Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.

Keep me logged in Forgot your password?

Please wait...

Please wait...

The Latest Thought Leadership & White Papers

GHS Compliance: Mitigating the Risks of Evolving Chemical Regulations

April 17, 2014

This white paper addresses actions companies need take as the industry transitions to OSHA's Globally Harmonized System of Classification and Labeling of Chemicals (GHS).

Data: The Tail That Wags the Stress Test

April 16, 2014

Accurate and complete data is at the core of risk monitoring and bank stress testing scenarios. Independent research firm Aite Group finds that the presence of poor data quality in a bank's stress tests could possibly lead to adverse findings by the Fed about the bank's ability to accurately monitor risks in its business model.

Third-Party Anti-Corruption Management: Unmasking Risks

April 03, 2014

One of the more difficult tasks in managing the corruption risks that come with doing business with third parties is identifying those parties' true beneficial ownership. In too many companies, third-party due diligence stops at the point each party is on-boarded. When information that might indicate changes in beneficial ownership of a third party is captured, too often it is not managed throughout the enterprise in a way that allows for meaningful analysis of changes in corruption risk.

e-Book: The Current State of Dodd-Frank Compliance

March 28, 2014

Although the Dodd-Frank Act was signed into existence in July 2010, nearly four years later the Securities and Exchange Commission and other regulators are still completing the rules and regulations to put the law into effect, and much of it remains a work in progress. While we've worked to cover every phase of that rulemaking, from proposal to final rule, we thought it was a good time to step back and consider Dodd-Frank as a whole.

New! 2014 Ethics & Compliance Hotline Benchmarking Report.

March 27, 2014

How does your data measure up against NAVEX Global's 2014 benchmarks? This annual report will show you how to use internal and external measurements to interpret your own hotline data, differentiate between 'good' and 'bad' results, and address potential concerns.

e-Book: Trends in Bribery and Corruption Enforcement

March 26, 2014

Global bribery and corruption enforcement agencies have been busy lately. And it's not just the U.S. Department of Justice and the Securities and Exchange Commission that are ramping up enforcement of anti-corruption laws. Enforcement agencies in the United Kingdom, Brazil, China, and many other countries are strengthening their anti-bribery and corruption laws and pursuing violators with a renewed zeal. They are also working together more to share information and pursue cases jointly.

Guidebook: Understanding the Financial Value of GRC Management

March 18, 2014

Governance, Risk Management, and Compliance (GRC) technologies are often seen as sunk costs where the business value can only be defined as "the cost of doing business." To evaluate the return on investment of an effective GRC management program, Nucleus Research interviewed a number of IBM OpenPages customers in multiple industries, including financial services, IT professional services, utilities, and leisure.

Conflict Minerals Compliance: Observations and Recommendations for 2014 and Beyond

March 13, 2014

The Conflict Minerals Rule was adopted during August 2012 and took effect at the beginning of 2013. Since then, many companies have made significant progress in addressing the requirements of this complex rule, moving from determining applicability through establishing a compliance team, developing compliance procedures, and engaging in product filtering and vendor outreach.

Beyond the Balance Sheet: Assessing the Impact of the New Lease Accounting Standard

March 12, 2014

In this must-read analyst report, you will gain an understanding of the strategic, operational, and information technology effects of the new leasing standard, based on findings from a global survey of 179 senior finance and real estate executives from companies with revenue in excess of U.S. $1 billion.

Integrating Compliance with Business Strategy: The Skillsoft Compliance Maturity Model™

March 10, 2014

The relationship between compliance processes and business strategy can be difficult to get a handle on, sometimes leaving the issue undervalued by top-level executives. Nevertheless, understanding the effect compliance can have on your organization, from internal culture to bottom-line results, is more critical today than ever.

Pathway to Principled Performance

March 06, 2014

Just about all but the most corrupt companies want to achieve results while preserving integrity, but getting there is another story. It often involves integrating and orchestrating information and functions that, in many organizations, are fragmented and siloed.

e-Book: Top Global GRC Risks

February 26, 2014

In this e-Book, produced by Compliance Week in cooperation with NAVEX Global, we examine top governance, risk, and compliance trends taking shape, particularly those that will impact international companies based in Europe. First we look at 10 GRC trends developing now, including those related to data security and privacy, anti-corruption and anti-trust enforcement, global tax transparency, and new banking and energy sector regulations.

New! Comprehensive Guide to Policy Management

February 20, 2014

If you are looking for a deeper understanding of how to effectively and efficiently manage your organization's employee handbook, code of conduct, and policies and procedures, "The Definitive Guide to Policy Management" is your all-inclusive resource.

Managing Risk and Compliance Across the Extended Enterprise

February 05, 2014

Organizations are a complex and diverse system of processes and business relationships. Risk and compliance challenges do not stop at traditional organizational boundaries. Organizations struggle to identify, manage, and govern extended business relationships.

Practical Guidance on How to Embed the Necessary Skills Required to Effectively Mitigate Your Compliance Risks

February 04, 2014

From a recent study commissioned by SAI Global it has emerged that providing your employees with a skill set designed to affect their attitudes and drive the desired compliant behaviors allows you to mitigate your risks more effectively. Compliance training that goes beyond simply raising awareness of compliance policies & procedures not only ticks the box but is also more likely to engage your employees.

Bring Your Code to Life: Turning Mission and Values Into Behaviors That Win the Right Way

January 29, 2014

Companies are under greater scrutiny than ever in connection with how they do business, rather than simply what they do. This is fundamentally about behaviors, yet most companies are not as well placed as they might be to establish and reinforce the expectations of the right behaviors. Their codes of conduct, which ought to be the primary resource and guide here, are too often failing to connect with company purpose and values, leaving employees uncertain about why the right behaviors matter...

Collision Course: Voice, Dodd-Frank, and Recordkeeping

January 28, 2014

The SEC and FINRA are increasing the focus on electronic record-keeping to meet regulatory mandates, including SEC rule 17a-4. Financial services firms are also struggling to manage the impact of the Dodd-Frank Act, such as the new CFTC rules for trade reconstruction...

Top 10 Ethics & Compliance Recommendations for 2014

January 14, 2014

What should you be tracking with regard to ethics and compliance this year? Is your program prepared? We asked industry experts, colleagues and ethics and compliance officers what they see as the top issues pertaining to ethics and compliance in 2014. We've gathered their best thinking and prepared a summary of ideas that you should consider as you plan for the new year.

e-Book: New Risks, Strategies in the Fight Against Corruption

January 13, 2014

This eBook is produced by Compliance Week in cooperation with The Network and BDO. As global regulators increase enforcement of corruption and bribery laws and new regulations proliferate, the risks for companies are increasing. In response, companies are beefing up their anti-corruption programs and looking for new strategies to ensure they are in compliance.

The Next Generation Code of Conduct

January 06, 2014

What value can we gain from a code of conduct? Not much if the only reason we have one is to satisfy a legal requirement to do so. But quite a lot if we use it as the central hub of a well-thought-out and supported capability for driving corporate values and expectations for conduct into the fabric of the company culture and design a code system that truly can be measured for effectiveness...

e-Book: Assessing and Influencing Tone From the Middle

December 17, 2013

Compliance professionals have long appreciated the idea that "tone at the top"—the values espoused and acted upon by the senior management team—is critical to shaping an ethical corporate culture. What's now becoming clearer is that while tone-at-the-top remains important, middle managers play a major role in shaping the culture of the organization and influencing the behavior of their direct reports.

e-Book: 6 Lessons that Redefine Focused Compliance Training

December 17, 2013

A recent study conducted by a global third-party research firm, found that the number one driver for increasing ethics and compliance budgets is increased pressure from U. S. regulators and auditors. Are you feeling the pressure? With an ever-increasing list of topics that necessitate compliance training, how do you focus and prioritize your efforts?

Risk, Compliance, and IT: 5 Things Compliance Officers Need to Know

December 13, 2013

A comprehensive compliance program requires effective collaboration across key governance, risk, and compliance stakeholders throughout the organization. This is especially true when it comes to IT. Compliance often compels changes to business-critical IT applications. These complex changes affect the very core of your business intelligence, and organizations cannot afford to get this wrong.

Maximum Impact: E&C Program Effectiveness Beyond Design and Implementation

December 12, 2013

From managing risk to preserving reputation to enabling business performance—expectations of ethics & compliance (E&C) programs are evolving more rapidly than the capabilities of many companies to meet them. Rising to this challenge requires a rethink of how organizations conceptualize and evaluate E&C effectiveness. A well-designed, well-implemented program aligned with applicable guidance counts for little if it isn't consistently driving positive behavioral and operational outcomes across the enterprise.

e-Book: Rising Global Corruption Risks and Cross-Border Investigations

December 11, 2013

This e-Book is produced by Compliance Week in cooperation with KPMG. In this e-Book on corruption risks and cross-border investigations we look at what's driving corruption and bribery risks, from the proliferation of new laws in countries like China, Brazil, and Canada to the increased enforcement of anti-bribery laws around the world. We look at some of the hot spots for corruption, including Russia and Mexico, and provide insights on spotting bribes. As companies increasingly need to conduct investigations overseas, we also explore some of the challenges of cross-border investigations, including the data privacy and security issues that arise from moving information across borders. Finally, we examine some of the cultural norms in China that can complicate compliance and make internal investigations there more complex.

Risk-Based Education and Training

December 02, 2013

Acclaimed gaming industry thought leader Raph Koster writes, "Fun from games arises out of mastery. It arises out of comprehension. It is the act of solving puzzles that makes games fun." Koster is challenging designers to get away from the predictable, and therefore boring mechanics of games, but he might just as well be talking to designers of employee education programs. An effective training program starts with an analysis of who in the company needs to be taught what, and at how deep a level of understanding based on each person's effect on or exposure to a given threat, and the level of risk that threat presents to the organization. Determining how to ensure the required understanding is as important as deciding who needs to know what.

The Federated GRC Approach

November 04, 2013

Business is complex. Gone are the years of simplicity in business operations. Exponential growth and change in risk, regulations, globalization, technology, and business data encumbers organizations of all sizes. Keeping complexity and change in sync is a significant challenge for boards and executives, as well as governance, risk-management, and compliance professionals (GRC) throughout the business. GRC cannot be managed in isolated silos that lead to the inevitability of failure. Complexity of business and intricacy and interconnectedness of GRC requires that we have an integrated approach to business systems, data, and GRC processes.

Executive Brief Series: Jump-Starting Your Information Governance Program

October 31, 2013

The ViaLumina Executive Brief Series on Information Governance, complements of HP Autonomy, provides business leaders with a grounding in the fundamentals of information governance and how it should affect business, legal, and IT strategy. The third brief in the series of three provides senior executives with targeted, step-by-step strategies to get started tackling an information governance initiative in bite-size chunks. This paper offers practical advice on building allies and initiating faster return on investment projects, such as cleaning up worthless, legacy data.

Best Practices in Conflict Mineral Compliance

October 28, 2013

The United States Securities and Exchange Commission (SEC) voted in favor of a final conflict minerals rule in August 2012. A company will be affected by this rule if it files reports with the SEC under the Exchange Act and if conflict minerals are 'necessary to the functionality or production' of its products. Bear in mind that even companies that don't file with the SEC may need to conduct due diligence on their supply chains, most notably if they are suppliers to affected SEC filing companies. Does your company definitely have to file? Then, is there a realistic way to collect information from suppliers? If your smaller upstream distributors don't have to disclose their conflict minerals yet, how are you supposed to get information about your supply chain from them? Are there shortcuts? Exemptions? This comprehensive white paper from Actio has all the answers.

Executive Brief Series: Evaluating Information Governance Technology

October 24, 2013

The ViaLumina Executive Brief Series on Information Governance, complements of HP Autonomy, provides business leaders with a grounding in the fundamentals of information governance and how it should affect business, legal, and IT strategy. The second brief in the series of three provides senior executives with key considerations when evaluating information governance technologies, including centralized policy management and broad policy implementation support.

e-Book: The Future of Effective Internal Audit

October 23, 2013

This Compliance Week e-Book, a special publication sponsored by NAVEX Global, offers articles on the role internal audit plays in countering bribery and corruption, how best to monitor and minimize third-party risk, and how the internal audit profession is slowly adapting a greater focus on strategic risk. Also included is the NAVEX Global white paper, "How Internal Audit and Compliance Can Work Together to Implement a Compliance Program."

NAVEX Global Survey: 7 in 10 U.S. Companies Neglect Third-Party Risk

October 22, 2013

NAVEX Global's 2013 "Third-Party Risk in a Global Environment" survey found that fewer than 3 in 10 U.S. companies carefully monitor their third-party vendors, suppliers, and agents to prevent corruption, fraud, and other compliance risks. The survey of 300+ business professionals responsible for ethics and compliance activities explored how and whether they have implemented policies to mitigate the risks of doing business with third parties overseas.

ExecBlueprint: Creating the Right GRC Strategy

October 21, 2013

In the world of business and innovation, "risk management" does not necessarily mean risk prevention. Often, there will be core areas where your company is willing to take risks in order to generate returns, such as entering a new market or developing a new product.This Skillsoft® Books24x7® ExecBlueprint™ describes an integrated approach for managing performance, risk, and compliance through centralized governance processes. It is called "GRC" (governance, risk management, and compliance), and it provides a framework for sharing policies, processes, and documents at the enterprise level to improve communication, create organizational efficiencies, and reduce unnecessary risk. How can GRC benefit your organization?

Leading and Engaging Today's Multi-Generational Workforce

October 15, 2013

Engaging education and communication is the cornerstone of a successful ethics and compliance program. With today's business paradigm requiring not only legal compliance but also ethical behavior, leaders are finding they need to shift their learning strategies to adapt to new business drivers and evolving audience requirements. This white paper provides insight about changes across the corporate learning landscape and what leading organizations are doing to bridge the generational divides. Highlighted is the role of Millenials, and how they are inspiring a new approach around collaborative learning, reverse mentorship, and promoting organizations to empower employees through new and engaging educational experiences.

Executive Brief Series: Information Governance: The Time Is Now

October 14, 2013

The ViaLumina Executive Brief Series on Information Governance, complements of HP Autonomy, provides business leaders with a grounding in the fundamentals of information governance and how it should affect business, legal, and IT strategy. The first in the series of three provides senior executives the framework to ask: Is our ability to manage, monetize, and exploit information growing at the same rate as our data? This paper provides the hard questions to ask about the maturity of an organization's information governance to arm compliance executives with the data they need to take charge of it.

Turning Conflict Minerals Compliance into a Competitive Advantage

October 10, 2013

The impact of Section 1502 of the 2010 Dodd-Frank Act — the Conflict Minerals Rule — will be felt across a wide range of industries. As auditors and manufacturers alike prepare for the first wave of Conflict Minerals submissions to the SEC, some early key findings and best practices are emerging. PTC presents this ChainLink Research white paper "Turning Conflict Minerals Law Compliance into a Competitive Advantage," which outlines a holistic strategy to enable discrete manufacturers to address the Conflict Minerals Rule requirements and build the organizational capabilities to efficiently respond to future regulatory challenges.

