No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

5 Ways Boards Must Improve Compliance Oversight

by Joe Santangelo
August 7, 2017
in Featured, Governance
closeup of pilot's epaulettes in cockpit

Control or be Controlled: 5 Problem Areas for Boards

Compliance is evolving, and board members may now be unsure of their related responsibilities. Board members are more and more reliant on the data obtained from information systems to make their decisions. How can they use this information, and what are the traps they need to avoid?

The role of the board of directors is increasing in importance and complexity. One major aspect is the oversight of compliance. Compliance has continually evolved, making board members unsure of the nature and span of their responsibilities. It is more necessary than ever for boards to be actively engaged in their compliance functions and more sensitive to the corporate tolerance for risk and how it is monitored. With this, board members are increasingly dependent on technology, the information it provides and the impact on their businesses. With the rapid movement in compliance oversight, there are several areas where boards prove their worth or hold the organization back.

#1: Failing to Pay Attention to Culture

The board drives corporate culture. If it does not, get a new board. When it comes to corporate compliance, establishing the desired corporate culture is the critical first step. However, board members may not realize they have an essential role to play in establishing that culture. Decisions made by the board about finances, compensation or other matters directly impact the corporate culture and thereby impact financial results. Failing to establish a strong culture where compliance plays a prominent role can be a major flaw. Promoting a culture where quality corporate governance and compliance are ingrained will lead to a self-policing organization with greater awareness, few compliance issues and more substantial return for shareholders.

#2: Persecution of the CEO

The CEO is often the sacrificial lamb for the board. However, to move the organization forward, the board should create a secure atmosphere for the CEO to provide feedback to the directors. CEOs must be able to bring forth difficult issues and propose innovative solutions without the fear of reprisal. The CEO needs to propose policies the board can either approve, modify or reject. To succeed, CEOs must be adept at supplying the board with the appropriate level of detail. Information must be presented with the appropriate business context and in language that is readily understandable by board members. If the CEO cannot comfortably provide compliance-related metrics and propose compliance solutions, the organization will suffer.

#3: Held Back by Dead Weight

Often, directors have limited experience in compliance oversight. This can lead to a lack of confidence in making decisions and providing oversight on risk and compliance matters.  At times, directors can become “dead weight,” not adding any insight, avoiding decisions and kicking the can down the road. There is a natural inclination for people to gravitate to matters they understand, but a consistent lack of direction can cause frustration, missed opportunities and significantly more risk for the company. Organizations need to pare board members that are consistently refusing to add value and provide direction.

#4: Lack of IT Knowledge

According to Accenture1, most directors lack a technology background or IT expertise. This is at a time when some of the most significant challenges facing organizations are centered around technology. Directors have the task of identifying existing risks and trying to forecast future risks while planning for corporate growth. As the pace of business increases, the associated technology risks are that much more complicated and are central to ensuring corporate compliance. However, reporting about IT risks is often done using technical jargon. This can be beyond even the most tech-savvy board members and can lead to misunderstandings and improper guidance. It is a challenge for both the CEO and CIO to provide sensible reporting to directors in a manner that is in line with business activities. For their part, board members must be either recruited with the appropriate level of technology knowledge or must be trained on technology-related compliance risks. Now more than ever, directors need an understanding of technology to make informed decisions.

#5: The Missing Risk Assessment

Often, board members are provided details and metrics on risk assessments. However, these assessments are often focused solely on either operational or financial risks. Compliance monitoring requires assessments that examine the specific regulatory risk areas based on the scope of corporate compliance policies. A control framework must be established to address these risks. Controls must be measured and tested periodically to ensure adequate maturity levels of protection for specified risks. Board members must receive periodic risk assessment reporting from management to identify new risks and report on the effectiveness of controls over existing risks. The reports must provide suitable levels of detail in a well-understood business context to enable directors to gauge the health of the business, as well as the effectiveness of the organization’s efforts in compliance management.

Boards have the interests of the organization as their focal point, but directors do not always have the experience, training or business context metrics to produce the proper guidance, guard against excessive risk or make decisions to move the organization forward. Boards must be actively engaged in compliance oversight, not passive bystanders. For its part, the organization must provide board members with the tools and contextually pertinent data to make decisions. Done properly, directors will have the insight and understanding to steer the ship.  Done poorly, it is like putting on a shackle and walking the plank.

1 https://thefinancialbrand.com/60578/technology-expertise-banking-Boardrooms/


Tags: Board of DirectorsCorporate Culture
Previous Post

CEOs Must Support Their Compliance Officers

Next Post

Give Me a Break: Compliance with Wage Hour Obligations

Joe Santangelo

Joe Santangelo

Joe Santangelo currently serves as the VP of Business Development and Principal Consultant at Teleran. He has been a technology professional for over 20 years, focusing on compliance, privacy, IT management and IT efficiencies throughout his career. Prior to joining Teleran, Joe was the Data Masking Sales Manager at Delphix Corp, where he spearheaded security solutions sales to the financial, health care and retail industries. At Delphix, Joe increased security solutions sales from 10 percent to 40 percent of total company sales. Prior to Delphix, Joe was the top producing Sales Manager at Axis Technology, which was acquired by Delphix. While at Axis, Joe drove Security and Compliance solutions through partners and direct sales efforts. Before joining Axis, Joe was CIO of Citi Private Bank in the Americas where he led a team of over 150 IT professionals. While at Citi, Joe successfully executed a strategy to upgrade infrastructure and migrate legacy applications to modern platforms while reducing overall expenditures by 10 percent. In addition, Joe introduced a project metrics and management system enabling the bank to improve on-time project delivery from 20 percent to 80 percent. Joe is a member of the Society for Information Management (SIM), the Information Systems Security Association (ISSA) and the Healthcare Information and Management Systems Society (HIMSS), where he was chairman of the Privacy and Security Toolkit Task Force.  Joe earned a B.A. from Baruch College in Business Administration and has a Master of Science degree from Steven’s Institute of Technology.

Related Posts

boards

Moving on Up? Before Reaching for a Board Seat, Make Sure You Understand Public-Private Nuances

by David Roberson
March 28, 2023

Compliance is a huge part of the job description for any member of the board of directors, so it’s no...

Fox_McDonalds Delaware Chancery Court Case_f

McDonald’s Delaware Court Decision Will Change CCO World Forever

by Corporate Compliance Insights
February 9, 2023

Podcaster and compliance expert Tom Fox digs into the details of a recent Delaware Chancery Court decision and how it...

Fox_Incentives in Compliance_f

Incentives in Compliance

by Corporate Compliance Insights
January 23, 2023

Learn more about how compensation can reinforce compliance culture (or not) Encouraging Good, Discouraging Bad Incentives in Compliance What’s in...

tech fluency_n

Not Your Grandpa’s C-Suite: Improving Tech Fluency at the Top of the Organization

by Jim DeLoach
January 18, 2023

In our hyper-connected world, just about every company is a tech company. As commerce and technology become increasingly intertwined, it’s...

Next Post
man in security guard uniform

Give Me a Break: Compliance with Wage Hour Obligations

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT