Newsletters
The following 150 items are listed by date.
August 16, 2010 Aligning Strategy Setting and Performance Management with Risk Effectively integrated with strategy-setting and performance management, risk management invigorates opportunity-seeking behavior by helping directors and managers develop the confidence that they truly understand the risks inherent in the organization’s strategy and have the capabilities in place to manage and monitor those risks. Risk management is flawed when risks are evaluated after the strategy is formulated. The end result could be strategic objectives that are unrealistic and risk management that is simply an appendage to performance management. This issue of Board Perspectives: Risk Oversight discusses how to achieve this vital connectivity. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Enterprise Risk Management, Risk Management & Assessment, Performance Management/Measurement August 2, 2010 Integrating Risk Management with What Matters Risk management cannot become a differentiating skill unless it is integrated with strategic management and performance management. This issue of The Bulletin will discuss this integration, why it is important and how it is achieved. It focuses on four main topics: (1) start with an effective governance process, (2) integrate risk with strategy setting, (3) integrate risk management with enterprise performance management, and (4) use integrated metrics and targets to manage the business. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Risk Management & Assessment July 26, 2010 Regulatory Reform in the United States – New Rules, Many Questions FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks, and adapt to the changes affecting financial services companies. The article in this issue includes: Regulatory Reform in the United States – New Rules, Many Questions. CONTENT AREA: Newsletters TOPICS: Financial Services, Laws & Regulations, Compliance July 12, 2010 The Importance of Tone at the Top to Risk Management Ensuring an effective tone at the top may be one of the most important tasks for the board, and is vital to the risk oversight process. Effective risk management cannot happen in a vacuum. This issue of Board Perspectives: Risk Oversight discusses 10 key indicators that collectively provide red flags that potential issues may exist within the organization. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Risk Management & Assessment, Ethics, Enterprise Risk Management June 14, 2010 Basel Committee’s Cross-Border Resolution Group Issues Report and Recommendations FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks, and adapt to the changes affecting financial services companies. This issue features the articles: Basel Committee’s Cross-Border Resolution Group Issues Report and Recommendations and Focusing Risk Reporting for Boards and Management. CONTENT AREA: Newsletters TOPICS: Audit Committee & Board, Financial Services, Risk Management & Assessment, Basel, Enterprise Risk Management June 14, 2010 Organizing for Risk Oversight (筹备风险监督) 董事会如何组织风险监督工作,取决于其对这一流程的重视程度。风险监督流程有助董事会和管理层了解公司在实施业务模型创建企业价值时所面临的风险,并就这些风险以及如何对其进行管理达成一致共识。本期《董事会视角:风险监督》即讨论了在组织董事会开展风险监督工作时董事们应考虑的若干问题。 CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Risk Management & Assessment, Enterprise Risk Management, China June 7, 2010 Four Foundational Elements of Risk Management There are four foundational elements that frame what executive management and directors need to consider when it comes to risk management. These four elements are intended to be flexible in application, which is essential because risk profiles vary in complexity across industries. This issue of Board Perspectives: Risk Oversight discusses these four elements. The goal of is to provide board members with concise discussions of practical ideas that will help them improve their board’s risk oversight process. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Risk Management & Assessment, Change Management, Enterprise Risk Management June 7, 2010 The Risk Appetite Dialogue (风险偏好对话) 显而易见,近两年来我们周遭的风险以及不确定因素已大为不同。这不由令我们产生一连串疑问:后金融危机时代的商业环境对公司的风险偏好有怎样的影响?企业的风险偏好究竟指什么?董事会和管理层应如何在风险偏好方面履行好自己的责任?本期《董事会视角:风险监督》将分析并回答这些看似难以捉摸的问题,同时让您更加清楚地了解风险偏好与企业战略以及公司治理直接的关系,以及风险偏好与风险容忍度之间的区别等。 CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Risk Management & Assessment, Enterprise Risk Management, China May 17, 2010 Financial Security Law in France: applying the internal control framework recommended by the AMF (Loi de Sécurité Financière: modalités d'application du cadre de référence et de la recommandation émise par l'AMF) Après plusieurs exercices d’application de la LSF par les entreprises, le cadre de référence publié en 2006 est venu compléter le paysage du contrôle interne en France. Il s’agissait alors de faire un point sur sa mise en œuvre. CONTENT AREA: Newsletters TOPICS: Accounting/Finance, France, Internal Controls May 10, 2010 Segregation of Duties: How to start and continuously monitor progress (Séparation des tâches: mettre en œuvre et pérenniser) Une bonne organisation de la séparation des tâches constitue un des piliers du contrôle interne et de la gestion des risques. Dans un environnement informatisé, séparation des tâches et droits d’accès sont intimement liés, avec des problématiques organisationnelles et techniques souvent complexes à gérer. Ce Bulletin présente les principaux concepts d’une gestion efficace de la séparation des tâches et propose une démarche de mise en place et de surveillance des droits d’accès respectant la politique de séparation des tâches élaborée au sein de l’entreprise. Il répond aux questions de la mise en œuvre et de la pérennité de la démarche CONTENT AREA: Newsletters TOPICS: Segregation of Duties, Internal Controls, Enterprise Risk Management, France May 10, 2010 Ten Risk Oversight Principles In October 2009, the National Association of Corporate Directors (NACD) published its Report of the NACD Blue Ribbon Commission – Risk Governance: Balancing Risk and Reward. This report recommends ten principles to assist boards in strengthening their oversight of the company’s risk management. According to the report, “the Commission believes that [the ten] principles provide a foundation that boards can use to build a more comprehensive risk oversight system tailored to the specific needs of their respective companies.” We agree. Offered as guidance to directors, these principles provide a context for understanding the risk oversight process. CONTENT AREA: Newsletters TOPICS: Audit Committee & Board, Risk Management & Assessment, Enterprise Risk Management, Project Management May 3, 2010 Develop and Deploy an Anti-fraud program to protect your assets (Protéger la valeur de votre entreprise grâce au programme anti-fraude) A la lecture des enquêtes sur la fraude ou de la presse économique, il apparait que la fraude reste malheureusement un sujet d’actualité.
Malgré les efforts consentis pour la mise en conformité avec les règlementations sur le contrôle interne (Loi de Sécurité Financières, Sarbanes-Oxley Act…), les entreprises sont encore mal préparées pour prévenir et détecter la fraude. Protéger la valeur de votre entreprise grâce au programme anti-fraude constitue alors une réponse à apporter pour lutter contre la fraude. Ce Bulletin répond aux questions que l’on peut se poser et notamment : qu’est-ce qu’un programme anti-fraude ? Comment le concevoir et le mettre en œuvre ? Comment l’évaluer ? CONTENT AREA: Newsletters TOPICS: France, Fraud, Internal Controls, Sarbanes-Oxley Act, Compliance April 12, 2010 Knowing What You Don’t Know (了解未知领域) 如果金融危机的教训只有一个,那便是:未知的领域可能比已知的更为重要。由此又回到老调重弹的问题:我们是否知道哪些情况是我们所不了解的?在当今环境之下,没有公司管理层和董事会会确信自己对未来无所不知。尽管如此,企业的行政管理层和董事们仍可以通过采取某些措施来管理不确定性。本期通讯便讨论了八个这样的步骤,并提供了董事会可以根据其自身运营情况考虑的若干问题。 CONTENT AREA: Newsletters TOPICS: Business Continuity Management, Corporate Governance, Audit Committee & Board, Risk Management & Assessment, Enterprise Risk Management, China April 12, 2010 Positioning the CRO for Success A company’s decision around whether or not to appoint a chief risk officer (CRO) is driven by many factors such as its industry, business model, structure, culture, and stakeholder expectations, not to mention the nature and complexity of its risks and the extent of any fragmented silo activity within the organization. Once the decision is made to establish a CRO role, both the board of directors and management – not to mention the company’s shareholders – have a stake in that executive’s success. Now is the time for the organization to consider a fundamental question: Is the CRO (or equivalent executive), as well as risk management in general, positioned to be successful within the organization? This issue of Board Perspectives: Risk Oversight discusses this topic, including elements of poor positioning of the CRO. CONTENT AREA: Newsletters TOPICS: Audit Committee & Board, Risk Management & Assessment, Enterprise Risk Management March 29, 2010 The Current Financial Crisis: Frequently Asked Questions (当前的金融危机:常见问题解答) 虽然有迹象显示经济状况正逐步好转,但市场上仍然存在许多疑问:是什么触发了这场金融危机?它又是如何蔓延遍及全球的?它对金融机构及其他行业产生了怎样的冲击?各地政府正采取什么应对措施?企业管理者应采取什么举措来保障公司的未来发展?本文并非面面俱到,但所涵盖的问题正是企业领导人当前最为关心的。这是《常见问题解答》的第七版,也是最后一版。我们增订了若干问题,以反映过去六个月以来的事态发展。 CONTENT AREA: Newsletters TOPICS: Audit Committee & Board, Corporate Governance, Entity-Level Control, Financial Services Industry, Laws & Regulations, Financial and Credit Risk, IFRS, China, GRC March 15, 2010 Organizing for Risk Oversight How the board views risk oversight as a process should dictate how it chooses to organize itself for purposes of executing that process. The risk oversight process enables the board and management to develop a mutual understanding regarding the risks the company faces over time as it executes its business model for creating enterprise value. There is no one size that fits all. This issue of Board Perspectives: Risk Oversight discusses some of the factors that boards of directors should consider as they organize their board for risk oversight. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Risk Management & Assessment, Enterprise Risk Management February 15, 2010 The Enterprise Risk Assessment Process (企业风险评估流程) “什么是我们最重要的风险?”——这是董事会在执行风险监督时所面临的首要问题。一个有效的企业风险评估流程能够帮助管理层解答这个问题,令其即便在变化莫测的营商环境中仍能做到举棋若定,同时也有助大大增强董事会对管理层的信心。本期通讯的议题是“企业风险评估流程”,文中所列主要事项和问题均为董事会为改进企业风险评估流程所应当考虑的。 CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Risk Management & Assessment, Enterprise Risk Management, China February 15, 2010 The Risk Appetite Dialogue It is evident that risk levels and uncertainty have changed significantly over the last two years. How does this brave new world pair up with a company’s risk appetite? What is an enterprise’s risk appetite? How can management and the board of directors get engaged with respect to risk appetite? Although answers to these and other related questions are elusive, this issue of Board Perspectives: Risk Oversight attempts to provide clarifying responses. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Risk Management & Assessment, Enterprise Risk Management February 1, 2010 Risk Oversight: A Board Imperative (风险监督:董事会责无旁贷) 一场席卷全球的金融危机过后,风险监督流程的重要性已不言而喻。在本期通讯中论证了这一流程的重要性,并列举了董事会就风险管理需要与管理层沟通的若干问题。而在所有的通讯文章中,我们都不会提供所谓的“标准答案”。我们将带领您思考以下议题:企业风险评估流程、了解未知领域、风险偏好、从战略的角度考虑风险管理、高层态度和文化,以及风险监督董事会最佳架构等等。 CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Risk Management & Assessment, Enterprise Risk Management, Entity-Level Control, China January 11, 2010 2010: The Year Ahead for Financial Services Institutions FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks, and adapt to the changes affecting financial services companies. This issue features the articles: 2010: The Year-Ahead for Financial Services Institutions; and Key Lessons and Necessary Reforms: A Central Banker’s View. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Financial Services Industry, Change Management, Financial and Credit Risk January 11, 2010 Knowing What You Don’t Know If the financial crisis has but a single lesson, it is this: what we don’t know can be more important than what we do know. This raises the ultimate rhetorical question, “Do we know what we don’t know?” The reality of today’s environment is that management and the board can never be certain that they know everything they need to know. Nonetheless, this issue of Board Perspectives: Risk Oversight suggests eight steps executives and directors can take to manage uncertainty. CONTENT AREA: Newsletters TOPICS: Business Continuity Management, Corporate Governance, Audit Committee & Board, Risk Management & Assessment, Enterprise Risk Management January 11, 2010 Setting the 2010 Audit Committee Agenda Since Protiviti published Issue 8 of Volume III of The Bulletin, "Setting the 2009 Audit Committee Agenda," the world has continued to change. Without question, we live in a vastly different world than that of a year ago and the environment remains dynamic and challenging. Given where things stand today and looking forward into 2010, this issue of The Bulletin provides observations and ideas for consideration by boards and their audit committees. To provide a context for setting the 2010 audit committee agenda, this issue describes 10 major challenges businesses face. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Internal Audit, Risk Management & Assessment, Change Management December 14, 2009 Making Internal Audit a Value-Adding Contributor to Economic Recovery The current global economic downturn has been swift and severe, leaving organizations around the world searching for ways to contain costs, improve efficiencies, maintain customer satisfaction levels and protect their balance sheets. This unprecedented economic crisis has been nothing short of an urgent call to action for more robust risk management practices in global organizations of every size and in all industries. In retrospect, the role of the internal audit function may have been somewhat overlooked in the economic storm. This issue of The Bulletin explores how internal audit can contribute to the organization as it recovers from the crisis and what management and boards should expect of internal audit going forward. CONTENT AREA: Newsletters TOPICS: Internal Audit, Audit Committee & Board, Continuous Auditing, IT Audit, Risk Management & Assessment, Fraud December 14, 2009 The Current Financial Crisis: Frequently Asked Questions As the current financial crisis continues to evolve globally, there are a seemingly infinite number of questions emerging about how the crisis developed and spread, how it is impacting financial institutions as well as other companies, what governments are doing to address the crisis, and what companies must do to secure their own futures. This document provides answers to some of what Protiviti believes are among the most commonly asked questions about the financial crisis. Among the sections of the FAQ with significant updates in this edition are Accounting Rules and the Financial Crisis, and Impact on the Automotive Industry. In this final edition of our FAQs, we have updated a number of answers to reflect developments over the past six months. CONTENT AREA: Newsletters TOPICS: Audit Committee & Board, Corporate Governance, Entity-Level Control, Financial Services Industry, Laws & Regulations, Financial and Credit Risk, IFRS, GRC December 14, 2009 The Enterprise Risk Assessment Process The first question the risk oversight process seeks to answer is, “What are our most critical risks?” An effective risk management process lays the foundation for management to respond to this question confidently as the business environment remains in a constant state of flux. This publication lays out the key items to consider when conducting an enterprise risk assessment and suggests some questions for boards to consider when they evaluate their confidence in the organization’s risk assessment process. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Risk Management & Assessment, Enterprise Risk Management November 16, 2009 Risk Oversight: A Board Imperative Included in the inaugural edition of Board Perspectives: Risk Oversight are questions board members should ask of executive management regarding the organization’s risk management processes. In this newsletter as well as future editions, we intend to explore the right questions without suggesting standard “cookie cutter” answers. Sample questions in this edition include: Is there a robust process in place for identifying, prioritizing, sourcing, managing and monitoring the enterprise’s critical risks in a changing operating environment? Do we understand the risks inherent in the corporate strategy? Is there a sufficient understanding of the significant assumptions underlying the strategy and is a process in place to monitor for changes in the environment that could alter those assumptions? CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Risk Management & Assessment, Enterprise Risk Management, Entity-Level Control November 2, 2009 Changes to The IIA Standards: What Do They Mean for Financial Institutions? FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify, manage risks, and adapt to the changes affecting financial services companies. This issue features the articles: Changes to The IIA Standards: What Do They Mean for Financial Institutions? and Foreign Corrupt Practices Enforcement: Should Financial Services Companies Be Concerned? CONTENT AREA: Newsletters TOPICS: Financial Services Industry, Internal Audit, Audit Committee & Board, Fraud October 19, 2009 Public Company Readiness: Getting Ready for Prime Time – Before the Market Does (为上市做好准备:厚积薄发,抢占先机) 随着美国IPO(首次公开招股)市场近期已有回暖迹象,公司在着重开发新产品、提高收入及降低成本的同时,务必密切关注相关的业务及信息技术流程、政策及内部控制。这种经营方式近似于一家管理完善的上市公司。本文将重点讨论IPO就绪准备计划,包括开展就绪工作评估的必要性和管理层必须关注的具体领域,例如,常见的财务报告问题、关账流程、《萨班斯-奥克斯利法案》合规,以及信息技术基础设施等。 CONTENT AREA: Newsletters TOPICS: Audit Committee & Board, China, Close the Books, Financial Reporting, Initial Public Offering, Internal Audit, Internal Audit Administration, Internal Controls, IT Infrastructure, Sarbanes-Oxley Act, Self-Assessment August 24, 2009 Impact of the Economic Crisis on the Hospitality, Travel and Leisure Industry (金融危机对酒店、休闲与旅游业的影响) 与其他大部分行业一样,酒店、休闲与旅游业受到全球金融危机的冲击,正在应对源源不断的各种挑战。现时资本市场紧缩,企业和个人消费者的可支配收入减少,都让该行业感受到莫大压力。如何顺利渡过这次金融危机,以及如何在危机过后再战市场,都让管理层大伤脑筋。本通讯将探讨金融危机对该行业带来的冲击,并就管理层应关注的重要事项提出建议。 CONTENT AREA: Newsletters TOPICS: Accounting/Finance, Hospitality/Gaming Industry, Media Industry, Technology, IT Infrastructure, Internal Audit, Risk Management & Assessment, Cost Management, Customer Satisfaction, Financial and Credit Risk, China, GRC August 10, 2009 MasterCard Requires Level 1 and 2 Merchants to Have an Approved Qualified Security Assessor Complete an On-Site Assessment Annually – Frequently Asked Questions On June 15, 2009, MasterCard changed what some merchants (Level 1 & 2 merchants) must do to verify that they comply with the Payment Card Industry Data Security Standard (PCI DSS). These changes remove the ability for Level 1 merchants to validate compliance by using their internal audit functions, and require Level 2 merchants to engage an outside consultant to conduct an on-site assessment to validate compliance with the security requirements. This PCI FAQ guide answers questions received from merchants and is designed to help organizations prepare for their on-site assessments by anticipating common challenges and compliance issues. CONTENT AREA: Newsletters TOPICS: Sales Process & Marketing, Security, Security Management Practices, Privacy August 10, 2009 The Current Financial Crisis: Frequently Asked Questions (当前的金融危机:常见问题解答) 虽然有迹象显示经济状况正逐步好转,但市场上仍然存在许多疑问:是什么触发了这场金融危机?它又是如何蔓延遍及全球的?它对金融机构及其他行业产生了怎样的冲击?各地政府正采取什么应对措施?企业管理者应采取什么举措来保障公司的未来发展?本文并非面面俱到,但所涵盖的问题正是企业领导人当前最为关心的。本期《常见问题解答》主要增订了“会计规则与金融危机”与“对汽车业的影响”两个版块。此外,还添加了“对航空、酒店与博彩业的影响”这一全新版块。 CONTENT AREA: Newsletters TOPICS: Audit Committee & Board, Corporate Governance, Entity-Level Control, Financial Services Industry, Laws & Regulations, Financial and Credit Risk, IFRS, China, GRC August 3, 2009 Due Diligence: Protecting Against Fraud and Third-Party Negligence While business executives struggle to keep their companies healthy, they find that every important decision they make is subject to heightened scrutiny. How can officers, directors and executives make crucial decisions for their corporations without incurring the wrath of shareholders, clients and prosecutors who second-guess their efforts long after the fact? One well-tested method is to base executive decision-making on the outcome of careful due diligence. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Risk Management & Assessment, Ethics, Fraud, GRC July 13, 2009 Frequently Asked Questions Regarding Responsibilities of Recipients of Funds Under the American Recovery and Reinvestment Act of 2009 (Second Update) The American Recovery and Reinvestment Act of 2009 (ARRA or Recovery Act) was signed into law on February 17, 2009. This legislation seeks to stimulate the economy by preserving and creating jobs, assisting the unemployed and uninsured, and providing state budget relief while making investments in infrastructure, education, science, health and energy efficiency. This guidance prescribes reporting requirements that will be effective October 10, 2009. This guidance builds upon prior guidance issued by OMB. CONTENT AREA: Newsletters TOPICS: Financial Services Industry, Compliance, Financial and Credit Risk, Laws & Regulations, GRC July 13, 2009 Public Company Readiness: Getting Ready for Prime Time – Before the Market Does With the recent uptick in the IPO market in the United States, it is vital to pay close attention to the underlying business and IT processes, policies and internal controls even while new product development, revenue generation and cost management remain top priority. This approach is similar to how a well run public company operates. This issue of The Bulletin focuses on certain aspects of the IPO preparation process, including the need for a readiness assessment along with specific areas management should address – common financial reporting challenges, the close process, Sarbanes-Oxley compliance and the IT infrastructure. CONTENT AREA: Newsletters TOPICS: Audit Committee & Board, Close the Books, Financial Reporting, Initial Public Offering, Internal Audit, Internal Audit Administration, Internal Controls, IT Infrastructure, Sarbanes-Oxley Act, Self-Assessment June 29, 2009 Impact of the Economic Crisis on the Hospitality, Travel and Leisure Industry As with most industries, the hospitality, travel and leisure sector have been impacted by the global economic crisis. Faced with a shrinking capital market and decreased discretionary spending, management of companies in this sector face numerous challenges in weathering the crisis and preparing for the post-crisis environment. Read this bulletin to learn how the segments within the hospitality, travel and leisure industry are being affected by the crisis, and how particular issues should be front-of-mind for company management. CONTENT AREA: Newsletters TOPICS: Accounting/Finance, Hospitality/Gaming Industry, Media Industry, Technology, IT Infrastructure, Internal Audit, Risk Management & Assessment, Cost Management, Customer Satisfaction, Financial and Credit Risk, GRC June 29, 2009 Is a Systemic Risk Regulator the Savior of the Financial Services Industry? FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks and adapt to the changes affecting financial services companies. This issue features the articles: Is a Systematic Risk Regulator the Savior of the Financial Industry? And, Best Practices for Stress Testing. CONTENT AREA: Newsletters TOPICS: Financial Services Industry, Risk Management & Assessment, Basel, Best Practices, Compliance, Enterprise Risk Management, GRC June 22, 2009 Managing Corruption Risk Involving Foreign Officials and Avoiding Its Impact on Reputation Anti-corruption has become a major global initiative, as evidenced by efforts of organizations such as the World Trade Organization (WTO), European Union, Organization of American States, Association of Southeast Asian Nations, Caribbean Community, and the African Union, among others, to require their members to address it. That all said, it is naive to expect that legislators, regulators, international trade organizations and other parties can eradicate customs and behavior that has evolved over many centuries. This issue of The Bulletin will discuss the management of corruption risk and uses the FCPA as a framework for this discussion. CONTENT AREA: Newsletters TOPICS: Risk Management & Assessment, Compliance, Ethics, Fraud, GRC April 13, 2009 New Rules of the Game: The Obama Administration’s Plan for Regulatory Reform In the lead-up to the G-20 meeting in London on April 2, 2009, U.S. Treasury Secretary Geithner disclosed the broad principles that are expected to underpin the Obama Administration’s plans for regulatory reform in the financial services industry. This publication provides additional detail on the administration’s plan and identifies some of the challenges that must be faced in the effort to effect meaningful reform. CONTENT AREA: Newsletters TOPICS: Financial Services Industry, Compliance, Financial and Credit Risk, Laws & Regulations, GRC April 13, 2009 The Public-Private Investment Program: Private Party – Public Money On March 23, 2009 the US Treasury announced the framework for the Public-Private Investment Program (PPIP). This capped off $13.5 trillion in various U.S. Treasury, Federal Deposit Insurance Corporation (FDIC) and Federal Reserve Initiatives to stabilize the financial system and jump-start lending and the broader economy. Read this newsletter to learn about the PPIP, and also the Legacy Loans program, the Legacy Securities program, asset manager requirements, and reasons to think the PPIP may or may not be successful. CONTENT AREA: Newsletters TOPICS: Accounting/Finance, Government, Financial Services Industry, Real Estate Industry, Internal Audit, Risk Management & Assessment, Financial and Credit Risk, Laws & Regulations, GRC April 6, 2009 Frequently Asked Questions Regarding Responsibilities of Recipients of Funds Under the American Recovery and Reinvestment Act of 2009 The American Recovery and Reinvestment Act of 2009 (ARRA or Recovery Act) was signed into law on February 17, 2009. This legislation seeks to stimulate the economy by preserving and creating jobs, assisting the unemployed and uninsured, and providing state budget relief while making investments in infrastructure, education, science, health and energy efficiency. This guidance outlines the steps that agencies must take to manage the risks associated with awarding and overseeing the use of ARRA funds. CONTENT AREA: Newsletters TOPICS: Financial Services Industry, Compliance, Financial and Credit Risk, Laws & Regulations, GRC April 6, 2009 Ten Common Risk Management Failures and How to Avoid Them (风险管理的十大常见误区及相关避免措施) 风险管理在全球金融危机中所担当的角色,是当下的流行话题。的确,风险管理在此次危机的众多角色中不仅仅占有一席,且是主角之一。当我们回顾所发生的一切时,经常听到有人这样质问:他们到底在想什么?他们究竟知道些什么?他们如何落到这步田地?本期通讯探讨了风险管理的十大常见误区,以及如何避免的问题。 CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Internal Audit, Risk Management & Assessment, Enterprise Risk Management, Entity-Level Control, China, GRC March 23, 2009 Managing Outsourcing and Offshoring Risk As companies focus on managing their operations in a difficult economic environment, they seek to become leaner and more focused, efficient and effective. Over the last decade, many international companies have offshored work to other countries with a view toward achieving these objectives. This issue of The Bulletin explores the advantages, disadvantages, and the risks associated with outsourcing and offshoring. And how the risks can be managed when decisions are made to outsource and/or offshore business activities. CONTENT AREA: Newsletters TOPICS: Outsourcing/Co-sourcing/Shared Services, Cost Management, Enterprise Risk Management, GRC March 23, 2009 The "Home Affordable" Loan Modification Standards: What Loan Servicers and Investors Need to Know. From a very early point in the housing crisis, lawmakers, regulators, and many media observers have shared the strong belief that a large percentage of the foreclosures at the heart of the crisis are avoidable. In response, a small number of companies have taken aggressive, high profile loan modification programs, with disappointing results. Read this bulletin to understand many possible reasons for these disappointing results, and to preview a potential outlook for success. CONTENT AREA: Newsletters TOPICS: Accounting/Finance, Financial Services Industry, Internal Audit, Risk Management & Assessment, Financial and Credit Risk, GRC March 16, 2009 Risks and Challenges Facing the Financial Services Industry in 2009 - And Beyond FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks and adapt to the changes affecting financial services companies. This issue features the articles: Risks and Challenges Facing the Financial Services Industry in 2009; and, the Role of the Audit Committee in Weathering the Financial Crisis. CONTENT AREA: Newsletters TOPICS: Financial Services Industry, Internal Audit, Audit Committee & Board, Risk Management & Assessment, Financial and Credit Risk, GRC March 2, 2009 Setting the 2009 Audit Committee Agenda Since we published Issue 1 of Volume III of The Bulletin, Setting the 2008 Audit Committee Agenda, a year ago, the world has changed – dramatically. This issue of The Bulletin provides observations and ideas for boards and their audit committee regarding matters they should consider to get through the trying times in the year ahead. In addition to the unfinished business, we see several additional mandates on the minds of members on audit committees. These eight items on the list are discussed further in this issue. CONTENT AREA: Newsletters TOPICS: Financial Reporting, Internal Audit, Audit Committee & Board, Risk Management & Assessment, Sarbanes-Oxley Act, External Auditor, Internal Controls, GRC March 2, 2009 What Should Be the Focus in 2009? Considerations for High-Tech Companies (聚焦2009:高科技企业应思考的问题) 2008年初,当信贷危机与全球经济危机的关系成为各家新闻重点播报对象的时候,大型高科技企业被视为所受影响相对较小的一个群体。这些企业一般都持有大量现金投资作为后盾,因此信贷紧缩的影响并不大。但是,随着经济状况持续低迷逐渐蔓延至全球,很多公司开始削减其技术开支。因此,很多高科技企业都开始实施成本削减措施以期渡过艰难的2009年。 CONTENT AREA: Newsletters TOPICS: Technology, IT Infrastructure, IT Strategy, Security, Security Management Practices, Fraud, Financial and Credit Risk, China February 23, 2009 Internal Audit’s Added Benefit During a Financial Crisis: Considerations for Retail and Consumer Products Companies (内部审计在金融危机中的增值效益:零售和消费品公司的考虑事项) 当前金融危机给零售和消费品业的效益带来严重的负面冲击。对大多数零售商而言,这意味着同店销售额继续下滑,而消费者的消费方式正发生改变。受危机和经济低迷影响,各大公司正面临收益日渐下行的压力。然而,各大公司尤其是零售商为缓解压力而采取的各种措施,可能会在不知不觉中令其风险特征发生变化。如果有关变化不能予以有效处理和应对,可能会对公司业务造成负面影响。 CONTENT AREA: Newsletters TOPICS: Consumer Products & Retail Industry, Financial Services Industry, Internal Audit, Risk Management & Assessment, Financial and Credit Risk, Internal Controls, China, GRC February 16, 2009 Another Response to the Financial Crisis: Regulatory Reform Most people would agree that one of the factors that contributed to the current economic crisis was an inadequate regulatory regime for financial services activities. Many reports and sets of recommendations have already been issued about the root causes of the problem and how regulatory regimes should be revamped to better protect the stability of the financial system. In addition to root causes, this article also provides detail on guiding principles for reform and recommendations for effecting reform. CONTENT AREA: Newsletters TOPICS: Financial Services Industry, Internal Audit, Risk Management & Assessment, Compliance, Financial and Credit Risk, GRC February 9, 2009 What Should Be the Focus in 2009? Considerations for High-Tech Companies As a result of current economic conditions, many high-tech companies are beginning to implement cost-cutting measures to prepare for a tough 2009. How are high-tech organizations weathering the challenges of the current economic environment? Smart companies are looking at ways to freeze or cut costs while reducing or mitigating corporate risk. More details are provided in this bulletin. CONTENT AREA: Newsletters TOPICS: Technology, IT Infrastructure, IT Strategy, Security, Security Management Practices, Fraud, Financial and Credit Risk February 2, 2009 Strength in Numbers: How Creditors’ Committees Maximize Results in Chapter 11 Cases While the financial meltdown of mortgage lenders and investment banks has riveted the attention of citizens and governments worldwide, many mainstream businesses are finding that “business as usual” is more difficult than ever. This article is the second in a series that addresses some of the difficulties that arise when businesses become insolvent. It focuses on how companies can use official creditors’ committees to protect their interests when important clients reorganize under Chapter 11 of the Bankruptcy Code. CONTENT AREA: Newsletters TOPICS: Internal Audit, Audit Committee & Board, Risk Management & Assessment, Self-Assessment, Fraud, Financial and Credit Risk, Laws & Regulations, GRC January 26, 2009 Perspectives from Financial Institutions in Europe and the United States (欧美金融机构的视角) 金融危机对全球市场的影响仍在持续。只有为数不多的公司或行业能够幸免于难,而其他都要面对持续数年的经营困境。为了进一步了解金融危机所造成的影响,以及可能触发的短期和长期后果,甫瀚于近期进行了一项定量研究,就相关问题走访了欧洲及美国40多间金融机构的行政人员与高级管理层,以及甫瀚的金融服务行业专家,并收集了他们的观点及见解。这些机构及独立人士对部分问题持相同的观点,但在某些重要领域上的看法却大相径庭。 CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Cross Border & Non-US Issues, European Union, Financial Services Industry, Compliance, Enterprise Risk Management, Financial and Credit Risk, IFRS, China, GRC January 5, 2009 Ten Common Risk Management Failures and How to Avoid Them It is fashionable today to talk about the role of risk management in the global financial crisis. Indeed, risk management had a role – a very important one. As we look back and closely examine what has transpired, we often hear the same questions expressed with a noticeable point of inflection in the voice pitch: What were they thinking? What did they know? How did they let this happen? This issue of The Bulletin explores 10 common risk management mistakes and how they can be avoided. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Internal Audit, Risk Management & Assessment, Enterprise Risk Management, Entity-Level Control, GRC December 22, 2008 FS Insights 2008: The Year in Review FS Insights, a publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry. This issue provides a review of the year 2008 -- it was an annus horriblis. CONTENT AREA: Newsletters TOPICS: Accounting/Finance, Financial Reporting, Financial Services Industry, Financial and Credit Risk December 22, 2008 Impact of the Current Financial Crisis on the Energy and Utilities Industry (当前金融危机对欧美能源业及公用事业的冲击) 我们正处在金融市场的非常时期,几乎所有经济行业难以幸免。即便是因能源价格居高不下(虽然最近已逐渐下调)而受惠的能源业及公用事业,也一样要面对资本上涨和融资困难的挑战。这些难题不仅影响能源业及公用事业,也波及至其业务伙伴,例如金融机构和建筑承包商。针对上述问题,甫瀚于近期发布了题为“当前的金融危机对能源及公用事业行业的冲击”的《甫瀚通讯─应对全球金融危机》。 CONTENT AREA: Newsletters TOPICS: Financial Reporting, Energy & Utilities Industry, Financial Services Industry, Compliance, Financial and Credit Risk, China, GRC December 22, 2008 Internal Audit’s Added Benefit During a Financial Crisis: Considerations for Retail and Consumer Products Companies The current financial crisis is having a severe impact on the revenue of retail and consumer products companies. The actions that companies and retailers in particular, are taking may inadvertently result in a changing risk profile that, if not addressed properly, may negatively impact their business. This publication discusses this industry’s changing environment and how internal audit can help especially within areas of increased risk. CONTENT AREA: Newsletters TOPICS: Consumer Products & Retail Industry, Financial Services Industry, Internal Audit, Risk Management & Assessment, Financial and Credit Risk, Internal Controls, GRC December 8, 2008 Balancing of Risks in a Game of Snap: The Coming Re-regulation of Financial Services The common thread permeating every aspect of the financial crisis is the breakdown of the management of risk. The systemic failure that caused this financial crisis has been an object lesson on a macro level of the impact of silos on the effectiveness of risk management. The dysfunctional activity that contributed to the crisis likely will lead to more regulatory oversight. CONTENT AREA: Newsletters TOPICS: Financial Services Industry, Internal Audit, Risk Management & Assessment, Compliance, Enterprise Risk Management, Financial and Credit Risk, Laws & Regulations, GRC December 8, 2008 Perspectives from Financial Institutions in Europe and the United States To gain further insight into the current impact and likely short- and long-term consequences of the crisis in the financial markets, Protiviti recently conducted a qualitative research project to obtain the viewpoints and perspectives of executives and senior management from more than 40 financial institutions in Europe and the United States, as well as from the financial services industry experts throughout our firm. This issue of the Global Financial Crisis Bulletin shares insights from these members of management on the crisis, explores varying perspectives on its expected impact on the financial services industry, and reviews the most pressing issues of debate among different countries and regions. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Cross Border & Non-US Issues, European Union, Financial Services Industry, Compliance, Enterprise Risk Management, Financial and Credit Risk, IFRS, GRC December 1, 2008 “Oil and Water?” Differences Between Investment Banking and Commercial Banking Supervision The paper “Investment Banks and Commercial Banks are Analogous to Oil and Water, They Just Do Not Mix” expresses a view that investment banks are not financial intermediaries. Does this mean that the related regulators are also like oil and water? This publication examines this further by discussing the differences between these regulators, the Securities and Exchange Commission and the Federal Reserve Board. CONTENT AREA: Newsletters TOPICS: Credit & Collections, Investments & Foreign Exchange, Financial Services Industry, Compliance, Internal Controls, Financial and Credit Risk, GRC November 24, 2008 Impact of the Current Financial Crisis on the Energy and Utilities Industry This period of unprecedented turmoil in the financial markets is affecting nearly every sector of our economy. Even the energy and utilities industry faces potential challenges in accessing capital and funding, including their business partners such as financial institutions and construction contractors. This issue of the Global Financial Crisis Bulletin summarizes the key potential impacts of the financial crisis across various sectors within this energy and utilities industry. CONTENT AREA: Newsletters TOPICS: Financial Reporting, Energy & Utilities Industry, Financial Services Industry, Compliance, Financial and Credit Risk, GRC October 20, 2008 Navigating the Financial Crisis – What Lies Ahead? During this time of great uncertainty for companies in the United States and worldwide, management teams will be faced with difficult decisions that require them to carefully balance the risk/reward equation. Of particular note, the financial crisis is causing executives and boards to assess their companies’ assets to determine how to properly protect and exploit them in the current economic environment. This publication summarizes questions to consider when making this assessment. CONTENT AREA: Newsletters TOPICS: Credit & Collections, Corporate Governance, Audit Committee & Board, Financial Services Industry, Internal Audit, Risk Management & Assessment, Enterprise Risk Management, Financial and Credit Risk, GRC August 25, 2008 Corporate Directors: Charting a Course Through Troubled Times Successfully guiding a corporation through competitive markets can be a complicated venture in the best of times. But when tight credit and high costs erode an organization’s revenues and customer base, once routine issues can become urgent and problematic. In today’s economy, even well-run organizations can face significant challenges to their fiscal health. This article is the first in a series designed to address some of the issues that corporate directors face as they steer their companies through the “zone of insolvency.” CONTENT AREA: Newsletters TOPICS: Accounting/Finance, Corporate Governance, Audit Committee & Board, Internal Audit, Risk Management & Assessment, Self-Assessment, Best Practices, Fraud, GRC July 21, 2008 Creating Transparency into Your Largest Risk Exposures (甫瀚通讯 - 为公司的重大风险建立透明度) 2008年1月,一家全球性金融机构公布其因非法交易而遭受了70亿美元的亏损。这次事件令银行监管程序受到质疑,尤其是当内控报告的结论是银行官员未能对可疑交易的警告信号进行跟进。 CONTENT AREA: Newsletters TOPICS: Financial Reporting, Investments & Foreign Exchange, Financial Services Industry, Internal Audit, Risk Management & Assessment, Enterprise Risk Management, China, GRC July 21, 2008 Risk Management in a Turbulent Market FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks and adapt to the changes affecting financial services companies. This issue features the articles: Risk Management in a Turbulent Market; Data Security in the Financial Services Industry: Still Room for Improvement. CONTENT AREA: Newsletters TOPICS: Financial Services Industry, Risk Management & Assessment, Security, Access Control Systems & Methodology, Security Management Practices, Financial and Credit Risk, GRC July 14, 2008 Credit Rating Analysis of Enterprise Risk Management at Nonfinancial Companies: Are You Ready? (非金融机构的企业风险管理信用评级分析:你准备好了么?) 现今,企业风险管理开始得到来自新领域的有力支持:信用评级分析。2007年11月,标准普尔(以下简称“标普”)发布名为《征求意见:非金融机构信用评级中的企业风险管理分析》的意见稿(以下简称“《征求意见稿》”),表明该评级机构有意就其评估的所有公司的企业风险管理质量进行打分,并在其评级报告中纳入企业风险管理部分。 CONTENT AREA: Newsletters TOPICS: Financial Reporting, Corporate Governance, Audit Committee & Board, Internal Audit, Risk Management & Assessment, Enterprise Risk Management, Entity-Level Control, China, GRC July 14, 2008 Electronic Discovery: An Academic Exercise or Your Next Crisis? In Issue 1, we discussed the audit committee agenda for the next 12 months. This issue of The Bulletin provides further observations regarding one of the major topics on that agenda: Electronic discovery (or e-discovery). In here, we discuss ways for companies to implement practical approaches in proportion to their litigation risk exposure and ongoing operations that will significantly reduce the cost, burden and time associated with records retention and electronic discovery. CONTENT AREA: Newsletters TOPICS: Internal Audit, Audit Committee & Board, Security, Security Management Practices, Ethics, Fraud June 23, 2008 Credit Rating Analysis of Enterprise Risk Management at Nonfinancial Companies: Are You Ready? ERM initiatives appear to be gaining strong support from a new source: credit rating agencies. This issue is a reissuance of a prior issue of The Bulletin by the same title. The prior issue was based on Standard & Poor’s (S&P) November 2007 Request for Comment: Enterprise Risk Management Analysis for Credit Ratings of Nonfinancial Companies (RFC). After receiving comments from over 60 respondents, S&P released in May 2008 Enterprise Risk Management: Standard & Poor’s to Apply Enterprise Risk Analysis to Corporate Ratings. This reissued edition of The Bulletin has been updated to reflect the program outlined in the May 2008 release. CONTENT AREA: Newsletters TOPICS: Financial Reporting, Corporate Governance, Audit Committee & Board, Internal Audit, Risk Management & Assessment, Enterprise Risk Management, Entity-Level Control, GRC April 7, 2008 Creating Transparency into Your Largest Risk Exposures In January 2008, a global financial institution reported a $7 billion loss that occurred when unauthorized trading positions were closed. This substantial loss, among others, is yet another reminder that there are severe penalties if the largest risk exposures are not identified in a timely manner, properly monitored and managed effectively. This issue of The Bulletin suggests approaches for improving transparency into an entity’s most significant risk exposures, with the objective of minimizing the risk of unwanted surprises. CONTENT AREA: Newsletters TOPICS: Financial Reporting, Investments & Foreign Exchange, Financial Services Industry, Internal Audit, Risk Management & Assessment, Enterprise Risk Management, GRC April 7, 2008 Linkages Between Strategy-Setting and Effective ERM Implementation: Part 2 FS Insights, a publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry. It presents insights to help you identify and manage risks and adapt to the changes affecting financial services companies. This issue features the articles: Linkages Between Strategy-Setting and Effective ERM Implementation – Part II; and Assessing Compliance Risks. CONTENT AREA: Newsletters TOPICS: Financial Services Industry, Internal Audit, Risk Management & Assessment, Compliance, Enterprise Risk Management, GRC March 10, 2008 IFRS or Country-Specific GAAP: Who’s on First There are practical issues surrounding the possible future use of International Financial Reporting Standards (IFRS) by U.S. public companies, or by entities in other countries using a different version of GAAP not conformed to IFRS. This issue of The Bulletin considers these issues and the ramifications of transitioning from country-specific GAAP to IFRS. CONTENT AREA: Newsletters TOPICS: Accounting/Finance, Financial Reporting, Cross Border & Non-US Issues, Canada, European Union, Sarbanes-Oxley Act, External Auditor, Internal Controls, IFRS March 10, 2008 Securities Litigation After Stoneridge Corporate America celebrated in January when the U.S. Supreme Court issued its long-awaited opinion in Stoneridge. The Court ruled that entities that do not mislead investors directly, but rather silently accommodate customers who may have, cannot be sued by