Integrated Compliance & Ethics Metrics

September 26, 2013

"Compliance and ethics" is not the same today as it was a few years ago. Compliance is evolving to focus on the integrity of the organization, and "compliance and integrity" is becoming how we do business as opposed to being an obstacle to business. Organizations are beginning to monitor and measure integrity of the organization through information, activities, and processes coordinated across the organization. The result is an approach to ethics and compliance that not only delivers demonstrable proof of compliance effectiveness, but at the same time shifts the focus of efforts from being reactive and "checking the box" to being proactive and forward-looking.

E&C Program Effectiveness and Blended Learning

September 26, 2013

What does it take to improve E&C program effectiveness? While any number of factors could be cited—from a bigger budget to stronger leadership support to better risk assessment—our proprietary research and experience with leading companies suggest that adoption of a strong blended learning approach to E&C education and communications is the most cost-effective, feasible way to create a more impactful E&C program. This LRN white paper discusses some of the challenges faced by E&C educators, presents a research-based case for adopting BL, offers practical suggestions for developing a BL strategy, and shares case studies of successful BL programs at leading companies.

e-Book: Compliance & Healthcare Reform

September 18, 2013

This e-Book on healthcare reform is produced by Compliance Week in cooperation with ADP. The e-Book offers various articles from Compliance Week concerning the costs and challenges of the Affordable Care Act, the potential compliance and legal costs it presents, and the effect it is having on both companies and employees. Also included is the ADP white paper, Five Strategies to Help Businesses Navigate Health Care Reform.

Insurance Exchanges - Expert Perspectives Help You Prepare

September 18, 2013

Bloomberg BNA's report, Insurance Exchanges - Expert Perspectives Help You Prepare, includes exclusive practitioner perspectives and analysis to help navigate the complex healthcare exchanges landscape, specifically as it relates to insurers, providers, hospitals, and fraud risks for all three. In a series of interviews, hospital representatives, consultants, and other stakeholders told Bloomberg BNA that while it is still unclear exactly how health marketplaces will come together, there are steps insurance companies and hospitals alike should be taking to prepare. This report compiles Bloomberg BNA's exclusive editorial research and insights from several healthcare experts to piece together the new enforcement world awaiting the healthcare industry, as well as what can be done to minimize risk.

ADP's 2012 Study of Large Employer Health Benefits

September 16, 2013

The Affordable Care Act (ACA) will significantly impact how employers handle employee benefits. The way employers respond to these reforms will affect the extent of the impact on their companies. Informed employers can begin taking action now to manage the effect of the ACA's shared responsibility requirements on their financial and human capital resources. The intent of this paper is to provide data and insights - particularly relevant to those employers with more than 1,000 employees.

Planning for Healthcare Reform: How Income Impacts Employee Health Benefits Participation

September 10, 2013

Under the Affordable Care Act (ACA), understanding the relationship between employee income, health insurance premiums, and plan participation is critical, because your employees' circumstances can potentially create costly tax penalties for you. Read this white paper to help understand ACA penalty drivers and ways to minimize penalties. Conducted by ADP Research Institute, this study is based on 2012 actual, aggregated, and anonymous employee-level data from approximately 300 ADP health and benefits clients.

The Path to Compliance Obligation Management

August 27, 2013

We hear a lot about the challenges of compliance in today's business environment. In articles and speeches every day, experts talk about voluminous requirements, complex and conflicting obligations, fast-paced change, and lack of information. We are spending lots of money on compliance but we still have lots of gaps in coverage, lots of high risks for non-compliance, lots of self-created complexity, and lots of wasted resources. We don't have enough consistency, enough insight and, most importantly, not nearly enough confidence that we know what our compliance obligations are and that we are addressing them correctly, let alone cost effectively.

Third-Party Due Diligence: Creating a Credible & Defensible Program

August 26, 2013

Complying with the Foreign Corrupt Practice Act (FCPA) is a challenging undertaking as the components of an effective program vary from company to company. In particular, legal and compliance teams often struggle with establishing and maintaining a robust third-party due diligence program.

