Risk Management

ComplianceBridge announced the release of its new TotalCompliance Compliance Risk, Audits, and Assessments Management solution. Designed by compliance officers, TotalCompliance automates the compliance risk assessment and management process, allowing you to create and manage a broad range of question sets; distribute them to organizations or appropriate individuals; and collect and organize information in real-time dashboards and reports. Details inside.

Image: Despite consensus that risk is a big deal—something companies should manage aggressively—recent academic research suggests that boardroom leaders focus on vastly different risks than compliance, audit, and risk executives do. “I wonder if there is a lack of understanding of the views of risk across the management team,” says Mark Beasley, a professor at North Carolina State. “The presumption may be that we are more on the same page than we really are.”

Amber Road, a provider of global trade management solutions, has acquired ecVision, a cloud-based provider of global sourcing and collaborative supply chain solutions.  “This acquisition delivers value for Amber Road customers by providing new global supply chain capabilities to increase product innovation while balancing product compliance risks and costs with shorter product lead times,” said Amber Road CEO Jim Preuninger. Details inside.

Software vendors offer a range of products known as “enterprise legal management” to help the legal department analyze spending, discern patterns, and manage costs. Given that many legal costs are the result of some governance or compliance risk, is there an opportunity to use enterprise legal data to improve your GRC program? The answers aren’t clear yet, but they are intriguing. More inside.

Image: Reputation risk is the strategic business issue for many boards and senior executives today, and yet few know how to address it well. “Reputation is an ‘amplifier risk,’ because it attaches itself to other risks,” says Andrea Bonime-Blanc, head of consulting firm GEC Risk Advisory. She and others recommend several concrete steps to manage reputation risk, but they are not the sort of controls and processes you’re used to. More inside.

Compliance Risk Concepts, a compliance consulting firm, has added two new senior executives to its team: Elin Cherry as principal and head of capital markets, and Roland Reyes as director of professional services. Details inside.

EXIGER, a global regulatory and financial crime, risk and compliance firm, has appointed John Melican as managing director. He joins EXIGER from Bank of Tokyo-Mitsubishi UFJ, where he most recently was head of anti-money laundering, sanctions and anti-corruption compliance for the Americas. Details inside.

Bottomline Technologies, a provider of cloud-based payment, invoice, and digital banking solutions, is now offering comprehensive cyber fraud and risk management solutions following its acquisition of Israel-based Intellinx. Details inside.

Image: Every compliance and audit executive wants to manage cyber-security risks. That assumes, however, that the whole organization agrees on what a cyber-security risk is. Taxonomies do exist to build a more disciplined approach to cyber-security. Try to take all steps to manage all such risks, and “it’s going to be very difficult to manage,” warns Greg Michaels, of Kroll’s cyber-security practice. More inside.