I recently had the opportunity to visit with folks from Diligent. We look down the road at key issues in 2024 in a podcast series sponsored by Diligent entitled Compliance Professionals Adapting to Change: Industries, Regulations, and Beyond. I could chat with Nicholas Latham, Renee Murphy, Jessica Czeczuga, Yee Chow, and Alexander Cotoia. Over this series, we discussed compliance communications in regulated industries, managing conflicts of interest at the Board level, the Board’s role in compliance training and communications, navigating the current ESG landscape, and professional growth and mentorship in compliance. In this first blog post, we discuss accounting and risk management frameworks.
One of the key topics discussed in the episode was the importance of risk assessment frameworks in identifying and mitigating organizational risks. Latham highlighted two widely used frameworks, the COSO Framework for Internal Controls and ISO 31,000, which both provide a comprehensive approach to risk management. These frameworks help organizations establish effective communication processes and gain a holistic view of risk across different departments.
The COSO Framework for Internal Controls focuses on enterprise risk management. It emphasizes the need to assess an organization’s control environment, determine risk appetite, and identify crucial risks for the business’s success. Information and communication processes, including training and monitoring activities, are built around these assessments to ensure effective risk management.
We next discussed the relevance of the “Single Pane of Glass” concept, often associated with the COSO Framework for Internal Controls. This concept provides a unified view of an organization’s operations and risk management, flattening hierarchical structures and promoting transparency. By implementing this approach, executives and leaders can comprehensively understand what is happening across the organization rather than just within individual departments.
We noted the challenges associated with compliance communication issues, particularly in e-communications. Latham emphasized the importance of setting the tone at the top, with executive leadership emphasizing the criticality of compliance and its impact on the organization and its customers. Training plays a crucial role in ensuring compliance, but Latham noted that the amount and frequency of training in today’s environment may not be sufficient. He stressed the need for organizations to step up their training efforts and be prepared for increasingly stringent regulatory scrutiny.
Monitoring e-communications poses a significant challenge due to the sheer volume of interactions. Latham suggested leveraging artificial intelligence (AI) to analyze a larger communications sample and identify potential risks. This approach could help organizations identify improper processes, training gaps, or script issues that may contribute to compliance breaches.
As a compliance professional, your understanding of risk assessment frameworks, such as the COSO Framework for Internal Controls and ISO 31,000, highlights the importance of comprehensive risk management practices. The “Single Pane of Glass” concept and the challenges associated with compliance communication issues provide valuable guidance for organizations navigating the complex risk and compliance landscape. As regulatory scrutiny continues to increase, compliance professional’s expertise will continue to serve as a valuable resource for organizations seeking to enhance their risk management practices and ensure compliance in an ever-evolving technological landscape.
Ready for Purpose-Driven Compliance? Diligent equips leaders with the tools to build, monitor, and maintain an open, transparent ethics and compliance culture. For more information and to book a demo, visit Diligent.com
Join us tomorrow when we consider conflicts of interest at the Board of Directors.
