Search results for: " IT risk "
Regulators Tell USAA: Do Better, Faster
Head’s up, compliance and IT executives in the banking sector! We have another bank sanctioned by regulators for taking too long to get its regulatory compliance act together. This time it’s USAA taken to the woodshed, for failing to implement reforms promised in previous consent orders from 2019 and 2022. The Office of the Comptroller…
Read MoreTalking to Leaders About Risk
This week I attended the annual user conference for AuditBoard, maker of software for internal audit and risk management teams. I wandered into one session about how those teams should talk to enterprise leaders about IT risks, and wanted to pass along my notes. After all, IT risks are going nowhere but up these days.…
Read MoreRTX Settles Huge Export Controls Mess
Anyone looking for a complicated case-study in export controls compliance, turn your eyes to RTX Corp. The defense contracting giant just agreed to pay $200 million and overhaul its export compliance function, to settle charges that the company improperly sent classified defense goods to foreign countries and allowed employees to bring along sensitive information while…
Read MoreCompliance Jobs Report: June 7
The Compliance Jobs Report this week delivers big news from FedEx, plus other personnel gossip at Heico Cos., Petrofac, Walmart, ONO Pharma, and lots more. We also note the passing of an antitrust compliance thinker; have job leads in biotech, auto manufacturing, and food service; and our Meme of the Week. Always remember that we…
Read MoreAn Update on SOX Compliance Issues
Earlier this week I attended a webinar hosted by KPMG about the current state of Sarbanes-Oxley compliance, since 2023 is coming toward a close and audit professionals need to start thinking about the SOX compliance season that will start up early next year. We have lots to go through here. For starters, SOX compliance does…
Read MoreMorgan Stanley Fined on Data Destruction
We have quite the reminder on IT risk today courtesy of the Securities and Exchange Commission. The agency just fined a subsidiary of Morgan Stanley for poor data protection practices, which even led to one incident where the bank’s old IT equipment was sold at auction with customer data still on the hard drives. The…
Read MoreRobinhood Crypto Compliance Meltdown
New York financial regulators have issued a scorcher of an enforcement action against Robinhood, hitting the online trading app with a $30 million for allowing a weak compliance program that, in turn, allowed a wide range of other compliance failures. The New York Department of Financial Services (DFS) announced the sanction on Tuesday. The precise…
Read MoreSome Thoughts on IT Workforce Risks
Looking for another reason to worry about the long-term success of your compliance, audit, or risk management efforts? Fear not! A recent report on workforce development in cybersecurity paints a stark picture of just how challenging it is these days to build and maintain a good team. The report comes from ISACA, the professional association…
Read MorePodcast: The Importance of ‘ITGCs’
Everybody understands that strong controls over technology are crucial to effective corporate compliance, governance, and external reporting — but not enough people (myself included) understand how those IT controls are supposed to work. So when the Institute of Internal Auditors recently announced a certificate in IT general controls, I was intrigued. What education need did…
Read MoreCompliance Jobs Report: Feb. 19
The Compliance Jobs Report this week has new hires at Peloton, Coinbase and a few other cryptocurrency players, Arcutis, and more. We also have promotions at DraftKings, TJX Cos., and RPM International. Job leads this week are in Cleveland, Boston, and Helsinki; and our Meme of the Week goes out to IT risk managers. As…
Read More