a customer’s shareholders for fraud. Regardless, securities fraud litigation will not disappear anytime soon. Instead, organizations should expect to see new strategies from plaintiffs as they adjust to the Stoneridge standards. CONTENT AREA: Newsletters TOPICS: Fraud, Laws & Regulations February 11, 2008 Linkages Between Strategy-Setting and Effective ERM Implementation FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides coverage of issues facing the financial services industry and insights to help you identify and manage risks and adapt to the changes affecting financial services companies. This issue features the articles: Linkages Between Strategy-Setting and Effective ERM Implementation; and Pandemic Preparedness. CONTENT AREA: Newsletters TOPICS: Business Continuity Management, Disaster Recovery, Financial Services Industry, Enterprise Risk Management, GRC January 21, 2008 Setting the 2008 Audit Committee Agenda Over the last year new issues have arisen that warrant the audit committee’s attention. This issue of The Bulletin provides observations and ideas for boards and their audit committees regarding matters they should consider in 2008. CONTENT AREA: Newsletters TOPICS: Financial Reporting, Corporate Governance, Audit Committee & Board, Internal Audit, Risk Management & Assessment, Sarbanes-Oxley Act, Internal Controls, Enterprise Risk Management, Audit Planning, IFRS, GRC December 17, 2007 ITAudit Forum Newsletter This issue of the ITAudit Forum features the following articles: To Vista or Not to Vista?; Keeping It Simple - An Overview of Data Privacy Compliance Requirements; and Essential Aspects of an Effective Network Performance Audit. CONTENT AREA: Newsletters TOPICS: IT Audit, Internal Audit, Technology November 26, 2007 Surviving the Subprime Storm: Will History Repeat Itself? Victims of the U.S. subprime lending meltdown are seeking answers and satisfaction through Congressional hearings and the U.S. courts—meanwhile, Congress is looking to regulators for explanations. In the process, fitting together the pieces of the puzzle that led borrowers and investors over the edge of the credit cliff may finally reveal how it happened. Following, are just a few of the missteps that are leading to litigation, regulatory actions, rating agency downgrades, forced layoffs and, in some instances, bankruptcy. CONTENT AREA: Newsletters TOPICS: Financial Services Industry, Fraud, Laws & Regulations October 1, 2007 The State of Risk Management in the United States FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks. This issue features two articles: The State of Risk Management in the United States; and Compliance as a Mission Critical Function. CONTENT AREA: Newsletters TOPICS: Financial Services Industry, Internal Audit, Risk Management & Assessment, Compliance, Enterprise Risk Management, GRC August 13, 2007 Closing Out Volume Two With the release of Issue 12, Protiviti completed another volume of The Bulletin. Since Protiviti’s inception five years ago, The Bulletin has provided insights on significant corporate governance and related risk management topics. Volume 2 focused on improving Sarbanes-Oxley compliance processes, the effectiveness of the internal control structure, the quality of business processes and the management of other business risks. Protiviti is pleased to present you with this summary of the topics covered in Volume 2 of The Bulletin, and looks forward to continuing to provide insights on governance, risk management and compliance topics in Volume 3. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Audit Committee & Board, Sarbanes-Oxley Act, Internal Controls, Section 302 - Executive Certifications, Section 404 - Internal Control Reporting, GRC July 23, 2007 The SEC’s New Guidance on Section 404: What It Means to You In May 2007, the SEC approved its interpretive guidance to management on implementing Section 404 of the Sarbanes-Oxley Act of 2002. What’s new with respect to this guidance? What hasn’t changed? What’s the impact and opportunity for management and the audit committee? This issue of The Bulletin explores these and other questions. CONTENT AREA: Newsletters TOPICS: Financial Reporting, Sarbanes-Oxley Act, Internal Controls, PCAOB, Section 404 - Internal Control Reporting July 16, 2007 Enhancing Sarbanes-Oxley Compliance Cost-Effectiveness, and Are You Ready for MiFID? This issue of FS Insights, a quarterly newsletter from Protiviti, addresses the effectiveness of SOX compliance programs. Companies that focus on increasing quality, compressing time and reducing processing costs will find that they have a more sustainable internal control structure and a more cost-effective compliance process. If you have you been spending so much time on SOX that you’ve been unable to focus on other regulatory initiatives, then you may have been ignoring the subject of the second issue covered in this newsletter: The Market in Financial Instruments Directive (MiFID). CONTENT AREA: Newsletters TOPICS: Cross Border & Non-US Issues, European Union, Financial Services Industry, Sarbanes-Oxley Act, Compliance, GRC July 9, 2007 Markets in Financial Instruments Directive At the end of 2006, the Markets in Financial Instruments Directive (MiFID) guidelines were included in Dutch legislation. Up until now, most publications on MiFID have been about the high-level demands of the framework guidelines, execution guidelines, and execution regulations. This issue of The Bulletin discusses the most important changes impacting the investment entrepreneur, as a result of MiFID. CONTENT AREA: Newsletters TOPICS: Cross Border & Non-US Issues, European Union, Financial Services Industry, Compliance, Laws & Regulations, GRC June 25, 2007 Paying the Price for Corporate Scandals: the Erosion of Legal Protections Executives can no longer avoid personal liability by turning a blind eye when they sign off on faulty accounting records or inadequate financial reports. Never before have corporate governance standards been so stringent, nor have the decisions of senior management been so closely scrutinized by investors and regulators alike. However, some contend that important legal protections, such as privilege and the right to counsel, are getting lost along the way. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Fraud, Laws & Regulations, GRC June 18, 2007 The Financial Reporting Risk Profile: Getting Ahead of the Curve This issue of The Bulletin, the last of a succession of four issues following Issue 7, addresses the process of understanding and continuously evaluating an organization’s financial reporting risk profile (FRRP), and why this process is important to senior management and directors. CONTENT AREA: Newsletters TOPICS: Financial Reporting, Audit Committee & Board, Internal Controls April 2, 2007 New Rules for E-Discovery: Is Your Institution Ready? FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks. This issue features two articles: New Rules for E-Discovery: Is Your Institution Ready? and Enhancing the Capabilities of the Internal Audit Function. CONTENT AREA: Newsletters TOPICS: Financial Services Industry, Fraud, Internal Audit, Internal Audit Administration, Training & Development February 12, 2007 ITAudit Forum Newsletter This issue of the ITAudit Forum features the following articles: Recommendations for an Effective Continuous Audit Process; Elements of a Good Security Architecture; and Maximizing Journal Entry Testing Through Automation. CONTENT AREA: Newsletters TOPICS: IT Audit, Internal Audit, Technology, Continuous Auditing January 22, 2007 The New Congress – A Balancing Act FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks. This issue features two articles: The New Congress – A Balancing Act and The Challenges and Risks of Shell Companies. CONTENT AREA: Newsletters TOPICS: Compliance, Financial Services Industry, Fraud, Laws & Regulations, Privacy, GRC January 15, 2007 Frequently Asked Questions on J-SOX - “J-SOX” is an unofficial term which refers to the Japanese requirements similar to the Sarbanes-Oxley Act (SOX) Sections 302 and 404 in the United States. J-SOX requirements are incorporated in the legislated draft entitled “Financial Instruments and Exchange Law” which covers new enactments of, and amendments to, financial instruments and Securities and Exchange Laws. This publication highlights frequently asked questions related to J-SOX including an update on the exposure draft issued to clarify specific requirements. CONTENT AREA: Newsletters TOPICS: Compliance, Cross Border & Non-US Issues, Internal Controls, Sarbanes-Oxley Act, Section 302 - Executive Certifications, Section 404 - Internal Control Reporting, GRC January 8, 2007 Conducting Enterprise Risk Assessments That Make a Difference This Issue of The Bulletin focuses on the vital steps in executing an effective enterprise risk assessment (ERA) and why integrating these assessments with strategy setting is important. The Bulletin explains what an ERA is, outlines how one is conducted and describes four broad choices available to management in strategy-setting that impact enterprise value. CONTENT AREA: Newsletters TOPICS: Audit Committee & Board, Corporate Governance, Enterprise Risk Management, Internal Audit, Internal Controls, Risk Management & Assessment, GRC December 18, 2006 ITAudit Forum Newsletter This issue of the ITAudit Forum features the following articles: Reaching Compliance Through Foundational IT Controls; Your Customer Data Has Been Compromised, Now What?; and Auditing Version Controls for Installed Applications. CONTENT AREA: Newsletters TOPICS: IT Audit, Internal Audit, Technology December 18, 2006 Protecting Enterprise Value Through Your Anti-Fraud Program Throughout discussions of experiences with SOX Section 404 compliance, one area that all parties have agreed is relevant is the company’s anti-fraud program. What is an anti-fraud program? Why is it important? How should companies evaluate their anti-fraud program? Is there anything that management should do differently? This issue of The Bulletin, and the related Supplement, analyze these questions and provide guidance for assessing fraud risk and evaluating anti-fraud programs and related controls. CONTENT AREA: Newsletters TOPICS: Sarbanes-Oxley Act, Internal Controls, Fraud, Risk Management & Assessment, GRC December 4, 2006 Electronic Discovery: The Federal Rules Catch Up With Information Technology This issue of Protiviti’s Litigation and Fraud News discusses the new amendments to the U.S. Federal Rules of Civil Procedure (FRCP) that went into effect on December 1, 2006. By proactively managing electronic records, organizations can better prepare for crisis situations involving litigation, avoid costs associated with noncompliance and help protect their reputations. No one can afford to ignore the e-discovery provisions in the new amendments to the FRCP. CONTENT AREA: Newsletters TOPICS: Technology, Laws & Regulations November 13, 2006 Emerging Trends in Construction and Internal Audit: From Compliance to Insight Historically, the role played by Internal Audit has focused on matters of contract administration or identifying cost recoveries. However it appears that there is a need for more targeted involvement by Internal Audit to investigate how well the business risks associated with construction projects are being managed. This newsletter also includes the article: Protiviti’s Healthcare Thought Leadership Series: Capital Projects and