Risk

Enterprise risk management isn’t meant to be a one-man show. Or a one department show, for that matter. It’s necessary to have the Board’s buy-in and investment. If your firm hasn’t come that far yet, here are a number of simple tips that can help improve your ERM, regardless of where your existing processes stand.

As the use of social media becomes intertwined with daily business activity, a new threat is emerging: hackers are finding new ways of impersonating genuine business contacts, often portraying colleagues via fake profiles in order to gain access to sensitive data that can be used to commit fraud.

A large part of effective enterprise risk management is ensuring your policies don’t incentivize (unacceptably) risky behavior. A balance must be struck between revenue generation and risk oversight, and setting clear accountabilities for risk is integral to achieving that balance.

Improved Board risk oversight may be the most important factor in preventing corporate governance breakdowns. This theory is picking up steam among experts, and the expectation now is that Boards should oversee management’s risk appetite and tolerance and ensure alignment with its own.

There are significant limitations intrinsic to the traditional approach to risk assessment, which is why a more robust assessment is preferable. Certain categories of risk (strategic, operational, finance, and compliance, for instance) have unique characteristics that cannot be adequately accounted for in a basic assessment.

With almost every FCPA enforcement action involving third party misconduct in one form or another, shouldn’t companies devote more resources than ever to due diligence and third-party risk management systems? There’s no magic formula to implementing an effective system. It just takes two things: commitment and common sense. Every company knows how to do it. But not every company commits...

Compliance with regulatory requirements can get complicated when companies in highly regulated industries take to social media. Subject matter expert Joanna Belbey offers five steps to ensure that when your company posts, they do so purposefully, knowledgeably and well within the bounds of the law.

Earlier this month the New York State Department of Financial Services announced proposed anti-money laundering and terrorist financing regulations. If adopted, the proposed rules will subject investment advisers to Bank Secrecy Act requirements for financial entities. Regulatory and private scrutiny of compliance programs is expanding, as is the cost of compliance...

We’ve established that it’s prudent to keep an eye on your top performers for the sake of risk management , but they’re not the only staff you ought to be watching. There are plenty of contributors who fly under the radar yet play highly important roles in the organization. Do you know which are the “trust positions” in your organization?

Reputational harm can do as much damage to a company's bottom line as nearly any other crisis. A proactive plan is essential to protect the organization should it come under fire. Silicon Valley based Theranos has found this out the hard way. The company's recent fall from grace is testament to the importance of a plan in the event of...

The type of due diligence a third party requires varies based upon the level of risk associated with each entity: low risk, medium risk or high risk. While some third parties can be vetted with global database checks or open-source investigations (OSI), the only way to confidently investigate high-risk third parties is with thorough vetting through enhanced due diligence.

The CRO of the Future is almost here. James Bone posits that before long, risk management professionals may be replaced by various “risk intelligent systems knowledgeware,” or RISK, able to process volumes of data in an instant, detect threats and respond to them just as quickly. Technology advances at breakneck speed, and so does our dependence on it to manage...