Friday, March 5, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Ensuring Compliance with Controls

by Michael Volkov
June 6, 2017
in Compliance, Featured
missing “internal controls” puzzle pieces

Evaluating Effectiveness Companywide

Regulatory authorities don’t expect perfection in a compliance program, but they do expect a concerted effort on all fronts, from the C-suite to the front-line employees. Internal controls are an essential part of a robust compliance program, but ensuring compliance with internal policies and procedures takes ongoing analysis. 

Let’s start with some basics: a public company is required to implement a set of internal controls. A compliance program is a critical part of a company’s internal controls.

A company’s compliance program is only as effective as the degree to which its board, executives, managers and employees adhere to the compliance policies and procedures. If a company’s constituents do not comply with the compliance program and policies, then the company’s compliance program controls are ineffective.

Ask yourself an important question: what is my company’s compliance rate with its internal compliance controls?

For example, if your company has implemented a revised due diligence program to review and approve new third-party intermediaries, it is unreasonable to expect that everyone in your company has complied with this new policy. Somewhere in the company, a third-party intermediary is likely to be hired without going through the due diligence process.

Take another example: what is your company’s compliance rate with gifts, meals and entertainment authorizations and reimbursements? Again, no one should expect perfection in this area. We all have witnessed situations when corporate executives, managers and employees have failed to comply with the respective approval process.

To promote compliance with company policies and procedures, a company must dedicate time and resources to ensuring compliance by communication, training and enforcement. In fairness to a company’s directors, executives, managers and employees, a company has to communicate internally about the new policy and explain the new policy and its requirements. Depending on the importance of the new policy, the company should enlist the support and communications contributions from the CEO and other senior executives. To reinforce this new policy and procedure, the company should conduct training on the new policy so that everyone understands its requirements and new procedures.

After there are sufficient efforts to communicate and train on the new policy requirements, the chief compliance officer should devote time to monitor compliance with the new policy. The CCO will have to conduct limited audits or enlist the support of internal audit to examine the compliance rate with the new policy. The CCO would have to examine financial records to determine if any new third parties have been signed up and paid and compare the list of new parties to the list of parties subjected to due diligence. Depending on the number of third parties, a CCO can start with a single country to determine compliance rates.

If the CCO identifies violations of the company’s procedures, the CCO has to initiate an internal investigation to confirm the violation and the circumstances surrounding the violation. Given the importance of compliance with these new policies, the CCO has to ensure the company balances the importance of strict punishment for such violations, while balancing the individual reasons for the violation.

A CCO cannot ignore the importance of compliance with its policies and procedures as a basic requirement for an effective program.

This article was republished with permission from Michael Volkov’s blog, Corruption, Crime & Compliance.


Tags: internal controlsthird party risk management
Previous Post

EY Revenue Recognition Survey: Many Companies Not Ready for Changes

Next Post

Outsourcing Integration and Data Management Services

Michael Volkov

Michael-Volkov-leclairryan Michael Volkov is the CEO of The Volkov Law Group LLC, where he provides compliance, internal investigation and white collar defense services.  He can be reached at mvolkov@volkovlaw.com. Michael has extensive experience representing clients on matters involving the Foreign Corrupt Practices Act, the UK Bribery Act, money laundering, Office of Foreign Asset Control (OFAC), export controls, sanctions and International Traffic in Arms, False Claims Act, Congressional investigations, online gambling and regulatory enforcement issues. Michael served for more than 17 years as a federal prosecutor in the U.S. Attorney’s Office in the District of Columbia; for five years as the Chief Crime and Terrorism Counsel for the Senate Judiciary Committee, and Chief Crime, Terrorism and Homeland Security Counsel for the Senate and House Judiciary Committees; and as a Trial Attorney in the Antitrust Division of the U.S. Department of Justice. Michael also maintains a well-known blog: Corruption Crime & Compliance, which is frequently cited by anti-corruption professionals and professionals in the compliance industry.

Related Posts

illustration of man under giant gavel

BitPay’s $507K OFAC Sanctions Violations Settlement

March 4, 2021
Thinking Outside the Tick Box

Thinking Outside the Tick Box: Compliance Training as a Competitive Advantage

March 3, 2021
The facade of the SEC in Washington, D.C.

Prepare Now to Comply with SEC’s Updated MD&A and Related Financial Disclosure Requirements

March 3, 2021
Illustration representing a facial recognition technology scan of a face.

Facial Recognition Technology in the Workplace: Employers Use It, Workers Hate It, Regulation Is Coming for It

March 3, 2021
Next Post
businessman drawing statistics on a glass wall

Outsourcing Integration and Data Management Services

OneTrust offers download to demonstrate privacy management leadership
Access realtime data
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence ESG fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights