what does guidance look like in practice?...what does guidance look like in practice? carrie penman,...
TRANSCRIPT
What Does Guidance Look Like in Practice?
Carrie Penman, Chief Risk & Compliance Officer | NAVEX GlobalDonald K. Stern, Esq., Managing Director of Corporate Monitoring & Consulting Services | Affiliated MonitorsTom Fox, Consultant, Author, Compliance Evangelist | Tom Fox Law
Copyright NAVEX Global, Inc. All Rights Reserved. | Page 2
About the Presenters
Carrie Penman Chief Risk & Compliance Officer
Donald K. Stern, Esq.
NAVEX Global
Managing Director of Corporate Monitoring & Consulting Services
Affiliated Monitors
Tom FoxConsultant, Author, Compliance
Evangelist
Tom Fox Law
Copyright NAVEX Global, Inc. All Rights Reserved. | Page 3
Agenda
• Initial Thoughts
• Risk Assessment Processes
• Role and Placement of Compliance Officer
• Metrics and Continuous Improvement
• Data and Documentation
• Third Parties and Due Diligence
• Communicating to Executives and the Board
Copyright NAVEX Global, Inc. All Rights Reserved. | Page 4
Initial Thoughts on the Updated Guidance
• What are your biggest takeaways from the 2020 updates to the Guidance?
• What should we read into the frequency of guidance being released from regulators including DOJ and the SEC?
Copyright NAVEX Global, Inc. All Rights Reserved. | Page 5
Risk Assessment Processes
• What enhancements do organizations need to make to their risk assessment processes as a result of the new guidance?
• How do you achieve and operationalize more timely, ongoing and robust assessments of risk?
Copyright NAVEX Global, Inc. All Rights Reserved. | Page 6
Role and Organizational Placement of Compliance Officer
• What, if any, impact will the new guidance on “access” and “adequate resources” have on where the person with “day-to-day” responsibility should report in the organization?
• What type of access/authority do compliance practitioners need to have to be truly effective?
• What type of development and ongoing training is needed for compliance practitioners?
• Does this guidance help elevate the compliance function within organizations?
Copyright NAVEX Global, Inc. All Rights Reserved. | Page 7
Metrics and Continuous Improvement
• Should the new guidance be used to create effectiveness metrics that can be tracked and reported?
• What metrics are necessary to inform and track continuous improvement?
• How do you prove your program is adequately resources and empowered to function?
• How do you test your internal reporting system?
• Have tactics to monitor, audit and improve changed due to COVID-19?
Copyright NAVEX Global, Inc. All Rights Reserved. | Page 8
Data and Documentation
• What’s driving the DOJ’s additional focus on data and access to data?
• How can compliance break down siloes that hinder data access?
• What documentation needs to be tracked year over year to demonstrate continuous improvement?
• How do you document and demonstrate consistency and discipline?
• Are there risks to documenting lessons learned from compliance failures?
Copyright NAVEX Global, Inc. All Rights Reserved. | Page 9
Third Parties and Due Diligence
• What is the impact of the new guidance on the use of third parties?
• What are the impacts to ongoing supply chain management and monitoring, especially in the wake of COVID-19?
• Have expectations changed on M&A as a result of the guidance?
Copyright NAVEX Global, Inc. All Rights Reserved. | Page 10
Communicating to Executives and the Board
• What do governing authorities (the board of directors) need to know about the guidance updates?
• What metrics should board members monitor as part of their oversight responsibilities?
© 2020 Copyright NAVEX Global, Inc. All Rights Reserved. | Page 11
Thank You!