General
Talking to Leaders About Risk
This week I attended the annual user conference for AuditBoard, maker of software for internal audit and risk management teams. I wandered into one session about how those teams should talk to enterprise leaders about IT risks, and wanted to pass along my notes. After all, IT risks are going nowhere but up these days.…
Read MoreTD Bank: Remediation and Accountability
Today let’s return to the compliance debacle at TD Bank. By now you probably know the bank pleaded guilty to running a terrible anti-money laundering compliance program and must pay $3 billion in penalties for its misconduct. Let’s move on to the next question: how will regulators assure that TD Bank improves its compliance program? …
Read MoreDoes Partisanship Breed Misconduct?
Here’s a theory of corporate conduct that seems just too perfect for this year’s fraught political climate: what if companies are more likely to commit misconduct depending on the political fervor of their CEOs? So says a fascinating bit of research from two business professors, who developed a way to measure the political enthusiasm of…
Read MoreConcerns Over Access to Data
Today let’s return to the Justice Department’s newly revised guidance for effective corporate compliance programs. Specifically, let’s give a close analysis of what those updates say about compliance officers’ access to data and IT systems. For starters we should appreciate why access to data is such an important issue for the Justice Department at all.…
Read MoreAnother Take on Messaging Apps
For nearly three years now, the Securities and Exchange Commission has fired off one enforcement action after another at the financial services industry for employees’ improper use of messaging apps. Today let’s consider two contrarian voices that raise a fair question: exactly how are firms supposed to satisfy this nearly impossible compliance goal? Those contrarian…
Read MorePodcast: Compensation Clawback Strategies
Today we have another Radical Compliance podcast, this time to talk about compensation clawback policies: how to structure them, the challenges in using them, and what one recent FCPA case tells us about the favorable outcomes your company can achieve when clawbacks are part of your compliance program. The case in question involves Boston Consulting…
Read MoreWells Fargo, Part II: The Data Stuff
Today we continue our look at the latest enforcement action against Wells Fargo, this time examining all the operational-level improvements that the bank needs to make in its financial crimes compliance program, per a settlement with banking regulators reached last week. As you might recall, Wells reached a settlement with the Office of the Comptroller…
Read MoreMaking a Compliance Charter Work
Compliance officers are always looking for ways to help the board of directors oversee the ethics and compliance function, so today let’s explore one way to do that by adapting an idea from the internal audit function: a charter that spells out board oversight duties. Specifically, the audit committee of the board is charged with…
Read MoreWells Fargo Taken to Task Again
Banking regulators dinged Wells Fargo yet again last week, this time for the bank’s failure to develop strong anti-money laundering controls and risk management practices. Wells must now implement a litany of improvements from the board on down, so pull up a chair; we have a lot to review here. The enforcement action came last…
Read MoreUndermining the CCO, Part II
Earlier this month we had a popular post on ways that senior management might undermine the chief compliance officer’s power and authority. The post sparked quite a bit of feedback, so today let’s share more stories of management undermining the CCO — and ways the CCO could try to push back. The original post identified…
Read More