Categories
Compliance Tip of the Day

Compliance Tip of the Day – COSO Objective 4 – Control Information and Communication

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we continue our look at the 5 COSO Objectives. Today, Number IV—Control Information and Communication.

For more information on this topic, refer to The Compliance Handbook: A Guide to Operationalizing Your Compliance Program, 6th edition, recently released by LexisNexis. It is available here.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – COSO Objective 3 – Control Activities

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we continue our look at the 5 COSO objections. Today, Number III—Control Activities.

For more information on this topic, refer to The Compliance Handbook: A Guide to Operationalizing Your Compliance Program, 6th edition, recently released by LexisNexis. It is available here.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – COSO Objective 2 – Risk Assessment

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we continue our look at the 5 COSO Objectives. Today, Number II—Risk Assessments.

For more information on this topic, refer to The Compliance Handbook: A Guide to Operationalizing Your Compliance Program, 6th edition, recently released by LexisNexis. It is available here.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – COSO Objective 1 – Control Environment

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we begin a look at the 5 COSO Objectives—first up, Number I—Control Environment.

For more information on this topic, refer to The Compliance Handbook: A Guide to Operationalizing Your Compliance Program, 6th edition, recently released by LexisNexis. It is available here.

Categories
Compliance Into the Weeds

Compliance into the Weeds: The COSO Governance Framework

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject more fully. Are you seeking insightful perspectives on compliance? Look no further than Compliance into the Weeds! In this episode of Compliance into the Weeds, Tom Fox and Matt Kelly discuss the recently released COSO Corporate Governance Framework.

Tom and Matt take a deep dive into the new COSO Corporate Governance Framework draft. They discuss the importance of public comment on the draft, which is open until July 11, and explore the framework’s six key components. The framework aims to provide discipline in achieving good governance within organizations, covering areas such as strategy, culture, human resources, and resilience. Kelly highlights the significance of culture in compliance and the role of information quality in the future, providing practical tips on implementing and testing the framework. The episode highlights the importance of this framework for various stakeholders, encouraging practitioners to review and provide feedback on the draft.

Key highlights:

  • Overview of COSO’s Draft Corporate Governance Framework
  • The Six Objectives of the Framework
  • Importance of Culture in Compliance
  • Principles and Points of Focus
  • Resilience in Corporate Governance

Resources:

Matt Kelly in Radical Compliance

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

A multi-award-winning podcast, Compliance into the Weeds, was most recently honored as one of the Top 25 Regulatory Compliance Podcasts, a Top 10 Business Law Podcast, and a Top 12 Risk Management Podcast.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – COSO Framework

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

What is the COSO 2013 Internal Controls Framework?

For more information on this topic, refer to The Compliance Handbook: A Guide to Operationalizing Your Compliance Program, 6th edition, recently released by LexisNexis. It is available here.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – What are Internal Controls?

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we look at several definitions of internal controls.

For more information on this topic, refer to The Compliance Handbook: A Guide to Operationalizing Your Compliance Program, 6th edition, recently released by LexisNexis. It is available here.

Categories
Compliance Into the Weeds

Compliance into the Weeds: COSO Fraud Risk Management Framework

The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, going into the weeds to explore a subject more fully and looking for some hard-hitting insights on sanctions compliance. Look no further than Compliance into the Weeds!

Get ready to dive into the fraud risk management and prevention world with Compliance into the Weeds, hosted by Tom Fox and Matt Kelly. In this episode, they break down the recently released fraud risk framework by COSO and the Association of Certified Fraud Examiners and how it’s necessary for today’s cyber-based fraud and cryptocurrency. They stress the importance of data analytics and internal hotlines to prevent fraud and that all employees need to be trained to detect and prevent fraud in their industry. The hosts also discuss how financial reporting controls may not always detect fraud and how anti-fraud controls are essential. With the rise of new types of fraud like ESG and greenwashing, the hosts recommend the fraud risk report for audit and compliance professionals to stay informed about risks swirling around corporations today. Take advantage of this informative and fascinating podcast. Tune in to Compliance into the Weeds now.

Key Highlights:

·      Fraud Risk Management: COSO Report 2nd Edition

·      Effective Fraud Prevention Training for Employees

·      Importance of Anti-Fraud Controls in Fighting Fraud

·      COSO Fraud Risk Guidance and the Fraud Pentagon

Notable Quotes:

“But when you think about it, we have a lot of external factors, such as the rise of cryptocurrency, which is riddled with fraud and corruption risk. New methods of cyber-based fraud, which didn’t exist, say, 2016, the 2010s before that. Rise of ransomware in particular, which wasn’t quite a big thing back then that it is all over the place now.”

“Most frauds, you the risk management function, you might never catch them. By looking for them, you’ll have to depend on somebody else coming to you from the enterprise, say, I think this person over here is doing something sketchy.”

“Fraud is having a moment. And fraud risk is on the forefront of many people’s minds from many different areas.”

“We need to do better at finding ways to assess and understand your fraud risk and then implementing new controls as necessary to push that risk down to acceptable levels.”

Resources

Matt 

LinkedIn

Blog Post in Radical Compliance

Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Into the Weeds

COSO Framework for Sustainability Controls and Reporting

The award winning, Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, join Tom and Matt as they discuss a new sustainability framework that companies can use to improve their sustainability efforts. The document emphasizes the importance of data governance and using a recognized control framework for effective financial reporting, similar to COSO. The hosts explore the challenges of collecting and managing sustainability data, while highlighting the need for organizations to have a Chief Data Governance Officer and an in-house data committee. They discuss the importance of competent leadership, effective communication, and the role of vendors offering sustainability supporting solutions. Tune in to discover how the right oversight mechanisms can save organizations money by streamlining IT vendors and why sustainability data reporting is the new challenge of achieving Sarbanes Oxley compliance in the 2000s.

 Key Highlights

·      COSO Internal Control Framework for Sustainability Disclosures

·      Comparing Sustainability and Ethics/Compliance Frameworks

·      Challenges in Sustainability Data Collection

·      Importance of Data Governance in Large Enterprises

 Notable Quotes

1.     “ESG and sustainable business information, on the other hand, tends to be longer term and more qualitative.”

2.     Revenue numbers are in dollar returns and carbon emissions are not.

3.    Radically different sorts of disclosures and data there, but you have to think through.

4.    You’re going to have to make sure that the data governance mechanisms you have? Do you have a Chief Data Governance Officer? Some organizations do. Do you have an in house data committee to think about are we collecting all of this data?

 Resources

Matt  on LinkedIn

Matt on Radical Compliance

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Internal Controls – COSO Objective II: Risk Assessments

Objective II is designed to provide a company with a “dynamic and iterative process for identifying and assessing risks.” For the compliance practitioner, none of this will sound new or even insightful, however the Framework requires a component of management input and oversight that was perhaps not as well understood.

The objective of Risk Assessment consists of four principles.

Principle 6: Suitable objectives.

Principle 7: Identifies and analyzes risk.

Principle 8: Fraud risk.

Principle 9: Identifies and analyzes significant change.

The SEC has made it clear that companies should be expanding their view of risk in implementing the COSO 2013 Internal Controls Framework. Obviously, risk assessments are a cornerstone of a best practices compliance program as laid out in the 2012 FCPA Guidance and in the DOJ’s Evaluation. The regulators are telling companies specifically that they should be seeing new risks that they need address because of the changes brought about by the new standard.

Three key takeaways:

  1. Risk assessments are required under the COSO 2013 Internal Controls Framework, the 2012 FCPA Guidance and almost all other best practices compliance programs.
  2. Look at your risks across your organization and not in a siloed manner.
  3. Risks, both determination and management of, changes over time so be cognizant of changes in business practices on the ground.

For more information on how to build out a best practices compliance program, including internal controls, check out The Compliance Handbook, 3rd edition.