Articles | Compliance Week – Page 292
-
Article
Petrobras Probe Portends Brazil Enforcement Crackdown
Image: Suddenly anti-corruption enforcement seems to be serious in Brazil—to the point that businesses working there might want to pay more heed to enforcement risks from Brazilian regulators themselves. The catalyst is the sweeping investigation into state-owned oil company Petrobras, riveting Brazil this month. “We can expect much more enforcement ...
-
Article
Case Study: UCLA, Apps, and HIPAA Compliance
Companies that handle health information are subject to data privacy rules under HIPAA—rules that have grown more complex with the proliferation of mobile health applications (mHealth apps). Those that want to develop mHealth apps in a compliant manner have two options: Build a HIPAA-compliant application of your own, or buy ...
-
Article
How to Impose a Travel Policy Without Strangling Anyone
Compliance officers can pick fights with employees over any number of workplace policies. But if you really want daggers drawn and subversive battles at every turn—impose a policy on business travel. Inside, we look at how to defuse that policy management time bomb, as well as the collateral legal damage ...
-
Article
Post-Investigation Follow-Up and Discipline at 3M
Image: What role should compliance officers have in investigations and discipline? How can they maintain independence during an investigation and subsequent sanctions decisions, while developing an effective strategy for what happens next? We talked to Jim Zappa, chief compliance officer at 3M Corp. about his approach. Zappa will be among ...
-
Article
e-Discovery Missteps From the Judge’s Point of View
Image: If you fear that your e-Discovery processes are not strong, take heart: Lots of federal judges agree with you. A recent survey of judges and a follow-up webcast spotlight the mistakes in e-Discovery as seen from the bench, and methods to avoid them. “The whole point is to come ...
-
Article
NY Regulators Pose New Challenges to Compliance Officers
Image: The state of New York is muscling its way into financial regulation, with regulator Benjamin Lawsky proposing moves in anti-money laundering compliance far more bold than anything the feds are doing. Inside is a look at what the Empire State wants to achieve, and the potentially severe liability CCOs ...
-
Article
Consolidation Rule’s Consequences More Than You Expect
Image: A new rule on consolidating entities into a parent company’s financial statements might reach well beyond the original problem it aimed to fix. Financial reporting executives should prepare to take inventory of the entities in your enterprise and see how they may need to roll onto the balance sheet. ...
-
Article
Lessons From HSBC’s Size, Compliance Struggles
For nearly three years, HSBC Holdings, a grande dame of international banking, has come under fire for a litany of regulatory problems and compliance failures: money laundering, sanctions, violations, and abetting tax evasion to name just a few. How does a good bank fall into such dire straits? The problem, ...
-
Article
Gap Analysis: C-Suite Struggling to Define Risks
Image: Despite consensus that risk is a big deal—something companies should manage aggressively—recent academic research suggests that boardroom leaders focus on vastly different risks than compliance, audit, and risk executives do. “I wonder if there is a lack of understanding of the views of risk across the management team,” says ...
-
Article
Internal Controls, Audit Committees Primed for SEC Scrutiny
Every February SEC officials convene at the Practising Law Institute’s “SEC Speaks” conference, where commissioners can break news and staff can detail priorities for the New Year. The focus this year, from rulemaking to enforcement, was on financial reporting internal controls, and ways to improve audit committees. And, of course, ...
-
Article
Insurers Feel Fresh Heat on Cyber-Security Practices
Image: New York plan to bolster cyber-security oversight in the insurance sector, including regular, targeted assessments of cyber-security as part of its exam process. “Recent cyber-security breaches should serve as a stern wake-up call for insurers and other financial institutions to strengthen their cyber-defenses,” said New York Department of Financial ...
-
Article
Canada Gets Serious on Enforcement
Canadian securities regulators for the first time are proposing a whistleblower rewards program, modeled after the SEC’s program created by the Dodd-Frank Act. The proposed initiative is the latest move by Canadian authorities toward a U.S.-style enforcement regime—and in some instances an even harsher one. “Canadian enforcement is going to ...
-
Article
Kaiser Permanente’s Approach to Case Management
Effective case management is crucial to a compliance program, but developing a process—flexible enough to juggle different types of issues, systematic enough to resolve cases in a timely manner—is the tricky part. This week in a guest column, Marita Janiga, director of the National Special Investigations Unit and the Compliance ...
-
Article
When Enterprise Legal Management and GRC Collide
Software vendors offer a range of products known as “enterprise legal management” to help the legal department analyze spending, discern patterns, and manage costs. Given that many legal costs are the result of some governance or compliance risk, is there an opportunity to use enterprise legal data to improve your ...
-
Article
Practical Ideas on Managing Reputation Risk
Image: Reputation risk is the strategic business issue for many boards and senior executives today, and yet few know how to address it well. “Reputation is an ‘amplifier risk,’ because it attaches itself to other risks,” says Andrea Bonime-Blanc, head of consulting firm GEC Risk Advisory. She and others recommend ...
-
Article
An Insider Look at the EU’s Binding Corporate Rules
Companies that move data throughout Europe, or beyond its borders, face a long and exacting list of privacy and security demands. Some companies are choosing to take advantage of Binding Corporate Rules (BCRs), presenting their data compliance framework for approval by data protection authorities. BCRs, despite a lengthy approval process, ...
-
Article
Where Internal Audit Can Help in Cyber-Security
Image: With yet another huge data breach hitting Corporate America—add insurance giant Anthem to the Hall of Shame—internal audit departments are trying to pinpoint what expertise they can bring to the company’s cyber-security risk assessment. Plenty, many audit executives say. “There are technical aspects of these projects, but regardless of ...
-
Article
CW 2015 Conference Preview: Assessing Program Effectiveness
Image: Compliance officers are under constant pressure to demonstrate to senior executives, their boards, and regulators that the compliance function works. That means finding ways to measure compliance program effectiveness. To develop those metrics properly, “you have to define your goals,” says Anne Harris, former chief ethics officer of General ...
-
Article
‘Broken Windows’ Strategy Raises Risk-Management Fears
The SEC has been pushing its “broken windows” enforcement strategy for more than a year now, chasing down minor infractions alongside larger securities violations. What have we learned? For starters, don’t expect isolated citations; larger sweeps get more bang for the SEC’s buck. As for compliance officers, their jobs will ...
-
Article
Dueling Thresholds Emerge on Going-Concern Warnings
Image: A new accounting standard meant to give investors more warning of when a company is in trouble could actually lead to less warning of trouble. Audit and accounting professionals are struggling over conflicting interpretations of “substantial doubt,” and the answer is not easy. “I’m not sure if the standard ...