Posts Tagged ‘grc technology’
A GRC Analysis of FTX Implosion
I try to avoid writing about the cryptocurrency business because it’s such an isolated field, led by oddballs and filled with esoteric operations not really relevant to compliance professionals here in the non-crypto world. The bankruptcy of crypto exchange FTX, however, is an exception — a story that’s flat-out crazy, with compliance lessons galore. For…
Read MoreReport: Cyber Compliance Still Struggling
Another week, another report capturing the strains and dysfunction in cybersecurity risk management. This time, we have a survey of IT security and compliance professionals who still struggle to move beyond planning phases and are burdened with duplicative audits and a flood of customer documentation requests. The report comes from A-LIGN, which sells software to…
Read MoreMiddling News on Anti-Fraud Efforts
The Association of Certified Fraud Examiners has a report out this week about which technologies companies are using to fight fraud, although one major theme is that plenty of companies still use traditional anti-fraud tactics — even as the nature of fraud risk is changing rapidly. Hmmm. ACFE’s 2022 Anti-Fraud Benchmarking Report polled more than…
Read MorePortrait of Internal Audit Teams, Squeezed
We have two new reports this week on the predicament of internal audit functions, trapped between the need to provide better risk analysis during the pandemic and corporate overlords a bit less than willing to fund your need for better technologies. The first report came from research firm Gartner on Wednesday, and found that for…
Read MoreSEC Dings PwC on GRC Deal
The Securities and Exchange Commission has slapped audit firm PwC with a $7.9 million penalty for violating audit firm independence rules — including PwC implementing a GRC software system for one of its audit clients. An audit firm can’t do that, since those GRC software systems ultimately help employees assess the effectiveness of internal controls…
Read MoreFive-Part Series on Compliance Technology
Corporate compliance and risk officers work under tremendous pressure today — not necessarily to do more with less, but to do better with what the compliance function has, amid increasingly complex regulatory and business environments. Clearly technology is the answer to that call, but astute use of technology remains challenging. How can risk and compliance…
Read MoreLRN Gets Private Equity Infusion
News today from the GRC vendor world: LRN, a leading player in ethics training and consulting, has taken a “significant investment” from private equity firm Leeds Equity Partners. How much of an investment? LRN and Leeds won’t say. The language of the press release gives the impression that it could be a controlling interest in…
Read MoreThoughts on Compliance, AI, and AML
Accenture published a report Tuesday speculating on the future of financial markets for the next few years, with some thought-provoking points for compliance officers mired in anti-money laundering compliance. First, Accenture estimates the overall cost of risk and compliance for the financial sector at roughly $96 billion annually, and the cost of AML compliance specifically…
Read MoreUpdate on Third-Party Risk Programs
Navex Global gave a sneak peek this week of its latest report on third-party risk. The headline: too many compliance departments still rely on paper-based systems to track third parties, and therefore too many probably underestimate the risks their third parties truly pose. The 2018 Navex Global Third-Party Risk Management Benchmark Report, which surveyed 1,200…
Read MoreTwo Issues on SOX Compliance
More than 1,700 audit and compliance professionals have gathered in Nashville this week for Workiva’s annual user conference and the annual meeting of the SOX Professionals Group. Yours truly is on the scene, trying to capture all the good insight and latest news on SOX compliance. Here’s what we have from Day 1. Tuesday was…
Read More