Another Lesson on Accounting Controls


Royal Bank of Canada has settled charges with the Securities and Exchange Commission over poor accounting controls for software development, which might sound super nerdy — because it is, really — but the case also lets us ponder yet again the importance of a strong control environment. The SEC announced the case late last week.…

Read More

Is AI Leaving Your Internal Controls Behind?


So everyone is freaking about artificial intelligence and its rapid deployment throughout the corporate enterprise. That brings up an important question: are companies updating their internal controls fast enough to keep pace with that AI adoption? This is on my mind because the other week Deloitte released the results of a survey that suggests no,…

Read More

Breaking Down 3M’s FCPA Case


Manufacturing giant 3M Corp. is our latest addition to the annals of FCPA enforcement, agreeing last week to pay $6.5 million to resolve civil charges from the Securities and Exchange Commission that the company’s China subsidiary wined and dined government officials with tourism junkets. By now it’s an old story to compliance professionals: U.S. company…

Read More

An Internal Governance Basket Case


Talk about the gang that couldn’t shoot straight: One of the largest online gun marketplaces in the United States just filed its latest annual report, and the thing is an internal controls and corporate governance catastrophe. If you’ve ever needed an example of how not to manage your governance operations, read onward. The company in…

Read More

Updated Fraud Risk Guidance Available

Auditors and other anti-fraud professionals have fresh guidance this week on how to manage fraud risk, with an emphasis on data analytics, internal reporting hotlines, and discussion of how effective fraud risk management can deter fraudsters from trying their schemes in the first place. Said guidance comes from COSO and the Association of Certified Fraud…

Read More

A Closer Look at ICSR Reporting


Today I want to revisit sustainability reporting, and the recent guidance from COSO on designing effective internal control for sustainability reporting. Compliance officers, auditors, and corporate sustainability teams have much more to consider here to get “ICSR” at your company right. We can begin with the most basic question of all: Why is any of…

Read More

An Update on SOX Compliance Issues

sox compliance

The season for Sarbanes-Oxley audits is now mostly behind us, which means we’re moving into the season of webinars about this year’s SOX audits and lessons we can learn for future years. I attended one such webinar this week and am here to pass along my notes.  The webinar itself was run by audit firm…

Read More

‘Office Space,’ Fraud, and Controls

Office Space

They say that life sometimes imitates art. Now we have an example of that in the world of Sarbanes-Oxley compliance, courtesy of that knucklehead in Seattle charged the other week with embezzling company money just like those characters in the film “Office Space.”  You may have already seen the headlines. A former IT employee at…

Read More

More on SEC, Auditors, and Fraud Risk

Today I want to return to that statement the Securities and Exchange Commission published last week, urging auditors to do better at assessing fraud risk among their clients. There’s more to unpack here, both in how audit firms might try to handle those marching orders and in how companies could address fraud risk themselves.  As…

Read More

SEC to Auditors: Do Better on Fraud Risk


The Securities and Exchange Commission is urging auditors to do better at assessing fraud risk among their clients — a rather notable statement peppered with keywords such as “gatekeepers” and “protection of investors,” clearly intended to warn audit firms that the agency wants to see improvement here. The statement came on Tuesday from Paul Munter,…

Read More