CLEAR GOAL. Satisfy Regulatory Demands. Mitigates Current Risk Effectively. Provides Meaningful Information About Program Effectiveness
|
|
- Horatio Williamson
- 6 years ago
- Views:
Transcription
1 Catalog # 3 Regulatory Interconnected 4 Growth Hyper Building Predictive Monitoring Capabilities SCCE Conference October 205 Las Vegas, Nevada CEB Compliance & Ethics Leadership Council Project # CELC983024SYN THE VALUE OF PREVENTION Cost of a Noncompliance Event Across Time Illustrative Predictive Detection Period when increased susceptibility for noncompliance can first be measured Rapid Internal Detection Period after event occurred but before widespread knowledge Slow Detection Inability to identify an event before it s widespread knowledge Cost of Noncompliance Cost Cost of Monitoring: 0% 5% of Corporate Compliance Budget Cost Cost Cost of Monitoring: 0% 5% of Cost of Monitoring: 0% 5% of Corporate Corporate Compliance Budget Compliance Budget Regulatory Fine: Approximately Regulatory Fine: Approximately US$5.8 US$5.8 Million Million Internal Remediation Costs Internal Remediation Costs Legal Fees: US$200 US$500/Hour Decrease in Stock Value: Up to 4% Public Disclosure Decline in Employee Perceptions of Integrity: 20% Decline in Employee Engagement: Up to 0% Decline Noncompliance Event Reputational Harm Time Source: CEB 204 State of the Compliance and Ethics Function Survey; CEB 203 Q3 Integrity Capital Quarterly. HEIGHTENED URGENCY The Expanding Corporate Risk Ecosystem Highlights of the Interconnected Risk Landscape DATA PRIVACY THE CLOUD INSIDER TRADING CORRUPTION RISK Fragmentation Supply Chains in Information Transparency A
2 5 6 7 CLEAR GOAL Primary Objective of Compliance and Ethics Monitoring Percentage of Compliance Executives Selecting as Primary Objective Compel Action to Mitigate Unacceptable Compliance Risk Obtain an Accurate Read on Compliance Provide Information About the Effectiveness of the Compliance Program Report Compliance Program Activities to the Board Report Compliance Effectiveness to Regulators 2% 7% 6% 22% 38% Identify and Mitigate Risk = 60% Demonstrate Program Effectiveness = 35% Other 4% n = 98. Source: CEB 204 State of the Compliance and Ethics Function Survey. 0% 20% 40% BUT LIMITED INSIGHT Measuring and Monitoring Effectiveness Percentage of Compliance Executives That Agree or Strongly Agree with the Following Statements About Their Compliance Monitoring Program Satisfy Regulatory Demands 43% Mitigates Current Risk Effectively 33% Limited Effectiveness Provides Meaningful Information About Program Effectiveness 23% Predicts Future Compliance Risks 5% Limited Foresight 0% 25% 50% n = Source: CEB 204 State of the Compliance and Ethics Function Survey. BARRIERS TO EFFECTIVE MONITORING Barriers to Building an Effective Measurement and Monitoring System By Percentage of Compliance Executives Complexity of Business Operations Lack of Predictive Metrics/Leading Indicators Poor Information Sharing (Across Functional Silos) Technology Constraints Corporate Culture Limited Understanding of the Organization s Risk Landscape n = 22. Source: CEB 204 State of the Compliance and Ethics Function Survey. Resistance from the Business Staff Skills (Mismatch of Skills and Needs) Regulatory Requirements/Expectations Other 8% 7% 6% 5% 5% 3% 0% 2% 2% 23% 0% 5% 30% A2
3 8 9 0 FOCUS ON ROOT CAUSES Current Versus Ideal Focus of Metrics Current Focus of Metrics: Period where detection that a noncompliance event has occurred takes place. Ideal Focus of Metrics: Period where earliest indication of the risk of noncompliance is possible. Reactive to Predictive Spectrum Representation Features: Activity and Efficiency Metrics Training completion rates Helpline call volume and trends Case cycle time Percentage of substantiated compliance cases Root Cause Metrics Tied to Risk Outcomes Measurable actions or events that indicate increased susceptibility to risk and allow for treatment of causes before an event occurs. IMPROVING THE SIGNAL TO NOISE RATIO Current Versus Ideal State of Risk Insight Illustrative Ideal State Current State Signal to Noise Ratio Ideal State: Predictive Monitoring Compliance only tracks the root caused-based metrics that increase understanding of the related risk. Number of Metrics Tracked Current State The average compliance program tracks 24 different metrics, yet lacks meaningful risk insight as there is no clear relationship between metrics tracked and risk outcomes. THE PATH TO PREDICTIVE MONITORING Key Barriers Understanding Meaningful Data 2 Creating Risk Indicators 3 Improving Visibility into Risk Change 4 Translating Monitoring Into Action Predictive Capabilities Identify the Root Causes of Risk Translate Root Causes Into Risk Indicators Embed Risk Indicators Into Existing Workflows Drive Business Accountability for Risk Mitigation Implementation Steps Conduct root cause analysis of noncompliance, focusing on cultural risk drivers Categorize root Create measurable KRIs by systematically translating root causes into specific, quantifiable metrics Build risk informationsharing protocols among internal partners Instill business leader support for KRI monitoring and mitigation by providing tools to ease the burden causes to prioritize Ensure efficacy of most significant risks corrective action plans A3
4 2 3 BUILDING PREDICTIVE MONITORING CAPABILITIES What drives How do I create How do I monitor how my How do I drive compliance risk? trackable risk indicators? risk indicators are changing? proactive risk mitigation? IDENTIFY THE ROOT CAUSES OF RISK TRANSLATE ROOT CAUSES INTO RISK INDICATORS EMBED RISK INDICATORS INTO EXISTING WORKFLOWS DRIVE BUSINESS ACCOUNTABILITY FOR RISK MITIGATION MassMutual Cultural Root Causes of Risk Root Cause-Based KRIs Business Risk Sensors Business-Led Risk Prevention Process-Based Risk Drivers Functional Risk Expertise High-Impact Risk Mitigation Principles for Conducting an Effective Root Cause Analysis ROOT CAUSES ENABLE PREDICTIVE INSIGHT Key Root Causes of Noncompliance Noncompliance Events Culture of Self Interest, Permissiveness, and Pressure Root Causes of Insufficient, Noncompliance Burdensome, and Complex Processes Description, Not Prediction Basic information about noncompliance events explains the type of noncompliance that can occur, but fails to provide insight into why noncompliance occurred. Predictive Insight Root causes explain the conditions and moments that precede and drive noncompliance, setting the foundation for a predictive monitoring system. Employee Mistakes ROOT CAUSES THAT MATTER MOST (AN INDEPENDENT ASSESSMENT) Primary Causes of Noncompliance , Council Analysis Company Gain 53% n = 209 Compliance Settlements. Personal Gain Pressure From Superior Permissive Culture Operational Burden Poor Process Design Employee Made Mistake Employee Unaware of Policy Other (External Actor) 0% 7% 0% 0% 9% 2% 4% 39% 0% 30% 60% Culture = 69% Process = 2% A4
