Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.
Infographic: Impact of increased audit scrutiny
Audit scrutiny, failures, and fees are on the rise, and that's hurting your investor confidence. It's time to take a close look at how to improve your internal controls process. Get seven facts about what increased audit scrutiny means for you. View here.
Money service businesses, bitcoin startups, marijuana shops; the population of high-risk customers in the banking world is surging. Regulators have sent conflicting messages about wholesale de-risking of certain sectors, and that can force painful questions about how to build effective, and extensive, due diligence programs. “Regulators are talking from both sides of their mouth, and banks face a de-risking dilemma,” says David Gibbons, a former chief risk officer at HSBC. More inside.
While we all await the SEC’s final CEO pay ratio disclosure rule this week, let’s remember the ethical subtext beneath all this: CEO pay is still too large for most people’s liking, and income inequality is too. Until companies learn how to solve those challenges internally as a governance matter, Compliance Week Editor Matt Kelly writes, expect them to be solved externally as a compliance matter. More inside.
More anti-corruption efforts by compliance departments means more auditing of those programs by internal audit, and a vanguard of businesses (many of them, admittedly, stung by misconduct violations in the past) are pioneering better auditing techniques on that point. Tom O’Reilly, director of internal audit at Analog Devices, says he uses Justice Department guidance on good compliance programs to map out his work: “It’s like a step-by-step guide.” More inside.
Gone are the days when “access control” meant locking your door or filing cabinet. Now compliance, IT, and audit teams must collaborate on controls to access networks rather than physical stores of information. Inside, we look at three best practices to design strong access control and at how to incorporate business reality. “If [you] don’t understand how the business works, all bets are off,” says Brian Barnier of ISACA.
Congress (and SEC commissioners) routinely complains that the SEC is so focused on churning out overdue rules for compliance with the Dodd-Frank Act, it has neglected to churn out overdue rules on capital formation required under the JOBS Act. In truth, the SEC is likely to move forward with what remains of JOBS Act rulemaking soon and, as always, Congress is fiddling with fixes that might become law eventually. The latest recap is inside.
The damage wrought by inept internal investigations can go well beyond wasted time and money; they can cause civil litigation, enforcement risk, and bad publicity. This week we have a refresher on principles for good internal investigations, something every compliance officer must know how to do well. “Ninety percent of problems are solved if you think about everything before you [start],” says Christopher Madel of the law firm Robins Kaplan.
The SEC is working now to draw up new rules for audit committee and executive compensation disclosure. Why? To make corporations more transparent with investors about what they already know. The thing is, Compliance Week columnists Stephen Davis and Jon Lukomnik write, companies can start that better communication themselves. This week they outline several steps corporations and boards can take now to cooperate with investors and prevent governance fights before they start.