All risk management articles – Page 7
-
Article
Q&A: How E*Trade Recovered From the Financial Crisis
Image: As part of our occasional series of conversations with compliance and risk executives, we caught up with Michael Pizzi, chief risk officer at E*Trade Financial. Prior to the financial crisis, E*Trade had made sizable investments in mortgage-related assets—toxic assets whose value ultimately plummeted, resulting in substantial writedowns for the ...
-
Article
Eliminating Cyber-Threats From the IT Supply Chain
Image: The longer a global supply chain grows, the less assurance corporations have in the integrity and security of their products and operations. Now NIST is trying to pierce that fog with new guidance, and compliance officers in the private sector might want to take notice. “Cyber-supply chain risk management ...
-
Blog
Better Ways for Boards to Care About Reputation Risk
Reputation risk is never far from a board’s mind, and rightly so. That doesn’t necessarily mean boards should make management of reputation risk their first priority—despite many examples of reputation failures leading to catastrophe. Rather, Compliance Week columnist Rick Steinberg writes, boards need to obsess over culture and operational details ...
-
Article
Shop Talk: Managing Vendor Risk
Pop quiz: Try to name a recent example of corporate misconduct that did not somehow include a company’s vendors or third parties. It’s not easy, and third parties are now a huge part of the compliance officer’s responsibility. In our latest Compliance Week executive forum, we gathered a dozen CCOs ...
-
Article
Q&A: Talking Insurance Industry Compliance
Image: As part of our occasional series of conversations with compliance executives, we caught up with Lee Augsburger, chief ethics and compliance officer at Prudential Financial and vice chairman of the newly established Global Insurance Chief Compliance Officers Forum. Inside, Augsburger talks about the objectives of the group and how ...
-
Article
Gap Analysis: C-Suite Struggling to Define Risks
Image: Despite consensus that risk is a big deal—something companies should manage aggressively—recent academic research suggests that boardroom leaders focus on vastly different risks than compliance, audit, and risk executives do. “I wonder if there is a lack of understanding of the views of risk across the management team,” says ...
-
Article
When Enterprise Legal Management and GRC Collide
Software vendors offer a range of products known as “enterprise legal management” to help the legal department analyze spending, discern patterns, and manage costs. Given that many legal costs are the result of some governance or compliance risk, is there an opportunity to use enterprise legal data to improve your ...
-
Blog
ELM Arrives as New Compliance Buzzword
Image: We try to look cynically upon any slick new marketing campaign from the GRC software vendors, but occasionally something appears that does seem to have real substance. That may have happened earlier this month at LegalTech 2015 with its extensive discussion of “enterprise legal management.” The concept is a ...
-
Blog
Survey: Cyber-Risk Is Big, but Regulatory Risk Trumps Again
Image: In a recent poll by Protiviti and North Carolina State University of 277 board members and top executives, 67 percent identified regulatory risk as the top concern for the third time since the survey began. Protiviti managing director Jim DeLoach says, “The fact that this is so top of ...
-
Article
What Critics Say on Three Lines of Defense
The Three Lines of Defense model for risk oversight—business units in the first line, compliance in the second, internal auditors in the third—has been hugely popular in recent years. Proponents love it, and regulators have come to expect it. Critics, however, say the Three Lines model is too simplistic a ...
-
Blog
FDIC Refreshes Guidance on High-Risk Customers
Gun merchants, strippers, and payday lenders rejoice! The Federal Deposit Insurance Corp. has signaled an end to its effort to restrict industries deemed as “high risk” from banking access. The FDIC tells banks to take a risk-based approach in assessing individual “customers, rather than declining to provide banking services to ...
-
Article
COSO Tacks Toward Cyber-Security
As cyber-security works its way onto the corporate board agenda, COSO is suggesting ways that its frameworks for internal control and risk management can be a starting point for companies to anticipate fast-emerging risks. “Just as the board is responsible for enterprise risk management, this is very similar,” says Mike ...
-
Article
How M&A Due Diligence Goes Wrong
According to data compiled by Bloomberg, $390 billion in merger deals fell apart last year. M&A plans can collapse for many reasons, from regulatory disapproval to clashing CEO egos. Most painful, however, is a deal is consummated quickly that later proves to be a mistake—thanks to poor due diligence. Inside, ...
-
Blog
Survey: Financial Institutions Stymied by Conduct Risk
Financial institutions may talk a lot about “conduct risk,” but few actually approach it with a clear definition and focus. Eighty-one percent of respondents in a survey conducted by Thomson Reuters Accelus say they do not have a working definition of what conduct risk is. A big reason: regulators leave ...
-
Blog
Survey: Cyber-Threats a Growing Concern for European Risk Managers
Image: Title: HirsWhile traditional risks due to business interruption and the supply chain remain risk managers’ top concern, cyber-risks are moving up the list, particularly in some European countries. Allianz SE’s Risk Barometer 2015 showed cyber-risks cracked the top five concerns globally for the first time, up from 8th last ...
-
Blog
BofA Moves Compliance From Legal to Risk Management
Image: Bank of America has moved its compliance function out of the legal department and into its risk-management organization, reporting to Chief Risk Officer Geoff Greener (left). The compliance shuffle comes as bank regulators continue to prod financial firms to do a better job of integrating compliance efforts with risk ...
-
Blog
Survey: Directors Uneasy About Risk Strategies
Dec. 16—Many directors are unhappy with their approach to risk oversight and mitigation, frequently feeling out-of-the-loop when it comes to cyber-security threats, according to a new survey by the National Association of Corporate Directors. The survey found that many directors want changes to how risk oversight responsibilities are allocated, with ...
-
ArticleAre Your Business Partners Letting the Hackers In?
For Target, it was a heating and air conditioning company. At a large oil company it was a nearby Chinese restaurant. Hackers increasingly use third-party relationships to gain access to computer networks and steal data. The trend means that companies need to conduct even better due diligence on third-party relationships ...
-
ArticleShop Talk: Laying the Foundation of Good Compliance and Governance.
True, one size does not fit all, but there are still some common aspects that most high-functioning compliance and governance programs share, such as fostering a strong ethical culture, communicating effectively, and retaining a level of independence. During our latest executive roundtable, hosted with The Boeing Co. in Dallas, compliance ...
-
ArticleShop Talk: Laying the Foundation of Good Compliance and Governance
True, one size does not fit all, but there are still some common aspects that most high-functioning compliance and governance programs share, such as fostering a strong ethical culture, communicating effectively, and retaining a level of independence. During our latest executive roundtable, hosted with The Boeing Co. in Dallas, compliance ...