5 4 5 6 ROOT CAUSES THAT MATTER MOST (STAKEHOLDERS PERSPECTIVES) Primary Causes of Misconduct Percentage of Compliance Executive Responses by Reason for Business Misconduct (Select up to Three Causes) Compliance Executives Employees Employee(s) Self-interest 32% 74% Employee(s) Felt Pressure to Commit Misconduct Poor (Permissive) Company Culture 0% % 9% 23% Insufficient Controls 23% 48% Operational Burden Process Complexity (Unintentional or Negligent) 0% 4% 0% 26% Employee Made Mistake 6% 4% n = 36; 3,668 employees. Source: CEB 204 State of the Compliance and Ethics Function Survey. 2% Lack of Awareness 2% 0% 40% 80% IDENTIFY THE ROOT CAUSES OF RISK What drives compliance risk? Challenge Understand the primary root causes of noncompliance Challenge 2 Identify where to focus root cause analyses Challenge 3 Conduct an effective root cause analysis Profiled Solution Profiled Solution Profiled Solution Cultural Root Causes of Risk Process-Based Risk Drivers Principles for Conducting an Effective Root Cause Analysis THE IMPORTANCE OF A CULTURE OF INTEGRITY Observations of Misconduct by Employee Perception of Culture Reporting Rates by Employee Perception of Culture Less Observations, More Reports Employees with the most favorable perceptions of the organization s culture are 90% less likely to observe misconduct and 63% more likely to report anything they see. 80% 80% = 63% 40% = (90%) 40% 0% Least Neutral Moderately Most Favorable Favorable Favorable n = 255,498. 0% Least Neutral Moderately Most Favorable Favorable Favorable n = 255,498. A5
6 7 8 9 A KEY CULTURAL ROOT CAUSE Organizational Justice Drives a Culture of Integrity 73% Organizational Justice Organizational Justice is employees degree of agreement that: Their company responds quickly and consistently to verified or proven unethical behavior and Unethical behavior is not tolerated in their department. 27% All Other Integrity Components Clarity of Expectations Leadership Comfort Speaking Up Trust in Colleagues Direct Manager Openness of Communication Tone at the Top n = 65 companies. CULTURE SHIFTS AS THE ORGANIZATION CHANGES Impact of Career Moments on Employee Perceptions of Integrity By Number of Career Moments in the Past Year (Excluding Promotions) No One Two Moments Moment Moments 0% Employee Perception of Integrity (6%) (2%) n = 3,3. Three Moments A 4% decline is equivalent to moving from middle to bottom-quartile scores in perceptions of integrity. Four Moments 5 0 Moments IMPLICATIONS FOR COMPLIANCE MONITORING Summary of CEB Cultural Research Implications on Compliance Monitoring By Number of Career Moments in the Past Year (Excluding Promotions) Compliance Monitoring Implications Over-invest in Monitoring Culture Cultural metrics are the most predictive indicators of future misconduct, compared to process-related factors and employee mistakes. Track Employee Perceptions of Organizational Justice Use operational metrics (e.g., percentage of employee concerns that receive follow-up) to monitor organizational justice. Include questions about employee perceptions of organizational justice (e.g., extent to which the company responds quickly and consistently to verified or proven unethical behavior) on annual C&E program or company-wide engagement surveys. Conduct Deeper Dives During Periods of Change Increase cultural monitoring and conduct focus groups during times of change when employees perceptions of culture (and thus the potential for increased risk) are most likely to shift. A6
7 20 2 Pseudonym. 22 CREATING THE MANAGER INTEGRITY DASHBOARD Manager Integrity Pre-Alert Dashboard Illustrative, CEB Employee Integrity Performance Human Resource Factors Compliance Factors Behaviors Risk Whistleblowing Leadership or Integrity Turnover, Actions Senior Engagement Exit Interview Assessment MBOs Absenteeism, ( >.5 SD Manager Survey Trends ( >.5 SD below Noncompliance below company Results company average) average) Comfort Speaking Up 80% to Organizational Justice SVP > 5% N/A Target Goal 5% Y-o-Y Direct Manager Within Range Leadership Comfort Speaking Up SVP 2 95% to Target Goal > 0% N/A 20% Y-o-Y Organizational Justice Direct Manager Leadership Within Range SVP 3 50% to Target Goal > 5% Increase in Management Concerns 5% Y-o-Y Comfort Speaking Up Organizational Justice Direct Manager Leadership Outside Acceptable Range CEB RISKCLARITY SERVICE: ASSESSING CORPORATE CULTURE CEB RiskClarity: A Corporate Integrity Service Employee Survey and Potential Responses Key Demographics of Survey Participants Multiple Industries CEB RiskClarity: A Corporate Integrity Service I have observed misconduct at my company in the past year. Yes No Don t Know Have you observed any of the following types of misconduct in the past year? (Select all that apply.) Don t Don t Yes No Know Yes No Know Accounting irregularities Improper payments 2 All Employee Levels 3 Global Coverage Alcohol or drug abuse Business information violation Conflict of interest Data privacy or information security violation Discrimination Fraud Harassment Inappropriate behavior Inappropriate giving Insider trading Misuse of time or resources Preferential treatment Stealing of company property Violation of environmental regulations Violation of health and safety regulations 4 All Business Functions 5 Dozens of Languages PROCESS-BASED RISK DRIVERS OVERVIEW Vista aligns compliance risks to associated business activities, forming the basis for quarterly risk-based monitoring plans that reflect the risk weight of each business activity. SOLUTION HIGHLIGHTS Align Business Activities with Compliance Risks Define the set of risks in Compliance s purview and align those risks to the activities in which they manifest. Pinpoint Business Activities Contribution to Risk Conduct an activity-based risk assessment to identify the level of compliance risk associated with common business processes. Derive Monitoring Plans from Risk Assessment Results Use annual risk assessment results to prioritize each region s monitoring efforts around its high-risk activities. COMPANY SNAPSHOT Vista Industry: Pharmaceuticals and Biotechnology 203 Sales: US$5 5 Billion Employees: 4,000 8,000 A7
8 A MORE HOLISTIC RISK ASSESSMENT Vista s Two-Pronged Risk Assessment Top-Down Environmental Risk Score Collection of broad conditions that describe a region s environment of compliance risk. Ownership Corporate Compliance pulls environmental conditions from functional and regional partners and other sources. Examples Sales Growth Expectation (from Finance) Employee Turnover Rates (from HR) Controls Required by Regulators (from external publication) Bottom-Up Operational Root Causes Risk rating of the specific business operations and processes in which misconduct can manifest. Ownership Each regional or functional compliance officer assesses the risk level of business activities within his or her region. Examples Likelihood of HIPAA violation during promotional interactions with patients Effectiveness of controls in preventing bribery during interactions with health authorities Accurate Insight Vista develops a comprehensive understanding of the conditions and processes that drive risk across the organization. Source: Vista; CEB analysis. Pseudonym. HOW THEY DO IT Overview of Bottom-Up Assessment and Monitoring Plans Align Risks with Activities Define the risks in Compliance s purview. Identify the company s core business activities and how they relate to compliance risks. Create a catalog that aligns each business activity to the relevant compliance risks. Identify High-Risk Business Activities Use an activity-based risk assessment to identify the business activities that drive the most risk within each region. Deploy Right-Sized Monitoring Plans Create a customized monitoring plan for each business activity that reflects its contribution to compliance risk exposure. Source: Vista; CEB analysis. Pseudonym. ACTIVITY-BASED RISK ASSESSMENT Vista s Risk and Control Assessment Illustrative, Does Not Reflect Real Results Risk Data Privacy Inherent Risk Control Risk- Overall (likelihood x Residual Activity Effectiveness Specific Compliance impact; Risk ( 3 Scale) Weight Risk Weight both on 5 Scale) Promotional Interactions % 28% with Patients Market Research % % Consulting Meeting % 7% Antitrust/Unfair Competition/ Competitor Disparagement Corruption and Bribery Promotional Interactions % 9% with Patients Hospital Sponsorships % % Education Grants % 5% Interactions with Health % 9% Authority Source: Vista; CEB analysis. Note: Up by the 60% for risk-specific weight and then at the bottom add: Risk-Specific Weight of 60% = Residual risk score of 5/total of all residual risk scores for data privacy of 25. Pseudonym. A8
9 26 Pseudonym. 27 Pseudonym. 28 IDENTIFYING HIGH-RISK ACTIVITIES Risk Weight of Activities, Data Privacy Risk Illustrative Risk Weight of Activities, All Compliance Risks Illustrative 6% Consulting Meeting Focus on a specific risk area. 9% Interactions with Health Authority 5% Education Grants View total compliance risk. 24% Market Research 60% Promotional Interactions with Patients % Hospital Sponsorships 47% Promotional Interactions with Patients 7% Consulting Meeting % Market Research Source: Vista; CEB analysis. Pseudonym. DEPLOY RIGHT-SIZED MONITORING Source: Vista; CEB analysis. Vista s Data Privacy Monitoring Plan Illustrative Monitoring Plan: United States Regional (204 Q3) Data Privacy Risk Sub-Activities Promotional Market Consulting Interactions Research Meeting with Patients Residual Risk Total Occurrences Monitoring Format Post-Transaction Post-Transaction Live Review Review Suggested Sample Size 30 4 Risk Score-Adjusted Sample Size BUILDING PREDICTIVE MONITORING CAPABILITIES What drives compliance risk? How do I create trackable risk indicators? How do I monitor how my risk indicators are changing? How do I drive proactive risk mitigation? IDENTIFY THE ROOT CAUSES OF RISK TRANSLATE ROOT CAUSES INTO RISK INDICATORS EMBED RISK INDICATORS INTO EXISTING WORKFLOWS DRIVE BUSINESS ACCOUNTABILITY FOR RISK MITIGATION MassMutual Cultural Root Causes of Risk Root Cause-Based KRIs Business Risk Sensors Business-Led Risk Prevention Process-Based Risk Drivers Functional Risk Expertise High-Impact Risk Mitigation Principles for Conducting an Effective Root Cause Analysis A9
10 MONITORING CHANGES IN RISK EXPOSURE Internal Capabilities to Monitor Risk Business Partners Information on changes in the business Internal Audit Previous audit findings Information Technology Systems access permissions Human Resources Employee information Finance Information on outgoing payments Compliance Hotline and investigations data Procurement Third-party vendor information CEB INSIGHTS IN BUILDING AND SUSTAINING A LIAISON PROGRAM Key Learnings in Developing a Liaison Program Align the Business Case with Key Stakeholders Interests 2 Right-Size Your Liaison Program Structure 3 Look Beyond Functional Background and Seniority in Selection 4 Provide Support to Build Early Engagement 5 Measure Ongoing Effectiveness of the Program Source: CEVA Logistics; CEB analysis. CEB INSIGHTS IN BUILDING AND SUSTAINING A LIAISON PROGRAM (CONTINUED) Case-in-Point: Overview of CEVA Logistics Liaison Program CEVA Logistics Liaison Program Situation: CEVA Logistics launched its liaison program in 2008 to strengthen its corporate culture while minimizing additional resource investment. Key Liaison Program Attributes: Phased Rollout: CEVA Logistics piloted its liaison program in South America. After a few years of success with its liaisons (called Compliance Leaders), CEVA expanded the program into other regions. Right-Sized Structure: To maximize coverage, CEVA Logistics assigns one Compliance Leader to each country of operation. The company provides additional liaisons to certain countries based on complexity of operations and risk profile. Competency-Based Selection: Compliance leaders are nominated by regional managers and selected based on key competencies. Leaders come from a variety of functional backgrounds (Operations, HR, Legal). Support Tools: New leaders receive one-on-one onboarding with the Compliance office, and monthly calls for ongoing support. Rewards/Recognition: Performance reviews include a compliance and ethics component. Compliance-in-Action is an initiative to recognize ethical behavior and reward leaders. Source: CEVA Logistics; CEB analysis. A0
