Compliance officers have become targets for regulators because of what they (presumably) know and advise about regulatory requirements—including their role in identifying and reporting of violations. Now compliance officers face personal liability even for failure to act, rather than any direct violation. This week, Compliance Week columnist Jose Tabuena explains how escalation processes provide protections for compliance, as well as for the company itself.
Jose Tabuena
Posted inAccounting & Auditing
Applying the Three Lines of Defense Model
Compliance Week columnist Jose Tabuena continues his look at the Three Lines of Defense model this month by examining how a company can parcel out all its oversight functions across the three lines. Can compliance report to the risk-management function? (Yes.) Can internal audit and compliance be combined? (Only if you avoid several pitfalls that undermine independence.) How would an Office of Governance work? His thoughts inside.
Posted inAccounting & Auditing
Effective governance and the Three Lines of Defense
Compliance officers, internal auditors, fraud investigators, controllers—all of them might work at one company together to assist the business in managing risk. The trick to effective governance is to assign all those professionals (and more) to their proper places in the Three Lines of Defense model.
Posted inAccounting & Auditing
Creating Order in World of Data Chaos
The massive accumulation of information can overwhelm companies, creating compliance risks and vulnerability to privacy breaches, while also driving up the cost of e-discovery. To meet the challenge of information governance, companies are mapping out existing systems where data resides and may be managed. Inside, columnist Jose Tabuena looks at how companies are dealing with data overload and getting a handle on their vast stores of information.
Posted inAccounting & Auditing
Can Internal Audit and Compliance Ever Tame Data Technology
An understood maxim is that the regulatory environment nearly always lags the lightning-fast adoption of new technologies. The corollary of this maxim is that unintended consequences follow rapid adoption. As a result of these two truisms, there is often scant guidance on how an organization should address novel compliance issues that arise. Just recently, for […]
Posted inAccounting & Auditing
Under Attack: Shifting Audit and Compliance Perspectives on Cyber-Security
If it seems like every company is under attack from hackers and cyber-thieves these days, it’s because most of them are. Cyber-security is a hot topic because of the rash of data breaches that have hit big retailers such as Home Depot and Target, affecting millions of their customers. But those are just the latest […]
Posted inAccounting & Auditing
Isn’t That a Conflict? The Internal Auditor’s Role in Scrutinizing Related Parties
Companies have become aware that related-party transactions can raise conflicts of interest concerns, creating the appearance that decisions are made on considerations other than the best interests of the organization and its shareholders. Typically, directors prefer to avoid entering into related-party transactions, but there may be situations where a board recognizes that such a transaction […]
Posted inAccounting & Auditing
Isn’t That a Conflict? The Internal Auditors’ Role in Scrutinizing Related Parties
Companies have become aware that related-party transactions can raise conflicts of interest concerns, creating the appearance that decisions are made on considerations other than the best interests of the organization and its shareholders. Typically, directors prefer to avoid entering into related-party transactions, but there may be situations where a board recognizes that such a transaction […]
Posted inFrom the Archive
Internal Auditors, Are You Ready for the Updated COSO Framework?
Even if the updated COSO framework is already de rigueur at your organization, internal auditors need to be prepared to address inquiries by management and shareholders regarding transition to the new framework. With the proxy season approaching, one of the areas shareholders are planning to address at annual meetings is whether companies are in compliance […]
Posted inAccounting & Auditing
Leveraging the Power of Audit Sampling
Statistical sampling is a powerful—and often misunderstood—tool that has a wide range of applications, from audit to testing product preferences to predicting the outcome of political elections. My first exposure to the power of statistical sampling was when I was quite young and learned about the Nielsen television ratings. I wondered how accurate such ratings […]
