Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Internal Controls – Internal Controls for Gifts, Travel and Entertainment

While many compliance practitioners believe that employee expense reports are a sufficient internal control of gifts because there are other ways in which a gift can be presented, other controls must be considered. Once your company policy on gifts has been finalized, the internal controls over expense reports fall into three primary areas:

  1. The expense report format, including what information it requires.
  2. Controls over the submitting employee and the preparation of the expense report.
  3. Controls to ensure the approvers do their review process properly.

Internal controls around gifts can be used in various ways in your best practices compliance program. They can certainly be used to detect an issue and perhaps even prevent an issue from becoming a full-blown FCPA violation; however, by using some of the techniques that Howell has suggested, you can move your compliance program to a proscriptive phase where you not only stop an issue from becoming a violation but through identification, you can move towards remediation as a part of your ongoing compliance efforts. The bottom line is that good internal controls make for good business processes; if you can move your compliance program’s internal controls forward, you can help make them a part of your financial controls and, thereby, have a better-run company. 

Three Key Takeaways:

  1. GTE compliance internal controls are low-hanging fruit. Pick them.
  2. Compliance with internal controls can be both detected and prevented controls.
  3. Good compliance with internal controls is good for business.

For more information on how to build out a best practices compliance program, including internal controls, check out The Compliance Handbook, 3rd edition.

Categories
Innovation in Compliance

Entrepreneurship and Risk Management with Adrienne Bellehumeur

Tom Fox’s guest in this episode of Innovation In compliance is Adrienne Bellehumeur. They discuss the significance of gap analysis in the design of internal controls, and why having a thorough understanding of design is critical to the success of gap analysis. They emphasize the importance of continuous improvement and avoiding a “pass-fail” approach to internal control programs. Adrienne also shares her five principles for creating high-value compliance programs.

Adrienne Bellehumeur is the Director and Co-owner of Risk Oversight, a firm specializing in internal controls, internal audit, and compliance programs. She has written a book called The 24-Hour Rule and Other Secrets for Smarter Organizations: Including the 6 Steps of Dynamic Documentation, which is set to be published on March 7th and is geared towards managers who are seeking solutions through documentation. This book aims to provide a fun and foundational approach to documentation for the modern knowledge workforce and is the first mass-market book on documentation best practices.

 

Some of the key points discussed during the show include:

  • Adrienne’s background and current role at her company, Risk Oversight, which specializes in delivering services to mid-sized oil and gas companies in the engineering sectors.
  • The purpose of gap analysis is to identify areas for improvement in processes and controls to support operational effectiveness.
  • Adrienne’s belief that internal controls should focus on good habits, accountability, and continuous improvement rather than just ticking boxes.
  • How Risk Oversight helps companies fulfill their obligation of oversight by providing entity-level control review and understanding best practices in governance.
  • The two best practices for board minutes, the “Goldilocks principle” and the “business judgment rule.”
  • The Caremark doctrine in Delaware and the importance of documentation of major risk management decisions.
  • Adrienne’s book The 24-Hour Rule, which is a mass-market book on documentation aimed at managers looking to solve problems through documentation and is applicable to various industries.

 

KEY QUOTATION:

“Risk management is about action.” – Adrienne Bellehumeur 

 

Resources 

Adrienne Bellehumeur | LinkedIn | Twitter 

Risk OversightThe 24-Hour Rule and Other Secrets for Smarter Organizations: Including the 6 Steps of Dynamic Documentation

Categories
Daily Compliance News

February 14, 2023 – The Happy Valentine’s Day Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition of Daily Compliance News:

  • White fragility is a race-based farce. (Reuters)
  • TX AG pays $3.3MM to settle whistleblower lawsuits. (NYT)
  • NMSU cancels BB season due to hazing allegations. (ESPN)
  • SEC to crack down on insider trading loopholes. (WSJ)