11 NEW CEB RESOURCE: LIAISON TOOLKIT Liaison Toolkit Highlights Sample Resources Compliance and Ethics Liaison Toolkit Proposed Topics Liaison Program Organizational Structures and Decision Rules. Making the Business Case Overview of program benefits Customizable business case presentation 2. Structuring and Rolling Out a Liaison Program Sample program charter Liaison program organizational structures Sample Liaison Reporting Dashboard 3. Identifying and Selecting Liaisons Liaison roles and responsibilities Liaison selection criteria 4. Onboarding and Engaging Liaisons Liaison development plan Liaison onboarding presentations Liaison support tools (e.g., reporting dashboards) 5. Managing the Program Liaison performance management (e.g., performance criteria, incentives) Measuring liaison program effectiveness This Toolkit Will Help You: Implement a Liaison Program: Save time and effort organizing and implementing an effective ethics liaison program Enhance Ethics Network: Improve the reach and oversight of the compliance and ethics program across the company EMBED MONITORING IN FUNCTIONAL RISK CENTERS Monitoring Compliance Risk in Corporate Functions Functional Partners Compliance Risk- Relevant System Risk Indicator Examples Procurement Third-Party Database Sub-contractor due diligence Information Technology Information Security Incident Database Data privacy breaches Human Resources Human Resources Information System (HRIS) Employee career moments (e.g., layoffs, role changes, restructuring) Senior management involvement in noncompliance cases Sales & Marketing CRM Database Customer complaints Finance Accounts Payable Improper Payments Travel and Entertainment Expenses EMBED MONITORING IN FUNCTIONAL RISK CENTERS Monitoring Compliance Risk in Corporate Functions Implementation Guidance for Functionally-Integrated Monitoring Prove Business Value Build buy-in for consistent collaboration by outlining the benefits of closer integration (e.g., business efficiency, heightened corporate assurance, lower cost of compliance). Extract Value from Existing Capabilities Use risk information already tracked in functional systems to streamline monitoring efforts and reduce the burden of Compliance-led monitoring. Synthesize Risk Intelligence Utilize functional partners knowledge and experience of how noncompliance manifests to enhance practical understanding of compliance risk and local control environment. A
12 35 QUESTIONS? Jennifer Childs Kugler Principal Executive Advisor CEB Compliance and Ethics Leadership Council A2
Building an Effective Compliance and Ethics Program
CORPORATE INTEGRITY PRACTICE COMPLIANCE AND ETHICS LEADERSHIP COUNCIL Building an Effective Compliance and Ethics Program Data Insights for Driving Performance 1 March 2011 OBJECTIVES FOR OUR MEETING Key
More informationESTERLINE ANTI-CORRUPTION PROGRAM CHARTER
ESTERLINE ANTI-CORRUPTION PROGRAM CHARTER Anti-Corruption Program Overview Introduction At Esterline, we win business based on the superiority of our products and services, and never as a result of bribery
More informationDeveloping an Integrated Anti-Fraud, Compliance, and Ethics Program
Developing an Integrated Anti-Fraud, Compliance, and Ethics Program Introduction Eric Feldman, CFE, CIG Affiliated Monitors, Inc. 2018 Association of Certified Fraud Examiners, Inc. CPE Information 2018
More information2017 The Global ABB Integrity Program.
2017 The Global ABB Integrity Program www.abb.com/integrity Tone from the Top Don t Look the Other Way A culture of integrity is a prerequisite for a world-class business. Many valuable customers choose
More informationDeveloping an Integrated Anti-Fraud, Compliance, and Ethics Program
Developing an Integrated Anti-Fraud, Compliance, and Ethics Program Implementing a Whistleblower Helpline 2018 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Does your organization
More informationDeveloping Effective Anti-Corruption Ethics and Compliance Programmes. Sven Biermann
Developing Effective Anti-Corruption Ethics and Compliance Programmes Sven Biermann UNODC Multi-Stakeholder Anti-Corruption Workshop, Sarajevo, 29 September 2017 A multitude of definitions Philanthropy
More informationEuropean CEI. Compliance 101
European CEI Compliance 101 Debbie Troklus, CHC-F, CCEP-F, CHRC, CHPC, CCEP-I Managing Director Aegis Compliance and Ethics Center dtroklus@aegis-compliance.com Sheryl Vacca, CHC- F, CCEP-F, CCEP-I, CHRC,
More informationThomson Reuters Regulatory Change Management
Thomson Reuters Regulatory Change Management TRACK AND MANAGE THE IMPACT OF REGULATORY CHANGE 2 Thomson Reuters Regulatory Change Management provides your organization with enhanced mapping capabilities
More informationDeveloping an Integrated Anti-Fraud, Compliance, and Ethics Program
Developing an Integrated Anti-Fraud, Compliance, and Ethics Program Establishing an Effective Anti-Fraud, Compliance, and Ethics Function 2018 Association of Certified Fraud Examiners, Inc. Discussion
More informationMore than 2000 organizations use our ERM solution
5 STEPS TOWARDS AN ACTIONABLE RISK APPETITE Contents New Defining Pressures Risk Appetite and Risk Tolerance Benefits The 5 Best of Practices Risk Assessments Benefits of an Actionable Risk Appetite More
More informationEffective implementation of COSO s new anti-fraud guidance
Effective implementation of COSO s new anti-fraud guidance In September 2016, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) published a new Fraud Risk Management Guide (Anti-fraud
More informationconvercent Sample Board Report* Ethics & Compliance Program Update