Connecting Policies with Ethics

August 22, 2013

You may already have a mission statement and values that define your company and what you hope to achieve. And existing policies for specific situations, such as using company resources or making hiring decisions. But a code of ethics provides general guidelines and a framework for making good decisions that uphold your company values. Additionally, a well-defined code of ethics plays an integral role in policy development, training programs and other employee engagement efforts that encourage good behavior and reduce the risk of incidents. If you need to write or update your code of ethics or internal policies, this paper gives you guidelines for defining your organizational ethics, writing an effective code and integrating it into your broader compliance efforts.

10 Tips for Better Policy Management

August 15, 2013

Policy lies at the intersection of your firm's external responsibilities, such as to Federal regulators, and the internal expectations you hold for your employees around conduct and performance. But putting policies down on paper is simply not enough to ensure compliance. For them to be truly effective, they must communicate clearly in a way that engages employees to adopt company values as their own. Convercent's white paper, "Creating Great Company Policies: 10 Tips for Better Policy Management," provides useful advice to get you started on the path to better compliance through better policy management.

Announcing In Focus: Compliance Trends Survey 2013

August 08, 2013

This new report by Deloitte and Compliance Week suggests that compliance officers are making slow but steady progress toward the ideal of a strong, independent compliance function. The report, derived from a survey of nearly 200 compliance executives in mostly American corporations, shows that there are three primary trends that may hinder companies from maintaining independent, effective, and forward-looking compliance programs: a lack of appropriate, dedicated compliance staffing and financial resources; difficulty identifying and utilizing proper measurement and success benchmarks; and problems effectively prioritizing key compliance risks in a wide and growing field. Furthermore, the report reveals that many compliance officers may not be devoting adequate attention to some of today's most prevalent emerging risk areas — like social media and privacy.

A Prescriptive Guide to Third-Party Risk Management

August 01, 2013

According to the U.S. Department of Justice, in 2012 more than 90 percent of its anti-corruption actions involved a company's use of third parties. This Prescriptive Guide to Third-Party Risk Management will help practitioners implement a risk-based and resource-effective process to align with published guidelines from multiple global governments.

Next Generation Email Supervision With Superior Key Word Lexicon Lists

July 22, 2013

Electronic communication supervision is expensive and time consuming—and can still expose your organization to unnecessary risk as well as regulatory fines. After all, many solutions are cobbled together out of archiving systems and require extensive manual intervention by highly paid knowledge workers or supervisors. Find out about an integrated, flexible solution that not only fully addresses regulatory requirements, but goes above and beyond to enhance the efficiency and effectiveness of your compliance efforts. The iZon Compliance solution leverages IBM ECM technology for next generation email supervision with superior key word lists, giving you fewer false positives and more reliable results to help you meet compliance requirements from FINRA.

Secure, Compliant Collaboration in the Cloud

July 15, 2013

The monolithic corporation we grew up with is being replaced by ecosystems of more specialized business entities, sometimes called "extended enterprises." With this evolution has come a need for closer inter-enterprise collaboration and information flow—but with it also comes increased security and compliance risks. In the form of a Q&A with expert IDC analysts, this white paper explores what tools and technologies are being adopted to facilitate Extended Enterprise Collaboration (such as cloud-based solutions)—as well as strategies for empowering business users while still holding sensitive information secure.
 Subscribe to the RSS for this page  [view all our RSS feeds here]

Compliance Week now has a companion group on LinkedIn, where members can network and discuss the compliance and governance news of the day. Open to all compliance professionals, free to join.

Top Global GRC Risks
Sponsored by NAVEX Global

Data: The Tail That Wags the Stress Test
Sponsored by Trillium Software

Conflict Minerals Webcast Series
Sponsored by 3e Co., iPoint, Schulte Roth & Zabel and Source Intelligence

Compliance Week Podcasts ...

Every week we chat with leading thinkers in compliance, auditing, risk management, public policy and more. These short (10-15 minutes) interviews are free to all. Follow Compliance Week podcasts on iTunes.