Construction. CONTENT AREA: Newsletters TOPICS: Internal Audit October 30, 2006 Principles for Business Continuity FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks and adapt to the changes affecting financial services companies. This issue features articles including Principles for Business Continuity and Bank Regulator Issues Internal Guidance for Safeguarding Information. CONTENT AREA: Newsletters TOPICS: Business Continuity Management, Disaster Recovery, Financial Services Industry, Physical Security, Privacy, Security, Security Management Practices October 16, 2006 Defining Technology Change (TCM Bulletin 2) This document provides a general methodology for identifying and classifying technology changes as part of Technology Change Management (TCM) process assessment and design efforts. It is intended for consulting project teams, IT auditors, as well as SOX and other compliance teams. CONTENT AREA: Newsletters TOPICS: Technology, Change Management October 16, 2006 ITAudit Forum Newsletter This issue of the ITAudit Forum features the following articles: Implementing RFID Technology: Issues and Challenges for Internal Auditors; Can a Service-oriented Architecture Hinder Sarbanes-Oxley Compliance Efforts?; and Digital Records Management — What Auditors Should Know. CONTENT AREA: Newsletters TOPICS: IT Audit, Internal Audit, Technology September 25, 2006 Section 404 Compliance: Lessons Learned for the Next 12 Months Because many accelerated filers are either preparing for or executing their third year Section 404 assessments, it is a good time to reflect on lessons learned. This exercise can provide valuable insights not only for accelerated filers, but also for foreign filers and U.S. non-accelerated filers who must complete their Section 404 assessments by the end of calendar 2007. This issue of The Bulletin outlines seven lessons for improving processes and compliance approaches. A Supplement to this Bulletin provides additional lessons learned. CONTENT AREA: Newsletters TOPICS: Financial Reporting, Sarbanes-Oxley Act, Section 404 - Internal Control Reporting, Internal Controls August 7, 2006 Is Enterprise Risk Management an Imperative for the Financial Services Industry? Enterprise Risk Management (ERM) is not a new concept. In fact, financial services companies were among the leaders in implementing ERM frameworks. However, most were unable to convince themselves of the value of ERM. But, the buzz is back, and this time the outcome may be different. CONTENT AREA: Newsletters TOPICS: Financial Services Industry, Enterprise Risk Management, GRC August 7, 2006 Setting the 2006 Audit Committee Agenda Much has happened since 2003 when the SEC adopted rules mandated by The Sarbanes-Oxley Act of 2002 (SOX) that, among other things, expanded and formalized the responsibilities of audit committees. Rather than focus on history, this issue of The Bulletin provides observations and ideas for boards and their audit committees regarding matters they should consider during the coming year. CONTENT AREA: Newsletters TOPICS: Audit Committee & Board, Financial Reporting, Fraud, Internal Audit, Internal Controls, PCAOB, Sarbanes-Oxley Act, Section 404 - Internal Control Reporting, COSO, Enterprise Risk Management, Audit Planning, GRC July 24, 2006 Foreign Corrupt Practices Act:
Dormant No More Most businesses do not engage in international operations or sales with the intent of committing bribery. Instead, inadequate training and monitoring of international sales forces, consultants, subcontractors or partners creates an environment where borderline activities or outright corruption can occur regularly, yet remain hidden. This issue of Litigation and Fraud News discusses red flags, vulnerable industries and activities, and the components of an effective compliance program. CONTENT AREA: Newsletters TOPICS: Cross Border & Non-US Issues, Ethics, Fraud, Laws & Regulations July 17, 2006 Taking the “Risk” out of Your Credit Risk Models This issue of the Credit Risk Memo discusses the following: Taking the “Risk” out of Your Credit Risk Models; and Five Components of a Successful Due Diligence Effort. CONTENT AREA: Newsletters TOPICS: Security, Credit & Collections, Financial Services Industry, Risk Management & Assessment, Security Management Practices, Basel, Financial and Credit Risk, GRC July 10, 2006 Regulatory Insights: What is New With OFAC? This newsletter provides information on a recent OFAC interim final rule, and also on proposed interagency guidance on non-traditional mortgage products, and security breach response programs. CONTENT AREA: Newsletters TOPICS: Asset Management, Compliance, Cross Border & Non-US Issues, Financial Services Industry, Real Estate Industry, Risk Management & Assessment, Security, Security Management Practices, Financial and Credit Risk, GRC July 3, 2006 Environment Segregation & Virtualization (TCM Bulletin 1) This bulletin outlines general risks and alternatives to be considered when using virtualization technologies to segregate IT environments in support of Technology Change Management (TCM) and Security Management processes. CONTENT AREA: Newsletters TOPICS: Technology, Risk Management & Assessment, Security, IT Infrastructure, Security Architecture & Models, Segregation of Duties, Change Management, GRC April 24, 2006 “Shop Around” – Are You In Harmony With Your Consumers? Healthcare Management Insights, a publication from Protiviti’s Healthcare Practice, provides timely coverage of issues facing the healthcare industry. This issue features the articles: “Shop Around” – Are You In Harmony With Your Consumers?; “Play To Get Paid” – Pay-For Performance; “Are You Ready for a PANDEMIC?” – Disaster Recovery Efforts. CONTENT AREA: Newsletters TOPICS: Business Continuity Management, Cost Management, Disaster Recovery, Healthcare & Pharmaceuticals Industry April 17, 2006 Critical Aerospace Inventory Traceability and Control via RFID The use of RFID tags has far-reaching supply-chain implications, and RFID promises to become a ubiquitous interface in transactions among OEMs, suppliers, and customers. This issue of Protiviti’s Manufacturing Industry Insights newsletter discusses the benefits of this technology. CONTENT AREA: Newsletters TOPICS: Asset Management, Security, Supply Chain, Physical Security, Consumer Products & Retail Industry, Aerospace & Defense Industry April 3, 2006 Basel Committee Guidance on Corporate Governance FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry. This issue features the articles: Basel Committee Guidance on Corporate Governance; and, Changes to FDICIA Requirements Give Midsized Banks a Break. CONTENT AREA: Newsletters TOPICS: Compliance, Corporate Governance, Cash & Treasury, Sarbanes-Oxley Act, Basel, GRC March 27, 2006 Scrutinizing Hedge Funds in the New Regulation Era With the Securities and Exchange Commission’s (SEC) new regulations for hedge fund compliance now in effect, these funds remain as controversial as ever. Recent scandals, allegations of fraud and lackluster returns have challenged the investment industry and resulted in the SEC seeing the need for greater regulation. This issue of the Litigation and Fraud News addresses the controversy surrounding the regulation of hedge funds. CONTENT AREA: Newsletters TOPICS: Compliance, Corporate Governance, Fraud, Ethics, Financial Services Industry, GRC March 27, 2006 Strategies for Mitigating Supply-Chain Disruption This edition of the Manufacturing Industry Insights newsletter focuses on the automotive industry. Within the automotive industry there is a critical need for businesses to proactively monitor supply and procurement, and develop a risk management process around supply interruption. By developing a risk management strategy, an organization can greatly enhance its ability to ride out supply-chain disruption. CONTENT AREA: Newsletters TOPICS: Automotive Industry, GRC, Internal Audit, Internal Audit Administration, Manufacturing & Distribution Industry, Materials Management & Inventory, Risk Management & Assessment, Supply Chain February 27, 2006 Enterprise Risk Management: Practical Implementation Advice Many executives do not know the value proposition of Enterprise Risk Management (ERM). Some may even consider ERM a fad or “flavor of the month,” and are just humoring the dialogue, wishing it would go away. What leaves many cold on the subject of ERM is the inability to quickly grasp what it is. This issue of The Bulletin addresses this and other relevant questions. CONTENT AREA: Newsletters TOPICS: Enterprise Risk Management, Risk Management & Assessment, COSO, Sarbanes-Oxley Act, GRC February 27, 2006 Enterprise Risk Management: Practical Implementation Advice (企业风险管理的实施建议) 企业风险管理从各种角度审视风险的相关概念,已经存在了很长时间。有关这个概念的应用最早出现在金融机构及世界一流的企业资金管理公司,因为这些机构采用风险架构、资本分配技术及其他衡量方法来管理市场及信贷风险。市场近几年来的发展告诉我们,不稳定性或高风险并不只限于货币、利率或权益证券等金融产品。除了金融市场上的风险,客户偏好、竞争对手提供的产品、劳动市场以及技术的转变也日新月异。 CONTENT AREA: Newsletters TOPICS: Enterprise Risk Management, Risk Management & Assessment, COSO, Sarbanes-Oxley Act, China, GRC February 13, 2006 Modern-Day Bank Robbers: Protecting Against the Threat of Fraud Within Your Financial Institution FS Insights, a publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks and adapt to the changes affecting financial services companies. This issue features the articles: Modern-Day Bank Robbers: Protecting Against the Threat of Fraud Within Your Financial Institution; and, Mortgage Lending Practices Come Under Attack. CONTENT AREA: Newsletters TOPICS: Ethics, Fraud, Laws & Regulations, Accounting/Finance, Financial Services Industry, Segregation of Duties, Financial and Credit Risk January 16, 2006 SOX: Raising The Bar For Records Retention Managing information is a critical component of an organization’s risk management program, and one that can bring an organization to its knees if not managed properly, particularly if the company becomes embroiled in either investigation or litigation. CONTENT AREA: Newsletters TOPICS: Compliance, Fraud, Laws & Regulations, Sarbanes-Oxley Act, Document Retention, GRC November 21, 2005 Section 404 Compliance: Planning for Next Year Year Two of Section 404 compliance for most accelerated filers is shaping up to be a year of incremental improvement. Management has taken a hard look at items such as number of key controls and testing scopes. This issue of The Bulletin focuses on some of the opportunities companies should consider as they plan for Year Three. Specifically it suggests that senior management take a fresh look at how to elevate the compliance activity to another level by formulating four specific plans. CONTENT AREA: Newsletters TOPICS: Sarbanes-Oxley Act, Self-Assessment, Financial Reporting, Fraud, Internal Controls, IT Controls, Entity-Level Control November 14, 2005 AML Risk Assessment: The Key to an Effective AML Program Regulatory Insights, a publication from Protiviti’s Regulatory Risk Consulting Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks and adapt to the changes affecting financial services companies. This issue features articles including AML Risk Assessment: The Key to an Effective AML Program; Privacy Regulation: New Risks, New Requirements; and The Home Mortgage Disclosure Act: How to View the Lending Picture. CONTENT AREA: Newsletters TOPICS: Privacy, Fraud, Ethics, Sarbanes-Oxley Act, Compliance, Financial Services Industry, Financial and Credit Risk, GRC October 3, 2005 Reviewing Third Party Service Providers FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks and adapt to the changes affecting financial services companies. This issue features articles including Reviewing Third Party Service Providers and Avoiding a Software Audit. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Technology, Compliance, Outsourcing/Co-sourcing/Shared Services, Financial Services Industry, Audit Committee & Board, GRC August 25, 2005 Wanted: A Cost-Effective Approach to Validating Performance of the Internal Control Structure This issue of The Bulletin discusses the implementation of a cost-effective Section 404 compliance process. It addresses the importance of integrating self-assessment, entity-level monitoring and independent tests of controls into a coordinated approach to build the body of evidence supporting management’s assertion in the annual internal control report. The Bulletin asserts that companies need to think more broadly than testing when planning a cost-effective approach to validating internal controls. CONTENT AREA: Newsletters TOPICS: Internal Controls, Sarbanes-Oxley Act, Self-Assessment, Financial Reporting, IT Controls, Project Management, Section 404 - Internal Control Reporting August 25, 2005 Wanted: A Cost-Effective Approach to Validating Performance of the Internal Control Structure (寻求:一种符合成本效益的方法,以验证内部控制架构的成效) 本期通讯着重阐述了如何通过整合自我评估、公司层面的监控,及独立的控制测试为支持管理层在年度控制报告中的声明提供证据来源。本通讯认为:公司在思考如何建立一种符合成本效益的方法来验证内部控制的有效性时,应扩宽视野,不应仅仅局限于执行测试这一形式。 CONTENT AREA: Newsletters TOPICS: Internal Controls, Sarbanes-Oxley Act, Self-Assessment, Financial Reporting, IT Controls, Project Management, Section 404 - Internal Control Reporting, China August 15, 2005 Counseling on the Fringe of Indictment The President’s Corporate Fraud Task Force remains focused on cleaning up corruption in the board room, restoring investor confidence to the marketplace and sending a clear message that corporate wrongdoing will not be tolerated. The Department of Justice has issued statements regarding the federal prosecution of business organizations, detailing a set of principles to guide its prosecutors as they consider whether to seek charges against a company. These guidelines also offer corporate counsel insight into navigating turbulent indictment waters. CONTENT AREA: Newsletters TOPICS: Fraud, Investigations/Forensics, Laws & Regulations, Financial Services Industry May 16, 2005 Investment Advisers and Investment Companies: Focus on Compliance FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks and adapt to the changes affecting financial services companies. This issue features articles including Investment Advisers and Investment Companies: Focus on Compliance, Governance Requirements for Insurance Companies, Data Privacy in the Headlines, and Integrated Compliance Efforts: Business Benefits Beyond Regulatory Mandates. CONTENT AREA: Newsletters TOPICS: Sarbanes-Oxley Act, Compliance, Financial Services Industry, Accounting/Finance, External Auditor, Internal Controls, Basel, GRC April 18, 2005 Not All Calls are Created Equal: Reducing Call Variation in Collections This issue of The Credit Memo looks at how technologies have been employed to improve the efficiency and effectiveness of collection operations. This article contends that the point of interaction between collector and customer can mean the difference between dollars collected and write-offs. This issue also discusses the growing presence of Basel II and the forecasted implementation costs for financial institutions. CONTENT AREA: Newsletters TOPICS: Accounts Receivable, Basel, Cash & Treasury, Credit & Collections, Customer Satisfaction April 4, 2005 Achieving Sustainability by Integrating the Section 404 and Section 302 Compliance Process Companies are now looking for ways to alleviate the burden encountered during Year One of Section 404 compliance. Issue 3 of Volume 2 of The Bulletin focuses on this movement and suggests integrating compliance activities around Section 302 and 404 with the objective of achieving sustainability of the company’s internal control structure. This movement towards sustainability will help satisfy management's goals of creating repeatable and effective internal controls and a cost-effective SOA compliance initiative. This issue of The Bulletin also discusses the steps needed to integrate these compliance initiatives and how to measure success. CONTENT AREA: Newsletters TOPICS: Sarbanes-Oxley Act, Compliance, Internal Controls, Project Management, Section 302 - Executive Certifications, Section 404 - Internal Control Reporting, GRC April 4, 2005 Achieving Sustainability by Integrating the Section 404 and Section 302 Compliance Process (通过整合404条款与302条款的合规流程以实现可持续性) 上市公司目前正在寻找办法以减轻在执行404条款合规工作第一年所面临的压力。通讯第二卷第三期对这一趋势进行专题研究,并建议整合萨班斯-奥克斯利法案404条款和302条款的合规活动,以建立一个可持续的内部控制结构。 CONTENT AREA: Newsletters TOPICS: Sarbanes-Oxley Act, Compliance, Internal Controls, Project Management, Section 302 - Executive Certifications, Section 404 - Internal Control Reporting, China, GRC March 14, 2005 Driving Value Out of the Section 404 Compliance Process Many would agree that the first year cost of complying with Section 404 were sky high. Surveys and other sources of evidence make it clear that the administrative burden of compliance was significant enough for most companies to warrant a review of strategies and tactics for maximizing value-add from the compliance process. Issue 2 of Volume 2 of The Bulletin incorporates insights and “lessons learned” about finance processes and how such value can be derived from improving these processes while still meeting compliance standards. CONTENT AREA: Newsletters TOPICS: Sarbanes-Oxley Act, Compliance, Accounting/Finance, Financial Reporting, Internal Controls, Project Management, GRC March 7, 2005 Government Investigations Uncover Abuses in Insurance Industry The feature article in this issue of the newsletter is Government Investigations Uncover Abuses in Insurance Industry. The article explains that New York Attorney General Eliot Spitzer has expanded his investigative targets from the mutual fund industry to include the insurance industry – a sector that amounts to 10 percent of the national economy. Allegations against some of the world’s largest insurance brokerage firms range from conflicts of interest involving bid-rigging and subsidiary investments, to disclosure regarding inflated earnings and hidden commissions. CONTENT AREA: Newsletters TOPICS: Fraud, Financial Services Industry March 7, 2005 Money Laundering Enforcement Actions on the Rise FS Insights, a quarterly publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks and adapt to the changes affecting financial services companies. This issue features the articles: Money Laundering Enforcement Actions on the Rise; and, Time to Face the FACTs – FACT Act Compliance Deadlines Arrive. CONTENT AREA: Newsletters TOPICS: Fraud, Laws & Regulations, Privacy, Compliance, Financial Services Industry, GRC January 31, 2005 The Self-Assessment Process: Management’s Tool for Reinforcing Process Owner Accountability One of the cornerstones of ongoing compliance with the Sarbanes-Oxley Act of 2002 is having an effective self-assessment program. This Bulletin discusses the self-assessment process and how you can implement one to reinforce process owner accountability or, if you already have a process in place, how you can improve it and make it more effective. Learn why and how to accomplish self-assessment and review some best practices to consider. CONTENT AREA: Newsletters TOPICS: Self-Assessment, Corporate Governance, Internal Audit, Sarbanes-Oxley Act, Audit Committee & Board, GRC September 27, 2004 Basel II: The Framework is Approved, but the Debate Goes On The articles featured in this issue of the Financial Services newsletter are "Basel II: The Framework is Approved, but the Debate Goes On," "FATF NCCTs: And Then There Were Six," and "Court Decision on Information Sharing is a Setback to the Financial Services Industry." CONTENT AREA: Newsletters TOPICS: Cross Border & Non-US Issues, Financial Services Industry, Basel, Canada, France, Italy, Japan, Germany, United Kingdom July 26, 2004 Building Upon Section 404 Compliance: Moving Beyond Year One In recent months, first-year compliance with Sections 30 and 404 of The Sarbanes-Oxley Act of 2002 has commanded the attention of CEOs and CFOs. In just a few months, many US accelerated filers will progress beyond “first-year through” compliance to ongoing annual compliance with these SOA sections. As they do so, many companies could face even more challenging environment. Issue 12 of The Bulletin discusses moving beyond year one compliance. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Sarbanes-Oxley Act, Enterprise Risk Management, Financial Reporting, Project Management, Section 302 - Executive Certifications, Section 404 - Internal Control Reporting, GRC July 26, 2004 Closing Out Volume One With the release of Issue 12, the first volume of The Bulletin, Protiviti’s newsletter focusing on corporate governance and risk management comes to a close. Each Issue of Volume 1 is available on KnowledgeLeader. We are pleased to present you with this summary of Volume 1 of The Bulletin, and look forward to publishing the first issue of Volume 2. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Sarbanes-Oxley Act, Compliance, Financial Reporting, GRC July 12, 2004 Continuing Focus on Business Continuity Planning The feature article in this issue of the Financial Services newsletter covers the NACD and NYSE rules for listed companies to develop business continuity plans. The second article asks: Does Your Anti-Fraud Program Measure Up? CONTENT AREA: Newsletters TOPICS: Business Continuity Management, Fraud, Financial Services Industry May 3, 2004 Effective Compliance Programs: Understanding What the Ad Hoc Committee of the Sentencing Commission is Saying and Why in a Post-Enron World An ad hoc committee advising the Sentencing Commission has recommended sweeping changes to the Organizational Sentencing Guidelines. On October 7, 2003, after an 18-month review of the effectiveness of the compliance criteria of the Guidelines, the group issued their report. The Sentencing Commission is now considering the Advisory Group’s suggestions and will make its own recommendations to congress in May 2004. This practice newsletter, published by O’Melveny & Myers, discusses the implications of these developments. CONTENT AREA: Newsletters TOPICS: Laws & Regulations, Risk Management & Assessment, GRC March 29, 2004 Compliance Management: Increasing Challenges and Expectations CONTENT AREA: Newsletters TOPICS: Laws & Regulations, Privacy, Financial Services Industry February 2, 2004 Establishing an Effective Complaint and Confidential, Anonymous Reporting Process Earlier this year, the SEC issued rules, pursuant to Section 301 of the Sarbanes-Oxley Act , requiring audit committees to establish procedures for “(a) the receipt, retention and treatment of complaints received by the issuer regarding accounting, internal accounting controls or auditing matters, and (b) the confidential, anonymous submission by employees of the issuers of concerns regarding questionable accounting or auditing matters.” This edition of The Bulletin focuses on the issues that audit committees and management should consider as they collaborate to comply with this requirement. CONTENT AREA: Newsletters TOPICS: Fraud, Sarbanes-Oxley Act, Financial Reporting, Whistleblower/Complaint Reporting January 19, 2004 Technology Risks and Controls: What You Need to Know The impact on information technology must be considered carefully during an evaluation of internal control over financial reporting. Protiviti’s 10th issue of The Bulletin addresses key questions surrounding IT risks and controls. It also provides key questions for board members and management to ask. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Technology, Sarbanes-Oxley Act, Financial Reporting, IT Controls, GRC December 1, 2003 The Expanded Responsibilities of the Audit Committee: A New Mandate Earlier this year, the SEC adopted rules mandated by the Sarbanes-Oxley Act of 2002 that, among other things, expanded and formalized the responsibilities of audit committees. The major exchanges have also weighed in, defining expectations for audit committees. This issue of The Bulletin explores the new requirements of audit committees and their implications. It also outlines six keys to an effectively functioning audit committee. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Internal Audit, Risk Management & Assessment, Sarbanes-Oxley Act, Audit Committee & Board, Financial Reporting, GRC November 17, 2003 The Benefits of Enterprise Testing FS Insights, a quarterly publication from Protiviti, helps the financial services industry to identify and manage risks. In this issue, "The Benefits of Enterprise Testing" discusses the risks of failing to test information technology implementations, the primary forms of enterprise testing, and some keys to improved testing. Also in this issue is, "The Implications of Sarbanes-Oxley on Corporate Document-Management Policies." CONTENT AREA: Newsletters TOPICS: Enterprise Risk Management, Sarbanes-Oxley Act, Financial Services Industry, GRC August 25, 2003 Internal Control Over Financial Reporting -- An Update on Section 404 of Sarbanes-Oxley Section 404 of the Sarbanes-Oxley Act required the SEC to adopt rules for companies to file an annual internal control report. That report must contain statements from management regarding the effectiveness of the company's internal control over financial reporting. Additionally, the company's auditor must attest to management's assertions in the internal control report. The SEC released its final rules in June 2003 regarding Section 404, making time an asset rather than a liability. This issue of The Bulletin addresses these final rules and what they mean to your company. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Internal Controls, Risk Management & Assessment, Sarbanes-Oxley Act, Enterprise Risk Management, Financial Reporting, Section 404 - Internal Control Reporting, GRC July 14, 2003 Your Collections Checkup: Collection challenges in today’s economy In the current economic climate, several factors are making effective collections more and more difficult. Consumer debt is at an all-time high, unemployment concerns continue to persist and a growing number of delinquent consumers are working more diligently to avoid collection efforts. CONTENT AREA: Newsletters TOPICS: Credit & Collections, Financial and Credit Risk July 7, 2003 Framework for Effective Management and Supervision of Operational Risk FS Insights, a quarterly publication from Protiviti, helps the financial services industry to identify and manage risks. In this issue: "Framework for Effective Management and Supervision of Operational Risk” discusses the need, highlighted by the Basel Committee, for financial institutions of all types to manage their operational risk better. Also in this issue is, “Effective Identity Management for Financial Institutions.” CONTENT AREA: Newsletters TOPICS: Risk Management & Assessment, Sarbanes-Oxley Act, Financial Services Industry, Basel, GRC June 2, 2003 Strengthening Governance Through Risk Management Boards and management know that the price of surprise is steep and should work together on an effective plan for managing risk. In a McKinsey study released in May 2002, 36 percent of the directors indicated their boards did not understand the company's major risks. This issue of The Bulletin provides five specific, detailed recommendations for strengthening governance through improved risk management. It includes a list of key questions for management and the board to consider. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Internal Controls, Risk Management & Assessment, Sarbanes-Oxley Act, Enterprise Risk Management, Financial Reporting, GRC March 24, 2003 Internal Controls over Financial Reporting: Understanding Section 404 of Sarbanes-Oxley Section 404 of the Sarbanes-Oxley Act requires management to file an internal control report with the annual report on Form 10-K. This edition of The Bulletin addresses these requirements in detail and answers common questions. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Internal Controls, Risk Management & Assessment, Sarbanes-Oxley Act, Enterprise Risk Management, Financial Reporting, Section 404 - Internal Control Reporting, GRC March 17, 2003 After Sarbanes-Oxley: Codes of Conduct FS Insights, a quarterly publication from Protiviti, helps the financial services industry to identify and manage risks. In this issue: "After Sarbanes-Oxley: Codes of Conduct" describes how the Sarbanes-Oxley Act is fundamentally changing things for financial services. There is also a review of: "The Global Framework for Anti-Money Laundering: Revisiting the Forty Recommendations," and an update on BCP regulations in the financial services industry. CONTENT AREA: Newsletters TOPICS: Business Continuity Management, Corporate Governance, Fraud, Sarbanes-Oxley Act, Financial Services Industry, GRC March 10, 2003 Contact Center Metrics: What Happened to the Customer? This issue of The Credit memo looks at customer call centers and the tendency to report operational statistics, overlooking the actual customer. The article contends that moving beyond the statistics to truly challenge and understand the triggering events driving customer issues is the key to enhancing call center performance. CONTENT AREA: Newsletters TOPICS: Credit & Collections, Customer Satisfaction March 3, 2003 The Code of Conduct – Laying a Cornerstone for Effective Governance If there is one constant for success in a rapidly changing global marketplace, it is the immutable bedrock of an unwavering commitment to ethical and responsible business behavior. Issue 5 of The Bulletin provides important steps for boards and management to consider in designing and implementing an effective code of ethics. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Internal Controls, Risk Management & Assessment, Sarbanes-Oxley Act, GRC December 23, 2002 Staying Focused on Core Business Issues Amid Corporate Governance Compliance As companies address the myriad new corporate governance requirements established by Congress, the exchanges and regulators, it is equally imperative to address the core business and profitability issues facing organizations, particularly in today’s increasingly demanding global marketplace. Issue 4 of The Bulletin covers the basics of corporate governance compliance: core issues, the scope of the board’s oversight, adoption of a risk-based approach to managing the business, and keeping the disclosure process fresh. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Internal Controls, Risk Management & Assessment, Sarbanes-Oxley Act, GRC December 2, 2002 A Proactive Approach to Corporate Governance The financial services industry is ever changing. Globalization, regulatory changes, increased consumer and shareholder awareness and economic uncertainties all pose risks to financial services companies. FS Insights, a quarterly publication from Protiviti, helps identify and manage risks and adapt to changes affecting financial services. In this issue: “A Proactive Approach to Corporate Governance,” and “Secure Handheld Computing – Does It Exist?” CONTENT AREA: Newsletters TOPICS: Corporate Governance, Technology, Risk Management & Assessment, Sarbanes-Oxley Act, Security, Financial Services Industry, Network & Internet Security, GRC November 25, 2002 A Question of Balance: Quantitative and Qualitative Risk Analysis This issue of The Credit memo looks at the benefits as well as the limitations of quantitative and qualitative approaches to credit risk analysis. CONTENT AREA: Newsletters TOPICS: Risk Management & Assessment, Credit & Collections, Financial and Credit Risk, GRC November 18, 2002 Executive Certifications: Same Responsibilities, Higher Stakes Executive management has always been responsible for the quality and fairness of public reporting. However, under the Sarbanes-Oxley Act of 2002, the risks are higher and the consequences of failure more significant. There are many questions regarding these new requirements. Issue 3 of The Bulletin discusses a few of the important questions that management must address. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Ethics, Risk Management & Assessment, Sarbanes-Oxley Act, Section 302 - Executive Certifications, Reporting/Disclosure, GRC October 14, 2002 The Changing Corporate Governance Landscape and Its Implications New corporate governance requirements established by the Sarbanes-Oxley Act have permanently mandated executive certification of public reports for all registrants. More requirements could be forthcoming from rating agencies and the SEC. In this environment, companies are feeling greater pressures to take further actions. This issue of The Bulletin reviews examples of the “right things” boards and management should do as they work to improve corporate governance. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Ethics, Risk Management & Assessment, Sarbanes-Oxley Act, GRC September 30, 2002 The role of personal accountability in the new environment This Bulletin outlines seven key principles that provide a framework for establishing and reinforcing the personal accountability of management and the board of directors. Application of these principles will create a healthy tension within the organization and facilitate communication between management and the board. The bulletin also provides a short list of key questions to ask board members and management. CONTENT AREA: Newsletters TOPICS: Corporate Governance, Ethics, Risk Management & Assessment, Sarbanes-Oxley Act, Audit Committee & Board, GRC Board Perspectives: Risk Oversight Newsletters Board Perspectives: Risk Oversight, is a periodic newsletter that offers ongoing commentary about the risk management oversight process for boards of directors. The goal is to provide board members with concise discussions of practical ideas that will help them improve their board’s risk oversight. CONTENT AREA: Newsletters TOPICS: Risk Management & Assessment, Audit Committee & Board FS Insights Newsletters FS Insights, a publication from Protiviti’s Financial Services Practice, provides timely coverage of issues facing the financial services industry and insights to help you identify and manage risks. CONTENT AREA: Newsletters TOPICS: Basel, Business Continuity Management, Compliance, Enterprise Risk Management, Financial Services Industry, Fraud, Sarbanes-Oxley Act, Security, GRC Global Financial Crisis Bulletins Global Financial Crisis Bulletins are published by Protiviti and provide timely coverage of economic and regulatory developments, as well as insight to help you identify and manage risks. CONTENT AREA: Newsletters TOPICS: Internal Audit, Financial and Credit Risk, Financial Services Industry
|