convercent Sample Board Report* Ethics & Compliance Program Update *the data and content in this report are samples meant for demonstration purposes only, and not based on actual customer data or compliance
More informationIntegrating COSO s Fraud Risk Management Guide on an Enterprise Scale
Integrating COSO s Fraud Risk Management Guide on an Enterprise Scale September 15, 2017 Vincent Walden Partner EY Atlanta Delores White Director, Internal Audit Southern Company Scott Hulsey Chief Compliance
More informationAn Overview of the AWS Cloud Adoption Framework
An Overview of the AWS Cloud Adoption Framework Version 2 February 2017 2017, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes
More informationCODE OF ETHICS AND BUSINESS CONDUCT
CODE OF ETHICS AND BUSINESS CONDUCT 1.0 SCOPE This Code of Ethics and Business Conduct (the Code of Conduct ) is implemented by the Board of Directors (the Board ) of Dominion Diamond Corporation and applies
More informationBEATING THE BENCHMARK. A comprehensive guide for assessing and benchmarking compliance program effectiveness
BEATING THE BENCHMARK A comprehensive guide for assessing and benchmarking compliance program effectiveness 68% of chief compliance officers attempt to measure compliance program effectiveness....but only
More informationSOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER
EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER ARRIVAL OF GDPR IN 2018 The European Union (EU) General Data Protection Regulation (GDPR), which takes effect in 2018, will bring changes
More informationSAMPLE BOARD REPORT* convercent. Ethics & Compliance Program Update
convercent SAMPLE BOARD REPORT* Ethics & Compliance Program Update *the data and content in this report are samples meant for demonstration purposes only, and not based on actual customer data or compliance
More informationImplementing a Compliance Monitoring Program. January 29, 2014
Implementing a Compliance Monitoring Program January 29, 2014 1 Agenda 1. Mission and Purpose 2. Scope 3. Situational Analysis 4. Best Practices 5. Questions Mission and Purpose 3 Mission and Purpose Mission
More informationFraud Risk Management
Fraud Risk Management Fraud Risk Management Overview 2017 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Does your organization follow a specific risk management model? If so, which
More informationBenchmarking 101: Shaping your E&C Program for Maximum Value
Benchmarking 101: Shaping your E&C Program for Maximum Value Presented on November 15, 2016 Copyright 2016NAVEXGlobal,Inc. AllRightsReserved. Page 0 Presented by Mary Bennett Vice President, Advisory Services,
More informationCompliance Plans. Kelly S. McIntosh July 20, 2017
Compliance Plans Kelly S. McIntosh July 20, 2017 Roadmap The importance of compliance and compliance programs Common compliance issues know your risk areas! Guidance for drafting or updating your compliance
More informationENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS. Dan Julevich and Chris Dawes April 17, 2015
ENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS Dan Julevich and Chris Dawes April 17, 2015 Agenda ERM What, Why, How? ERM Keys to Success Fail, Survive, or Thrive? ERM Current State Overview ERM Leading
More informationMetso Code of Conduct
Metso Code of Conduct From the CEO Dear colleague, Metso is a big global company with more than 12,000 employees and operations in over 50 countries. It is important that we work as a team that shares
More informationCode of Business Conduct & Ethics
For internal use only Code of Business Conduct & Ethics Date Author Senior Management Policy Owner Human Resources Policy Sponsor Chief Executive Officer Issuing Department Human Resources Initially Approved
More informationExtended Enterprise Risk Management
Extended Enterprise Risk Management Driving performance through the extended enterprise October 2015 A network within a network The Extended Enterprise is the concept that an organization does not operate
More informationThird Party Risk Management ( TPRM ) Transformation
Third Party Risk Management ( TPRM ) Transformation September 20, 2017 Internal use only An introduction to TPRM What is a Third Party relationship? A Third Party relationship is any business arrangement
More informationCompliance in 2016: Navigating the New Expectations
Compliance in 2016: Navigating the New Expectations Prepared by: Kathleen Marcus Stradling Yocca Carlson & Rauth, P.C. 660 Newport Center Drive, Suite 1600 Newport Beach, CA 92660 949.725.4080 P 949.725.4100
More informationASSOCIATED BANC-CORP CODE OF BUSINESS CONDUCT AND ETHICS
ASSOCIATED BANC-CORP CODE OF BUSINESS CONDUCT AND ETHICS Introduction This Code of Business Conduct and Ethics covers a wide range of business practices and procedures. It does not cover every issue that
More informationSOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER
EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER ARRIVAL OF GDPR IN 2018 The European Union (EU) General Data Protection Regulation (GDPR) that takes effect in 2018 will bring changes for
More informationOptimizing an Enterprise Wide Effective Vendor Risk Management Program. Pam Schott Head and VP Enterprise Supplier Governance
Optimizing an Enterprise Wide Effective Vendor Risk Program Pam Schott Head and VP Enterprise Supplier Governance June 1, 2015 Emerging Industry Trends As Procurement organizations mature; their focus
More informationEthical leadership and corporate citizenship. Applied. Applied. Applied. Company s ethics are managed effectively.
CORPORATE GOVERNANCE- KING III COMPLIANCE Analysis of the application as at 24 June 2015 by Master Drilling Group Limited (the Company) of the 75 corporate governance principles as recommended by the King
More informationDriving Compliance and Ethics Program Effectiveness A Data-Driven Look at What Drives a Successful Compliance and Ethics Program
CORPORATE INTEGRITY PRACTICE COMPLIANCE AND ETHICS LEADERSHIP COUNCIL Driving Compliance and Ethics Program A Data-Driven Look at What Drives a Successful Compliance and Ethics Program 29 February 2012
More informationCODE OF CONDUCT. We Are Responsible For Our Own Success.
Business ethics and corporate social responsibility are issues that are extremely important to the ongoing success of any company. International Forest Products Limited s goal is to be a company that conducts
More informationCompliance Metrics. Moving from Best Practice to Standard Practice. Tuesday, June 7, 2016
Compliance Metrics Moving from Best Practice to Standard Practice Tuesday, June 7, 2016 Housekeeping You will receive a copy of the presentation and recorded version of the webinar via email after the
More information4/26. Analytics Strategy
1/26 Qlik Advisory As a part of Qlik Consulting, Qlik Advisory works with Customers to assist in shaping strategic elements related to analytics to ensure adoption and success throughout their analytics
More informationGlobal Code of Business Conduct and Ethics
Global Code of Business Conduct and Ethics Message from the chairman Dear Colleagues: The Hay Group Global Code of Business Conduct and Ethics (the Code ) is our company s statement of commitment to the
More informationRELM WIRELESS CORPORATION (the Company ) CODE OF BUSINESS CONDUCT AND ETHICS
RELM WIRELESS CORPORATION (the Company ) CODE OF BUSINESS CONDUCT AND ETHICS Introduction This Code of Business Conduct and Ethics covers a wide range of business practices and procedures. It does not
More informationThe power of the Converge platform lies in the ability to share data across all aspects of risk management over a secure workspace.
Converge Platform The transition to value-based care is breaking down the barriers between the CNO, CMO, and Chief Legal Counsel in managing enterprise risk. It s time to take a proactive systems approach
More informationEnterprise Risk Management Handbook. June, 2010
Enterprise Risk Management Handbook June, 2010 Table of Contents Overview... 4 What is Enterprise Risk Management?... 5 Why Undertake Enterprise Risk Management?... 6 Draft UW System ERM Vision, Mission,
More informationCertified Identity Governance Expert (CIGE) Overview & Curriculum
Overview Identity and Access Governance (IAG) provides the link between Identity and Access Management (IAM) rules and the policies within a company to protect systems and data from unauthorized access,
More informationSETTING POLICIES and GUIDELINES for CONDUCTING INTERNAL INVESTIGATIONS
SETTING POLICIES and GUIDELINES for CONDUCTING INTERNAL INVESTIGATIONS Al Gagne, CCEP Director, Ethics & Compliance Textron Systems Corporation SCCE Internal Investigations Workshop November 11-12, 2010
More informationMorality/Ethics in a Workplace and the Ethical Dilemma for SCM, Finance & Internal Audit
Morality/Ethics in a Workplace and the Ethical Dilemma for SCM, Finance & Internal Audit Copyright: These slides were created for illustrative purposes only and are compiled from various sources.. These
More informationFraud in focus March Fraud & Corruption in the Victorian Public Sector learnings and insight for 2017 and beyond
Fraud in focus March 2017 Fraud & Corruption in the Victorian Public Sector learnings and insight for 2017 and beyond Introduction The Victorian Public Sector has a comprehensive integrity framework with
More informationHarnessing data and analytics to transform compliance
Harnessing data and analytics to transform compliance kpmg.com Executive summary In the past 10 years, amazing advances in technology and automation have presented great opportunities for organizations
More informationPOLICY The following are the principles of the Conduent Global Ethics Policy that govern all practices concerning business ethics:
SCOPE Conduent Business Services, LLC and its subsidiaries provide this policy as a guide for employees. This policy applies to all employees of Conduent Business Services, LLC and its subsidiaries and
More informationSOLUTION BRIEF RSA ARCHER AUDIT MANAGEMENT
RSA ARCHER AUDIT MANAGEMENT INTRODUCTION Internal audit departments are struggling to deliver strategic leadership, coordinated assurance and other services their stakeholders need, but this task isn t
More informationFraud Risk Management
Fraud Risk Management Developing a Fraud Risk Management Program 2017 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Which individual or group within your organization oversees
More informationSociety of Corporate Compliance & Ethics: West Coast Regional
Society of Corporate & Ethics: West Coast Regional Internal Audit and : The Importance of Collaboration & Skill Development: From Policy to Practice Odell Guyton, JD, CCEP CO-CHAIR SCCE Director of Microsoft
More informationCompliance Auditing Done Right
Compliance Auditing Done Right SCCE 10 th Annual Compliance & Ethics Institute September 12, 2011 Scott Avelino Win Swenson Discussion Topics Rationale for Conducting Compliance Audits Identifying Risk
More informationCode of Business Conduct and Ethics
Code of Business Conduct and Ethics Table of Contents Purpose... 1 Scope... 1 Policy... 2 Responsibilities... 8 Enforcement... 8 Review and Revision... 8 PURPOSE Pursuant to the Sarbanes-Oxley Act of 2002
More informationGuide to Internal Controls
Guide to Internal Controls Table of Contents Introduction to Internal Controls...3 Roles...4 Components....5 Control Environment...5 Risk assessment...6 Control Activities...7 Information & Communication...9
More informationTriple C Housing, Inc. Compliance Plan
Triple C Housing, Inc. Compliance Plan Adopted by Board of Directors on draft November 13, 2014 Overview Triple C Housing, Inc. is committed to its consumers, employees, contractual providers, vendors,
More informationEY Center for Board Matters. Leading practices for audit committees
EY Center for Board Matters for audit committees As an audit committee member, your role is increasingly complex and demanding. Regulators, standard-setters and investors are pressing for more transparency
More informationBusiness Partner Code of Conduct
Policy Owner: Group Head of Procurement Effective Date: 31 October 2017 Business Partner Code of Conduct This Business Partner Code of Conduct defines basic requirements and responsibilities. VEON reserves
More informationA Discussion About Internal Controls February 2016
A Discussion About Internal Controls February 2016 What we will cover today 001 Introductions 002 Defining Internal Controls 003 COSO Internal Controls Integrated Framework 004 Approach to Designing Internal
More informationManaging Compliance Risk in M&A, and Special Considerations for Joint Ventures
