leading thinkers in compliance, auditing, risk management, public policy and more. These short (10-15 minutes) interviews are free to all. Follow Compliance Week podcasts on iTunes.

Compliance Week LinkedIn Group

Compliance Week now has a companion group on LinkedIn, where members can network and discuss the compliance and governance news of the day. Open to all compliance professionals, free to join.

Survey of the Week


Deloitte is conducting their annual Look Before You Leap: Managing Risks in Global Investments survey to better understand the approaches companies are taking to address compliance and integrity-related risks in emerging markets. 

Thought Leadership

The Risk Intelligent CCO
Sponsored by Deloitte

FCPA Compliance
Sponsored by Kroll Advisory Services

Upcoming Webcasts

ERP Security "Health Check"
Sponsored by ControlPanel GRC

Financial Continuous Monitoring
Sponsored by Infor

Event of the Week

World Class Financial Assurance
Sponsored by Infor