Goldman Sachs’ Giant FCPA Deal


All right compliance professionals, it’s here: Goldman Sachs has agreed to pay $4.3 billion to settle corruption charges for its role in the 1MDB scandal — making Wall Street’s premier investment bank responsible for the largest criminal penalty in FCPA history.  U.S. regulators announced the news today, although rumors of a settlement had been swirling…

Read More

SEC Dings Two Firms on Internal Controls


For years regulators have talked about the importance of data analytics in enforcement actions. Now the SEC has demonstrated that point with two enforcement actions for poor internal control and earnings manipulation, driven by the agency’s in-house analytics team. So we can’t say nobody warned us.  The enforcement actions were announced Monday, against a carpet…

Read More

WAC-o Tale of FCPA Misconduct


Some days the WTF-o-meter just doesn’t go high enough, and such is the case with the latest FCPA enforcement action from the Securities and Exchange Commission. Fellow compliance travelers, prepare yourselves.  The SEC dinged World Acceptance Corp., a consumer loan business based in South Carolina, for a bribery operation the company’s Mexico subsidiary ran in…

Read More

On Internal Control and Mr. Potato Head

Mr. Potato Head

Here’s one way to convey the importance of software patch management: a bunch of Canadian Tire retail stores had to close last week because “a downloading error” caused all purchases to be scanned at the checkout register as Mr. Potato Head.  The Toronto Star dug up this story last week. Five Canadian Tire stores in…

Read More

A Security Threat That Evades Internal Control


Well this is sobering stuff for internal auditors and SOX compliance professionals: a cybersecurity firm is raising alarms about flaws in the Oracle business software that countless companies use to manage their finances, which lets hackers steal or alter financial data — all undetectable by standard internal controls or GRC technology. Be warned, this is…

Read More

Fraud Study Shows Benefits of Control Measures


Compliance and audit executives looking to justify all the steps you take to fight fraud, break out your reading glasses! The Association of Certified Fraud Examiners just released a sweeping analysis of corporate fraud that suggests those measures really do pay off.  The ACFE’s 2020 Report to the Nations studied more than 2,500 cases of…

Read More

Diageo Lessons on Internal Control

internal control

Talk about going on a bender: the SEC just fined spirits maker Diageo $5 million for forcing its distributors to buy more liquor than they needed, and then neglecting to tell investors that Diageo’s inflated sales numbers would eventually dry out.  In the world of funny numbers, what Diageo did is known as channel stuffing,…

Read More

Ericsson Internal Control Lessons


As everyone in the corporate compliance world knows by now, Ericsson settled its long-running FCPA case last week with $1.06 billion in disgorgement and penalties plus a compliance monitor to boot. This is a sprawling case, full of lessons for the rest of us, so let’s start with the internal controls issues enforced by the…

Read More

Management Override and Navy SEALs

management override

Keeping pace with all the ethics and compliance lessons one can learn from the Trump Administration is no easy task. Nevertheless, we have yet another one: the perils of management override, as demonstrated by President Trump’s determination to keep a disgraced Navy SEAL in military service. The story evolved quickly over the weekend. It begins…

Read More

Early Returns on Critical Audit Matters


Earlier this fall large corporations started to file annual reports that, for the first time ever, included “critical audit matters” identified by their audit firms. CAMs have been a controversial idea for quite some time, but they’re here — and now we have some early research on which subjects audit firms are flagging for CAM…

Read More