Managing Compliance Risk in M&A, and Special Considerations for Joint Ventures SCCE Upper Midwest Regional Conference April 26, 2013 Agenda Compliance risk and threat landscape overview Four areas we ll
More informationDragon Oil. Code of Conduct
Dragon Oil Code of Conduct Leadership Message Dragon Oil has an ever-increasing multicultural workforce and asset portfolio across a number of countries. This rapid growth, together with an evolving regulatory
More informationDALLAS COWBOYS MERCHANDISING, LTD. ASSESSMENT FOR ACCREDITATION
DALLAS COWBOYS MERCHANDISING, LTD. ASSESSMENT FOR ACCREDITATION February 2016 DALLAS COWBOYS MERCHANDISING, LTD.: TABLE OF CONTENTS Introduction... 3 Section 1: Dallas Cowboys Merchandising, Ltd.'s Labor
More informationCODE OF CONDUCT Business ethics and compliance
CODE OF CONDUCT Business ethics and compliance BUSINESS PARTNERS Index FRESENIUS KABI BUSINESS PARTNER CODE OF CONDUCT 3 ABOUT US 4 FRESENIUS KABI S BUSINESS: CARING FOR LIFE FRESENIUS KABI S CORE VALUES
More informationERM 101. Casualty Loss Reserve Seminar, Fall /5/ Practical Enterprise Risk Management (ERM) Agenda ERM 101 2
Practical Enterprise Risk Management (ERM) Casualty Loss Reserve Seminar, Fall 2013 Agenda ERM 101 2 Building an effective ERM program 8 Case study 28 Lessons learned 34 Q&A 38 1 Practical Enterprise Risk
More informationHenkel s Compliance Management System (CMS)
Henkel s Compliance Management System (CMS) As a company that operates in an ethically and legally correct manner, Henkel s image and reputation is inseparable from the appropriate conduct of each of its
More informationGuide to North America Healthcare Compliance 2016/2017
Guide to North America Healthcare Compliance 2016/2017 Dr. Reddy s Laboratories, Inc. NOTICE: this information is provided pursuant to the requirements of California Health & Safety Code 119400, 119402,
More informationETHICS AND BUSINESS INTEGRITY POLICY
ETHICS AND BUSINESS INTEGRITY POLICY 1.0 Chief Executive s Introduction: Behaving ethically is essential to working with Carillion. Our values of We care, We achieve together, We improve and we deliver
More informationOur Commitments. Living our vision and values
Our Commitments Living our vision and values CEO Message Our vision is to excel at securing and enhancing the financial wellbeing of people, businesses and communities. It recognises the important role
More informationSUPPLIER CODE OF PRACTICE SUPPLIER CODE OF PRACTICE
SUPPLIER CODE 16 December, 2016 i CONTENTS ANZ S COMMITMENT 2 OUR SUPPLIERS COMMITMENT 2 HUMAN RIGHTS AND WORKPLACE RELATIONS 3 Human Rights 3 Wages, Benefits & Conditions 3 Forced Labour and Inhumane
More informationMeasuring Compliance Program Effectiveness
Measuring Compliance Program Effectiveness Measuring Compliance Program Effectiveness: A Resource Guide HCCA Hawaii Regional Debbie Troklus, CHC-F, CCEP-F, CCEP-I, CHRC, CHPC Aegis Compliance and Ethics
More informationAnti-bribery corporate policy
Anti-bribery corporate policy 1. Scope and purpose of this guideline One of the key factors and reasons for the favorable reputation and image of Sb Accounting & Consulting is its ability and will to conduct
More informationAppendix 8. M&T BANK CORPORATION CODE OF BUSINESS CONDUCT AND ETHICS
Appendix 8. M&T BANK CORPORATION CODE OF BUSINESS CONDUCT AND ETHICS Introduction. This ( Code ) covers a wide range of business practices and procedures. There are, of course, many corporate policies
More informationThe Path to Clinical Enterprise Maturity DEVELOPING A CLINICALLY INTEGRATED NETWORK
The Path to Clinical Enterprise Maturity DEVELOPING A CLINICALLY INTEGRATED NETWORK dhgllp.com/healthcare Kevin Locke PRINCIPAL Kevin.Locke@dhgllp.com 330.606.4699 Michael Strilesky SENIOR MANAGER Michael.Strilesky@dhgllp.com
More informationBuilding A Holistic and Risk-Based Insider Threat Program
Building A Holistic and Risk-Based Insider Threat Program An Approach to Preventing, Detecting and Responding to Insider Threats Michael G. Gelles, Psy.D March 2015 Insider Threat Types & Drivers Insider
More informationCompliance Program Effectiveness Guide
Compliance Program Effectiveness Guide June 2017 This Guide is a comparison of: Compliance Program Elements New York State, Social Services Law 363-D Office of Inspector General (OIG) Compliance Program
More informationThis report was prepared by McLean & Company for ACME Incorporated on Data is comprised of 8 responses. Prepared for ACME Incorporated
This report was prepared by McLean & Company for ACME Incorporated on 2015-06-18. Data is comprised of 8 responses. Prepared for ACME Incorporated HR & Governance Diagnostic Program 1. Understand Results
More informationCODE OF CONDUCT FOR DOING BUSINESS WITH LINKEDIN
CODE OF CONDUCT FOR DOING BUSINESS WITH LINKEDIN TABLE OF CONTENTS INTRODUCTION 1 Expectations LINKEDIN VALUES 2 MAINTAINING BUSINESS INTEGRITY 3 Anti-Corruption Competition Laws PROMOTING TRANSPARENCY
More informationSupplier Ethics and Compliance Webinar
Supplier Ethics and Compliance Webinar March 29, 2017 Chuck Neff, Director of Compliance Newport News Shipbuilding Huntington Ingalls Industries, Inc. Agenda 2 Why? Present Responsibility Assessment Engagement
More informationKeep Procure-to-Pay (P2P) Fraud at Bay with Fraud Detection Tools & Techniques
Keep Procure-to-Pay (P2P) Fraud at Bay with Fraud Detection Tools & Techniques Chris Doxey, CAPP, CCSA, CICA, CPC President, Doxey, Inc. chris@chrisdoxey.com 571-267-9107 2 May 7-9, 2017 Chris Doxey, CAPP,
More informationContract Compliance: How Much Are Your Contracts Costing You? Written by: William Melville, Internal Audit Executive
Contract Compliance: How Much Are Your Contracts Costing You? Written by: William Melville, Internal Audit Executive July 2017 Overview Today, organizations are increasingly more reliant on third parties
More informationEnterprise Risk Management. Focus on the Future June 2017
Enterprise Risk Management Focus on the Future June 2017 2017 Crowe 2017 Crowe Horwath Horwath LLP LLP Learning Objectives and Agenda Objectives Distinguish Risk Management from ERM Understand the Value
More informationSAMSUNG HEAVY INDUSTRIES
SHI SAMSUNG HEAVY INDUSTRIES APPENDIX Relating to Samsung Heavy Industries Co., Ltd. s Sustainability Report for the calendar year 2015 This has been prepared for Samsung Heavy Industries Co., Ltd. in
More informationAnd $100 million in savings.
Efficiency, cash flow, timeliness. And $100 million in savings. S&P 500 Company implements American Express BIP as a part of a successful supply chain transformation. Published Nov. 23, 2015 THE CLIENT
More informationRisk Management Strategy
Risk Management Strategy 2017-2019 Created by: Role Name Title Author / Editor Kevin McMahon Head of Risk Management & Resilience Lead Executive Margo McGurk Director of Finance & Performance Approved
More informationWHISTLE BLOWING POLICY
WHISTLE BLOWING POLICY Status Last reviewed: Review Date Recommended Spring 2017 Spring 2018 Resources and References Somerset County Council Policy adopted in full Updated August 2014 1. Introduction
More informationSOLUTION BRIEF RSA ARCHER REGULATORY & CORPORATE COMPLIANCE MANAGEMENT
RSA ARCHER REGULATORY & CORPORATE COMPLIANCE MANAGEMENT INTRODUCTION Your organization s regulatory compliance landscape changes every day. In today s complex regulatory environment, governmental and industry
More informationNavigating the New Health Economy
Navigating the New Health Economy How non-traditional healthcare players are using the HITRUST CSF to drive their security programs forward Speakers Dennis Quandt Risk Assurance Director, PwC Boston, MA
More informationBusiness Framework Change How You Manage Safety
Business Framework Change How You Manage Safety December 1, 2017 Joseph Muratore Mark Drozdov Today s Speakers Joseph Muratore Commercial Director BSI USA & Canada Mark Drozdov BSI CES SVP & Technical
More informationOffice of Business Conduct and Ethics Program Review. Name and Title
Office of Business Conduct and Ethics Program Review Name and Title 1 Objectives Three Parts to Presentation Objectives of First Part: Review the current compliance and ethics landscape Provide an overview
More informationAudit & Risk Committee Charter
Audit & Risk Committee Charter Status: Approved Custodian: Executive Office Date approved: 2014-03-14 Implementation date: 2014-03-17 Decision number: SAQA 04103/14 Due for review: 2015-03-13 File Number:
More informationImproved Risk Management via Data Quality Improvement
Improved Risk Management via Data Quality Improvement Prepared by: David Loshin Knowledge Integrity, Inc. January, 2011 Sponsored by: 2011 Knowledge Integrity, Inc. 1 Introduction All too frequently, we
More informationCFPB Examination Procedures
Compliance Management Review General Principles and Introduction Institutions within the scope of the CFPB s supervision and enforcement authority include both depository institutions and non-depository
More informationPhysician Marketing & Outreach Growing Referring Physician Lifetime Value
Growing Referring Physician Lifetime Value Gelb, An Endeavor Management Company 1011 Highway 6 South P + 281.759.3600 Suite 120 F + 281.759.3607 Houston, Texas 77077 www.gelbconsulting.com Overview Today
More informationCODE OF BUSINESS CONDUCT AND ETHICS
1 ST FRANKLIN FINANCIAL CORPORATION CODE OF BUSINESS CONDUCT AND ETHICS Introduction This Code of Business Conduct and Ethics ( Code ) describes the basic principles of conduct that we share as officers
More informationCHANGE MANAGEMENT IN PROCUREMENT TRANSFORMATION. Bloomberg. Page 1
CHANGE MANAGEMENT IN PROCUREMENT TRANSFORMATION Bloomberg Page 1 Agenda and Objective Defining the challenges we faced Creating the business case Building the change management playbook Setting the strategy
More informationImplementing an Employee Engagement Programme
Implementing an Employee Engagement Programme A People & Culture White Paper Introduction Over the last decade, employers focus has moved away from employees who are satisfied with their working conditions,
More informationLevel of Reporting on GRI Indicators, 'in accordance' Core. Fully Significant Changes during 2016
Level of Reporting on GRI Indicators, 'in accordance' Core GENERAL STANDARD DISCLOSURES 'IN ACCORDANCE' CORE General Standard Disclosures Description Level of Reporting Location: For partially or not reported
More informationSAP Road Map for Governance, Risk, and Compliance Solutions
SAP Road Map for Governance, Risk, and Compliance Solutions Q4 2016 Customer Disclaimer The information in this presentation is confidential and proprietary to SAP and may not be disclosed without the
More informationBuilding a Winning Business Case for HCM SaaS
Building a Winning Business Case for HCM SaaS Mark Bray, Principal Consultant ISG WHITE PAPER 2016 Information Services Group, Inc. All Rights Reserved INTRODUCTION The number of enterprises that experience
More informationCode of Conduct & Ethics
Code of Conduct & Ethics Interfor Code of Conduct & Ethics Contents Page 1 CEO Message A Message from our CEO 2 Our Code of 2 Conduct & Ethics Our Code of Conduct & Ethics 3 3 Guiding Principles Guiding
More informationStatement on Risk Management and Internal Control
INTRODUCTION The Board affirms its overall responsibility for the Group s system of internal control and risk management and for reviewing the adequacy and effectiveness of the system. The Board is pleased
More informationFulfilling CDM Phase II with Identity Governance and Provisioning
SOLUTION BRIEF Fulfilling CDM Phase II with Identity Governance and Provisioning SailPoint has been selected as a trusted vendor by the Continuous Diagnostics and Mitigation (CDM) and Continuous Monitoring
More informationAMERICAN EXPRESS COMPANY AUDIT AND COMPLIANCE COMMITTEE CHARTER (as amended and restated as of September 26, 2017)
AMERICAN EXPRESS COMPANY AUDIT AND COMPLIANCE COMMITTEE CHARTER (as amended and restated as of September 26, 2017) Purpose The Committee is responsible for assisting the Board of Directors in its oversight
More information