All ERM articles – Page 3

  • Blog post

    Get Ready For the Biggest Stress-Test of Them All

    2015-06-29T14:15:00Z

    Image: Greece in default, China teetering on recession, stock markets shuddering worldwide and interest rates poised for their first increase in years—suddenly, all those exercises in risk management that banks have done in the Dodd-Frank era face their ultimate test. The only problem, writes Compliance Week editor Matt Kelly: Dodd-Frank ...

  • Blog post

    Is CEO Pay Over the Top?

    2015-06-23T15:00:00Z

    Proxy season is now over, littered with the usual adjectives about CEO pay: “supersized,” “outsized,” “piggish,” “outrageous,” and “embarrassing.” This week, columnist Rick Steinberg sounds a cautionary note amid the complaints—that CEOs are still critical to an organization, and hiring the right one encompasses a blizzard of detail. The board ...

  • Article

    Demystifying the Risks of Board-Level Risk Committees

    2015-06-09T09:45:00Z

    Image: In the wake of the financial crisis, many large financial institutions created new, board-level risk committees to oversee their most critical risk issues. For other industries, the decision to create a risk committee isn’t so simple—and isn’t without some risk-taking itself. “You have to guard against the risk that ...

  • Article

    Compliance Trends in 2015: More Authority, More IT Uncertainty

    2015-05-19T12:00:00Z

    Good news for compliance officers in existential crisis: A majority of CCOs are now part of the senior management teams at their businesses, and they have more authority than ever before. Those are two among many findings of the 2015 Compliance Trends Report, the annual survey of compliance leaders conducted ...

  • Blog post

    What Really Serves Shareholders’ Best Interests

    2015-05-12T08:45:00Z

    Proxy season is upon us, which means the annual call in many boardrooms to shake up the board of directors. Replacing directors does occasionally make sense, Compliance Week columnist Rick Steinberg says—but that’s not the same as surrendering to every activist’s demand for new people in the boardroom. Inside, Steinberg ...

  • Article

    Q&A: How E*Trade Recovered From the Financial Crisis

    2015-05-05T13:15:00Z

    Image: As part of our occasional series of conversations with compliance and risk executives, we caught up with Michael Pizzi, chief risk officer at E*Trade Financial. Prior to the financial crisis, E*Trade had made sizable investments in mortgage-related assets—toxic assets whose value ultimately plummeted, resulting in substantial writedowns for the ...

  • Article

    Running in Place or Winning the New Race?

    2015-04-28T11:45:00Z

    Image: Our GRC Illustrated series returns this week, looking at how compliance programs can keep pace with new ways of communicating within business and with the new employees who use them. That will mean addressing multiple audiences through multiple channels, and it will pose new challenges for policy management, training, ...

  • Article

    Shop Talk: Managing Vendor Risk

    2015-04-14T10:30:00Z

    Pop quiz: Try to name a recent example of corporate misconduct that did not somehow include a company’s vendors or third parties. It’s not easy, and third parties are now a huge part of the compliance officer’s responsibility. In our latest Compliance Week executive forum, we gathered a dozen CCOs ...

  • Blog post

    Two Common Misperceptions About Risk Management

    2015-03-17T15:15:00Z

    The “Three Lines of Defense” theory to risk management is very much in vogue today, along with maturity models to understand how strong your risk management program is. This week, columnist Rick Steinberg takes both ideas to task. The three lines concept too often paints risk as something to be ...

  • Article

    How to Impose a Travel Policy Without Strangling Anyone

    2015-03-10T14:00:00Z

    Compliance officers can pick fights with employees over any number of workplace policies. But if you really want daggers drawn and subversive battles at every turn—impose a policy on business travel. Inside, we look at how to defuse that policy management time bomb, as well as the collateral legal damage ...

  • Article

    Gap Analysis: C-Suite Struggling to Define Risks

    2015-03-03T12:30:00Z

    Image: Despite consensus that risk is a big deal—something companies should manage aggressively—recent academic research suggests that boardroom leaders focus on vastly different risks than compliance, audit, and risk executives do. “I wonder if there is a lack of understanding of the views of risk across the management team,” says ...

  • Blog post

    Survey: Audit Execs’ Cyber-Fears Run Deep

    2015-02-25T12:15:00Z

    Image: Nearly 7 in 10 internal audit leaders participating in the IIA’s annual “Pulse of Internal Audit” survey ranked cyber-attacks and other security issues as a major concern, but only about one-third said they have high confidence in their organizations’ ability to address such risks. IIA President Richard Chambers says ...

  • Article

    When Enterprise Legal Management and GRC Collide

    2015-02-24T09:45:00Z

    Software vendors offer a range of products known as “enterprise legal management” to help the legal department analyze spending, discern patterns, and manage costs. Given that many legal costs are the result of some governance or compliance risk, is there an opportunity to use enterprise legal data to improve your ...

  • Article

    Practical Ideas on Managing Reputation Risk

    2015-02-24T09:30:00Z

    Image: Reputation risk is the strategic business issue for many boards and senior executives today, and yet few know how to address it well. “Reputation is an ‘amplifier risk,’ because it attaches itself to other risks,” says Andrea Bonime-Blanc, head of consulting firm GEC Risk Advisory. She and others recommend ...

  • Blog post

    The Logic Behind COSO’s ERM Framework Update

    2015-02-18T10:45:00Z

    Even as compliance officers are still digesting the updated COSO framework for internal controls, COSO has set its sights on what’s next: an update to its enterprise risk management framework, likely to arrive sometime in 2016 or so. Why ERM? Why now? Inside, Compliance Week columnist Rick Steinberg walks us ...

  • Article

    What Critics Say on Three Lines of Defense

    2015-02-10T13:15:00Z

    The Three Lines of Defense model for risk oversight—business units in the first line, compliance in the second, internal auditors in the third—has been hugely popular in recent years. Proponents love it, and regulators have come to expect it. Critics, however, say the Three Lines model is too simplistic a ...

  • Article

    Paths to Globalizing Your Code of Conduct

    2015-02-10T12:30:00Z

    Image: A thoughtful and well-drafted Code of Conduct is the cornerstone of any strong corporate compliance program. Making that cornerstone strong enough to support a compliance program worldwide, spanning all manner of cultures—that’s the tricky part. “We’re constantly trying to figure out better ways to deliver our message while keeping ...

  • Article

    Shop Talk: Useful Metrics, Effective Training

    2014-12-16T13:30:00Z

    Effective compliance programs hinge on good training and proper metrics to see how your training influences employee behavior. That was the subject of Compliance Week’s latest executive roundtable, held in Washington and sponsored by LRN. Complete coverage is inside, from what effective metrics look like to how effective training works. ...

  • Article

    More Hints on Putting New COSO to Work

    2014-12-16T12:15:00Z

    It’s official: The SEC will not roast companies over an open flame if they continue to use the old COSO framework for internal controls into 2015. That said, SEC staffers also warned at the annual AICPA conference last week that their largesse will not last long, and a bevy of ...

  • Article

    Netflix Lawsuit a Lesson in Proper Internal Controls

    2014-12-09T11:30:00Z

    Netflix is suing a former IT executive, alleging the man created a kickback scheme that netted him more than $500,000 as he executed contracts and approved invoices through sham arrangements with two vendors. Painful for Netflix, yes, but we have key lessons in segregation of duties and internal control worth ...