Report: Cyber Compliance Still Struggling

cyber

Another week, another report capturing the strains and dysfunction in cybersecurity risk management. This time, we have a survey of IT security and compliance professionals who still struggle to move beyond planning phases and are burdened with duplicative audits and a flood of customer documentation requests.  The report comes from A-LIGN, which sells software to…

Read More

Middling News on Anti-Fraud Efforts

fraud

The Association of Certified Fraud Examiners has a report out this week about which technologies companies are using to fight fraud, although one major theme is that plenty of companies still use traditional anti-fraud tactics — even as the nature of fraud risk is changing rapidly. Hmmm.  ACFE’s 2022 Anti-Fraud Benchmarking Report polled more than…

Read More

Portrait of Internal Audit Teams, Squeezed

audit

We have two new reports this week on the predicament of internal audit functions, trapped between the need to provide better risk analysis during the pandemic and corporate overlords a bit less than willing to fund your need for better technologies. The first report came from research firm Gartner on Wednesday, and found that for…

Read More

SEC Dings PwC on GRC Deal

grc

The Securities and Exchange Commission has slapped audit firm PwC with a $7.9 million penalty for violating audit firm independence rules — including PwC implementing a GRC software system for one of its audit clients.  An audit firm can’t do that, since those GRC software systems ultimately help employees assess the effectiveness of internal controls…

Read More

Five-Part Series on Compliance Technology

technology

Corporate compliance and risk officers work under tremendous pressure today — not necessarily to do more with less, but to do better with what the compliance function has, amid increasingly complex regulatory and business environments. Clearly technology is the answer to that call, but astute use of technology remains challenging. How can risk and compliance…

Read More

LRN Gets Private Equity Infusion

LRN

News today from the GRC vendor world: LRN, a leading player in ethics training and consulting, has taken a “significant investment” from private equity firm Leeds Equity Partners. How much of an investment? LRN and Leeds won’t say. The language of the press release gives the impression that it could be a controlling interest in…

Read More

Thoughts on Compliance, AI, and AML

technology

Accenture published a report Tuesday speculating on the future of financial markets for the next few years, with some thought-provoking points for compliance officers mired in anti-money laundering compliance. First, Accenture estimates the overall cost of risk and compliance for the financial sector at roughly $96 billion annually, and the cost of AML compliance specifically…

Read More

Update on Third-Party Risk Programs

third-party

Navex Global gave a sneak peek this week of its latest report on third-party risk. The headline: too many compliance departments still rely on paper-based systems to track third parties, and therefore too many probably underestimate the risks their third parties truly pose. The 2018 Navex Global Third-Party Risk Management Benchmark Report, which surveyed 1,200…

Read More

Two Issues on SOX Compliance

sox

More than 1,700 audit and compliance professionals have gathered in Nashville this week for Workiva’s annual user conference and the annual meeting of the SOX Professionals Group. Yours truly is on the scene, trying to capture all the good insight and latest news on SOX compliance. Here’s what we have from Day 1. Tuesday was…

Read More

Podcast: Compliance Trends in Finance Sector

technology

Several weeks ago I had a post about compliance trends in the financial sector, based on a report from Thomson Reuters. That report found most financial firms aren’t cutting compliance budgets, and it offered practical insights into how compliance officers might tiptoe into more automation and use of technology. Both issues are important for compliance…

Read More