Compliance Program Benchmark Surveys!


Who doesn’t love a good survey report on compliance officers and the challenges they face? This week we have two worth your time, with observations both great and small that compliance officers can use as you ponder how to strengthen your own compliance programs.  Our first study comes from LRN, which last week published its…

Read More

NIST Artificial Intelligence Framework

artificial intelligence

NIST has published its first-ever risk management framework for artificial intelligence, just in time to help risk and compliance professionals as your boards, senior management, and everyone else starts to wonder whether ChatGPT and similar AI-driven systems will take over the human race.  Released last week, the framework is 48 pages long and no, you…

Read More

Duty of Oversight, Part II


Today let’s take a closer look at that Delaware Chancery Court decision from last week that established a “duty of oversight” for corporate officers. It’s another evolutionary step in the oversight of corporate culture, which is always something corporate compliance and audit professionals need to watch closely. The decision involved the former head of HR…

Read More

Musings on ‘Aggravating Circumstances’ 


Today I want to return to the Justice Department’s new policies meant to encourage more self-disclosure of corporate misconduct, even from companies whose violations include aggravating circumstances. Those policies are a welcome step forward, but they create just as many questions for compliance officers as they answer. Let’s first review what these new policies are.…

Read More

Another Regulator Talks ‘Gatekeepers’


We’ve seen a lot of mess in the cryptocurrency world lately. Last week a leading voice on the Commodity Futures and Trading Commission called for one specific group to step up and do better with this bedraggled bit of the finance industry: gatekeepers. CFTC commissioner Christy Goldsmith Romero, a Democratic appointee and head of the…

Read More

Ye Olde CCO Certification Idea


Here’s an intriguing question about compliance officers certifying the effectiveness of their compliance programs: Could we trace this idea, at least partly, back to an FCPA opinion release the Justice Department published in 2020?  This notion came to me from a sharp-eyed compliance officer who was reading the opinion release the other day. It involved…

Read More

On Boards, Disclosures, and Corporate Ethics


The Securities and Exchange Commission dropped a subtle hint this week about its latest expectations for corporate boards and what they disclose to investors. Corporate governance professionals might want to take a look, since I suspect we’ll be hearing more on this issue in the future. The case involves McDonalds and its former CEO, Stephen…

Read More

‘Office Space,’ Fraud, and Controls

Office Space

They say that life sometimes imitates art. Now we have an example of that in the world of Sarbanes-Oxley compliance, courtesy of that knucklehead in Seattle charged the other week with embezzling company money just like those characters in the film “Office Space.”  You may have already seen the headlines. A former IT employee at…

Read More

Why Internal Auditors Are Annoyed

internal auditors

Today I want to circle back to that proposal from the Public Company Accounting Oversight Board about third-party confirmations in financial audits, a seemingly reasonable idea that in practice has alienated legions of internal auditors. We should take a few minutes to understand why that is. For those who missed our first post on this…

Read More

AI Risks Keep Racing Ahead


Today I want to talk about the advantages and perils that artificial intelligence can pose to corporate compliance programs. After all, everyone else seems to be talking about the potential of AI these days, including the AI programs themselves.  You may have seen that the latest AI darling is ChatGPT, a natural language chatbot released…

Read More