governance - Blog - Global Risk Community2024-03-28T23:41:47Zhttps://globalriskcommunity.com/profiles/blogs/feed/tag/governance3 Roles Integral for Data Governance Initiativeshttps://globalriskcommunity.com/profiles/blogs/3-roles-integral-for-data-governance-initiatives2022-09-03T10:54:03.000Z2022-09-03T10:54:03.000ZMark Bridgeshttps://globalriskcommunity.com/members/MarkBridges<div><p><img class="aligncenter size-full wp-image-11725" src="http://flevy.com/blog/wp-content/uploads/2022/09/DG-Roles-2-scaled.jpg" alt="" width="1200" height="1200" />Data Governance is a set of practices that outline the roles and accountabilities related to data and support the organization’s Business Model by generating and consuming data. It’s all about overseeing the accessibility, practicality, reliability and safety of enterprise data.</p><p><a href="https://flevy.com/business-toolkit/data-governance">Data Governance</a> is guided by in-house data standards and guidelines to monitor data usage. The process safeguards data uniformity, dependability, and fair use. The success of a Data Governance initiative should be measured by its expected business benefits or organizational growth—not just data security and usability.</p><p>Incoherent data creates hurdles in Data Analytics and business operations. Data protection initiatives should be managed by structured Data Governance roles. An <a href="https://flevy.com/business-toolkit/building-effective-teams">organized team</a> is critical for success of a Data Governance program.</p><p><a href="https://flevy.com/browse/marketplace/guidelines-for-information-security-and-policy-review-5037">Data standardization, precision, security</a> and governance isn’t the sole dominion of IT people; it’s a team effort. These tasks involve participation of a number of stakeholders from across the organization. Data Governance program includes people from the business side, data management personnel, and IT recruiters. The convergence of IT and business people in a Data Governance program allows for a bigger picture perspective on governing the organizational data.</p><p>The functions of the IT and business users in the Data Governance initiative can be demarcated as:</p><h3><strong>IT People</strong></h3><p>The IT resources responsible for the Data Governance program focus on data safekeeping, modeling and standardization. They are responsible for taking care of the fundamental infrastructure, applications, Automation, compatibility with all tools and apps, and execution of Data Governance policies.</p><h3><strong>Business People</strong></h3><p>The business people in the Data Governance team, on the other hand, focus on ensuring data access, excellence, and responsiveness. Business users oversee the value assigned to the data, its utilization in fulfilling organizational objectives, and solving complex problems. Business users come up with common data definitions, key performance indicators to measure the quality of data, and support in administering governance policies and procedures.</p><p>The <a href="https://flevy.com/browse/flevypro/data-governance-roles-and-responsibilities-6356">key roles that are mandatory for Data Governance</a> initiatives include:</p><ol><li><a href="https://flevy.com/browse/stream/leadership"><strong> Leadership</strong></a></li><li><strong> Data Governance Council</strong></li><li><strong> Data Stewards</strong></li></ol><p><a href="http://https//flevy.com/browse/flevypro/data-governance-roles-and-responsibilities-6356"><img class="aligncenter size-full wp-image-11723" src="http://flevy.com/blog/wp-content/uploads/2022/09/Data-Governance.png" alt="" width="1200" height="752" /></a></p><p>Let's now delve deeper into the details of some of these key roles.</p><h3><strong>Leadership</strong></h3><p>Data Governance programs commence with assigning an executive Data Governance sponsor. The executive sponsor ensures availability of critical investments and <a href="https://flevy.com/browse/stream/human-resources">expert Human Resources</a> and clearly laying out the overall understanding and objectives of the initiative.</p><p>The Executive Data Governance Sponsor role, at several large organizations, is assigned to a Chief Data Officer (CDO) or a Data Governance Manager, at other enterprises. The CDO, or Data Governance Manager, is responsible for:</p><ul><li>Aligning the Data Governance policy with the <a href="https://flevy.com/browse/stream/strategy-development">overall goals of the Business Strategy</a>.</li><li>The CDO should possess the technical knowledge required to manage the Data Governance process and policies in addition to having management competencies.</li><li>Managing all correspondence and internal messaging related to the Data Governance initiative.</li><li>Analyzing progress of the Data Governance program and ensuring its schedule and budget targets.</li><li>Coordinating the tasks to be carried out by the Data Governance Council.</li></ul><h3><strong>Data Governance Council </strong></h3><p>The Data Governance Council (DGC) acts as a steering committee to strategically direct the design and implementation of the Data Governance Program. The Data Governance Council comprises:</p><ul><li>Technical, business and legal experts.</li><li>Data stewards from the various departments.</li><li>A C-suite executive to direct the strategic constituent of the program.</li><li>Data analysts to analyze trends.</li></ul><p>DGC is responsible for:</p><ul><li>Rendering <a href="https://flevy.com/strategic-planning">strategic direction and planning</a> to manage the organizational data.</li><li>Establishing objectives for the initiative.</li><li>Ascertaining the requirements for Data Governance.</li><li>Developing and authorizing data standards, policies, business rules and program procurement.</li><li>Resolving issues escalated by the Data Stewards.</li><li>Sharing the results of the program.</li></ul><p>Interested in learning more about the roles and responsibilities pertaining to a Data Governance initiative? You can download <a href="https://flevy.com/browse/flevypro/data-governance-roles-and-responsibilities-6356">an editable PowerPoint on <strong>Data Governance: Roles & Responsibilities </strong>here </a>on the <a href="https://flevy.com/browse">Flevy documents marketplace</a>.</p><p><strong>Do You Find Value in This Framework?</strong></p><p>You can download in-depth presentations on this and hundreds of similar business frameworks from the <a href="https://flevy.com/pro/library">FlevyPro Library</a>. <a href="https://flevy.com/pro">FlevyPro</a> is trusted and utilized by 1000s of management consultants and corporate executives. Here’s what some have to say:</p><p><em>“My FlevyPro subscription provides me with the most popular frameworks and decks in demand in today’s market. They not only augment my existing consulting and coaching offerings and delivery, but also keep me abreast of the latest trends, inspire new products and service offerings for my practice, and educate me in a fraction of the time and money of other solutions. I strongly recommend FlevyPro to any consultant serious about success.”</em></p><p><em>– Bill Branson, Founder at Strategic Business Architects</em></p><p><em>“As a niche strategic consulting firm, Flevy and FlevyPro frameworks and documents are an on-going reference to help us structure our findings and recommendations to our clients as well as improve their clarity, strength, and visual power. For us, it is an invaluable resource to increase our impact and value.”</em></p><p><em>– David Coloma, Consulting Area Manager at Cynertia Consulting</em></p><p><em>“FlevyPro has been a brilliant resource for me, as an independent growth consultant, to access a vast knowledge bank of presentations to support my work with clients. In terms of RoI, the value I received from the very first presentation I downloaded paid for my subscription many times over! The quality of the decks available allows me to punch way above my weight – it’s like having the resources of a Big 4 consultancy at your fingertips at a microscopic fraction of the overhead.”</em></p><p><em>– Roderick Cameron, Founding Partner at SGFE Ltd</em></p></div>Environmental, Social and Corporate Governance in the EUhttps://globalriskcommunity.com/profiles/blogs/environmental-social-and-corporate-governance-in-the-eu2021-10-26T08:40:00.000Z2021-10-26T08:40:00.000ZGlobalRiskCommunityhttps://globalriskcommunity.com/members/GlobalRiskCommunity<div><!--Global Variables Begin--><!--Global Variables End--><!--Call To Action Variables Begin--><!--Call To Action Variables End--><!-- [if !mso]><!--><!--<![endif]-->
<p> </p>
<table class="cs-email-body" style="table-layout:fixed;" border="0" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td class="cs-email-body-inner" align="center" valign="top">
<table class="cs-email-container" style="margin:0 auto;max-width:600px;" border="0" width="100%" cellspacing="0" cellpadding="0" align="center">
<tbody>
<tr>
<td align="left" valign="top">
<table border="0" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td id="template-wrapper" class="mktoContainer" valign="top">
<table id="Hero" class="mktoModule" border="0" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td style="background-color:#57bff2;background-image:url("%27%27");background-position:top;" valign="top" bgcolor="#57BFF2"><!-- [if gte mso 9]>
<v:rect xmlns:v="urn:schemas-microsoft-com:vml" fill="true" stroke="false" style="width: 600px;">
<v:fill type="frame" src="" color="#57BFF2"></v:fill>
<v:textbox style="mso-fit-shape-to-text: true;" inset="0,0,0,0">
<div style="font-size: 0; line-height: 0;">
<table width="600" border="0" cellpadding="0" cellspacing="0" role="presentation" align="center">
<tr>
<td style="font-size: 14px; line-height: 1.5;" valign="top">
<table width="100%" border="0" cellspacing="0" cellpadding="0" role="presentation">
<tr>
<td colspan="3" height="40" style="line-height: 1px; font-size: 1px;"> </td>
</tr>
<tr>
<td width="50" valign="top" style="line-height: 1px; font-size: 1px;"> </td>
<td width="500" valign="top" align="left">
<![endif]--><!-- [if !gte mso 9]><!-->
<table border="0" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td class="cs-sm-p-40-20" style="padding:40px 50px;" valign="top"><!--<![endif]-->
<table border="0" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td style="font-size:0;" valign="top"><!-- [if (gte mso 9)|(IE)]>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="48.4%" valign="top">
<![endif]-->
<div class="cs-sm-mw-50pc" style="display:inline-block;width:100%;max-width:48.4%;vertical-align:top;">
<table border="0" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td style="font-family:Arial, Helvetica, sans-serif;font-size:14px;line-height:18px;font-weight:normal;text-transform:uppercase;color:#ffffff;" valign="top">
<div id="Hero--Topic-Title" class="mktoText">Whitepaper</div>
</td>
</tr>
<tr>
<td style="line-height:1px;font-size:1px;" height="10"> </td>
</tr>
</tbody>
<tbody>
<tr>
<td style="font-family:Arial, Helvetica, sans-serif;font-size:27px;line-height:31px;font-weight:bold;color:#ffffff;" valign="top">
<div id="Hero--Title" class="mktoText">Environmental, Social and Corporate Governance Regulation in Europe</div>
</td>
</tr>
<tr>
<td style="line-height:1px;font-size:1px;" height="20"> </td>
</tr>
</tbody>
<tbody>
<tr>
<td style="font-family:Arial, Helvetica, sans-serif;font-size:14px;line-height:18px;font-weight:normal;color:#ffffff;" valign="top">
<div id="Hero--Text" class="mktoText"> </div>
</td>
</tr>
<tr>
<td style="line-height:1px;font-size:1px;" height="20"> </td>
</tr>
</tbody>
<tbody>
<tr>
<td valign="top">
<table border="0" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td style="padding:8px 15px;background-color:#f47e20;" align="center" valign="top" bgcolor="#F47E20"><a style="font-weight:bold;font-family:Arial, Helvetica, sans-serif;font-size:13px;line-height:13px;color:#ffffff;text-decoration:none;display:block;" href="https://www.navexglobal.com/en-gb/campaigns/how-esg-regulation-takes-shape?utm_source=globalriskconsult&utm_medium=syndication&utm_campaign=esg-regulation">Download Whitepaper </a></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</div>
<!-- [if (gte mso 9)|(IE)]>
</td>
<td width="3.2%" valign="top">
<![endif]-->
<div class="cs-sm-mw-100pc" style="display:inline-block;width:100%;max-width:3.2%;vertical-align:top;">
<table border="0" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td style="font-size:0px;line-height:0px;" height="20"> </td>
</tr>
</tbody>
</table>
</div>
<!-- [if (gte mso 9)|(IE)]>
</td>
<td width="48.4%" valign="top">
<![endif]-->
<div class="cs-sm-mw-100pc" style="display:inline-block;width:100%;max-width:48.4%;vertical-align:top;">
<table border="0" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<div id="Hero--Image" class="mktoImg"><img style="border:0;line-height:100%;display:block;height:auto;color:#000000;font-family:Arial, Helvetica, sans-serif;font-size:12px;text-align:center;" src="https://trust.navexglobal.com/rs/852-MYR-807/images/3D%20Whitepaper.png" alt="3D Whitepaper.png" width="242" /></div>
</td>
</tr>
</tbody>
</table>
</div>
<!-- [if (gte mso 9)|(IE)]>
</td>
</tr>
</table>
<![endif]--></td>
</tr>
</tbody>
</table>
<!-- [if !gte mso 9]><!--></td>
</tr>
</tbody>
</table>
<!--<![endif]--><!-- [if gte mso 9]>
</td>
<td width="50" style="line-height: 1px; font-size: 1px;" valign="top"> </td>
</tr>
<tr>
<td colspan="3" height="40" style="line-height: 1px; font-size: 1px;"> </td>
</tr>
</table>
</td>
</tr>
</table>
</div>
</v:textbox>
</v:rect>
<![endif]--></td>
</tr>
</tbody>
</table>
<table id="Paragraph-Text" class="mktoModule" border="0" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td class="cs-sm-p-40-20-40-20" style="padding:40px 50px 40px 50px;background-color:#ffffff;" valign="top" bgcolor="#FFFFFF">
<table border="0" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td style="font-family:Arial, Helvetica, sans-serif;font-size:17px;line-height:21px;font-weight:bold;color:#56565a;text-align:left;" valign="top">
<div id="Paragraph-Text--Title" class="mktoText">
<div style="text-align:center;">How ESG Regulation Takes Shape in the EU:<br /> Lessons Learned</div>
</div>
</td>
</tr>
<tr>
<td style="line-height:1px;font-size:1px;" height="20"> </td>
</tr>
</tbody>
<tbody>
<tr>
<td style="font-family:Arial, Helvetica, sans-serif;font-size:13px;line-height:17px;font-weight:normal;color:#56565a;text-align:left;" valign="top">
<div id="Paragraph-Text--Text" class="mktoText">According to recent Navex Global research, on average, 81% of European organisations have a formal Environmental, Social and Corporate Governance (ESG) program in place. The EU’s regulatory landscape has shaped Europe as a world leader in ESG Disclosure. But as the rules continue to evolve, what is expected to come?<br /> <br /> Download the whitepaper to learn about:
<ul>
<li>Key European ESG disclosure regulations</li>
<li>How they could possibly influence future EU requirements</li>
<li>How ESG and climate change-related disclosures are accelerating the need for mandatory reporting systems</li>
</ul>
</div>
</td>
</tr>
</tbody>
<tbody>
<tr>
<td style="line-height:1px;font-size:1px;" height="20"> </td>
</tr>
<tr>
<td align="left" valign="top">
<table border="0" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td style="padding:8px 15px;background-color:#57bff2;" align="left" valign="top" bgcolor="#57BFF2"><a style="font-weight:bold;font-family:Arial, Helvetica, sans-serif;font-size:13px;line-height:13px;color:#ffffff;text-decoration:none;display:block;" href="https://www.navexglobal.com/en-gb/campaigns/how-esg-regulation-takes-shape?utm_source=globalriskconsult&utm_medium=syndication&utm_campaign=esg-regulation">Download Whitepaper </a></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<table id="Footer" class="mktoModule" border="0" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td class="cs-sm-p-40-20" style="padding:40px 50px;background-color:#253450;" valign="top" bgcolor="#253450"> </td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<!-- [if (gte mso 9)|(IE)]>
</td>
</tr>
</table>
<![endif]--></td>
</tr>
</tbody>
</table>
<!-- Fix for Gmail on iOS -->
<div class="cs-gmail-fix" style="white-space:nowrap;font:15px courier;line-height:0;"> </div></div>ESG and See-Through Economyhttps://globalriskcommunity.com/profiles/blogs/esg-and-see-through-economy2021-06-25T09:10:00.000Z2021-06-25T09:10:00.000ZEce Karelhttps://globalriskcommunity.com/members/EceKarel<div><p><iframe style="border:none;" title="Embed Player" src="//play.libsyn.com/embed/episode/id/19508660/height/200/theme/modern/size/large/thumbnail/yes/custom-color/ec1e3c/download/no" width="100%" height="200" scrolling="no" allowfullscreen=""></iframe></p>
<p><a href="{{#staticFileLink}}9140921253,RESIZE_1200x{{/staticFileLink}}"><img class="align-full" src="{{#staticFileLink}}9140921253,RESIZE_710x{{/staticFileLink}}" alt="9140921253?profile=RESIZE_710x" width="710" /></a></p>
<p><span style="font-weight:400;">In this week's blog post, we're sharing insights on our latest interview with Steven Minsky. Steven is the CEO and founder at LogicManager, which is a powerful risk management software. Especially during the pandemic, LogicManager has spent a lot of effort to create a relief package for their customers, to ensure their software and services can be used in innovative ways and create success stories and solutions that are available for everyone on their </span><a href="https://www.logicmanager.com/solutions/"><span style="font-weight:400;">website</span></a><span style="font-weight:400;">. We had our first interview with Steven in January, and it was about Data Privacy and how regulations like GDPR are changing the game for businesses. This time we've focused on ESG Strategies and the effects of see-through economy.</span></p>
<h2><span style="font-size:18pt;"><strong>ESG Has Become More Important Than Ever</strong></span></h2>
<p><span style="font-weight:400;">ESG (Environmental Social Governance) has been building up for a decade, and became an important factor for companies to enable a robust strategy on. At the moment, the awareness is at an all time high, and certainly a lot of global issues such as the pandemic, BLM and other social and environmental changes brought it to the levels we're seeing now. </span></p>
<p><span style="font-weight:400;">What's particular about ESG is that, even though it was something society has always aspired to do better, now it has also become a financial mandate. There's trillions of dollars of investment that are used for social causes. This is partially due to the see-through economy where everyone can share their stories and potentially become viral simply with a click on their phones. You can use this accessibility for everything, including attracting visitors to your organisation or if you're not careful, to expose the weaknesses in your organization which might make investors or customers flee away from your organization. </span><strong>Best strategy is to see the ESG changes as an opportunity while being mindful of the risks it might bring alongside the new regulatory requirements.</strong></p>
<h2><span style="font-size:18pt;"><strong>Implementing ESG in Your Organisation</strong></span></h2>
<p><strong>One of the biggest problems when it comes to implementation of ESG is identifying the actual stakeholders.</strong><span style="font-weight:400;"> Many organisations will make the mistake of thinking that ESG is only about the environment and deep dive into one simple aspect. What they need to do is take a step back and say, "What or who are my stakeholders?", "What industry am I in?", and "What is my relationship to my stakeholders within my industry?" </span></p>
<p><span style="font-weight:400;">For example,if you're a cancer research facility, you've got to be looking at donors as your lifeline. You need to see what your donors value. And this is not even necessarily about cancer but rather about connecting to your donors and the interests of your donors. And only after that you can look into the environmental, social and governance aspects of cancer research and implement necessary steps or measures. </span></p>
<p><span style="font-weight:400;">The thought process should be relatively the same regardless of which industry you are in, because at the end of the day, the most important aspect and first step of it is to figure out your true stakeholders and what the need or value is. Keep in mind that stakeholders don't necessarily have to be your investors, it can very well be your customers or anyone that has the biggest impact on your organisation's financial growth. </span><span style="font-weight:400;"><br /> </span><span style="font-weight:400;"><br /> </span><span style="font-weight:400;">After identifying, ESG is all about execution and value. It is important to take it as an opportunity but be well aware of the threats. For example, hiring a controversial celebrity can lead people to boycott your brand or make them buy more products from you. Even if the strategy, and stakeholders are the same, the way you execute a certain concept and show what you value makes a huge difference. Although a lot of people see ESG as an emotional component, you also need to look at it as a business component where you can use ESG aspects as a fact, justify and quantify in a way to use it for the good of your community and organisation.</span></p>
<h2><span style="font-size:18pt;"><strong>Evidence and Disclosure of ESG Is Now Crucial</strong></span></h2>
<p><span style="font-weight:400;">The solutions or the issues around ESG are quite dependent on the industry itself. However, the process could be made relatively simple and similar if it is based upon a model that can produce reliable results in a predictable period of time. In Steven's case, they use their risk maturity model, which provides the evidence. This is crucial because the FCC recently passed a new enforcement, where you are required to make a disclosure about ESG because of the investor interest. Because of the financial outcomes this is an important aspect to take into consideration. </span><strong>Making a misstatement in your ESG capabilities, your ESG strengths or weaknesses could be held equivalent to making a financial misstatement of your profits and losses, or the strength of your assets, and at the end might come back as a penalty.</strong></p>
<p><span style="font-weight:400;">Now that the disclosure statement is at the same level as Sarbanes-Oxley Act, meaning that it doesn't matter whether the misstatements are fraudulent or negligent, organisations are forced to provide evidence of their ESG capability and statements. And this involves any disclosure whether it is formally or informally as long as it has financial ramification and it is something investors are relying upon, the same penalties apply.</span></p>
<p><span style="font-weight:400;">This enforcement has now spread to all of the regulatory agencies that have the add-on, as it was with Sarbanes-Oxley, following trade associations, state organizations, as well as to Europe and Asia, making it a hot issue. Together with the see-through economy where external people can create and spread false statements easily, it is easier for companies to be vulnerable. Especially in industries such as oil or petroleum products, this might end up being a big problem where decision makers and risk experts need to work hard on. Right now, one of the best things these companies can do is to acknowledge environmental risks and also address this vulnerability, as not addressing it itself might even be a penalty.</span></p>
<p><span style="font-weight:400;">In that sense, using models or solution packages allows you to make ESG disclosures and collecting evidence supporting your claims creates a safe, effective and efficient process which can greatly help your organization. LogicManager also provides solution packages which can help you tackle this issue.</span></p>
<h2><span style="font-size:18pt;"><strong>Predictions and Potential Risks for ESG</strong></span></h2>
<p><span style="font-weight:400;">To be able to talk about prediction, it's important to look at the data patterns, just as how it is in the rest of risk management. </span><strong>Risk management is about identifying trends and patterns early, and then imagining the unimaginable and preparing for those desirable and undesirable outcomes.</strong><span style="font-weight:400;"> If we can accurately look into and analyse these patterns, we will be able to seize the opportunities, or prevent potential threads just like we have mentioned previously. </span></p>
<p><span style="font-weight:400;">For more context, we can look into the recession of 2008. When this recession occurred, there was a massive shift in the risk management world. This is also where Sarbanes-Oxley came out, alongside more risk-based approaches and solutions. The current pandemic is doing the same right now. You can see for the next five years clearly what those risks or opportunities on the grounds are, based upon previous patterns caused after massive shifts. Regulatory actions might lag those risks and opportunities because of the see-through economy. For example, the pandemic has put a serious hole around the world and their trust in institutions. Accordingly, in the next five years across the board, you can expect reputation and trust changes, particularly around enforcement actions from a regulatory perspective, and the necessity to show evidence from your institutions to restore the trust investors' and customers. With the amount of bankruptcies and economic uncertainty we've seen due to the pandemic, it is understandable that the investment community is nervous, and they're going to want to see evidence. Even if your business is not interested in investors right now, you'll still need to gather this evidence because alongside them, the regulatory authorities and social and environmental authorities are also going to be asking for this evidence. </span></p>
<p><span style="font-weight:400;">In anycase, collecting the evidence and the data will also help you in the future, for internal changes such as a board member or decision maker change or adapting to new technologies, ultimately helping your organisation have an easier time with transition. One good example is Exxon. Exxon had always gotten it's way and most organizations have gotten their way on their board slate for elections. In this particular case, as an unprecedented evidence of the power of this see-through economy, two board members were outed and replaced by an activist organization that put forth a slate based on ESG. It's preferred directors were not hired at the end and Exxon found that they had a new boss. This comes back again to the power of ESG and the see-through economy, and where your company might be affected dramatically by the power of external sources. Accordingly, Exxon wasn't doing enough to change its business model, to be prepared for clean energy and that they weren't investing enough in diversifying from fossil fuels. As a result, they replaced board members to drive the organization, to invest more in clean energy and to ensure the dividends and performance of the stock into the next five years. </span></p>
<p><span style="font-weight:400;">Although this is just one example, it seems to be a trend in various organisations around the world, and we can expect companies to make such changes to appeal further to ESG regulations and see-through economy. If you don't take the see-through economy seriously, and adopt a risk-based approach with fundamental data collection and analysis to rule out anything from the lack of action or pro-active new technologies, you are going to find a tremendous backlash that has unnecessary market and economic harm. </span></p>
<h2><span style="font-size:18pt;"><strong>Takeaway Points</strong></span></h2>
<p><span style="font-weight:400;"><br /> </span><span style="font-weight:400;">The biggest takeaway from this topic is to </span><strong>recognise the opportunities and potential risks that arise from ESG as it is an important aspect of our current risk management world.</strong><span style="font-weight:400;"> It is crucial to recognise your stakeholders, their values and what they are focusing on, especially when it comes to current environmental and social challenges, and adapt accordingly to the changes. Organisations shouldn't be afraid of current changes, and analyse data patterns where similar global shifts occurred when it comes to risk management. Introducing new things to create more opportunities for your company, to adapt to the new norms will become a great asset in the upcoming years. For example, updating the certifications of risk management professionals and giving the staff proper training to accommodate new designations or the new trends on risk-based approach could already make your company be more prepared for the challenges ahead, and in general give a new insight on understanding of the complex world of risk management.</span></p>
<h2><span style="font-size:18pt;"><strong>Closing Words</strong></span></h2>
<p><span style="font-weight:400;">For now, this sums up the key points of our interview. As the Global Risk Community team, we once again thank Steven Minsky for his insight on ESG and see-through economy. More information about this topic is available in our original interview, which is accessible </span><a href="https://globalriskcommunity.com/video/how-can-erm-help-facilitate-esg-strategies-with-steven-minsky"><span style="font-weight:400;">here</span></a><span style="font-weight:400;">.</span><span style="font-weight:400;"><br /> </span><span style="font-weight:400;"><br /> </span><strong>#risk #ESG #social #environment #economy #governance</strong></p>
<p> </p></div>Thoughts on the MRM Disciplinehttps://globalriskcommunity.com/profiles/blogs/thoughts-on-the-mrm-discipline2021-06-11T09:40:00.000Z2021-06-11T09:40:00.000ZEce Karelhttps://globalriskcommunity.com/members/EceKarel<div><p><a href="{{#staticFileLink}}9076190484,RESIZE_1200x{{/staticFileLink}}"><img class="align-full" src="{{#staticFileLink}}9076190484,RESIZE_710x{{/staticFileLink}}" alt="9076190484?profile=RESIZE_710x" width="710" /></a></p>
<p><span style="font-weight:400;">In this week's blog post, we're sharing insights on our interview with David Asermely. David is a global Model Risk Management Lead at SAS driving strategic conversations with global institutions and influencing the SAS model risk management solution roadmap. He is passionate about translating data into actionable intelligence, and he focuses on combining the best technologies and design principles to improve modelling efficiency and quality. Based on that, we invited David Asermely to talk about the importance of the MRM discipline, as well as some of the current challenges and threats.</span></p>
<p><span style="font-size:18pt;"><strong>Role of Model Risk Management</strong></span></p>
<p><span style="font-weight:400;">The main role of Model risk management it's to identify models that should be replaced, either because they are hurting your business or they are not providing the value that they should. SAS has also been working on a white paper that is talking around the importance of model risk management and what it brings an organization. One of the analogies developed in that paper is that your models are your digital workforce and you should make sure that your workforce is of the highest quality that is performing tasks as appropriate. This means that a Model risk manager’s job is to independently review the models and identify ones that should not be used.</span></p>
<p><strong>Using robust model risk management and cutting edge analytic tools also creates a big competitive advantage.</strong><span style="font-weight:400;"> If your organization has a better overall model of quality that is removing models that are performing poorly, you are going to have a competitive advantage over an organization that does not have models that are performing. From a competitive advantage perspective, model risk management brings to an organization an additional level of certainty to the model, a modeling process that drives value up and down the Model operations perspective and also to the business perspective.</span></p>
<p><strong>Despite its large use and competitive advantage, most of the Model risks have been focused on the larger banking and insurance firms, mainly in North America and Europe rather than other industries.</strong><span style="font-weight:400;"> This mainly comes from the fact that there have been a number of clear regulations in the financial markets, over the last couple of decades. These regulations that are continued to be enforced at these organizations on understanding where your models are, how they're performing, having that independent review associated with the model to bring that additional rigor and perspective to the modeling process. </span></p>
<p><span style="font-weight:400;">The level of sophistication continues to rise in the world of model risk management, especially as machine learning models become more prevalent, things need to be done more efficiently yet still provide that critical information to these organizations. As financial markets have been the pioneers, most of the best practices have been developed there as well. And now we're seeing other industries wanting to take a look at what those best practices are and seeing how they can be implemented, so they increase the quality of analytics that they're using within their organization.</span></p>
<p> </p>
<p><span style="font-size:18pt;"><strong>Risks Involving Model Risk Management</strong></span></p>
<p><span style="font-weight:400;"><br /> </span><span style="font-weight:400;">Pure reliance on models can bring some risks to the table, which can easily be avoided if proper implementation of MRM was done. David mentions that in their </span><a href="https://www.sas.com/en_us/whitepapers.html"><span style="font-weight:400;">white papers</span></a><span style="font-weight:400;"> they touch on many of these risks with historic examples. It is very important to understand that, </span><strong>one of the tenets of model risk management is understanding what could go wrong with that model, what is the absolute risk that could be associated with a poor model risk management. </strong><span style="font-weight:400;">One of the things that is required in the domain of model risk management is to stress a model in various ways, to look at different data, extreme conditions on the different features of a model. By doing this type of a stress test, it often flushes out the potential damage that a model can cause within an organization. The subprime crisis is a very good example of this claim. </span></p>
<p><span style="font-weight:400;">From a model risk management perspective, one of the most important aspects of the whole process of governing a model is understanding its potential. You have to analyse whether it is financial, or reputational- or if it's a combination of both. You have to consider if there is a possibility that a model can have you on the front page of the Wall Street Journal because your Model has a gender bias. These risks are only exacerbated with machine learning in which there's a capability of taking in a lot of other data that maybe historically has not been brought in. Another aspect is knowing the conditions in which a model will work properly. For example, if a model's performance starts to degrade quickly with interest rates getting closer to zero, then that's something that should be understood. And as those market conditions move that way, the model should be flagged, highlighted, and possibly decommissioned and replaced.</span></p>
<p><span style="font-size:18pt;"><strong>Introducing and Structuring MRM to Model Governance</strong></span></p>
<p><span style="font-weight:400;">MRM offers a lot to enable firms to manage and orchestrate introducing a structured approach to Model Governance. One advantage is that leading companies such as SAS have developed their solutions to work within your existing ecosystem as well as being future-proof. The capability to be a single repository that can govern your entire set of models in one location is quite important. The other thing MRM offers is the ability for the entire Model life cycle to be seamlessly connected to those tools. One example is, ensuring that models that are active and being used in production are actually approved in the Model Risk system and the answer is by connecting that system to your Model Ops in a way that requires that MRM sign-off before a model is moved into production and used. </span></p>
<p><span style="font-weight:400;">By automating as much of the Model Risk system as possible and using machine learning, you also can boost performance of the team, rather than hiring more analysts. If the MRM system is guided to or coated a way to show where the data is coming from and provides usable data for your model risk management team, there is quite a lot of benefit in introducing and structuring MRM to your governance. Another area to focus on is figuring where your Model risk data is located. In most cases it is located in a database or spreadsheet accessible only by the team working on that data but not the entirety of the organisation. With development of tools allowing you to easily extract the most critical data can also help the rest of the organisation to be aware of what is happening within that field. </span></p>
<p><span style="font-weight:400;">Creating a common MRM language that can be understood across the organization that's focused on the wellness of the Model and then making that information available via APIs </span><span style="font-weight:400;">can help bring MRM to the forefront within the whole modeling Community in a way that's constructive, in a way that will improve the overall usage and quality of a given model and will alert in real-time the users of the model of potential problems. T</span><strong>he real benefit of investing in Model risk management is providing that type of information as you go forward and a lot of this can be automated.</strong><span style="font-weight:400;"> Having the capability where if you have models that are making automatic decisions for you, loan applications, for example, having the kind of capability in real time to adjust a model or turn a model off if needed or require human review in a way that prevents losses from racking up.</span></p>
<p> </p>
<p><span style="font-size:18pt;"><strong>Benefits of Automated Model Risk Management</strong></span></p>
<p> </p>
<p><span style="font-weight:400;">A big number of organizations that use models look at Model Risk as a cost. Instead however, this should be considered as a business expense, or cost of doing business.</span></p>
<p><span style="font-weight:400;">Models bring automation, consistency to the organization and it provides information that allows them to better compete. </span><strong>Automated</strong> <strong>model risk management helps in that process and provides data to utilize those models in a more effective way.</strong><span style="font-weight:400;"> Automated MRM can actually allow you to save across an entire Model life cycle.</span></p>
<p><span style="font-weight:400;">For many aspects of the modelling or roles involve modelling such as a model developer or a validator, it will definitely involve documenting the process or the data. And in most of these cases, if you ask a developer or a validator, if you ask what's the task that they hate the most, they will probably say it's documentation. There are other areas where these highly skilled, expensive members of your team are required to do a lot of boring, repeatable, mundane pieces of steps. </span></p>
<p><span style="font-weight:400;">Having a Model Risk Management system allows you to take a look at those and reduce the manual effort and automate some of the documentation associated with it.You're always going to need that expert in this process, but, Model Risk Management allows the expert to focus on providing the expertise to the process, not doing some of the mundane components that typically are being asked in. </span></p>
<p><span style="font-weight:400;">It is a similar thing for the Audit teams, as automating can also cut a lot of loss-time for these people. Whether this auditor may be internal or a highly priced consultant, often the first thing that has to happen is identifying the model's history. They will need all the documents and data they can get, which typically requires emailing several individuals who are not present at the office at the time.This means a lot of wasted time to collect all the information where that time can actually be spent for something else if those were readily available at hand. Having an MRM system where the history and the model is complete as a documentation and available to the auditor would both benefit the company and the auditor, make the process both time and cost efficient. For organizations that do this well, there is a value that is brought across an organization. </span></p>
<p><span style="font-weight:400;">The last example is having a report that shows you how well you're doing Model Risk. This is an area where many organizations have senior people spending a number of hours trying to create a report where if you could have that automated and available at any time, it provides tremendous value. </span><strong>Overall, although at the start the implementation of MRM and the automation might seem costly and time consuming, in the long run it very well compensates for the time and money spent -</strong><span style="font-weight:400;"> especially if the right models and tools are chosen for the needs of the organisation.</span></p>
<p> </p>
<p><span style="font-size:18pt;"><strong>Closing Words</strong></span></p>
<p><span style="font-weight:400;">For now, this sums up the key points of our interview. As the Global Risk Community team, we once again thank David Asermely for his insight on Model Risk Management discipline and topics around it. More information about this topic is available in our original interview, which is accessible </span><a href="https://globalriskcommunity.com/video/interview-with-david-asermely-sasnalytics"><span style="font-weight:400;">here</span></a><span style="font-weight:400;">.</span><span style="font-weight:400;"><br /> </span><span style="font-weight:400;"><br /> </span><strong>#risk #automation #modelling #management #mrm #governance</strong></p></div>Strategic Key Performance Indicators (KPIs) Primer: Introduction to The KPI Virtuous Cyclehttps://globalriskcommunity.com/profiles/blogs/strategic-key-performance-indicators-kpis-primer-introduction-to2020-01-25T10:51:23.000Z2020-01-25T10:51:23.000ZMark Bridgeshttps://globalriskcommunity.com/members/MarkBridges<div><p><a href="{{#staticFileLink}}8028306092,original{{/staticFileLink}}" target="_blank"><img class="align-right" src="{{#staticFileLink}}8028306092,original{{/staticFileLink}}" alt="8028306092?profile=original" width="595" height="440" /></a></p><p>Technological innovation and intensifying competition are forcing leaders to rethink how they use Key Performance Indicators (KPIs) to manage and direct organizations. Digitization has reinforced the importance of Key Performance Indicators not only in enhancing employee performance but driving the overall organizational productivity.</p><p>The role of KPIs is becoming more dynamic. KPIs are getting demonstrably flexible, smarter, and valuable in achieving strategic advantage. Leading technology-driven organizations—including Amazon, Airbnb, and Uber—rely on metrics considerably and utilize KPIs to steer their strategy and evaluate success. They perceive KPIs quite differently than traditional-focused organizations, and employ them as an input for automation, and to guide, regulate, and improve their machine learning tools.</p><p>To make the most out of these dynamic and <a href="https://flevy.com/browse/flevypro/strategic-key-performance-indicators-kpis-4031">strategic KPIs</a> of this Digital Age, leaders need to be more insightful and knowledgeable. They should be able to thoroughly determine which KPIs to analyze, how to measure them, and how to effectively improve them. Understanding the value of selected KPIs and their optimization is key to aligning strategies; making the right decision to invest in data, analytics, and automation capabilities; and create a link between people and machines.</p><h3><strong>KPI Virtuous Cycle</strong></h3><p>The relationships and dependencies that clarify, educate, and enhance KPI investment are demonstrated by “<a href="https://flevy.com/browse/flevypro/strategic-key-performance-indicators-kpis-4031">KPI Virtuous Cycle</a>.” By digitally linking KPIs, data, and decision-making into virtuous cycles, companies can align their immediate situational requirements with long-term strategic planning. The KPI Virtuous Cycle has 3 key components, and it demands active cross-functional collaboration:</p><ol><li><strong>Data Governance</strong></li><li><strong>KPIs</strong></li><li><strong>Decision Rights</strong></li></ol><p><a href="https://flevy.com/browse/flevypro/strategic-key-performance-indicators-kpis-4031"><img class="aligncenter size-full wp-image-6238" src="http://flevy.com/blog/wp-content/uploads/2020/01/Strategic-KPIs.png" alt="" width="1200" height="1079" /></a></p><p>The way these 3 components impact—and support each other—keeps changing. Organizations aspiring to become digital-savvy should embrace, value, and relentlessly invest in the KPI Virtuous Cycle.</p><h3><strong>Data Governance</strong></h3><p>The first component of the KPI Virtuous Cycle is about employing authority and control (planning, monitoring, and enforcement) through a set of practices and processes to manage organizational data assets. Leading digital organizations consider data as a strategic resource, a valuable tool for measurement and accountability, and a mechanism to facilitate meeting strategic KPIs. Data Governance frameworks are guided by strategic KPIs. Organizations should know what data sets would be ideal to predict and rank—for instance, customers’ lifetime value and their propensity to leave—to prioritize preemptive and preventive action. Data and Analytics serve as a component of Data Governance.</p><h3><strong>Strategic KPIs</strong></h3><p>Strategic KPIs shape and govern enterprise Data Governance models. These KPIs include financial, customer, supplier, channel, and partner performance parameters. For instance, Data Governance initiatives in customer-centric organizations are prioritized to facilitate in realizing customer-focused KPIs—e.g., <a href="https://flevy.com/browse/business-document/the-net-promoter-score-nps-3140">Net Promoter Score (NPS)</a> and <a href="https://flevy.com/browse/flevypro/marketing-automation-customer-lifetime-value-3008">Customer Lifetime Value (CLV)</a>. Enterprise Data Governance frameworks are strongly influenced and informed by strategic KPIs.</p><h3><strong>Decision Rights</strong></h3><p>Decision Rights ascertain the decision-making authority required to drive the business and strategic alignment. Making decisions in such a way that it boosts organizational performance involves identifying the individuals explicitly involved in making decisions, charting an outline on how decisions will be made, reinforcing with appropriate processes and tools, and defining various decision rights scenarios to facilitate in automation. It is, however, quite tricky to determine and assign decision rights when an enterprise is aspiring to empower its people and making machines function better.</p><h3><strong>Imperatives for Creating Dynamic and Strategic KPIs</strong></h3><p>For the KPIs to be strategically defined and become truly dynamic, the leadership needs to provide the required support by getting thorough data sets compiled and meaningful analytics performed. At the same time, there is a need to:</p><ul><li>Decide whether the decision rights needs to be assigned to individuals (rather than machines or vice versa.</li><li>Enhance the capabilities of people and machines.</li><li>Apply decision rights to generate data to identify and gauge productivity.</li><li>Identify the delays and bottlenecks between KPIs, data, and decisions.</li><li>Verify the diligence in the way KPIs, data, and decisions are mapped and monitored.</li></ul><p>Interested in learning more about the components of <a href="https://flevy.com/browse/flevypro/strategic-key-performance-indicators-kpis-4031">KPI Virtuous Cycle, its applications, and Strategic KPIs</a>? You can download <a href="https://flevy.com/browse/flevypro/strategic-key-performance-indicators-kpis-4031"><u>an editable PowerPoint on <strong>Strategic Key Performance Indicators (KPIs)</strong> here</u></a> on the <a href="https://flevy.com/browse">Flevy documents marketplace</a>.</p><h3><strong>Are you a Management Consultant?</strong></h3><p>You can download this and hundreds of other <a href="http://flevy.com/pro/library/frameworks">consulting frameworks</a> and <a href="http://flevy.com/pro/library/consulting">consulting training guides</a> from the <a href="http://flevy.com/pro/library">FlevyPro library</a>.</p></div>The Evolution of Governance Reportinghttps://globalriskcommunity.com/profiles/blogs/the-evolution-of-governance-reporting2019-12-12T02:24:10.000Z2019-12-12T02:24:10.000ZGlobalRiskCommunityhttps://globalriskcommunity.com/members/GlobalRiskCommunity<div><table style="color:#222222;font-family:'lucida grande', tahoma, helvetica, arial, sans-serif;font-size:12px;font-style:normal;font-weight:normal;letter-spacing:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;" width="98%" cellspacing="0" border="0">
<tbody><tr><td style="font-family:Roboto, RobotoDraft, Helvetica, Arial, sans-serif;margin:0px;" width="100%" bgcolor="#FFFFFF"><div><table width="100%">
<tbody><tr><td style="font-family:Roboto, RobotoDraft, Helvetica, Arial, sans-serif;margin:0px;"><p style="margin-bottom:.5em;margin-top:0px;"><span style="font-size:12pt;"><a href="https://www.blueprintoneworld.com/" target="_blank" style="color:#1155cc;"><img src="https://ci5.googleusercontent.com/proxy/bLN0U9M3ymBe6oEeutTyiUrEhv3iaaoSUkI02W58eY3gSlplk0dRh8FI7MHWd4m2JEZkVlWZoA7v2QGx33lSYbgwuFGgwSxf51BAv17OwbjgpzrnKEgGqkCvMvPnhr_BRPJbslI=s0-d-e1-ft#{{#staticFileLink}}8028310066,original{{/staticFileLink}}" class="CToWUd" alt="8028310066?profile=original" /></a></span></p>
<p style="margin-bottom:.5em;margin-top:0px;"></p>
<p style="margin-bottom:.5em;margin-top:0px;"></p>
<p style="margin-bottom:.5em;margin-top:0px;"><span style="font-size:12pt;">Dear Global Risk Community Member,</span></p>
<p style="margin-bottom:.5em;margin-top:0px;"></p>
<p style="margin-bottom:.5em;margin-top:0px;"></p>
<p style="margin-bottom:.5em;margin-top:0px;"><span style="font-size:12pt;">There are few people more central to how an organization runs than those responsible for managing the corporate record.</span></p>
<p style="margin-bottom:.5em;margin-top:0px;"><span style="font-size:12pt;">Yet, as organizations have become increasingly international, as they build complex subsidiary structures that need closer attention, and as the compliance burden and risk potential has grown, the roles of those responsible haven’t necessarily evolved.</span></p>
<p style="margin-bottom:.5em;margin-top:0px;"><span style="font-size:12pt;">Download “<strong>The Evolution of Governance Reporting</strong>” to discover how with robust reporting through the right governance technologies, your team can better prepare for:</span></p>
<ul style="margin-bottom:.5em;margin-top:0px;">
<li style="margin-left:15px;"><span style="font-size:12pt;">Increased scrutiny</span></li>
<li style="margin-left:15px;"><span style="font-size:12pt;">The demand for transparency</span></li>
<li style="margin-left:15px;"><span style="font-size:12pt;">Changing shape of responsibilities</span></li>
<li style="margin-left:15px;"><span style="font-size:12pt;">Impact of artificial intelligence and machine learning</span></li>
</ul>
<p style="margin-bottom:.5em;margin-top:0px;"></p>
<p style="margin-bottom:.5em;margin-top:0px;"><span style="font-size:12pt;"> <a href="https://insights.diligent.com/white-paper/evolution-governance-reporting-corporate-secretaries/?utm_source=globalriskcommunity&utm_medium=emailrental&utm_campaign=globalriskcommunity3&utm_content=whitepaper" target="_blank" style="color:#1155cc;">Download Now!</a></span></p>
<p style="margin-bottom:.5em;margin-top:0px;"><span style="font-size:12pt;"> </span></p>
<p style="margin-bottom:.5em;margin-top:0px;"><span style="font-size:12pt;"> <a href="https://insights.diligent.com/white-paper/evolution-governance-reporting-corporate-secretaries/?utm_source=globalriskcommunity&utm_medium=emailrental&utm_campaign=globalriskcommunity3&utm_content=whitepaper" target="_blank" style="color:#1155cc;"><img src="https://ci5.googleusercontent.com/proxy/kSosSExR_ZlUqMQL4W6-Hcq5iL3TZiwrwbcy0AFgCVMRGmiQdgs3mQuaj5rSbwsbMy085J8_UUe2o7wO7K0kJ-OtjM2-NOVEX6awRtiHRgAbgrFtGQnLedp5JcM0tD3B4DpfmsU=s0-d-e1-ft#{{#staticFileLink}}8028310291,original{{/staticFileLink}}" class="CToWUd" alt="8028310291?profile=original" /></a></span></p>
<p style="margin-bottom:.5em;margin-top:0px;"></p>
<p style="margin-bottom:.5em;margin-top:0px;"> </p>
</td>
</tr>
</tbody>
</table>
</div>
</td>
</tr>
</tbody>
</table></div>Best Practices in Subsidiary Managementhttps://globalriskcommunity.com/profiles/blogs/best-practices-in-subsidiary-management-12019-11-28T07:30:00.000Z2019-11-28T07:30:00.000ZGlobalRiskCommunityhttps://globalriskcommunity.com/members/GlobalRiskCommunity<div><table width="98%" cellspacing="0" border="0">
<tbody><tr><td width="100%" bgcolor="#FFFFFF"><table width="100%">
<tbody><tr><td><p><span style="font-size:12pt;">Dear Global Risk Community Member,</span></p>
<p><span style="font-size:12pt;"> </span></p>
<p><span style="font-size:12pt;">The world of regulation and industry requirements seems to be in a constant state of flux. As scandals rock the world, and as governments change and get tougher, those responsible for subsidiary governance struggle to keep track and manage risk.</span></p>
<p><span style="font-size:12pt;">Even the most experienced and confident of legal operations and risk professionals can struggle with this, however, turning to subsidiary governance best practices can help give you some peace of mind that your own entity management is headed in the right direction. </span></p>
<p><span style="font-size:12pt;">Discover how the world’s largest, most complex, multi-national organizations reduce risk by creating best practices around:</span></p>
<ul>
<li><span style="font-size:12pt;">Local jurisdiction awareness</span></li>
<li><span style="font-size:12pt;">Entity life cycle management</span></li>
<li><span style="font-size:12pt;">Business process management</span></li>
<li><span style="font-size:12pt;">Entity-related solutions</span></li>
</ul>
<p><span style="font-size:12pt;"> <a href="https://insights.diligent.com/white-paper/best-practices-in-subsidiary-management/?utm_source=globalriskcommunity&utm_medium=emailrental&utm_campaign=globalriskcommunity2&utm_content=whitepaper" target="_blank">Discover now!</a><br /></span></p>
<p><span style="font-size:12pt;"> <a href="https://insights.diligent.com/white-paper/best-practices-in-subsidiary-management/?utm_source=globalriskcommunity&utm_medium=emailrental&utm_campaign=globalriskcommunity2&utm_content=whitepaper" target="_blank"><img src="{{#staticFileLink}}8028302895,original{{/staticFileLink}}" alt="8028302895?profile=original" /></a> </span></p>
<p></p>
<p><span style="font-size:12pt;"> </span></p>
<p><br /></p>
<p><span style="font-size:12pt;"><a href="https://insights.diligent.com/white-paper/microsoft-excel-entity-management-kit-what-to-know/?utm_source=globalriskcommunity&utm_medium=emailrental&utm_campaign=globalriskcommunity1&utm_content=whitepaper" target="_blank"><img src="https://ci3.googleusercontent.com/proxy/A1Wqrd7WporqxJBp4_28JwVoajkcntbeiLPl_dBvtJzaHnv0ZVxIfHTLirly7DWOJVrZ6ocrl4Hrf8G567jmf7xQtnHchYkmJ8nAJWy8ehxisNR6nwhwLbty8HniCCJGfoubUh4=s0-d-e1-ft#{{#staticFileLink}}8028302900,original{{/staticFileLink}}" class="CToWUd" width="750" alt="8028302900?profile=original" /></a></span></p>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table></div>Modern Governance 101 - Join us to discuss findings from Stanford & Diligent Institutehttps://globalriskcommunity.com/profiles/blogs/modern-governance-1012019-11-13T11:30:00.000Z2019-11-13T11:30:00.000ZGlobalRiskCommunityhttps://globalriskcommunity.com/members/GlobalRiskCommunity<div><table class="body" style="margin:0;background:#f0f0f0;border-collapse:collapse;border-spacing:0;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:13px;font-weight:300;height:100%;line-height:1.8;padding:0;text-align:left;vertical-align:top;width:100%;" cellspacing="0">
<tbody><tr style="margin:0;padding:0;text-align:left;vertical-align:top;"><td class="center" style="margin:0;border-collapse:collapse;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:13px;font-weight:300;line-height:1.8;padding:0;text-align:left;vertical-align:top;" valign="top" align="center"><center style="min-width:600px;width:100%;"><table class="container float-center" style="margin:0 auto;background:#fefefe;border-collapse:collapse;border-spacing:0;float:none;padding:0;text-align:center;vertical-align:top;width:600px;" align="center">
<tbody><tr style="padding:0;text-align:left;vertical-align:top;"><td class="mktoContainer boxedbackground" id="template-wrapper" style="margin:0;color:#ffffff;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:13px;font-weight:300;line-height:1.8;padding:0;text-align:left;vertical-align:top;max-width:600px;"><table class="row mktoModule collapse" id="article1_8b37d088f-405f-496f-9d06-0818c6c2bf38" style="border:0;background:#ffffff;border-collapse:collapse;border-spacing:0;display:table;padding:0;text-align:left;vertical-align:top;width:100%;margin:0;">
<tbody><tr style="padding:0;text-align:left;vertical-align:top;"><td><div class="mktoImg" id="single8b37d088f-405f-496f-9d06-0818c6c2bf38"><table class="spacer" style="border-collapse:collapse;border-spacing:0;padding:0;text-align:left;vertical-align:top;width:100%;">
<tbody><tr style="padding:0;text-align:left;vertical-align:top;"><td style="margin:0;border-collapse:collapse;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:30px;font-weight:300;line-height:10px;padding:0;text-align:left;vertical-align:top;" height="10"> </td>
</tr>
</tbody>
</table>
<center style="min-width:157px;width:100%;"><img src="http://learn.diligent.com/rs/946-AVX-095/images/Diligent%20logo.png" style="margin:5px auto;border:0;clear:both;display:block;float:left;max-width:157px;text-align:center;text-decoration:none;padding:0;background:#ffffff;" class="float-left" alt="Diligent Logo" width="157" border="0" align="left" /></center>
<table class="table_scale" style="padding:0;margin:0;" width="600" cellspacing="0" border="0" bgcolor="#D9E0E2" align="center">
<tbody><tr><td class="td_scale" style="height:20px;padding:0px;font-size:0;color:#686868;font-family:Arial, sans-serif;line-height:0;border-bottom:4px solid #CD2026;" width="600" valign="middle" height="20" bgcolor="#FFFFFF" align="center"> </td>
</tr>
</tbody>
</table>
</div>
</td>
</tr>
</tbody>
</table>
<table class="row white_bg news_section mktoModule" id="article7_onecol" style="background:#fefefe;border-collapse:collapse;border-spacing:0;display:table;padding:0;text-align:center;vertical-align:top;width:100%;">
<tbody><tr style="padding:0;text-align:center;vertical-align:top;"><th class="small-12 large-12 columns first last" style="margin:0 auto;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:13px;font-weight:300;line-height:1.8;padding:0;padding-bottom:16px;padding-left:40px;padding-right:40px;text-align:center;width:560px;"><table style="border-collapse:collapse;border-spacing:0;padding:0;text-align:center;vertical-align:top;width:100%;">
<tbody><tr style="padding:0;text-align:center;vertical-align:top;"><th style="margin:0;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:13px;font-weight:300;line-height:1.8;padding:0;text-align:center;"><table class="spacer" style="border-collapse:collapse;border-spacing:0;padding:0;text-align:left;vertical-align:top;width:100%;">
<tbody><tr style="padding:0;text-align:left;vertical-align:top;"><td style="margin:0;border-collapse:collapse;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:30px;font-weight:300;line-height:30px;padding:0;text-align:left;vertical-align:top;" height="30"> </td>
</tr>
</tbody>
</table>
<div class="mktoText" id="headline_text_single"><center><table style="height:207px;background-color:#f0f0f0;" width="507" border="0">
<tbody><tr><td style="margin:0;background:#f0f0f0;border:none;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:12px;font-weight:300;line-height:1.8;padding:15px;text-align:center;width:125px;" width="507"><span style="font-size:24px;font-family:arial, helvetica, sans-serif;color:#cd2026;padding:15px;"><strong>Modern Governance 101: Using Boardroom Intelligence to Stay Abreast of the Stakeholder Landscape</strong> <span style="color:#333333;font-size:16px;"><strong><br /> Date:</strong> November 25, 2019</span></span> <br /> <span style="color:#333333;font-size:16px;"><span style="font-family:arial, helvetica, sans-serif;"><strong>Speaker: Dottie Schindlinger, Kerie Kerstetter </strong></span></span></td>
</tr>
</tbody>
</table>
</center>
</div>
<table class="spacer" style="border-collapse:collapse;border-spacing:0;padding:0;text-align:left;vertical-align:top;width:100%;">
<tbody><tr style="padding:0;text-align:left;vertical-align:top;"><td style="margin:0;border-collapse:collapse;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:10px;font-weight:300;line-height:10px;padding:0;text-align:center;vertical-align:top;" height="10"> </td>
</tr>
</tbody>
</table>
<p style="margin:0px 0px 10px;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:13px;font-weight:300;line-height:1.5em;padding:5px 0px;text-align:left;"><span style="font-size:12pt;">Dear Global Risk Comunity member,</span></p>
<div class="mktoText" id="paragraph_text_single"><div style="text-align:left;"><p style="margin:0px 0px 10px;color:#333333;font-family:Montserrat, Ariel, sans-serif;font-size:14px;font-style:normal;font-weight:400;letter-spacing:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:#ffffff;"><span style="font-size:12pt;">Join us for our <strong><a href="https://learn.diligent.com/MG101-InsightsandAnalyticsEMEA.html?utm_source=global%20risk%20community&utm_medium=emailrental" target="_blank">upcoming webinar</a></strong>, where we'll dig deeper into the results of the study and explore the implications for boards navigating a shifting stakeholder landscape.</span></p>
<p style="margin:0px 0px 10px;color:#333333;font-family:Montserrat, Ariel, sans-serif;font-size:14px;font-style:normal;font-weight:400;letter-spacing:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:#ffffff;"></p>
<p style="margin:0px 0px 10px;color:#333333;font-family:Montserrat, Ariel, sans-serif;font-size:14px;font-style:normal;font-weight:400;letter-spacing:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:#ffffff;"><span style="font-size:12pt;">The Diligent Institute partnered with Stanford's Rock Center for Corporate Governance on a recent research report, "Stakeholders Take Center Stage: Director Views on Priorities and Society," which revealed some interesting findings around the impact of stakeholder pressures on today's boardrooms.</span></p>
<p style="margin:0px 0px 10px;color:#333333;font-family:Montserrat, Ariel, sans-serif;font-size:14px;font-style:normal;font-weight:400;letter-spacing:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:#ffffff;"><span style="font-size:12pt;">With stakeholder pressures rising and the pace of news cycles being faster than ever before, <span>a </span><span>company's </span>story has become much more difficult to tell. <span>Organizations </span>today can't afford to be caught off-guard <span>and t</span>hey can't afford not to tell their story effectively.</span></p>
<p style="margin:0px 0px 10px;color:#333333;font-family:Montserrat, Ariel, sans-serif;font-size:14px;font-style:normal;font-weight:400;letter-spacing:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:#ffffff;"><span style="font-size:12pt;"><strong><span>In this webinar you'll learn:</span><span> </span></strong></span></p>
<ul>
<li><span style="font-size:12pt;"><span style="background-color:#ffffff;color:#333333;font-family:Montserrat, Ariel, sans-serif;">Why boards a</span><span>nd stakeholders are experiencing a communication gap.</span></span></li>
<li><span style="font-size:12pt;"><span style="background-color:#ffffff;color:#333333;font-family:Montserrat, Ariel, sans-serif;">Best practices around</span><span style="background-color:#ffffff;color:#333333;font-family:Montserrat, Ariel, sans-serif;"> </span><span>stakeholder</span><span style="background-color:#ffffff;color:#333333;font-family:Montserrat, Ariel, sans-serif;"> </span><span>intel and </span><span style="background-color:#ffffff;color:#333333;font-family:Montserrat, Ariel, sans-serif;">communication.</span></span></li>
<li><span style="font-size:12pt;"><span style="background-color:#ffffff;color:#333333;font-family:Montserrat, Ariel, sans-serif;">Modern</span><span style="background-color:#ffffff;color:#333333;font-family:Montserrat, Ariel, sans-serif;"> </span><span>g</span><span style="background-color:#ffffff;color:#333333;font-family:Montserrat, Ariel, sans-serif;">overnance</span><span style="background-color:#ffffff;color:#333333;font-family:Montserrat, Ariel, sans-serif;"> </span><span>tools </span><span style="background-color:#ffffff;color:#333333;font-family:Montserrat, Ariel, sans-serif;">t</span><span>hat</span><span style="background-color:#ffffff;color:#333333;font-family:Montserrat, Ariel, sans-serif;"> </span><span style="background-color:#ffffff;color:#333333;font-family:Montserrat, Ariel, sans-serif;">help directors and governance teams</span><span style="background-color:#ffffff;color:#333333;font-family:Montserrat, Ariel, sans-serif;"> </span><span>take the temperature of their stakeholder base and identify red flags.</span></span></li>
</ul>
</div>
<div style="text-align:left;"></div>
</div>
<p></p>
<table class="spacer" style="border-collapse:collapse;border-spacing:0;padding:0;text-align:center;vertical-align:top;width:100%;">
<tbody><tr style="padding:0;text-align:center;vertical-align:top;"><td style="margin:0;border-collapse:collapse;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:10px;font-weight:300;line-height:10px;padding:0;text-align:center;vertical-align:top;" height="10"> </td>
</tr>
</tbody>
</table>
<table style="padding:0;text-align:center;vertical-align:top;width:100%;">
<tbody><tr style="padding:0;text-align:center;vertical-align:top;"><td class="td_full-para" style="text-align:center;padding:0px;margin:0px;background-color:#ffffff;" valign="top" align="center"><table style="border-collapse:collapse;border-spacing:0;padding:0;text-align:center;vertical-align:top;width:150px;margin:auto;">
<tbody><tr style="padding:0;text-align:center;vertical-align:top;"><td style="margin:0;background:#cd2026;border:none;border-collapse:collapse;color:#fefefe;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:12px;font-weight:300;line-height:1.8;padding:5px 10px 5px 10px;text-align:center;vertical-align:top;width:155px;" width="125"><span class="mktoText" id="sectionArticleCTABtn"><a href="https://learn.diligent.com/MG101-InsightsandAnalyticsEMEA.html?utm_source=global%20risk%20community&utm_medium=emailrental" style="margin:0;border:0 solid #CD2026;color:#fefefe;display:inline-block;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:14px;font-weight:bold;line-height:1.8;padding:5px 10px 5px 10px;text-align:center;text-decoration:none;" target="_blank">Register Today!</a></span></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<p style="margin:0;margin-bottom:10px;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:13px;font-weight:300;line-height:1.5em;padding:5px 0;text-align:center;"></p>
<div class="mktoText" id="paragraph_text_single2"><div style="text-align:left;"></div>
</div>
<p></p>
</th>
<th class="expander" style="margin:0;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:13px;font-weight:300;line-height:1.8;padding:0;text-align:left;visibility:hidden;width:0;"></th>
</tr>
</tbody>
</table>
</th>
</tr>
</tbody>
</table>
<table class="row footer mktoModule" id="article9" style="background:#51626f;border-collapse:collapse;border-spacing:0;display:table;padding:0;text-align:left;vertical-align:top;width:100%;">
<tbody><tr style="padding:0;text-align:center;vertical-align:top;"><th class="small-12 large-12 columns first last" style="margin:0 auto;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:13px;font-weight:300;line-height:1.8;padding:0;padding-bottom:16px;padding-left:40px;padding-right:40px;text-align:left;width:560px;"><table style="border-collapse:collapse;border-spacing:0;padding:0;text-align:left;vertical-align:top;width:100%;">
<tbody><tr style="padding:0;text-align:left;vertical-align:top;"><th style="margin:0;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:13px;font-weight:300;line-height:1.8;padding:0;text-align:left;"><table class="spacer" style="border-collapse:collapse;border-spacing:0;padding:0;text-align:center;vertical-align:top;width:100%;">
<tbody><tr style="padding:0;text-align:center;vertical-align:top;"><td style="margin:0;border-collapse:collapse;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:30px;font-weight:300;line-height:30px;padding:0;text-align:left;vertical-align:top;" height="30"> </td>
</tr>
</tbody>
</table>
<p style="margin:0;margin-bottom:10px;color:#fefefe;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:10px;font-weight:300;line-height:20px;padding:5px 0;text-align:center;">All rights reserved. 2019 Diligent Corporation.</p>
<div class="mktoText" id="Address"><p style="margin:0;margin-bottom:10px;color:#fefefe;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:10px;font-weight:300;line-height:20px;padding:5px 0;text-align:center;"></p>
</div>
<table class="spacer" style="border-collapse:collapse;border-spacing:0;padding:0;text-align:center;vertical-align:top;width:100%;">
<tbody><tr style="padding:0;text-align:center;vertical-align:top;"><td style="margin:0;border-collapse:collapse;color:#435464;font-family:Montserrat, Helvetica, Arial, sans-serif;font-size:10px;font-weight:300;line-height:10px;padding:0;text-align:center;vertical-align:top;" height="8"> </td>
</tr>
</tbody>
</table>
<table style="border-collapse:collapse;border-spacing:0;padding:0;text-align:center;vertical-align:top;margin:auto;" align="center">
<tbody><tr><td><a style="color:#d0d0d0;float:left;font-family:Montserrat, Helvetica, Arial, sans-serif;font-weight:300;line-height:1.8;margin:0;margin-right:15px;padding:0;text-align:center;text-decoration:none;" href="https://www.linkedin.com/company/diligent-board-member-services" target="_blank"><img style="border:none;clear:both;display:block;height:31px;margin:0 auto;max-width:31px;text-align:center;text-decoration:none;width:31px;" alt="LinkedIn" src="http://learn.diligent.com/rs/946-AVX-095/images/Diligent_newsletter_linkedin_icon.png" width="31" height="31" border="0" /></a> </td>
<td><a style="color:#d0d0d0;float:left;font-family:Montserrat, Helvetica, Arial, sans-serif;font-weight:300;line-height:1.8;margin:0;margin-right:15px;padding:0;text-align:center;text-decoration:none;" href="https://www.youtube.com/user/diligentboardbooks/featured" target="_blank"><img style="border:none;clear:both;display:block;height:31px;margin:0 auto;max-width:44px;text-align:center;text-decoration:none;width:36px;" alt="YouTube" src="http://learn.diligent.com/rs/946-AVX-095/images/Diligent_newsletter_yt_icon_v2.png" width="36" height="31" border="0" /></a> </td>
<td><a style="color:#d0d0d0;float:left;font-family:Montserrat, Helvetica, Arial, sans-serif;font-weight:300;line-height:1.8;margin:0;margin-right:15px;padding:0;text-align:center;text-decoration:none;" href="https://twitter.com/diligentHQ" target="_blank"><img style="border:none;clear:both;display:block;height:31px;margin:0 auto;max-width:31px;text-align:center;text-decoration:none;width:31px;" alt="Twitter" src="http://learn.diligent.com/rs/946-AVX-095/images/Diligent_newsletter_twitter_icon.png" width="31" height="31" border="0" /></a> </td>
<td><a style="color:#d0d0d0;float:left;font-family:Montserrat, Helvetica, Arial, sans-serif;font-weight:300;line-height:1.8;margin:0;padding:0;text-align:center;text-decoration:none;" href="https://www.facebook.com/DiligentCorporation/" target="_blank"><img style="border:none;clear:both;display:block;height:31px;margin:0 auto;max-width:31px;text-align:center;text-decoration:none;width:31px;" alt="Facebook" src="http://learn.diligent.com/rs/946-AVX-095/images/Diligent_newsletter_fb_icon.png" width="31" height="31" border="0" /></a> </td>
</tr>
</tbody>
</table>
</th>
</tr>
</tbody>
</table>
</th>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<br />
<div style="display:none;white-space:nowrap;font:15px courier;line-height:0;"> </div>
</center>
</td>
</tr>
</tbody>
</table>
<center><br /><table id="canspamBarWrapper" style="background-color:#ffffff;border-top:1px solid #E5E5E5;" width="100%" cellspacing="0" border="0">
<tbody><tr><td style="padding-top:20px;padding-bottom:20px;" valign="top" align="center"><table id="canspamBar" cellspacing="0" border="0">
<tbody><tr><td style="color:#606060;font-family:Helvetica, Arial, sans-serif;font-size:11px;line-height:150%;padding-right:20px;padding-bottom:5px;padding-left:20px;text-align:center;" valign="top" align="center"></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</center></div>Leverage Entity Management Software to Improve In-House Legal Performancehttps://globalriskcommunity.com/profiles/blogs/leverage-entity-management-software-to-improve-in-house-legal-per2019-07-03T11:33:57.000Z2019-07-03T11:33:57.000ZGlobalRiskCommunityhttps://globalriskcommunity.com/members/GlobalRiskCommunity<div><p>A Message From Our Partner</p>
<table id="m_-139289343023187589templateTable" style="color:#000000;font-family:Roboto, RobotoDraft, Helvetica, Arial, sans-serif;font-size:12px;font-style:normal;font-weight:normal;letter-spacing:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin-bottom:.5em;margin-top:0px;width:600px;background-color:#ffffff;border-collapse:collapse;" width="600" cellspacing="0" border="0" bgcolor="#FFFFFF">
<tbody><tr><td id="m_-139289343023187589contentCell" style="font-family:Roboto, RobotoDraft, Helvetica, Arial, sans-serif;margin:0px;padding:10px 20px;background-color:#f6f7f9;" valign="top" bgcolor="#F6F7F9" align="center"><table id="m_-139289343023187589contentTableOuter" style="margin-bottom:.5em;margin-top:0px;background-color:#ffffff;padding:0px;border-collapse:separate;" width="100%" cellspacing="0" border="0" bgcolor="#FFFFFF">
<tbody><tr><td style="font-family:Roboto, RobotoDraft, Helvetica, Arial, sans-serif;margin:0px;" valign="top" align="center"><table id="m_-139289343023187589contentTableInner" style="margin-bottom:.5em;margin-top:0px;width:600px;border-collapse:collapse;" width="600" cellspacing="0" border="0">
<tbody><tr><td class="m_-139289343023187589bodyContent" colspan="12" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;color:#939da8;font-size:16px;line-height:24px;text-align:left;" width="100%" valign="top" align="left"><table class="m_-139289343023187589templateColumnWrapper" style="margin-bottom:.5em;margin-top:0px;border-collapse:collapse;" width="100%" cellspacing="0" border="0">
<tbody class="m_-139289343023187589mktoContainer" id="m_-139289343023187589mktoMainContainer"><tr class="m_-139289343023187589mktoModule" id="m_-139289343023187589copyRow77172994-d143-4819-9367-3bed8ed4f7e5"><td colspan="12" class="m_-139289343023187589column" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;width:620px;text-align:left;padding:0px;font-size:16px;line-height:1.5em;color:#939da8;" width="100%" valign="top" align="left"><table class="m_-139289343023187589columnContentTable" style="margin-bottom:.5em;margin-top:0px;border-spacing:0px;background-color:#ffffff;border-collapse:separate;" width="100%" cellspacing="0" border="0" bgcolor="#FFFFFF">
<tbody><tr><td class="m_-139289343023187589columnContent m_-139289343023187589widget-span m_-139289343023187589widget-type-rich_text" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;color:#939da8;font-size:16px;line-height:1.5em;padding:0px 20px;text-align:left;" valign="top" align="left"><div class="m_-139289343023187589layout-widget-wrapper"><div id="m_-139289343023187589hs_cos_wrapper_module_147990149107211723" class="m_-139289343023187589hs_cos_wrapper m_-139289343023187589hs_cos_wrapper_widget m_-139289343023187589hs_cos_wrapper_type_rich_text" style="color:inherit;font-size:inherit;line-height:inherit;"><div class="m_-139289343023187589mktoText"><a href="https://insights.diligent.com/white-paper/leverage-entity-management-software-improve-in-house-legal-performance/?utm_source=globalriskconsult&utm_medium=email&utm_content=demo&utm_campaign=globalriskconsultemail5" id="m_-139289343023187589hs-link-logo_image" name="m_-139289343023187589_hs-link-logo_image" target="_blank" style="color:#419bcc;text-decoration:underline;border:0px;font-weight:normal;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:16px;font-style:normal;letter-spacing:normal;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;"><img src="https://ci5.googleusercontent.com/proxy/pT5NWRUq8pfwzxYiBGm29V724UZlSZ_jUklXz-lB1z65SFokcBRLJOdAdnhSUEIbM77Vg_WJjeXfYjHpHLiQ9jo2bHj9nN1gpxJqjz5ZZChe1JKy0P_ppbpB9Pz2QzqE=s0-d-e1-ft#https://learn.diligent.com/rs/946-AVX-095/images/entities_RGB_transparent.png" alt="entities_RGB_transparent.png" class="CToWUd" style="vertical-align:bottom;" width="175" height="64" /></a></div>
<div class="m_-139289343023187589mktoText"> </div>
<div class="m_-139289343023187589mktoText"></div>
<div class="m_-139289343023187589mktoText" id="m_-139289343023187589bodySection77172994-d143-4819-9367-3bed8ed4f7e5"><a href="https://insights.diligent.com/white-paper/leverage-entity-management-software-improve-in-house-legal-performance/?utm_source=globalriskconsult&utm_medium=email&utm_content=whitepaper&utm_campaign=globalriskconsultemail5" target="_blank" style="color:#419bcc;text-decoration:none;border-bottom-style:none;"><img src="https://ci5.googleusercontent.com/proxy/UCj6Y5tdWIK68PvhwV4M-JyJFXzrjSSKhAkX5BCNs2PI91yljE1ydO_3XQDhH7r1HLFK9C3atJ_T1JYlhdQ6g-puubKyf1kxLZaoosoQL3ePaXzaLmdlm_k1Sf40v9bLLcA1UxXHV-e6thz3yFsTzUzKItFHiH_3Q9Mnvg=s0-d-e1-ft#https://learn.diligent.com/rs/946-AVX-095/images/Leverage%20Entity%20Management%20for%20Legal%20Small.png" alt="Leverage Entity Management for Legal Small.png" class="CToWUd" style="vertical-align:bottom;" width="580" height="446" /></a></div>
</div>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr class="m_-139289343023187589mktoModule" id="m_-139289343023187589copyRow"><td colspan="12" class="m_-139289343023187589column" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;width:620px;text-align:left;padding:0px;font-size:16px;line-height:1.5em;color:#939da8;" width="100%" valign="top" align="left"><table class="m_-139289343023187589columnContentTable" style="margin-bottom:.5em;margin-top:0px;border-spacing:0px;background-color:#ffffff;border-collapse:separate;" width="100%" cellspacing="0" border="0" bgcolor="#FFFFFF">
<tbody><tr><td class="m_-139289343023187589columnContent m_-139289343023187589widget-span m_-139289343023187589widget-type-rich_text" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;color:#939da8;font-size:16px;line-height:1.5em;padding:0px 20px;text-align:left;" valign="top" align="left"><div class="m_-139289343023187589layout-widget-wrapper"><div class="m_-139289343023187589hs_cos_wrapper m_-139289343023187589hs_cos_wrapper_widget m_-139289343023187589hs_cos_wrapper_type_rich_text" style="color:inherit;font-size:inherit;line-height:inherit;"><div class="m_-139289343023187589mktoText" id="m_-139289343023187589bodySection"><p style="margin-top:0px;margin-bottom:1em;"><strong><span style="font-size:10.5pt;font-family:Arial, sans-serif;color:#c12121;"><br /><span style="font-family:arial, helvetica, sans-serif;font-size:18px;">Gain actionable data intelligence to increase the legal department's value-added</span></span></strong></p>
<p style="margin-top:0px;margin-bottom:1em;"><span style="font-size:14px;"><span style="font-family:arial, helvetica, sans-serif;">For the legal department of an organization, compliance is the name of the</span> game. Almost every action taken within the entity management ecosystem is to ensure that proper procedures are followed so that all rules and regulations are followed in accordance to the law. Manually tracking entity data has proven to create more complications than solutions it provides. As your organization continues to aggregate more entity data, having the right entity management solution to improve in-house legal team performance is a necessity.</span> <br /><br /><span style="font-size:14px;">Download this white paper to find out:</span></p>
<ul style="margin-bottom:.5em;margin-top:0px;">
<li style="margin-left:15px;"><span style="font-size:14px;">The current state of legal department entity management processes</span></li>
<li style="margin-left:15px;"><span style="font-size:14px;">The role an entity management platform plays in improving your subsidiary data</span></li>
<li style="margin-left:15px;"><span style="font-size:14px;">The right ways to leverage entity management software</span></li>
<li style="margin-left:15px;"><span style="font-size:14px;">The clearest path to facilitate legal department strategic value</span></li>
</ul>
<br />
<table style="margin:0px auto .5em;height:64px;border-collapse:collapse;" width="580">
<tbody><tr><td style="font-family:Roboto, RobotoDraft, Helvetica, Arial, sans-serif;margin:0px;width:150px;"></td>
<td style="font-family:Roboto, RobotoDraft, Helvetica, Arial, sans-serif;margin:0px;text-align:center;vertical-align:middle;"><a href="https://insights.diligent.com/white-paper/leverage-entity-management-software-improve-in-house-legal-performance/?utm_source=globalriskconsult&utm_medium=email&utm_content=whitepaper&utm_campaign=globalriskconsultemail5" target="_blank" style="color:#419bcc;text-decoration:none;border-bottom-style:none;"><img src="https://ci4.googleusercontent.com/proxy/SoA5FEuwDri8s6gynWqunpQ-_FetdW3gpmVY9LZ6L-PC8Qj1df2JKi7mY0tKmCT7lWYVVMYKHYIfFHmqrZ7i1GRPDl5x99bT1R8Fj0yViaExEVbT_Dsohw=s0-d-e1-ft#https://learn.diligent.com/rs/946-AVX-095/images/button%20%289%29.png" alt="button (9).png" class="CToWUd" style="vertical-align:bottom;display:block;margin-left:auto;margin-right:auto;" width="234" height="48" /></a></td>
<td style="font-family:Roboto, RobotoDraft, Helvetica, Arial, sans-serif;margin:0px;width:150px;"></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr><td class="m_-139289343023187589bodyContent" colspan="12" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;color:#939da8;font-size:16px;line-height:24px;text-align:left;" width="100%" valign="top" align="left"><table class="m_-139289343023187589templateColumnWrapper" style="margin-bottom:.5em;margin-top:0px;border-collapse:collapse;" width="100%" cellspacing="0" border="0">
<tbody><tr><td colspan="12" class="m_-139289343023187589column" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;width:620px;text-align:left;padding:0px;font-size:16px;line-height:1.5em;color:#939da8;" width="100%" valign="top" align="left"><table class="m_-139289343023187589columnContentTable" style="margin-bottom:.5em;margin-top:0px;border-spacing:0px;background-color:#ffffff;border-collapse:separate;" width="100%" cellspacing="0" border="0" bgcolor="#FFFFFF">
<tbody><tr><td class="m_-139289343023187589columnContent m_-139289343023187589widget-span m_-139289343023187589widget-type-email_body" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;color:#939da8;font-size:16px;line-height:1.5em;padding:20px 20px 0px;text-align:left;" valign="top" align="left"><div id="m_-139289343023187589hs_cos_wrapper_hs_email_body" class="m_-139289343023187589hs_cos_wrapper m_-139289343023187589hs_cos_wrapper_widget m_-139289343023187589hs_cos_wrapper_type_rich_text" style="color:inherit;font-size:inherit;line-height:inherit;"></div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr><td class="m_-139289343023187589bodyContent" colspan="12" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;color:#939da8;font-size:16px;line-height:24px;text-align:left;" width="100%" valign="top" align="left"><table class="m_-139289343023187589templateColumnWrapper" style="margin-bottom:.5em;margin-top:0px;border-collapse:collapse;" width="100%" cellspacing="0" border="0">
<tbody><tr><td colspan="12" class="m_-139289343023187589column" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;width:620px;text-align:left;padding:0px;font-size:16px;line-height:1.5em;color:#939da8;" width="100%" valign="top" align="left"><table class="m_-139289343023187589columnContentTable" style="margin-bottom:.5em;margin-top:0px;border-spacing:0px;background-color:#ffffff;border-collapse:separate;" width="100%" cellspacing="0" border="0" bgcolor="#FFFFFF">
<tbody><tr><td class="m_-139289343023187589columnContent m_-139289343023187589widget-span m_-139289343023187589widget-type-space" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;color:#939da8;font-size:16px;line-height:1.5em;padding:0px 0px 20px;text-align:left;" valign="top" align="left"><div class="m_-139289343023187589layout-widget-wrapper"><div id="m_-139289343023187589hs_cos_wrapper_module_1493136014287662" class="m_-139289343023187589hs_cos_wrapper m_-139289343023187589hs_cos_wrapper_widget m_-139289343023187589hs_cos_wrapper_type_space" style="color:inherit;font-size:inherit;line-height:inherit;"></div>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr><td class="m_-139289343023187589bodyContent" colspan="12" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;color:#939da8;font-size:16px;line-height:24px;text-align:left;" width="100%" valign="top" align="left"><table class="m_-139289343023187589templateColumnWrapper" style="margin-bottom:.5em;margin-top:0px;border-collapse:collapse;" width="100%" cellspacing="0" border="0">
<tbody><tr><td colspan="12" class="m_-139289343023187589column" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;width:620px;text-align:left;padding:0px;font-size:16px;line-height:1.5em;color:#939da8;" width="100%" valign="top" align="left"><table class="m_-139289343023187589columnContentTable" style="margin-bottom:.5em;margin-top:0px;border-spacing:0px;background-color:#ffffff;border-collapse:separate;" width="100%" cellspacing="0" border="0" bgcolor="#FFFFFF">
<tbody><tr><td class="m_-139289343023187589columnContent m_-139289343023187589widget-span m_-139289343023187589widget-type-cta" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;color:#939da8;font-size:16px;line-height:1.5em;padding:0px;text-align:center;font-weight:bold;" valign="top" align="center"><div class="m_-139289343023187589layout-widget-wrapper"><div id="m_-139289343023187589hs_cos_wrapper_module_14776450837163932" class="m_-139289343023187589hs_cos_wrapper m_-139289343023187589hs_cos_wrapper_widget m_-139289343023187589hs_cos_wrapper_type_cta" style="color:inherit;font-size:inherit;line-height:inherit;"></div>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr><td class="m_-139289343023187589bodyContent" colspan="12" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;color:#939da8;font-size:16px;line-height:24px;text-align:left;" width="100%" valign="top" align="left"><table class="m_-139289343023187589templateColumnWrapper" style="margin-bottom:.5em;margin-top:0px;border-collapse:collapse;" width="100%" cellspacing="0" border="0">
<tbody><tr><td colspan="12" class="m_-139289343023187589column" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;width:620px;text-align:left;padding:0px;font-size:16px;line-height:1.5em;color:#939da8;" width="100%" valign="top" align="left"><table class="m_-139289343023187589columnContentTable" style="margin-bottom:.5em;margin-top:0px;border-spacing:0px;background-color:#ffffff;border-collapse:separate;" width="100%" cellspacing="0" border="0" bgcolor="#FFFFFF">
<tbody><tr><td class="m_-139289343023187589columnContent m_-139289343023187589widget-span m_-139289343023187589widget-type-space" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0px;color:#939da8;font-size:16px;line-height:1.5em;padding:0px 0px 30px;text-align:left;" valign="top" align="left"><div class="m_-139289343023187589layout-widget-wrapper"><div id="m_-139289343023187589hs_cos_wrapper_module_1493133117178609" class="m_-139289343023187589hs_cos_wrapper m_-139289343023187589hs_cos_wrapper_widget m_-139289343023187589hs_cos_wrapper_type_space" style="color:inherit;font-size:inherit;line-height:inherit;"></div>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr><td style="font-family:Roboto, RobotoDraft, Helvetica, Arial, sans-serif;margin:0px;" valign="top" align="center"><div class="m_-139289343023187589footer-container-wrapper"></div>
<div class="m_-139289343023187589mktoSnippet" id="m_-139289343023187589unsubscribeFooter"> </div>
</td>
</tr>
</tbody>
</table></div>Privacy by Compliance: Market Reporthttps://globalriskcommunity.com/profiles/blogs/privacy-by-compliance-market-report2019-06-26T16:00:00.000Z2019-06-26T16:00:00.000ZGlobalRiskCommunityhttps://globalriskcommunity.com/members/GlobalRiskCommunity<div><div id="preheader" style="display:none;"></div>
<center><table width="650" border="0">
<tbody><tr><td style="border-bottom:#56565A solid 1px;"><a href="http://www.navexglobal.com" style="color:#f57e20;text-decoration:none;"><img src="http://trust.navexglobal.com/rs/852-MYR-807/images/ng-logo_186x50.png" alt="NAVEX Global" style="margin-left:5px;" width="186" border="0" /></a></td>
</tr>
<tr><td align="right"><p class="p_footer" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:12px;line-height:16px;text-align:right;"><a href="%7B%7Bsystem.viewAsWebpageLink%7D%7D" style="color:#f57e20;">View as Website</a></p>
</td>
</tr>
<tr><td style="height:5px;"> </td>
</tr>
<tr><td><table width="600" border="0" align="center">
<tbody><tr><td><div class="mktEditable" id="body_copy"><p style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#56565a;font-size:16px;line-height:24px;text-align:left;"><a href="http://bit.ly/31Um8B8" target="_blank"><img src="{{#staticFileLink}}8028296484,original{{/staticFileLink}}" class="align-right" alt="8028296484?profile=original" /></a>Privacy can be a complex task for your organisation, but it can also be a business advantage if handled correctly. NAVEX Global are pleased to introduce our new report <a href="https://www.navexglobal.com/en-gb/campaigns/market-report-privacy-in-compliance?utm_source=grc&utm_medium=syndication&utm_campaign=nge-wp-privacy-in-compliance" target="_blank" style="color:#f57e20;text-decoration:none;">Privacy by Compliance</a>.</p>
<p style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#56565a;font-size:16px;line-height:24px;text-align:left;">This <a href="https://www.navexglobal.com/en-gb/campaigns/market-report-privacy-in-compliance?utm_source=grc&utm_medium=syndication&utm_campaign=nge-wp-privacy-in-compliance" target="_blank" style="color:#f57e20;text-decoration:none;">report</a> provides the latest insights, market data and industry trends, explained by the industry's leading experts, on how compliance teams are influencing their data governance programmes.</p>
<p style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#56565a;font-size:16px;line-height:24px;text-align:left;">Download this report to find out:</p>
<ul>
<li>How the CCO's role is transforming data privacy risk into a competitive advantage</li>
<li>Why it is important to establish an ethical foundation for data governance</li>
<li>When compliance should lead the "Privacy by Design" framework and where to start</li>
<li>Why the weakest link for third-party data risk is in your supply chain</li>
</ul>
<br />
<table class="centerButton" cellspacing="0" border="0" align="center">
<tbody><tr><td style="background-color:#f57e20;font-weight:bold;line-height:18px;font-family:Arial, Helvetica, sans-serif;font-size:14px;display:block;text-align:center;vertical-align:middle;padding:10px 40px;" valign="middle" bgcolor="#F57E20"><a style="text-decoration:none;color:#ffffff;" href="https://www.navexglobal.com/en-gb/campaigns/market-report-privacy-in-compliance?utm_source=grc&utm_medium=syndication&utm_campaign=nge-wp-privacy-in-compliance" target="_blank">DOWNLOAD NOW</a></td>
</tr>
</tbody>
</table>
<br />
<p style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#56565a;font-size:16px;line-height:24px;text-align:left;"></p>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr><td style="height:15px;"><hr style="color:#56565a;" /></td>
</tr>
<tr><td><table width="625" border="0" align="center">
<tbody><tr><td><table width="100%" border="0">
<tbody><tr><td valign="top"><div class="p_footer" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#555559;font-size:12px;line-height:14px;"><strong>EMEA +<br /> APAC:</strong></div>
</td>
<td><div class="p_footer" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#555559;font-size:12px;line-height:14px;">Vantage London - 4th Floor, Great West Road, Brentford, TW8 9AG, United Kingdom <br /> +44 (0) 20 8939 1650</div>
</td>
</tr>
<tr><td colspan="2" align="center"><hr style="color:#aaa;width:400px;" /></td>
</tr>
<tr><td width="20%" valign="top"><div class="p_footer" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#555559;font-size:12px;line-height:14px;"><strong>Americas:</strong></div>
</td>
<td><div class="p_footer" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#555559;font-size:12px;line-height:14px;">5500 Meadows Road, Suite 500, Lake Oswego, OR 97035 <br /> +1 (866) 297 0224</div>
</td>
</tr>
</tbody>
</table>
</td>
<td valign="top"><a href="http://www.linkedin.com/company/navex-global" style="color:#f57e20;text-decoration:none;"><img src="http://na-sj11.marketo.com/rs/navexglobal/images/EM-Template_LinkedIn_D-Gray.png" alt="LinkedIn" width="28" height="38" border="0" /></a></td>
<td valign="top"><a href="https://twitter.com/NAVEXGlobal" style="color:#f57e20;text-decoration:none;"><img src="http://na-sj11.marketo.com/rs/navexglobal/images/EM-Template_Twitter_D-Gray.png" alt="Twitter" width="28" height="38" border="0" /></a></td>
<td valign="top"><a href="https://www.facebook.com/NavexGlobal" style="color:#f57e20;text-decoration:none;"><img src="http://na-sj11.marketo.com/rs/navexglobal/images/EM-Template_Facebook_D-Gray.png" alt="Facebook" width="28" height="38" border="0" /></a></td>
<td valign="top"><a href="http://www.navexglobal.com/blog" style="color:#f57e20;text-decoration:none;"><img src="http://na-sj11.marketo.com/rs/navexglobal/images/EM-Template_Blog_D-Gray.png" alt="NAVEX Global Blog" width="28" height="38" border="0" /></a></td>
<td valign="top"><a href="%7B%7Bsystem.forwardToFriendLink%7D%7D" style="color:#f57e20;text-decoration:none;"><img src="http://na-sj11.marketo.com/rs/navexglobal/images/EM-Template_FtF_D-Gray.png" alt="NAVEX Global Blog" width="28" height="38" border="0" /></a></td>
</tr>
<tr><td colspan="6"> </td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr><td align="center"><div class="p_footer" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#555559;font-size:12px;line-height:14px;"></div>
</td>
</tr>
</tbody>
</table>
</center>
<center><br /> <br /> <br /> <br /> <br /> <br /><table id="canspamBarWrapper" style="background-color:#ffffff;border-top:1px solid #E5E5E5;" width="100%" cellspacing="0" border="0">
<tbody><tr><td style="padding-top:20px;padding-bottom:20px;" valign="top" align="center"><table id="canspamBar" cellspacing="0" border="0">
<tbody><tr><td style="color:#606060;font-family:Helvetica, Arial, sans-serif;font-size:11px;line-height:150%;padding-right:20px;padding-bottom:5px;padding-left:20px;text-align:center;" valign="top" align="center"></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</center></div>What can break your compliance program?https://globalriskcommunity.com/profiles/blogs/what-can-break-your-compliance-program2019-06-20T08:47:51.000Z2019-06-20T08:47:51.000ZGlobalRiskCommunityhttps://globalriskcommunity.com/members/GlobalRiskCommunity<div><p> A Message from our partner</p>
<center><table width="650" border="0">
<tbody><tr><td style="border-bottom:#56565A solid 1px;"><a href="http://www.navexglobal.com" style="color:#f57e20;text-decoration:none;"><img src="http://trust.navexglobal.com/rs/852-MYR-807/images/ng-logo_186x50.png" alt="NAVEX Global" style="margin-left:5px;" width="186" border="0" /></a></td>
</tr>
<tr><td align="right"><p class="p_footer" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:12px;line-height:16px;text-align:right;"><a href="%7B%7Bsystem.viewAsWebpageLink%7D%7D" style="color:#f57e20;">View as Website</a></p>
</td>
</tr>
<tr><td style="height:5px;"> </td>
</tr>
<tr><td><table width="600" border="0" align="center">
<tbody><tr><td><div class="mktEditable" id="body_copy"><p style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#56565a;font-size:16px;line-height:24px;text-align:left;">Even the most rigid compliance program can’t save your company from all risk. In fact, new research reveals that program success can’t be measured by numbers alone.</p>
<p style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#56565a;font-size:16px;line-height:24px;text-align:left;">The <strong><a href="https://www.navexglobal.com/en-us/campaigns/2019-definitive-corporate-compliance-report?utm_source=globalriskconsult&utm_medium=syndication&utm_campaign=2019-nge-bmr" target="_blank" style="color:#f57e20;text-decoration:none;">Definitive Corporate Compliance Benchmark Report</a></strong> uncovers key program drivers for an ethical organizational culture and improved business performance.</p>
<p style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#56565a;font-size:16px;line-height:24px;text-align:left;"><strong><a href="https://www.navexglobal.com/en-us/campaigns/2019-definitive-corporate-compliance-report?utm_source=globalriskconsult&utm_medium=syndication&utm_campaign=2019-nge-bmr" target="_blank" style="color:#f57e20;text-decoration:none;">Download the report</a></strong> to get answers to questions like: </p>
<table align="center">
<tbody><tr><td><img src="https://trust.navexglobal.com/rs/852-MYR-807/images/2019-platform-benchmark-report-3d-thumbnail_321x360.png" alt="Definitive Corporate Compliance Program Benchmark Report" style="padding-right:20px;display:block;margin-left:auto;margin-right:auto;" width="175" height="196" /></td>
<td valign="top"><ul>
<li>What elements should my compliance program include?</li>
<li>Is my approach to risk aligned to market trends and best practices?</li>
<li>How do I prevent bribery and corruption?</li>
<li>What should I prioritize?</li>
<li>How do I continue to improve my current program?</li>
</ul>
</td>
</tr>
</tbody>
</table>
<table class="centerButton" cellspacing="0" border="0" align="center">
<tbody><tr><td style="background-color:#f57e20;font-weight:bold;line-height:18px;font-family:Arial, Helvetica, sans-serif;font-size:14px;display:block;text-align:center;vertical-align:middle;padding:10px 40px;" valign="middle" bgcolor="#F57E20"><a style="text-decoration:none;color:#ffffff;" href="https://www.navexglobal.com/en-us/campaigns/2019-definitive-corporate-compliance-report?utm_source=globalriskconsult&utm_medium=syndication&utm_campaign=2019-nge-bmr" target="_blank">DOWNLOAD NOW</a></td>
</tr>
</tbody>
</table>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr><td style="height:15px;"><hr style="color:#56565a;" /></td>
</tr>
<tr><td><table width="625" border="0" align="center">
<tbody><tr><td><table width="100%" border="0">
<tbody><tr><td width="20%" valign="top"><div class="p_footer" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#555559;font-size:12px;line-height:14px;"><strong>Americas:</strong></div>
</td>
<td><div class="p_footer" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#555559;font-size:12px;line-height:14px;">5500 Meadows Road, Suite 500, Lake Oswego, OR 97035 <br /> +1 (866) 297 0224</div>
</td>
</tr>
<tr><td colspan="2" align="center"><hr style="color:#aaa;width:400px;" /></td>
</tr>
<tr><td valign="top"><div class="p_footer" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#555559;font-size:12px;line-height:14px;"><strong>EMEA +<br /> APAC:</strong></div>
</td>
<td><div class="p_footer" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#555559;font-size:12px;line-height:14px;">Vantage London - 4th Floor, Great West Road, Brentford, TW8 9AG, United Kingdom <br /> +44 (0) 20 8939 1650</div>
</td>
</tr>
</tbody>
</table>
</td>
<td valign="top"><a href="http://www.linkedin.com/company/navex-global" style="color:#f57e20;text-decoration:none;"><img src="http://na-sj11.marketo.com/rs/navexglobal/images/EM-Template_LinkedIn_D-Gray.png" alt="LinkedIn" width="28" height="38" border="0" /></a></td>
<td valign="top"><a href="https://twitter.com/NAVEXGlobal" style="color:#f57e20;text-decoration:none;"><img src="http://na-sj11.marketo.com/rs/navexglobal/images/EM-Template_Twitter_D-Gray.png" alt="Twitter" width="28" height="38" border="0" /></a></td>
<td valign="top"><a href="https://www.facebook.com/NavexGlobal" style="color:#f57e20;text-decoration:none;"><img src="http://na-sj11.marketo.com/rs/navexglobal/images/EM-Template_Facebook_D-Gray.png" alt="Facebook" width="28" height="38" border="0" /></a></td>
<td valign="top"><a href="http://www.navexglobal.com/blog" style="color:#f57e20;text-decoration:none;"><img src="http://na-sj11.marketo.com/rs/navexglobal/images/EM-Template_Blog_D-Gray.png" alt="NAVEX Global Blog" width="28" height="38" border="0" /></a></td>
<td valign="top"><a href="%7B%7Bsystem.forwardToFriendLink%7D%7D" style="color:#f57e20;text-decoration:none;"><img src="http://na-sj11.marketo.com/rs/navexglobal/images/EM-Template_FtF_D-Gray.png" alt="NAVEX Global Blog" width="28" height="38" border="0" /></a></td>
</tr>
<tr><td colspan="6"> </td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr><td align="center"><div class="p_footer" style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;color:#555559;font-size:12px;line-height:14px;"></div>
</td>
</tr>
</tbody>
</table>
</center>
<center> </center>
<center> </center>
<center> <br /> <br /> <br /> <br /><table id="canspamBarWrapper" style="background-color:#ffffff;border-top:1px solid #E5E5E5;" width="100%" cellspacing="0" border="0">
<tbody><tr><td style="padding-top:20px;padding-bottom:20px;" valign="top" align="center"><table id="canspamBar" cellspacing="0" border="0">
<tbody><tr><td style="color:#606060;font-family:Helvetica, Arial, sans-serif;font-size:11px;line-height:150%;padding-right:20px;padding-bottom:5px;padding-left:20px;text-align:center;" valign="top" align="center"></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</center>
<p></p></div>Engaging Technology for Data-Driven Excellencehttps://globalriskcommunity.com/profiles/blogs/engaging-technology2019-05-29T02:02:37.000Z2019-05-29T02:02:37.000ZGlobalRiskCommunityhttps://globalriskcommunity.com/members/GlobalRiskCommunity<div><div class="mktoText" id="preview_text" style="display:none;font-size:1px;color:#f6f7f9;line-height:1px;max-height:0px;max-width:0px;opacity:0;overflow:hidden;">Blueprint OneWor</div>
<table id="backgroundTable" style="height:100%;border-collapse:collapse;background-color:#f6f7f9;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;margin:0;padding:0;width:100%;" width="100%" cellspacing="0" border="0" bgcolor="#F6F7F9" align="center">
<tbody><tr><td id="bodyCell" style="height:100%;margin:0;padding:0;width:100%;" width="100%" valign="top" height="100%" align="center"><table id="templateTable" style="border-collapse:collapse;width:600px;background-color:#ffffff;" width="600" cellspacing="0" border="0" bgcolor="#FFFFFF">
<tbody><tr><td valign="top" align="center"></td>
</tr>
<tr><td id="contentCell" style="padding:10px 20px;background-color:#f6f7f9;" valign="top" bgcolor="#F6F7F9" align="center">
<table id="contentTableOuter" style="border-collapse:separate;background-color:#ffffff;padding:0px;" width="100%" cellspacing="0" border="0" bgcolor="#FFFFFF">
<tbody><tr><td valign="top" align="center"><table id="contentTableInner" style="border-collapse:collapse;width:600px;" width="600" cellspacing="0" border="0">
<tbody><tr><td class="bodyContent" colspan="12" style="color:#939da8;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:16px;line-height:150%;text-align:left;" width="100%" valign="top" align="left"><table class="templateColumnWrapper" style="border-collapse:collapse;" width="100%" cellspacing="0" border="0">
<tbody><tr><td colspan="12" class="column" style="width:100%;text-align:left;padding:0;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:16px;line-height:1.5em;color:#939da8;" width="100%" valign="top" align="left"></td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr><td class="bodyContent" colspan="12" style="color:#939da8;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:16px;line-height:150%;text-align:left;" width="100%" valign="top" align="left"><table class="templateColumnWrapper" style="border-collapse:collapse;" width="100%" cellspacing="0" border="0">
<tbody><tr><td colspan="12" class="column" style="width:100%;text-align:left;padding:0;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:16px;line-height:1.5em;color:#939da8;" width="100%" valign="top" align="left"><table style="border-collapse:separate;border-spacing:0;background-color:#ffffff;" class="columnContentTable" width="100%" cellspacing="0" border="0" bgcolor="#FFFFFF">
<tbody><tr><td class="columnContent widget-span widget-type-space" style="text-align:left;padding:20px;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:16px;line-height:1.5em;color:#939da8;" valign="top" align="left">A Message From Our Partner</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr><td class="bodyContent" colspan="12" style="color:#939da8;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:16px;line-height:150%;text-align:left;" width="100%" valign="top" align="left"><table class="templateColumnWrapper" style="border-collapse:collapse;" width="100%" cellspacing="0" border="0">
<tbody class="mktoContainer" id="mktoMainContainer"><tr class="mktoModule" id="copyRow77172994-d143-4819-9367-3bed8ed4f7e5"><td colspan="12" class="column" style="width:100%;text-align:left;padding:0;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:16px;line-height:1.5em;color:#939da8;" width="100%" valign="top" align="left"><table style="border-collapse:separate;border-spacing:0;background-color:#ffffff;" class="columnContentTable" width="100%" cellspacing="0" border="0" bgcolor="#FFFFFF">
<tbody><tr><td class="columnContent widget-span widget-type-rich_text" style="text-align:left;padding:20px;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:16px;line-height:1.5em;color:#939da8;" valign="top" align="left"><div class="layout-widget-wrapper"><div id="hs_cos_wrapper_module_147990149107211723" class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_rich_text" style="color:inherit;font-size:inherit;line-height:inherit;"><div class="mktoText" id="bodySection77172994-d143-4819-9367-3bed8ed4f7e5"><a href="https://insights.diligent.com/white-paper/engaging-technology-for-data-driven-excellence/?utm_source=globalriskconsult&utm_medium=email&utm_content=whitepaper&utm_campaign=globalriskconsultemail3" target="_blank"><img src="https://learn.diligent.com/rs/946-AVX-095/images/Engaging%20Tech.JPG" alt="Engaging Tech.JPG" width="580" height="352" /></a></div>
</div>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr class="mktoModule" id="copyRow"><td colspan="12" class="column" style="width:100%;text-align:left;padding:0;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:16px;line-height:1.5em;color:#939da8;" width="100%" valign="top" align="left"><table style="border-collapse:separate;border-spacing:0;background-color:#ffffff;" class="columnContentTable" width="100%" cellspacing="0" border="0" bgcolor="#FFFFFF">
<tbody><tr><td class="columnContent widget-span widget-type-rich_text" style="text-align:left;padding:20px;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:16px;line-height:1.5em;color:#939da8;" valign="top" align="left"><div class="layout-widget-wrapper"><div class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_rich_text" style="color:inherit;font-size:inherit;line-height:inherit;"><div class="mktoText" id="bodySection"><p style="margin-bottom:1em;">In today's business world, data is a key player and driving force for compliance and competitive advantage. Regulations, governance practices and economics are continually shifting, demanding more adaptability from companies and leaving little room for error. When corporations drop the ball on data, whether it be inaccurate, insecure or sloppy by nature, they lose control and can undermine the very foundation of the organization. With the appropriate technology solution, however, all of the moving parts - data, data management and data analysis - connect to form a coherent data framework and strategy.<br /> <br /> In this white paper, we will discuss:</p>
<ul>
<li>How to define data and the different types of data</li>
<li>Best practices for managing data & data analysis</li>
<li>Building an effective data strategy</li>
<li>How to solve the data problem with technology</li>
</ul>
</div>
</div>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr class="mktoModule" id="ctaRowCentered0e006165-b54a-4946-8427-43620de71b60"><td colspan="12" class="column" style="width:100%;text-align:left;padding:0;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:16px;line-height:1.5em;color:#939da8;" width="100%" valign="top" align="left"><table style="border-collapse:separate;border-spacing:0;background-color:#ffffff;" class="columnContentTable" width="100%" cellspacing="0" border="0" bgcolor="#FFFFFF">
<tbody><tr><td class="columnContent widget-span widget-type-rich_text" style="text-align:left;padding:20px;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:16px;line-height:1.5em;color:#939da8;" valign="top" align="left"><div class="layout-widget-wrapper"><div class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_rich_text" style="color:inherit;font-size:inherit;line-height:inherit;"><div><center><div><a href="https://insights.diligent.com/white-paper/engaging-technology-for-data-driven-excellence/?utm_source=globalriskconsult&utm_medium=email&utm_content=whitepaper&utm_campaign=globalriskconsultemail3" style="background-color:#469cca;color:#ffffff;display:inline-block;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:16px;font-weight:bold;line-height:40px;text-align:center;text-decoration:none;width:235px;">Download Your Copy Now</a> </div>
</center>
</div>
</div>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table></div>The Results Are In: State of Compliance 2019 Reporthttps://globalriskcommunity.com/profiles/blogs/the-results-are-in-state-of-compliance-2019-report2019-05-14T19:00:00.000Z2019-05-14T19:00:00.000ZGlobalRiskCommunityhttps://globalriskcommunity.com/members/GlobalRiskCommunity<div><table style="border-collapse:collapse;" width="100%" cellspacing="0" border="0">
<tbody><tr><td style="padding:15px;" class="section-padding" bgcolor="#FFFFFF" align="left"><table style="max-width:570px;border-collapse:collapse;" class="responsive-table" width="100%" cellspacing="0" border="0">
<tbody><tr><td><table style="border-collapse:collapse;" width="100%" cellspacing="0" border="0">
<tbody><tr><td style="padding:0px;"><table style="border-collapse:collapse;" width="100%" cellspacing="0" border="0">
<tbody><tr><td style="padding:0;font-size:15px;line-height:20px;font-family:Helvetica, Arial, sans-serif;color:#262626;" class="padding-copy" align="left">Dear Global Risk Community member,</td>
</tr>
<tr><td style="padding:20px 0 0px 0;font-size:15px;line-height:22px;font-family:Helvetica, Arial, sans-serif;color:#262626;" class="padding-copy" align="left">Did you know that 78 percent of companies still rely at least partially on manual compliance processes?</td>
</tr>
<tr><td style="padding:20px 0 0px 0;font-size:15px;line-height:22px;font-family:Helvetica, Arial, sans-serif;color:#262626;" class="padding-copy" align="left">I am pleased to announce the launch of the <em><a href="https://www.assentcompliance.com/stateofcompliance/?utm_source=affiliate&utm_medium=blast&utm_campaign=global-risk-consultants-partner" style="text-decoration:underline;color:#0099cc;">State of Compliance 2019</a></em> report, where you can find more industry insights such as these, and benchmarks to use in defining and building your compliance program.</td>
</tr>
<tr><td style="padding:20px 0 0px 0;font-size:15px;line-height:22px;font-family:Helvetica, Arial, sans-serif;color:#262626;" class="padding-copy" align="left">The report provides a year-over-year comparison of the demands faced by compliance teams, and examines how teams plan to address them.</td>
</tr>
<tr><td style="padding:20px 0 0 0;font-size:16px;line-height:22px;font-family:Helvetica, Arial, sans-serif;color:#262626;font-weight:bold;" class="padding-copy" align="left"><a href="https://www.assentcompliance.com/stateofcompliance/?utm_source=affiliate&utm_medium=blast&utm_campaign=global-risk-consultants-partner" style="text-decoration:underline;color:#0099cc;">Download the free report →</a></td>
</tr>
<tr><td style="padding:20px 0 0 0;font-size:15px;line-height:22px;font-family:Helvetica, Arial, sans-serif;color:#262626;" class="padding-copy" align="left">Please let me know if you have any questions, and I'll be happy to help.</td>
</tr>
<tr><td style="padding:0 0 0 0;font-size:15px;line-height:20px;font-family:Helvetica, Arial, sans-serif;color:#262626;" class="padding-copy" align="left"><table cellspacing="0" border="0">
<tbody><tr><td style="padding:20px 0 0 0;font-size:15px;line-height:25px;font-family:Helvetica, Arial, sans-serif;color:#262626;" class="padding-copy" align="left"><img src="http://cdn2.hubspot.net/hubfs/525887/email/headshot-angie-transparent-v5.jpg" alt="headshot-angie-transparent-v5.jpg" width="65" /></td>
<td style="font-size:15px;line-height:25px;font-family:Helvetica, Arial, sans-serif;color:#262626;" class="padding-copy" width="10" align="left"> </td>
<td style="padding:20px 0 0 0;font-size:15px;line-height:20px;font-family:Helvetica, Arial, sans-serif;color:#262626;" class="padding-copy" align="left">Angie Li | Regulatory Division<br /> <a style="color:#999999;text-decoration:underline;" href="http://assentcompliance.com">Assent Compliance Inc.</a></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<center><br /> <br /> <br /> <br /> <br /> <br /><table id="canspamBarWrapper" style="background-color:#ffffff;border-top:1px solid #E5E5E5;" width="100%" cellspacing="0" border="0">
<tbody><tr><td style="padding-top:20px;padding-bottom:20px;" valign="top" align="center"><table id="canspamBar" cellspacing="0" border="0">
<tbody><tr><td style="color:#606060;font-family:Helvetica, Arial, sans-serif;font-size:11px;line-height:150%;padding-right:20px;padding-bottom:5px;padding-left:20px;text-align:center;" valign="top" align="center"></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</center></div>Decoding the DOJ’s Guidelines: An Insider’s Guidehttps://globalriskcommunity.com/profiles/blogs/doj-guidelines2019-05-09T07:30:00.000Z2019-05-09T07:30:00.000ZGlobalRiskCommunityhttps://globalriskcommunity.com/members/GlobalRiskCommunity<div><p></p>
<p>Attend this webinar <a href="https://www.navexglobal.com/en-us/campaigns/decoding-regulations-an-insiders-guide-webinar-registration?utm_source=globalriskconsult&utm_medium=syndication&utm_campaign=nge-wc-decoding-regulations">Decoding the DOJ’s Guidelines: An Insider's Guide</a>to get insight into the recently updated DOJ guidance. </p>
<p> </p>
<p>Hear the perspective of Hui Chen, original author of the Department of Justice's compliance guideline, "Evaluation of Corporate Compliance Programs". You'll learn how to translate the questions in the guide into logic you can use to build an effective program.</p>
<p> </p>
<p>Date: Wednesday May 15</p>
<p>Time: 10 AM PT / 1 PM ET</p>
<p>Speakers: Hui Chen, former DOJ Compliance Counsel Expert & Carrie Penman, Chief Compliance Officer, NAVEX Global</p>
<p> </p>
<p><a href="https://www.navexglobal.com/en-us/campaigns/decoding-regulations-an-insiders-guide-webinar-registration?utm_source=globalriskconsult&utm_medium=syndication&utm_campaign=nge-wc-decoding-regulations">REGISTER NOW</a> - <a href="http://bit.ly/2H9FM2x">http://bit.ly/2H9FM2x</a></p>
<p> </p>
<p>Can't attend due to a conflict? We'll send you a link to the recording after the event.</p>
<p>------------------------</p>
<p><a href="https://www.navexglobal.com/en-us/campaigns/decoding-regulations-an-insiders-guide-webinar-registration?utm_source=globalriskconsult&utm_medium=syndication&utm_campaign=nge-wc-decoding-regulations" target="_blank"><img src="{{#staticFileLink}}8028292657,original{{/staticFileLink}}" class="align-full" alt="8028292657?profile=original" /></a></p></div>Facebook’s Failure to Mitigate Cyber Risks Could Cost Billionshttps://globalriskcommunity.com/profiles/blogs/facebook-s-failure-to-mitigate-cyber-risks-could-cost-billions2018-11-14T21:12:55.000Z2018-11-14T21:12:55.000ZSteven Minskyhttps://globalriskcommunity.com/members/StevenMinsky<div><h2 class="graf graf--h4 graf-after--h3 graf--subtitle"><span style="font-size:18pt;"><strong>In late September, Facebook announced that it had discovered a breach in its network that had exposed the personal data of nearly 50 million users to hackers.</strong></span></h2><p class="graf graf--p">The hackers exploited a feature in Facebook’s code to gain access to user accounts, potentially enabling them to take control of them. The <a href="https://www.nytimes.com/2018/09/28/technology/facebook-hack-data-breach.html" class="markup--anchor markup--p-anchor" target="_blank">breach</a> was the largest in Facebook’s fourteen years of existence.</p><p class="graf graf--p">The fallout Facebook is facing from this breach is the latest example of the <a href="https://www.logicmanager.com/erm-software/2018/04/26/see-through-economy-risk-management/" class="markup--anchor markup--p-anchor" target="_blank">see-through economy</a> at work. Since September 27, Facebook’s market value has dropped over 8%. However, the string of recent scandals that have occurred since July 20 of this year has reduced Facebook’s market value by nearly 25%. This is the financial cost of Facebook’s <a href="https://qz.com/1171602/facebook-shareholders-filed-a-proposal-that-would-establish-a-risk-oversight-committee/" class="markup--anchor markup--p-anchor" target="_blank">decision</a> to reject an investor proposal for the company to create a separate and independent risk committee. Had Facebook headed this request, this breach would have been avoided.</p><p class="graf graf--p">Furthermore, Facebook could face a fine of as much as $1.63 billion in the European Union for the breach under the GDPR law that went into effect earlier in 2018. This is one of the first major tests of the GDPR. While there have been a number of other breaches, few if any have been on the scale of Facebook’s recent breach.</p><p class="graf graf--p">Under <a href="https://www.logicmanager.com/erm-software/2018/08/16/gdpr-readiness-statistics/" class="markup--anchor markup--p-anchor" target="_blank">GDPR</a>, companies are required to notify regulators within 72 hours of the breach occurring. Facebook could face a fine of up to $850 million if they were found to be outside of the 72-hour window. According to a <a href="https://www.wsj.com/articles/facebook-faces-potential-1-63-billion-fine-in-europe-over-data-breach-1538330906" class="markup--anchor markup--p-anchor" target="_blank">report</a> in <em class="markup--em markup--p-em">The Wall Street Journal</em>, it appears Facebook may have notified Ireland’s Data Protection Commission, the lead privacy regulator for Facebook in the EU, within the 72-hour timeline.</p><p class="graf graf--p">The Irish DPC, however, has said that Facebook’s notification “lacked detail.” If EU regulators determine that Facebook failed to take sufficient measures to secure user data prior to the breach, Facebook would face a maximum fine of €20 million ($23 million) or 4% of worldwide revenue, whichever is greater. Based on Facebook’s 2017 revenue, the latter amount would be $1.63 billion.</p><h3 class="graf graf--h3"><span style="font-size:14pt;"><strong>A Risk-Based Approach to GDPR</strong></span></h3><p class="graf graf--p">The GDPR is risk-based, which means that failing to take sufficient measures to mitigate a risk can result in greater penalties for companies. To avoid penalties, companies can use enterprise risk management software to document what the company did, when it did it, and which employees were responsible for the planning and execution. Proper operationalization of <a href="https://www.logicmanager.com/grc-software/risk-management/" class="markup--anchor markup--p-anchor" target="_blank">ERM software</a> would have likely enabled Facebook to avoid most, if not all, the GDPR penalties.</p><p class="graf graf--p"><a href="https://www.logicmanager.com/erm-software/2018/04/26/see-through-economy-risk-management/" class="markup--anchor markup--p-anchor" target="_blank">Reputation risk</a> is also a major factor for both customers and investors. For Facebook, the failure to quickly react to the breach and communicate how they were not negligent in managing data privacy prior to the incident, coupled with its post-breach reaction, is a considerable impediment to its efforts to regain user and investor trust after a <a href="https://www.logicmanager.com/erm-software/2018/03/23/esg-investors-target-facebook-repeat-failures-risk-management/" class="markup--anchor markup--p-anchor" target="_blank">series of privacy and security scandals</a>.</p><h3 class="graf graf--h3"><span style="font-size:14pt;"><strong>Facebook Could Avoid Costly Fines with Enterprise Risk Management</strong></span></h3><p class="graf graf--p">Within an ERM platform like LogicManager, all of a company’s assets containing EU resident data are clearly documented. The company would be able to quickly determine whether or not EU resident data was compromised as a result of a breach and avoid the GDPR penalty by reporting the breach to EU authorities within 72 hours.</p><p class="graf graf--p">Furthermore, a company is able to demonstrate that its efforts to secure EU resident data is commercially reasonable and sufficient with ERM software. Our software aggregates and connects all the separate policy, risk, readiness standards, controls, and monitoring activities, enabling companies to provide authorities with evidence to back up their case. Our solution not only shows what was done but how comprehensive mitigation activities were, according to commercially responsible standards, enabling our customers to prove their <a href="https://www.logicmanager.com/erm-software/plugins/gdpr-compliance/" class="markup--anchor markup--p-anchor" target="_blank">GDPR compliance</a>.</p><p class="graf graf--p">LogicManager is an ERM platform, which, in contrast to a GDPR solution, would also show all the federal and different state jurisdictions in which it has obligations in the United States to also meet those reporting requirements on time.</p><p class="graf graf--p">Facebook, Google, and other technology firms are aggressively opposed to regulators formalizing privacy risk management responsibilities. These companies would be in a much better position with robust ERM software cybersecurity and privacy governance because it would enable them to clearly demonstrate and support their accountability and existing capabilities for protecting their customers, users, and investors.</p><p class="graf graf--p"><em class="markup--em markup--p-em">This blog was originally posted on</em> <a href="https://www.logicmanager.com/erm-software/2018/11/14/facebook-failure-mitigate-cyber-risks-could-cost-billions/" class="markup--anchor markup--p-anchor" target="_blank"><em class="markup--em markup--p-em">LogicManager.com</em></a></p></div>Overcoming Failures in Risk Management: Is Wells Fargo Getting the Message?https://globalriskcommunity.com/profiles/blogs/overcoming-failures-in-risk-management-is-wells-fargo-getting-the2018-09-19T15:30:00.000Z2018-09-19T15:30:00.000ZSteven Minskyhttps://globalriskcommunity.com/members/StevenMinsky<div><h2><span style="font-weight:400;">It’s been a rough two years for Wells Fargo.</span></h2><p><span style="font-weight:400;">Ever since the existence of the bank’s massive cross-selling scandal came to light in 2016, Wells Fargo seemed to be trapped in a downward spiral of failure after failure in risk management. In 2016, we were</span> <a href="https://www.logicmanager.com/erm-software/2016/09/20/wells-fargo-scandal-risk-management/"><span style="font-weight:400;">the first to identify the root-cause of the cross-selling scandal as being a failed risk management program</span></a><span style="font-weight:400;">, and correctly predicted there would be more Wells Fargo risk management mishaps in the future.</span></p><p><span style="font-weight:400;">In 2018, regulator investigations finally concluded that the Wells Fargo failures were, in fact, risk management negligence and Wells Fargo settled the case for an unprecedented $1 billion dollars. Sadly, risk management failures are systemic in nature, typically result in highly visible scandals, and are entirely preventable.</span></p><p><span style="font-weight:400;">Since news of the initial scandal appeared in 2016, Wells Fargo was responsible for failures in risk management scandal after scandal. Let’s look at a timeline of the last two years:</span></p><ul><li style="font-weight:400;"><span style="font-weight:400;">2009-2016 – Wells Fargo perpetrates a</span> <a href="https://www.logicmanager.com/erm-software/2016/09/20/wells-fargo-scandal-risk-management/"><span style="font-weight:400;">massive cross-selling scandal</span></a> <span style="font-weight:400;">in which millions of accounts were created without consumers’ consent</span></li><li style="font-weight:400;"><span style="font-weight:400;">September 2016 – The CFPB levies a $185 million fine, the highest in their operational history</span></li><li style="font-weight:400;"><span style="font-weight:400;">August 2017 – The bank accidentally leaks the PII for over</span> <a href="https://www.logicmanager.com/erm-software/2017/08/09/wells-fargo-saga-continues-part-1/"><span style="font-weight:400;">50,000 accounts</span></a></li><li style="font-weight:400;"><span style="font-weight:400;">August 2017 –</span> <a href="https://www.logicmanager.com/erm-software/2017/08/17/wells-fargo-auto-loan-scandal-saga-continues-part-2/"><span style="font-weight:400;">Wells Fargo charges 800,000 customers for insurance</span></a> <span style="font-weight:400;">they did not need</span></li><li style="font-weight:400;"><span style="font-weight:400;">October 2017 – The bank wrongly charges homebuyers with fees to lock in mortgage rates</span></li><li style="font-weight:400;"><span style="font-weight:400;">March 2017 – The</span> <a href="https://www.logicmanager.com/erm-software/2018/03/12/wells-fargo-sanctions-send-message-to-us-banks-boards-accountable-risk-management-failures/"><span style="font-weight:400;">Federal Reserve imposes unprecedented sanctions on Wells Fargo</span></a> <span style="font-weight:400;">prohibiting them from growing beyond their holdings in 2017.</span></li><li style="font-weight:400;"><span style="font-weight:400;">April 2018 – Wells Fargo nears</span> <a href="https://www.logicmanager.com/erm-software/2018/04/23/wells-fargo-failures-risk-management-cost-1-billion-settlement/"><span style="font-weight:400;">$1 billion settlement with its federal regulators</span></a></li><li style="font-weight:400;"><span style="font-weight:400;">May 2018 – Wells Fargo</span> <a href="https://www.logicmanager.com/erm-software/2018/05/16/wells-fargo-ad-campaign-better-risk-management/"><span style="font-weight:400;">launches a new ad campaign</span></a> <span style="font-weight:400;">called “Re-Established,” with the goal of regaining customer trust after their repeated failures in risk management. The public disagreed, with social media users saying the campaign seemed “insincere and inauthentic.”</span></li><li style="font-weight:400;"><span style="font-weight:400;">September 2018 – News breaks that the</span> <a href="https://www.wsj.com/articles/justice-department-probing-wells-fargos-wholesale-banking-unit-1536244490"><span style="font-weight:400;">Justice Department is probing</span></a> <span style="font-weight:400;">whether Wells Fargo employees in the bank’s wholesale banking unit committed fraud in the aftermath of revelations that employees inappropriately altered customer information.</span></li></ul><p><span style="font-weight:400;">For two years, Wells Fargo tried to explain away these events as isolated, one-off incidents.</span> <span style="font-weight:400;"><br /></span> <span style="font-weight:400;">However, after billions of dollars in fines and financial losses, and penalizing regulatory actions, it seems the bank is finally joining LogicManager in calling these mishaps what they are: risk management failures.</span></p><h3><span style="font-size:14pt;"><strong>Is Wells Fargo Getting the Message?</strong></span></h3><p><span style="font-weight:400;">The bank has begun</span> <a href="https://www.cnbc.com/2018/03/23/wells-fargos-four-top-risk-management-executives-to-retire-dj.html"><span style="font-weight:400;">reorganizing its risk management</span></a> <span style="font-weight:400;">functions. The corporate risk group will be more empowered to modify business activities as it deems necessary.</span></p><p><span style="font-weight:400;">Seemingly part of the reorganization, Wells Fargo announced in March 2018 the retirement of four senior risk management executives. In May, the bank named a new Chief Risk Officer, who joined from J.P. Morgan Chase.</span></p><p><span style="font-weight:400;">Then, in August</span> <a href="https://www.wsj.com/articles/wells-fargo-risk-executive-to-leave-bank-1534256102"><span style="font-weight:400;">it was reported</span></a> <span style="font-weight:400;">that Wells Fargo’s Chief Operational Risk Officer would be leaving the company as the “bank works through [the] Fed enforcement action.” The bank’s new Chief Operational Risk Officer will report to the Chief Risk Officer named in May. These changes should result in a stronger risk culture at Wells Fargo, the question now, however, is what steps will the bank take to ensure this happens?</span></p><h3><span style="font-size:14pt;"><strong>Steps for Wells Fargo’s New Risk Team to Take</strong></span></h3><p><span style="font-weight:400;">Effective risk management is critical for any financial services organization. Newly-hired risk management executives need to start somewhere, but where?</span></p><p><span style="font-weight:400;">For one, proper</span> <a href="https://www.logicmanager.com/erm-software/operational-risk-management-software/banks/"><span style="font-weight:400;">bank risk management software</span></a> <span style="font-weight:400;">is a good starting place. If implemented and utilized properly, such a platform facilitates:</span></p><ol><li><b>The engagement of front-line supervisors and subject matter experts</b></li></ol><p><span style="font-weight:400;">Frontline supervisors and experts serve as the first lines of defense to risk. They are the most familiar with incidents and engaging them in regular incident reporting and risk assessments is crucial to the success of any risk management program.</span></p><ol start="2"><li><b>Connections across business silos.</b></li></ol><p><span style="font-weight:400;">Connecting the dots between risks occurring across silos enables risk managers to identify upstream and downstream dependencies. This brings common root causes to the surface, and ties together existing mitigation and monitoring activities from across the business. Risk teams can then understand the effectiveness of their existing controls, and prevent cascading collateral damage.</span></p><ol start="3"><li><b>The escalation of top risks to the right person.</b></li></ol><p><span style="font-weight:400;">When risks are tied to common root causes and existing controls, organizations can objectively prioritize the risks that would have the greatest impact on their operations, financial performance, and reputation.</span></p><p><span style="font-weight:400;">An effective risk management program has workflows that enable risks to be assigned to individuals who can allocate the right resources to mitigate the risk. This would have allowed Wells Fargo risk managers to prevent one-hundred-percent of the scandals that occurred in the last two years and the financial consequences of these failures.</span></p><p><span style="font-weight:400;">Video training programs for managers and executives are helpful for awareness in a good security culture but are proven to be lacking the mechanism to identify, assess, mitigate and monitor risks. Organizations with ERM programs that utilize ERM software have a 25% market value premium versus their peers without. With the right risk culture, software, infrastructure, and good governance, Wells Fargo could have identified the root causes of its problems and mitigated those risks before they inflicted significant damage.</span></p><p><span style="font-weight:400;">While Wells Fargo can’t go back in time to fix its mistakes, it can take steps to make sure this never happens again. The first of these steps are outlined in a free on-demand video webinar,</span> <a href="https://www.logicmanager.com/register-integrate-governance-areas-webinar/"><span style="font-weight:400;">How to Operationalize Risk Management</span></a><span style="font-weight:400;">, which provides a step-by-step guide to setting up an effective ERM program.</span></p><p><span style="font-weight:400;">The final topic in our series is presenting</span> <a href="https://www.logicmanager.com/grc-software/risk-management/"><span style="font-weight:400;">enterprise risk management</span></a> <span style="font-weight:400;">to the board of directors. We cover everything you need to know in our free on-demand video webinar: “</span><a href="https://www.logicmanager.com/register-presenting-erm-to-the-board-webinar/"><span style="font-weight:400;">Present ERM to the Board</span></a><span style="font-weight:400;">.” This approach would make risk management activities relevant to all employees, ensuring the company’s risks are managed effectively.</span></p><p><span style="font-weight:400;">Wells Fargo appears to be getting the message. Time will tell if the changes being made will allow the bank to successfully rebuild its reputation and regain the trust of its customers, investors, and regulators.</span></p><p><em><span style="font-weight:400;">This blog was originally published on <a href="https://www.logicmanager.com/erm-software/2018/09/19/overcoming-failures-risk-management-wells-fargo-getting-message/" target="_blank">logicmanager.com</a>.</span></em></p></div>Learning How to Test and Learnhttps://globalriskcommunity.com/profiles/blogs/learning-how-to-test-and-learn2018-05-17T01:46:02.000Z2018-05-17T01:46:02.000ZEnrique Raul Suarezhttps://globalriskcommunity.com/members/EnriqueRaulSuarez<div><p></p><p></p><p style="text-align:center;"><a href="{{#staticFileLink}}8028274855,original{{/staticFileLink}}"><img src="{{#staticFileLink}}8028274855,original{{/staticFileLink}}" class="align-center" width="304" alt="8028274855?profile=original" /></a></p><h1 class="reader-article-header__title Sans-42px-black-85%-regular pt6 pb4" style="text-align:center;">Learning How to Test and Learn</h1><p style="text-align:center;"></p><p style="text-align:center;"></p><p style="text-align:center;">By: MIT CISR</p><p style="text-align:center;"></p><p style="text-align:center;"><strong>Author(s)</strong></p><p style="text-align:center;">Ross, Jeanne W. and Fonstad, Nils O.</p><p style="text-align:center;"></p><p style="text-align:center;"><strong>Type:</strong></p><p style="text-align:center;">Research Briefing</p><p style="text-align:center;"></p><p style="text-align:center;"><strong>Topics:</strong></p><p style="text-align:center;">Digital Innovation</p><p style="text-align:center;">Business Agility</p><p style="text-align:center;">IT Governance</p><p style="text-align:center;">IT Investment and Portfolio Management</p><p style="text-align:center;">IT-based Business Transformation</p><p style="text-align:center;"></p><p style="text-align:center;">2018-02-15</p><p style="text-align:center;"></p><p><strong>Abstract</strong>: To counter pervasive uncertainties in the business and technology environment and prioritize the most strategic innovation projects from myriad options, companies can take a test-and-learn approach to innovation investments. From our analysis of top-performing firms, we have identified three principles around which test-and-learn capabilities can be built: articulate a vision that focuses and guides innovation efforts; foster experimentation throughout the organization; and deepen engagement to coordinate interdependencies. This briefing describes each principle and discusses how one large firm, Deutsche Telekom, has applied these principles to increase the strategic impact of its digital innovations.</p><p>You can download the article in the below link:</p><p></p><p><a href="{{#staticFileLink}}8028274096,original{{/staticFileLink}}" target="_blank">2018_0201_TestAndLearn_FonstadRoss.pdf</a></p><p></p><p></p></div>VW in Need of Risk Management Rehab After Multiple Emissions-Testing Scandals Emergehttps://globalriskcommunity.com/profiles/blogs/vw-in-need-of-risk-management-rehab-after-multiple-emissions2018-03-27T15:00:00.000Z2018-03-27T15:00:00.000ZSteven Minskyhttps://globalriskcommunity.com/members/StevenMinsky<div><div class="fusion-fullwidth fullwidth-box nonhundred-percent-fullwidth non-hundred-percent-height-scrolling"><div class="fusion-builder-row fusion-row"><div class="fusion-layout-column fusion_builder_column fusion_builder_column_1_1 fusion-one-full fusion-column-first fusion-column-last 1_1"><div class="fusion-column-wrapper"><div class="fusion-text"><h6><span style="font-size:14pt;"><strong>According to reports uncovered earlier this year, Volkswagen conducted diesel-emissions testing on humans and animals from 2013 to 2015.</strong></span></h6></div><div class="fusion-text"><p><span>This</span><a href="https://www.nytimes.com/2018/01/25/world/europe/volkswagen-diesel-emissions-monkeys.html"><span> </span><span>report is the latest development</span></a><span> in a global scandal which revealed that VW diesel cars were emitting 40 times the legal standard of nitrogen oxide, causing smog and posing risks to public health. Volkswagen has already issued a guilty plea in response to federal charges of fraud and conspiracy in the United States and agreed to pay more than $26 billion in fines.</span></p><p><span>VW appears to have intentionally attempted to mislead both regulators and the public into believing that diesel emissions from their cars posed no public health risk.The purpose of the test was to prove that VW’s latest diesel technology had solved diesel pollution problems.</span></p></div></div></div></div></div><div class="fusion-fullwidth fullwidth-box nonhundred-percent-fullwidth non-hundred-percent-height-scrolling"><div class="fusion-builder-row fusion-row"><div class="fusion-layout-column fusion_builder_column fusion_builder_column_1_1 fusion-one-full fusion-column-first fusion-column-last fusion-blend-mode 1_1"><div class="fusion-column-wrapper"><div class="fusion-title title fusion-sep-none fusion-title-size-three fusion-border-below-title"><h3 class="title-heading-left"><span style="font-size:14pt;"><strong>Activities can be outsourced, but accountability cannot.</strong></span></h3></div></div></div></div></div><div class="fusion-fullwidth fullwidth-box nonhundred-percent-fullwidth non-hundred-percent-height-scrolling"><div class="fusion-builder-row fusion-row"><div class="fusion-layout-column fusion_builder_column fusion_builder_column_1_1 fusion-one-full fusion-column-first fusion-column-last 1_1"><div class="fusion-column-wrapper"><div class="fusion-text"><p><span>Volkswagen Chief Executive Matthias Müller, who in 2015 became CEO after the company was hit with a scandal for evading emissions standards,</span><a href="http://together.volkswagenag.com/en/personal-statement-from-matthias-mueller-about-the-eugt-tests.html"><span> condemned </span></a><span>the experiments as “unethical and revolting.” Stating they had nothing to do with scientific research, he added that “there are things that you just don’t do.” </span></p><p><span>Volkswagen claimed that poor decisions were made by a few negligent employees, who funded an independent car lobby group, EUGT, to conduct illegal experiments and that management had no knowledge of the experiments.</span></p><div class="fusion-fullwidth fullwidth-box nonhundred-percent-fullwidth non-hundred-percent-height-scrolling"><div class="fusion-builder-row fusion-row"><div class="fusion-layout-column fusion_builder_column fusion_builder_column_1_1 fusion-one-full fusion-column-first fusion-column-last 1_1"><div class="fusion-column-wrapper"><div class="fusion-text"><p><span>The fact remains, however, that this scandal was 100% preventable. VW outsourced the activity by paying an outside research group, which is a failure in vendor risk management. Operations can be outsourced to a vendor, but the ownership and accountability for the risk cannot be outsourced and belongs with VW, who funded the study.</span></p><p><span>The activities and funding were known by managers on the front lines and would have been uncovered and prevented through an enterprise risk management process.</span></p></div></div></div></div></div><div class="fusion-fullwidth fullwidth-box nonhundred-percent-fullwidth non-hundred-percent-height-scrolling"><div class="fusion-builder-row fusion-row"><div class="fusion-layout-column fusion_builder_column fusion_builder_column_1_1 fusion-one-full fusion-column-first fusion-column-last fusion-blend-mode 1_1"><div class="fusion-column-wrapper"><div class="fusion-title title fusion-sep-none fusion-title-size-three fusion-border-below-title"><h3 class="title-heading-left"><span style="font-size:14pt;"><strong>The VW emissions scandal highlights the weakness of many ESG-guided investment portfolios.</strong></span></h3></div></div></div></div></div><div class="fusion-fullwidth fullwidth-box nonhundred-percent-fullwidth non-hundred-percent-height-scrolling"><div class="fusion-builder-row fusion-row"><div class="fusion-layout-column fusion_builder_column fusion_builder_column_1_1 fusion-one-full fusion-column-first fusion-column-last 1_1"><div class="fusion-column-wrapper"><div class="fusion-text"><p><span>ESG (environmental, social and governance) is a generic term used in capital markets that describes investors who evaluate corporate behavior to determine the future financial performance of companies. The VW story also highlights the weakness of many ESG-guided portfolios that held full positions in VW shares. Such investors lacked meaningful transparency into their investment portfolios because they did not evaluate VW’s risk management programs in order to validate their ESG claims.</span></p><p><span>A year of vehicle recalls, plummeting sales and falling profits followed, and Volkswagen has seen 30 percent wiped off its share price and $18bn in fines from US regulators. Companies claiming to have ESG practices should be required to demonstrate the effectiveness of their governance, risk and compliance practices with the</span><a href="https://www.rims.org/Resources/ERM/Pages/RiskMaturityModel.aspx"><span> </span><span>RIMS Risk Maturity Model</span></a><span> I authored, which scores the effectiveness of risk management programs and is a proven model for assessing governance risk.</span></p><div class="post-content"><div class="fusion-fullwidth fullwidth-box nonhundred-percent-fullwidth non-hundred-percent-height-scrolling"><div class="fusion-builder-row fusion-row"><div class="fusion-layout-column fusion_builder_column fusion_builder_column_1_1 fusion-one-full fusion-column-first fusion-column-last 1_1"><div class="fusion-column-wrapper"><div class="fusion-text"><p><span>An</span><a href="http://onlinelibrary.wiley.com/doi/10.1111/jori.12035/abstract"><span> </span><span>independent study</span></a><span> by Queens University in the United Kingdom proves that organizations with adequate enterprise risk management programs have a 25% higher market value, meaning their stocks outperform their competitors. Investors and customers need to required evidence of effective risk management and governance processes to validate the ESG qualifications purported by corporations and the likelihood of a good investment.</span></p><p></p></div><div class="fusion-clearfix"><em>This article was originally published on <a href="https://www.logicmanager.com/erm-software/2018/03/27/vw-risk-management-rehab-multiple-emissions-testing-scandals-emerge/?utm_source=GlobalRisk&utm_medium=referral&utm_campaign=Referral%20Traffic" target="_blank">LogicManager.com.</a></em></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>ESG Investors Target Facebook for Repeat Failures in Risk Managementhttps://globalriskcommunity.com/profiles/blogs/esg-investors-target-facebook-for-repeat-failures-in-risk2018-03-23T17:30:00.000Z2018-03-23T17:30:00.000ZSteven Minskyhttps://globalriskcommunity.com/members/StevenMinsky<div><h6><span style="font-size:14pt;"><strong>Facebook’s market capitalization dropped as much as $60 billion after reports emerged that Cambridge Analytica, the data consulting firm used by the Trump Campaign, was given the data of around 50 million Facebook users without their consent.</strong></span></h6><p><span>The Cambridge Analytica scandal is the latest in a series of risk management failures that have plagued the social networking company, which has been grappling with its role in the dissemination of fake news propaganda during the 2016 U.S. presidential election.</span></p><p><span>The fallout from these repeated risk management failures is compounded by what I call the see-through economy: a fast-paced, ultra-transparent age of ever-increasing interconnectivity and technological innovation where consumers and investors can speak out when companies and brands fall afoul.</span></p><h3 class="title-heading-left"><span style="font-size:14pt;"><strong>Facebook’s Reputation Risk</strong></span></h3><p><span>Facebook is rapidly losing its reputation in the see-through economy. This means that the Facebook brand is tarnished. When a company’s brand does not meet the expectations of privacy and accountability, their users are more likely to choose an alternative product to make a statement. In Facebook’s case, users have organized themselves into a movement using the #deleteFacebook hashtag.</span></p><p><span>This is where the growing trend of Environmental, Social, and Governance (ESG) investing is a parallel outcropping of the see-through economy. ESG investors are sending a message that they’re tired of negligence and the mishandling of corporate scandals. Already, shareholders are speaking up about their expectations not being met in a corporation’s risk management programs.</span></p><p><span>Trillium Asset Management, on behalf of the Park Foundation (which owns Facebook shares), has </span><a href="https://www.mercurynews.com/2018/03/21/facebook-and-cambridge-analytica-big-shareholders-propose-changes-amid-chaos/"><span>called on the company</span></a><span> to establish a risk oversight committee that would “better review Facebook’s impact on society and how to mitigate risks.”</span></p><p><span>In January, I told Tony Chapelle of The Financial Time’s </span><a href="http://agendaweek.com/c/1858614/217383/facebook_twitter_social_media_risk_vise"><span>Agenda Week</span></a><span>, it’s clear to me that Facebook hasn’t taken a risk-based approach to solving this problem because the Facebook board declined to put critical pieces of the risk management process in place. Risk oversight committees with appropriate infrastructure, software, processes, and governance have been proven to be effective.</span></p><p><span>A risk oversight committee is responsible for the risk management process effectiveness that includes setting a risk tolerance that creates a balance between an adequate level of governance over third-party access. The risk tolerance should be based upon the risk-reward tradeoff of selling data or making it available to third parties versus the protection of the privacy rights of their user community. The risk tolerance framework is both measurable and enforceable.</span></p><h3 class="title-heading-left"><span style="font-size:14pt;"><strong>Harness the Power of the See-Through Economy with Enterprise Risk Management</strong></span></h3><p><span>All corporate scandals are preventable. These scandals are buried deep in the operations of the company, often known for six months to several years ahead of time and typically reported to supervisors and mid-level managers. The problem is that these individuals often can’t identify the root-cause of these incidents, and do not have the means to connect with employees across the silos of their work groups to understand how related risks transpire in other areas of the business. This means systemic risks aren’t addressed, and managers aren’t able to engage the right resources to fix the heart of the problem.</span></p><p><span>These days, companies seem to be in constant fear of the see-through economy. At LogicManager, we find our customers embrace it. Companies can use enterprise risk management to empower employees, making everyone a process improvement specialist. Instead of treating scandals, such as the one Facebook is embroiled in, as reactive one-off incidents, companies should be using enterprise risk management to identify the root causes of their concerns and address them.</span></p><p><span>If you’re a company like Facebook with countless third-party apps and partners that are using your data, there’s no way to manage all of those relationships effectively without enterprise risk management. In vendor management, the primary concern is prioritizing high-risk vendors, while ensuring that all vendors are held to the same standards. The capabilities of traditional audits, by the nature of their mandate, are limited, and can only adequately cover between 5% and 10% of operations at best with an in-depth independent investigation.</span></p><p><span>Implementing an enterprise risk management program is a complementary cost-effective and efficient means of prioritizing and managing all types of risks, including third-party relationship risk, something Facebook failed to do with Cambridge Analytica. This </span><a href="https://www.logicmanager.com/erm-software/product/risk-based-process/?utm_source=GlobalRisk&utm_medium=referral&utm_campaign=Referral%20Traffic">risk-based approach</a><span> decentralizes the risk identification and monitoring process, allowing front-line employees to bring attention to the vendors and partners they know their company relies on most, and score relationship risks objectively. ERM systems then find the connections between risks, controls, policies, and outcomes and escalate the gaps to the right level.</span></p><p><span>The truth is, it’s not enough to give your employees the power to escalate incidents, although this is an important step that most companies aren’t doing. You must take it further and connect incidents to root cause risks that can be evaluated, prioritized, and addressed accordingly. The effect of doing this brings attention to the root cause of problems and eliminate 100s if not 1000s or more of symptomatic effects, as seen in the </span><a href="https://www.logicmanager.com/case-study-integrating-risk-and-incident-management/?utm_source=GlobalRisk&utm_medium=referral&utm_campaign=Referral%20Traffic">case study</a><span> we did with Winona Health.</span></p><p><span>When this type of governance is put in place, you are crowdsourcing process improvement to specialist doing the job every day who are dedicated to accelerating the mission and success of their company.</span></p><p><span>Enterprise risk management is not only about preventing corporate scandals but will help organizations to build an operational culture designed around making processes and operations better; it gives all employees a voice and empowers them to initiate change at the right level with the right priority.</span></p><h3 class="title-heading-left"><span style="font-size:14pt;"><strong>Risk Tips to Improve Personal Privacy and Prevent Business Leaks</strong></span></h3><p><span>Have you checked what information you’re sharing and how your data is used by third-party Facebook applications?</span></p><p><span>Third-party apps still collect limited information on users’ friends, and it’s likely you and your friends have no idea it’s happening. </span><span>Here’s how to revoke Facebook app permissions and adjust privacy settings:</span></p><ol><li><span>Once logged onto Facebook, click the down arrow in the upper right corner and select “settings.”</span></li><li><span>Click “apps” on the left menu.</span></li><li><span>Hover over apps and click the “x” to remove permissions from any app you want to revoke permission from or the pencil icon to edit app permissions.</span></li></ol><p><span>To prevent unauthorized leaks at work, review application permissions and access settings for password length, complexity, and enforcement. Also, review user access, permissions, and feature access controls.</span></p><p><em>This was originally published on <a href="https://www.logicmanager.com/erm-software/2018/03/23/esg-investors-target-facebook-repeat-failures-risk-management/?utm_source=GlobalRisk&utm_medium=referral&utm_campaign=Referral%20Traffic" target="_blank">LogicManager.com</a>.</em></p></div>Wells Fargo Sanctions Send Message to U.S. Banks: Boards Are Accountable for Risk Management Failureshttps://globalriskcommunity.com/profiles/blogs/wells-fargo-sanctions-send-message-to-u-s-banks-boards-are2018-03-12T14:06:16.000Z2018-03-12T14:06:16.000ZSteven Minskyhttps://globalriskcommunity.com/members/StevenMinsky<div><div class="fusion-fullwidth fullwidth-box nonhundred-percent-fullwidth non-hundred-percent-height-scrolling"><div class="fusion-builder-row fusion-row"><div class="fusion-layout-column fusion_builder_column fusion_builder_column_1_1 fusion-one-full fusion-column-first fusion-column-last 1_1"><div class="fusion-column-wrapper"><div class="fusion-text"><div class="fusion-text"><h6><span style="font-size:14pt;">The Federal Reserve’s unprecedented sanctions against Wells Fargo announced on February 2, 2018, is a warning to bank boards: Directors, not just management, will be held accountable for failures in risk management that result from a lack of proper oversight.</span></h6></div></div><div class="fusion-text"><p><span>In addition to having to replace four of its board directors, the sanctions are constraining Wells Fargo’s growth. The Fed is prohibiting Wells Fargo from growing its balance sheet beyond the $1.95 trillion it held at the end of 2017. The bank expects to lose as much as $400 million in profit this year.</span></p><p><span>While Wells Fargo was the target of this “shock-and-awe” enforcement action, the Fed also sent a clear message to banks across the United States: They will hold board members responsible for failures in risk management.</span></p></div></div></div></div></div><div class="fusion-fullwidth fullwidth-box nonhundred-percent-fullwidth non-hundred-percent-height-scrolling"><div class="fusion-builder-row fusion-row"><div class="fusion-layout-column fusion_builder_column fusion_builder_column_1_1 fusion-one-full fusion-column-first fusion-column-last fusion-blend-mode 1_1"><div class="fusion-column-wrapper"><div class="fusion-title title fusion-sep-none fusion-title-size-three fusion-border-below-title"><h3 class="title-heading-left"><span>The Fed is signaling it will hold boards accountable.</span></h3></div></div></div></div></div><div class="fusion-fullwidth fullwidth-box nonhundred-percent-fullwidth non-hundred-percent-height-scrolling"><div class="fusion-builder-row fusion-row"><div class="fusion-layout-column fusion_builder_column fusion_builder_column_1_1 fusion-one-full fusion-column-first fusion-column-last 1_1"><div class="fusion-column-wrapper"><div class="fusion-text"><p><span>The actions were announced in a </span><a href="https://www.federalreserve.gov/newsevents/pressreleases/enforcement20180202a.htm"><span>press release</span></a><span> published on the Federal Reserve’s website on Janet Yellen’s final day as Chairwoman. This is another message to banks: Former investment banker Jerome Powell may be taking the reins as Chair, but banks should nevertheless expect continued demands for improved board oversight and risk management.</span></p><div class="fusion-text"><p><span>As Powell</span><a href="https://www.wsj.com/articles/federal-reserve-aims-to-go-easier-on-bank-directors-1501781762"><span> stated</span></a><span> in August 2017, “Across a range of responsibilities, we simply expect much more of boards of directors than ever before. There is no reason to expect that to change.”</span></p><p><span>Between 2009 and 2016, thousands of Wells Fargo employees signed up more than 3.5 million customers for checking and credit card accounts without their knowledge. In 2017, the bank announced that it had improperly charged about 800,000 auto loan borrowers for auto insurance.</span></p><p><span>Some believe this was due to the pressure associated with the sales process for goal achievement. However, as I’ve outlined in a series of </span><a href="https://www.logicmanager.com/erm-software/2017/08/09/wells-fargo-saga-continues-part-1/?utm_source=GlobalRisk&utm_medium=referral&utm_campaign=Referral%20Traffic">blog posts on Wells Fargo</a><span>, the employees involved in these failures cannot be seen as bad people doing bad things. They are good people in a bad process with weak controls. The proof of this being a systemic failure in risk management rather than simply an isolated sales problem as Wells Fargo tried to explain it, exists in the multiple recurrences of scandals across so many unrelated business areas. Until Wells Fargo’s board implements mature and effective risk oversight activities and mitigation processes across their organization, they will leave themselves open to more scandals in other departments.</span></p><p></p><div class="fusion-fullwidth fullwidth-box nonhundred-percent-fullwidth non-hundred-percent-height-scrolling"><div class="fusion-builder-row fusion-row"><div class="fusion-layout-column fusion_builder_column fusion_builder_column_1_1 fusion-one-full fusion-column-first fusion-column-last 1_1"><div class="fusion-column-wrapper"><div class="fusion-text"><p></p></div></div></div></div></div><div class="fusion-fullwidth fullwidth-box nonhundred-percent-fullwidth non-hundred-percent-height-scrolling"><div class="fusion-builder-row fusion-row"><div class="fusion-layout-column fusion_builder_column fusion_builder_column_1_1 fusion-one-full fusion-column-first fusion-column-last fusion-blend-mode 1_1"><div class="fusion-column-wrapper"><div class="fusion-title title fusion-sep-none fusion-title-size-three fusion-border-below-title"><h3 class="title-heading-left"><span>Board accountability is a fundamental requirement of good governance.</span></h3></div></div></div></div></div><div class="fusion-fullwidth fullwidth-box nonhundred-percent-fullwidth non-hundred-percent-height-scrolling"><div class="fusion-builder-row fusion-row"><div class="fusion-layout-column fusion_builder_column fusion_builder_column_1_1 fusion-one-full fusion-column-first fusion-column-last 1_1"><div class="fusion-column-wrapper"><div class="fusion-text"><p><span>Boards of directors must, through their risk oversight role, ensure the risk management policies and procedures designed and implemented by the company’s senior executives and risk managers are effective at identifying all risks and demonstrating assurance over the most material ones. Board members have a fiduciary responsibility to shareholders, and a moral responsibility to their customers, to do so.</span></p><p><span>As I exposed in my blog series and interviews in</span><a href="http://agendaweek.com/c/1475043/170163/experts_jail_likely_wells_fargo_board"><span> </span><span>Financial Times Agenda</span></a><span> and other publications, failures in risk management indicate negligence in the board’s duties to provide risk management oversight, and a breakdown in the audit risk management assurance process has deservedly resulted in the removal of board members. It is the Board’s fiduciary duty to ensure an effective systematic process supported by infrastructure, such as designated ERM software, in place that organizes, prioritizes and “connects the dots” between risk management activities that reach out to the front lines, across all silos.</span></p><p><span>Organizations must engage all areas of the business to receive the full benefits of enterprise risk management. This cannot be accomplished without support from the board of directors and the engagement of senior leadership.</span></p><p><em>This blog was originally published on <a href="https://www.logicmanager.com/erm-software/2018/03/12/wells-fargo-sanctions-send-message-to-us-banks-boards-accountable-risk-management-failures/?utm_source=GlobalRisk&utm_medium=referral&utm_campaign=Referral%20Traffic" target="_blank">LogicManager.com</a>.</em></p></div></div></div></div></div></div></div></div></div></div></div></div>How ERM Could Have Prevented the Uber and United Airlines Pitfallshttps://globalriskcommunity.com/profiles/blogs/how-erm-could-have-prevented-the-uber-and-united-airlines2017-10-13T14:40:56.000Z2017-10-13T14:40:56.000ZSteven Minskyhttps://globalriskcommunity.com/members/StevenMinsky<div><p><a href="{{#staticFileLink}}8028265253,original{{/staticFileLink}}"><img width="300" src="{{#staticFileLink}}8028265253,original{{/staticFileLink}}" class="align-right" alt="8028265253?profile=original" /></a>In an increasingly transparent world, failures in risk management within the widespread and nearly instantaneous reach of media outlets ranging from Facebook and Twitter to the Wall Street Journal have had destructive effects on companies like Uber. What started as an evidently ignored employee’s ‘incident report’ posted to a personal blog caught like wildfire only hours after she pressed the Share button. The blog caught the attention of the world’s most trusted news sources and cast a net so wide and so profound that skeptics and stakeholders began to question the future of the fast-growing ridesharing app.</p><p></p><p>The proceeding months led to a public investigation of Uber’s policies and identified a series of issues that tied back to risk management failures within executive management. More recently, these issues included an investigation into whether the (now former) CEO Travis Kalanick was aware an Uber engineer had stolen Google files before hiring him last year. Kalanick resigned under pressure from shareholders in June, and the company hired their new CEO Dara Khosrowshahi in August.</p><p></p><p>Similarly, United Airlines felt the wrath of social media when a video surfaced that showed local law enforcement physically removing Dr. David Dao from an overbooked plane. The aftermath of the video, and pending investigation into United Airlines’ policies, cost the company <a href="http://money.cnn.com/2017/04/11/investing/united-airlines-stock-passenger-flight-video/index.html">$250 million of its market value</a>.</p><p></p><p>The loss in market share not only reflects a slow in cash flow; it reflects a profound blow to the company’s reputation. According to Vipal Morgan of the <a href="https://www.wsj.com/articles/accountings-21st-century-challenge-how-to-value-intangible-assets-1458605126">Wall Street Journal</a>, intangible assets, such as brand reputation, account for 87% of the value of the S&P 500.</p><p></p><p>As said by Warren Buffet, “It takes 20 years to build a reputation and five minutes to ruin it.” Why is this? Because scandals cause outrage. Consumers are outraged that companies they once trusted to safely transport them from point A to point B failed them. Within moments of reading a single headline, valued customers began to question the hard-earned trust they instilled in these companies.</p><p></p><h2><strong>What’s the Solution?</strong></h2><p>With these examples of organizations suffering reputational damage because of social media, it’s evident that risk-based incident prevention pays more dividends than insurance packages, PR, and other attempts to recoup financial and reputational losses.</p><p></p><p>After United Airlines’ PR disaster, other major airlines publicized <a href="https://www.washingtonpost.com/news/dr-gridlock/wp/2017/04/17/after-united-dragging-incident3-major-airlines-change-policies-affecting-bumped-passengers/?utm_term=.d5125bf49156">changes to their policies</a>. Delta said in an internal memo that employees must offer up to $9,950 in compensation to give up seats on overbooked flights.</p><p></p><p>Here’s the kicker. Incident prevention isn’t just about having policies in place; it’s about making sure they’re being carried out. After all, United Airlines only offered Dr. Dao <a href="http://www.businessinsider.com/united-airlines-big-mistake-offering-cash-2017-4">$800</a> to give up his seat before forcing him off the aircraft, while their policy specifically stated a limit of $1,300.</p><p></p><p>Why was the policy not followed? United involuntarily removes 8,500 passengers a year. It was only a matter of time before a resisting passenger was caught on a smart phone video and posted online. Although changing the compensation limit tenfold may seem like a nice PR move, if changes to the risk management program to ensure the policy is followed are not put in place, you can bet another scandal is around the corner.</p><p></p><p>What if United had leveraged a system that measured the effectiveness of policies in place? What if the sexual harassment incident reported by Uber employee Susan J Fowler had been escalated to the proper level and acted upon? What if there was an integrated system in place that required routine incident and policy risk assessment screenings?</p><p></p><p>The United Airlines and Uber scandals aren’t failures in writing proper policy. They’re failures in good governance through enterprise risk management. Operationalizing the risk management governance needed across the organization to prevent these scandals is not just recommended, it’s an obligation. Every company, no matter its industry, product, or service, impacts employees, customers, stakeholders, and the community at large. Failure to do so will guarantee a repeating series of devastating scandals in the future. Just look at <a href="http://www.logicmanager.com/erm-software/2017/08/09/wells-fargo-saga-continues-part-1/?utm_source=GlobalRisk&utm_medium=referral&utm_campaign=Referral%20Traffic">Wells Fargo</a>, Chipotle, Kmart and thousands of other firms that haven’t made the news but have suffered the reputational damage among their customer base all the same for failures in risk management governance.</p><p></p><p>Fortunately, today’s ERM solutions can identify and assess risks and guide the proper controls and policies to counter them through effective mitigation and monitoring. Ultimately, ERM solutions help businesses achieve <a href="http://www.logicmanager.com/erm-software/2017/04/25/good-governance/?utm_source=GlobalRisk&utm_medium=referral&utm_campaign=Referral%20Traffic">good governance through risk manageme</a>nt by ensuring controls, policies, and other mitigation tactics are linked together operationally by tying them directly to specific operational risks.</p><p></p><p><a href="http://www.logicmanager.com/enterprise-risk-management-software-demo/?utm_source=GlobalRisk&utm_medium=referral&utm_campaign=Referral%20Traffic"><b><i>Request a personalized demonstration</i></b></a> <b><i>to learn how LogicManager’s ERM software safeguards thousands of organizations from harmful pitfalls through effective enterprise risk management.</i></b></p><p></p></div>Paris Climate Accord Debate: Tone from the Top or Not?https://globalriskcommunity.com/profiles/blogs/paris-climate-accord-debate-tone-from-the-top-or-not2017-06-07T20:30:00.000Z2017-06-07T20:30:00.000ZSteven Minskyhttps://globalriskcommunity.com/members/StevenMinsky<div><p><a href="http://www.npr.org/sections/thetwo-way/2017/06/01/531048986/so-what-exactly-is-in-the-paris-climate-accord" target="_blank"><img width="300" src="{{#staticFileLink}}8028258874,original{{/staticFileLink}}" class="align-right" alt="8028258874?profile=original" /></a>At lunch recently, I opened my fortune cookie and found this message inside: “Any journey must begin with a single step, and you can be the one to take it.” That simple message inspired me to write this blog.</p><p>Events taking place after the Trump administration withdrew from the Paris climate agreement have demonstrated there is more than one way to get things done.</p><p>A few mayors throughout the country individually decided to take action. Now, the movement has blossomed, and more than 200 mayors, seven governors, and the state of California have stepped up to meet the Paris climate accord obligations.</p><p>Emissions come mostly from cities and their dense populations. If these cities operationalize climate policies themselves, emissions will be reduced – regardless of whether or not the Paris Agreement has executive support.</p><p>This reminds us of an important fact: formalized, centralized support, whether from the federal government or a corporation’s board, is not required to implement a policy. The front-line operating departments are where the rubber meets the road in terms of real action.</p><p></p><p><strong><span class="font-size-3">Just Because It Can't Be Done the "Normal" Way Doesn't Mean It Can't Be Done at All</span></strong></p><p>Recently, headlines have been filled with outrages and scandals related to poor governance. The <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/2016/09/20/wells-fargo-scandal-risk-management/">Wells Fargo</a></span> accounts scandal, the <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/2015/10/05/volkswagen-enterprise-risk-management-accountability/">Volkswagen emissions scandal</a></span>, and the <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/2016/02/09/chipotle-case-study-risk-management/">Chipotle outbreak</a></span> are just a few examples of what can result from poor governance and risk management.</p><p>Employees around the world may look at events like those listed above and think, <em>How could my own actions, or even my team’s actions, possibly influence such large-scale events? </em>After all, if senior leadership doesn’t prioritize risk management and the prevention of surprises, isn’t it next to impossible for individual departments to take action?</p><p><span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/2017/04/25/good-governance/">Good governance</a></span> and all its attributes can exist at any level. Front-line managers, the operational level, are the biggest influencers on the achievement of strategic goals.</p><p>When you see an opportunity for improvement at your organization, how are you going to act? Unification through a common cause – whether within or across departments – is a powerful catalyst for change.</p><p>The 211 mayors that have continued to support the Paris climate accord are a source of inspiration and evidence that #goodgovernance is powerful at the operational level.</p><p>Stepping forward and fighting to manage tomorrow’s surprises today can and should be done – with or without the “tone from the top.”</p><p>Enterprise risk management is never a check-the-box exercise and is more than a just a process. It’s a mission to fight negligence, prevent scandals, and create empowerment by turning outrage into positive outcomes. We can put an end to endless meetings, the politics of resource allocation, and the dysfunction of disparate, tedious processes in silos that threaten our livelihood and what we believe in.</p><p>We are not innocent bystanders and we are not powerless. We are the “mayors” of our working groups at our organizations. We demand good governance, and ERM is the best way to achieve it.</p><p></p><p><strong><em>Learn more about how to take your next step for better governance with </em></strong><span style="text-decoration:underline;"><a href="http://www.logicmanager.com/build-business-case-for-erm-software-ebook/"><strong><em>enterprise risk management</em></strong></a></span><strong><em> at your organization.</em></strong></p><p></p><p><strong><em><br /></em></strong> <em><a href="http://www.npr.org/sections/thetwo-way/2017/06/01/531048986/so-what-exactly-is-in-the-paris-climate-accord" target="_blank">[image from npr.org]</a><br /></em></p></div>What Is Good Governance, and Why Do We Care?https://globalriskcommunity.com/profiles/blogs/what-is-good-governance-and-why-do-we-care2017-04-25T19:09:14.000Z2017-04-25T19:09:14.000ZSteven Minskyhttps://globalriskcommunity.com/members/StevenMinsky<div><p><a href="{{#staticFileLink}}8028257055,original{{/staticFileLink}}"><img width="275" src="{{#staticFileLink}}8028257055,original{{/staticFileLink}}" class="align-right" style="padding:2px;" alt="8028257055?profile=original" /></a>Governance is defined by the organizational processes used to make and implement decisions. Good governance is not necessarily making only the “correct” decisions. It’s using the best possible risk management process to inform decision-making, which has the potential to impact employees, customers, other stakeholders, and the community at large.</p><p>Optimizing organizational governance is not just recommended, it’s a moral and legal obligation. Every company, no matter its industry, product, or service, impacts every party mentioned above. Good governance – by holding each part of the organization to a high standard and by enabling surprises to be managed <em>before </em>they happen -- ensures this impact is positive.</p><p>The consequences of bad governance are manifold. Corporate scandals have dominated headlines in recent years. These failures would have been prevented if companies had governed themselves more responsibly. Instead, poor risk management and inadequate governance led to scandals including those at <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/2016/09/20/wells-fargo-scandal-risk-management/">Wells Fargo</a></span>, <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/2015/10/05/volkswagen-enterprise-risk-management-accountability/">Volkswagen</a></span>, <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/2016/06/02/risk-management-negligence-accident/">Plains All American Pipeline</a></span>, <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/2016/04/13/risk-management-negligence/">Dwolla</a></span>, <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/2016/02/09/chipotle-case-study-risk-management/">Chipotle</a></span>, <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/2016/07/28/wendys-data-breach/">Wendy’s</a></span>, and <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/2013/12/23/erm-report-targets-breach-an-needless-mishap/">Target</a></span>.</p><p>This trend can and must change. Poor governance affects all of us and is never excusable. It’s negligence, and a company that allows a scandal to unfold through negligence is not just being unjust, it’s violating its moral obligation to its stakeholders and community.</p><p>Tragedies will inevitably happen, but tragedies are unforeseeable realities of life. Scandals, on the other hand, evoke the outrage they do because (unlike tragedies) they are avoidable.</p><p>We’re fighting to make a change. LogicManager was founded on the belief that <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/grc-software/risk-management/">enterprise risk management</a></span> is the key to implementing and sustaining good governance. Our mission is to provide the tools and services that make this possible. Below, we’ll outline the important characteristics of good governance.</p><p></p><p><strong><span class="font-size-3">What Are the Main Characteristics of Good Governance?</span></strong></p><p></p><p><strong>Good governance creates accountability.</strong></p><p>Accountability is a fundamental requirement of good governance. Businesses have an obligation to <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/product/assess/">identify and assess</a></span> risk, implement appropriate <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/product/mitigate/">controls</a></span>, <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/product/monitor/">monitor</a></span> their effectiveness, and regularly <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/product/dashboard-reports/">report to the board</a></span>. Managers throughout the company need to be answerable for the consequences of risks, which impact customers, employees, and investors the organization serves.</p><p></p><p><strong>Good governance is transparent.</strong></p><p>As part of the risk management process, any employee should be able to escalate a concern, issue, or complaint for review. This means they’ll be able to clearly see:</p><ul><li>The status of an identified risk</li><li>What risk assessment and mitigation activities were reviewed</li><li>Which standard(s) were followed</li></ul><p></p><p><strong>Good governance saves money.</strong></p><p>Scandals are caused by negligence, and are therefore 100% preventable. Good governance protects the organization’s reputation, avoiding consequences such as lost revenue, higher operating costs, and even class action lawsuits. Such lawsuits, initiated by customers and investors, are often accompanied by regulatory scrutiny and penalties.<strong> </strong></p><p></p><p><strong>Good governance is responsive.</strong></p><p>Corporations must focus on customer needs while balancing competing interests in a timely, appropriate, and responsive manner. Enterprise risk management is as much about achieving goals as it is preventing scandals.</p><p><strong> </strong></p><p><strong>Good governance is equitable and inclusive.</strong></p><p>A customer and employee community’s well-being results from all of its members feeling their interests have been considered by management in the decision-making process. This means all customers, employees, and investors should have opportunities to escalate concerns as part of the risk management process.</p><p><strong> </strong></p><p><strong>Good governance is effective and efficient.</strong></p><p>Corporations should implement decisions and follow processes that make the best use of available people, resources, and time. This ensures the best possible results for customers, employees, and investors.</p><p><strong> </strong></p><p><strong>Good governance is participatory.</strong></p><p>Employees, vendors, or contractors performing tasks in a process should have the opportunity to provide subject-matter expertise as part of regular risk, control, and monitoring assessments. This is accomplished by providing a risk assessment to frontline supervisory employees and vendors, which require them to:</p><ul><li>Identify risks in their areas of operations</li><li>Identify what could go wrong</li><li>Provide their expert opinion on impact and likelihood, along with the effectiveness of current controls designed to prevent those risks from happening.</li></ul><p></p><p><strong><em>Learn more about the </em></strong><span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/product/risk-based-process/"><strong><em>risk-based process</em></strong></a></span><strong><em> and why it’s a critical component of sustainable good governance.</em></strong></p><p></p></div>Corporate governance in banks : Basel and the Big Jigsaw Puzzlehttps://globalriskcommunity.com/profiles/blogs/corporate-governance-in-banks-basel-and-the-big-jigsaw-puzzle2014-11-30T15:00:00.000Z2014-11-30T15:00:00.000ZDr Debashis Duttahttps://globalriskcommunity.com/members/DrDebashisDutta201<div><p><span>The Basel Committee on Banking Supervision has circulated a consultative document on corporate governance principles for banks in October 2014, issued for comments by 9th January 2015. This is an enhanced version of earlier paper issued in 2010 in response to credit crisis.</span></p><p></p><p><span>The main objective of corporate governance to enhance long-term shareholders’ value through right oversight mechanism. However, the implementation of corporate governance has always been a challenge, considering the opacity and complexity of the governance structure of the banks, along with the growing challenges in regulatory interface. The corporate governance in banks is unlike that in non-financial intuitions, as the bank can alter the risk compositions of the assets more than non-financial institutions. Further, the operations of the banks are more complex than that of non-financial institutions, generally. Studies on financial crisis showed evidence of relationship between default and influence of corporate governance structure on risk taking.</span></p><p></p><p><span>The governance objective of the bank to maximise shareholders’ wealth by taking good risk only. So there has a growing need to differentiate between good risk and bad risk, where corporate governance plays a crucial role. Risk appetite statement (RAS) is a board level document. It defines what risks a bank should take as the banks intend to avoid or mitigate bad risks. Risk appetite assesses the level of additional risk for additional opportunities. Good Corporate governance essentially means the bank understands and keeps right amount of good risks. Credit crisis is a natural experiment for risk in the governance.</span></p><p></p><p><span>The lesson learnt is good governance essentially means less bank failure. There are many talks around involvement of shareholders in governance process. However it is evidenced that more involved CEO led to better governance as his/her survival is dependent on the success of the bank. There are several discussion going around on independence of risk managers An elevated Chief Risk Officer (CRO) is crucial for good corporate governance. Higher that status of Chief Risk Officer lesser the risks for the bank. There is also a need to put in place of an entranced process rather than just policy. The process needs to ensure that the risk manager reports independent of the business lines that he/she is monitoring. Other important areas are risk quantification and risk organisation. Differentiation between good risk and bad risk, and risk aggregation across different risks bank wide, need to be ensured. Risk organisation structure should be optimal for the bank with visibility of right decision making process. Risk organisation is bank-specific as it differs from bank to bank. Shareholding patterns also have an impact.</span></p><p></p><p><span>The lower-level managers with considerable shareholdings and direct influences on the bank’s daily operations may take on more risk for moral hazard problem. Independence of board directors and quality of independent director is crucial for corporate governance. Especially for the independent director enjoys a higher public visibility and is subject to reputation risk for default of the bank. This ensures more involvement of the independent director. No evidence is found on the relationship between board size and performance of the bank.</span></p><p></p><p><span>The board should be well qualified to challenge the management of the bank on risk governance. However, a reputed financial institution, in question during credit crisis, had a board containing a former CEO, a top fund manager, and a previous member of the Bank of England’s governing body. Despite of these, the financial institution could not perform well in credit crisis. Another point is risk culture. Risk culture is needed to be built in the process accessible to everybody in the organisation.</span></p><p></p><p><span>The effectiveness of corporate governance is also reflected in market discipline. Disclosures assume importance to all as many of the banks are too complex in structure to understand, which raises “too-complex-to-fail” problem. Regarding compensation, the bank’s board should measure the effect of compensation on the bank’s solvency which necessitates building right metrics. During the financial crisis, it was found that compensation with higher-risk taking incentives worked against the right governance. The excess risk taking by CEO may be controlled by linking CEO’s compensation to the bank's CDS spread.</span></p><p></p><p><span>A peer review conducted by Financial Stability Board (FSB) in 2014 says that banks have made good progress in improving corporate governance. However, many issues to needs to be raised and resolved. So, let us wait to see the comments to be received from the banks on the BCBS paper on the corporate governance in banks under consultation.</span></p></div>Discussing Risk Data Strategy: An Interview with Philip Chamberlainhttps://globalriskcommunity.com/profiles/blogs/discussing-risk-data-strategy-an-interview-with-philip2014-08-29T13:00:00.000Z2014-08-29T13:00:00.000ZAbby Wilsonhttps://globalriskcommunity.com/members/AbbyWilson<div><p align="left"><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">Risk data is an area that has been largely overlooked for many years. Today the situation is different and the area is facing increasing regulatory scrutiny, as Systemically Important Financial Institutions (SIFIs) rush to comply with the Basel 239 Principles for Effective Risk Data Aggregation and Risk Reporting. An enterprise’s success depends on its ability to analyze risk data efficiently and effectively, in ways that uncover both risks and opportunities. Being able to extract and escalate critical risk information is nearly impossible without a robust risk management framework supported by a strong technology infrastructure.</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><a href="{{#staticFileLink}}8028229652,original{{/staticFileLink}}"><img width="750" class="align-left" src="{{#staticFileLink}}8028229652,original{{/staticFileLink}}" height="155" alt="8028229652?profile=original" /></a>Philip Chamberlain, Vice President, Risk Governance and Risk Appetite at the Prudential Insurance Company of America recently spoke with <strong>GFMI</strong> about key topics to be discussed at their upcoming <strong>Risk Data Aggregation, Governance and Reporting Conference</strong>, November 3-4, 2014 at the Double Tree by Hilton Metropolitan in New York City.</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">Why is risk data such a key issue for financial institutions now?</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><strong>Philip Chamberlain</strong>:<font size="2" face="Calibri,Calibri"><font size="2" face="Calibri,Calibri">Relevant information about an institution’s exposure to loss, and about the product and financial markets around us, has always been critical to managing a financial institution. Two facts, however, focus the issue more sharply for us now. First, we are well into a data capture and storage revolution that raises the bar on what a financial institution can and should infer from its risk data resources. Some financial institutions will fully seize the opportunity; those who do not will find themselves operating at a big disadvantage going forward. Second, financial regulators have greatly expanded their requirements for analysis and reporting of risk data, as to volume, precision and timeliness. For the institutions subject to the higher-level requirements, required regulatory risk data is a critical challenge in itself, and a costly one.</font></font></span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">What are the key challenges institutions are facing in creating a holistic view of risk data?</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><strong>PC:</strong> <font size="2" face="Calibri,Calibri"><font size="2" face="Calibri,Calibri">Like computers and computer programs, much financial reporting amounts to processing facts by established rules, as may be seen in external financial reporting statements, regulatory report filings and income tax returns. Risk is different, at least for management use. Risk is analysis, and analysis needs to be consistent over the enterprise in order to have comparable facts in your risk equation. This is a challenge of common concepts, vocabulary and measurement, all of it difficult in a larger financial institution. Doing a thorough job of capturing material risk data is also costly, and must be done with consistent leadership over years, not months. Finally, there is the trap of aiming for regulatory compliance as the objective. Difficult as it may be, each institution needs to define a risk data environment that best meets its risk management needs—a superset beyond regulatory requirements.</font></font></span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">What is the importance of standardizing terminology for risk data</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><b><font size="2">PC:</font></b> <font size="2" face="Calibri,Calibri"><font size="2" face="Calibri,Calibri">High-quality risk analysis always depends on clear definitions, starting with terminology and extending to all risk data captured. If one has a problem involving apples, oranges and pomegranates, so to speak, it does no good to discuss the problem in terms of "fruit." Managerial (non-regulatory) definitions are the most challenging, and the most critical. With a diverse group of analysts and managers, an institution needs to insist on the clear focus of consistent terminology.</font></font></span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">What do you think attendees will gain from attending this event?</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><strong>PC:</strong> <font size="2" face="Calibri,Calibri"><font size="2" face="Calibri,Calibri"><font size="2" face="Calibri,Calibri">Attendees will benefit from the perspectives and priorities of professionals who have worked in organizing and reporting financial data on a grand scale. I have had the privilege of working alongside some of the other speakers, and can attest to their skills, experience and insight. The next best thing to acquiring experience personally is to borrow it from speakers and participants at programs like this one.</font></font></font></span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">Philip Chamberlain will be leading the session "Normalizing Risk Data Terminology to Ensure an Enterprise-Wide Risk Data Strategy" on Monday, November 3, 2014 at the <strong>GMFI Risk Data Aggregation, Governance and Reporting Conference</strong>.</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">For more information regarding this conference, including pricing and registration, please contact</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><b><font size="2">Abby Wilson</font></b><font size="2" face="Calibri,Calibri"><font size="2" face="Calibri,Calibri">, Media & PR Coordinator, at (312) 894-6313 or abbyw@global-fmi.com</font></font><font size="3" face="Calibri,Calibri"><font size="3" face="Calibri,Calibri">.</font></font></span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">About Philip Chamberlain</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">Mr. Chamberlain is a Financial Risk Engineer focused on the issues of large financial institutions. He is currently Vice President, Risk Governance and Risk Appetite in Enterprise Risk Management at Prudential Insurance. Until 2010, he was a Managing Director in the Bank of New York Mellon's Risk Management Sector. Responsibilities included firm-wide Basel II implementation, functional leadership for BNY's Basel II credit implementation, stress testing, economic capital, economic credit portfolio model, return on credit risk and internal ratings models, risk data warehousing, and credit risk data generally. A graduate of Yale and New York Universities, Mr. Chamberlain's career with the Bank of New York reached back to 1973, with the last ten years focused on Basel II implementation.</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">About Global Financial Markets Intelligence</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">GFMI is a specialized provider of content-led conferences for the financial markets. Carefully researched with leading financial market experts, our focused quality events deliver key bottom-line value through targeted presentations, interactive discussions and high-level networking opportunities.</span></p></div>Change Management and Operational Risk with AllianceBernsten, L.P.https://globalriskcommunity.com/profiles/blogs/change-management-and-operational-risk-with-alliancebernsten-l-12013-08-16T21:20:34.000Z2013-08-16T21:20:34.000ZTyler Kelchhttps://globalriskcommunity.com/members/TylerKelch<div><p>Interview with Paul Emerson, Vice President, Asset Allocation, Risk Management at AllianceBernstein, L.P.</p><p>Operational <a href="http://www.marcusevans-conferences-northamerican.com/ERMCanada_JD">risk management</a> has moved beyond the simple calculation of capital requirements. Today operational risk managers need to have a proactive, holistic approach to operational risk to ensure they maintain their organizations’ profitability and reputation. Recent financial scandals have shown that operational risk could bring tremendous losses and not every firm is capable of recovering from them.</p><p>Paul Emerson answered a series of questions written by GFMI before the forthcoming <a href="http://www.global-fmi.com/POPR2013_PE" target="_blank">Proactive Operational Risk Management Conference</a>, September 9-11, 2013 in New York, NY. Mr. Emerson shares his thoughts below on why good change management starts with the right tone from the top.</p><p><b>How important are operational risks in the change management process?</b></p><p><b>Paul Emerson:</b> Change represents one of the greatest stresses on our people, processes and systems. In fact, it would not be a stretch to think of change as a category of operational risk itself. Therefore, the business managers must take all the risks and controls that are implicated in the change into consideration to insure the process doesn’t break. Cutting corners on this review could ultimately place the client experience, and a new product or initiative’s commercial viability, at risk.</p><p><b>How do you develop strong working relationships between operational risk and product development teams?</b></p><p><b>PE:</b> A strong working relationship is one that can only be built on mutual respect. I have found that the most important way to build this relationship is to show that the risk team’s involvement is one that adds value. It is not enough to just be present in the discussions. Rather, the <a href="http://www.marcusevansassets.com/HTML/Interview%20Questions_Diana%20Graham_ERM%20Conf%20Oct%202_Final%20Changes.pdf">risk management</a> engagement should be limited to our areas of expertise and should be clearly defined and focused. Building this relationship is only part of the battle. It is equally important for the business leaders to see the benefit of the risk management’s engagement, as opposed to the potential costs. Without senior leadership support, this working relationship will have little chance of long term success.</p><p><b>How do you make sure operational risk is managed and controlled over the whole product life cycle?</b></p><p><b>PE:</b> When the culture of the firm makes it clear that business managers are the primary line of defense for operational risk and are similarly incentivized, operational risk should theoretically always be managed throughout the whole product life cycle. In recognition of the experiential differences between the firm’s managers, AllianceBernstein has mandated that a full risk review of each new product be considered early in the product development process. Once the product is launched, we require a reconsideration of the department’s risk map, which (the catalogue or process level risks and controls) incorporates any material changes to the processes.</p><p><b>How do you make sure innovation is not restricted by operational risk threats?</b></p><p><b>PE:</b> A critical skill of a good risk manager is the ability to think creatively so that they don’t restrict innovation. Risk managers should not be in the business of saying “no” unless it is absolutely necessary. Rather, we are engaged by business managers to help them manage the concerns they have. If we get in the habit of stopping progress or slowing innovation, we will stop getting those calls. The best way to prevent this negative impact is to increase the dialogue between the business who is innovating, and the middle back office staff that is being strained. As a result of open and honest discussions, we can almost always find a compromise (delayed launch, limited release, increased technology support, etc.) that is satisfactory to all. </p><p><b>What do you think attendees would gain by attending the conference?</b></p><p><b>PE:</b> It is my hope that attendees will gain a better appreciation of all the elements that a company must have in place to properly manage their business through change. </p><p><i>Paul Emerson is a Vice President and risk manager responsible for the coordinated risk management support for AllianceBernstein’s Asset Allocation business. He previously served as an operational risk officer for the Fixed Income and Technology business units and as the global head of error management.</i></p><p>For more information please contact Michele Westergaard, Senior Marketing Manager, Media & PR, marcus evans at 312-894-6377 or <a href="mailto:Michele@globalfmi.com">Michele@globalfmi.com</a>. </p><p><b>About Global Financial Markets Intelligence</b></p><p><i>GFMI is a specialized provider of content led conferences for the financial markets. Carefully researched with leading financial market experts, our focused quality events deliver key bottom line value through targeted presentations, interactive discussions and high level networking opportunities. </i></p></div>Experts Reveal How Developing Operational Risk Tools Minimize Operational Losseshttps://globalriskcommunity.com/profiles/blogs/experts-reveal-how-developing-operational-risk-tools-minimize2013-08-16T21:07:57.000Z2013-08-16T21:07:57.000ZTyler Kelchhttps://globalriskcommunity.com/members/TylerKelch<div><p>Operational risk management has evolved from the simple calculation of capital requirements to a proactive, holistic approach. This new strategy ensures that operational risk managers maintain their organizations’ profitability and brand reputation. In fact, recent financial scandals revealed that operational risk can result in incredible losses that many organizations can sometimes never fully recover from.</p><p>According to Ger Jan Meijer, Director of Operational Risk Management for Citco Fund Services (USA) Inc., there are several key steps that all organizations must take to develop a holistic approach to operational risk governance. Meijer will speak about operational risk at the Global Financial Markets Intelligence (GFMI) <a href="http://www.global-fmi.com/POPR_GJ">Proactive Operational Risk Management Conference</a>, September 9-11 in New York. <i>(Note: The views expressed in this interview are those of Ger Jan Meijer and are not necessarily representative of, and should not be attributed to, Citco Fund Services (USA) Inc.)</i></p><p>“Companies need to take risks to create value and manage risks to protect value,” Meijer said. “The challenge is to find and keep a good balance between risk and reward in a fast-changing and increasingly complex environment. Companies have to deal with new technologies, more regulations and even new disaster scenarios because of climate change. You need to find the risk before its finds you.”</p><p>Meijer pointed out that organizations must prepare for many types of operational risk, including:</p><ul><li>Internal Fraud: misappropriation of assets, tax evasion, intentional mismarking of positions and bribery.</li><li>External Fraud: theft of information, hacking damage, third-party theft and forgery.</li><li>Employment Practices and Workplace Safety: discrimination, workers compensation, employee health and safety.</li><li>Clients, Products, and Business Practice: market manipulation, antitrust, improper trade, product defects, fiduciary breaches and account churning.</li><li>Damage to Physical Assets: natural disasters, terrorism and vandalism.</li><li>Business Disruption and Systems Failures: utility disruptions, software failures and hardware failures.</li><li>Execution, Delivery, and Process Management: data entry errors, accounting errors, failed mandatory reporting and negligent loss of client assets.</li></ul><p>“I believe that the Basel II event type categories are still a good starting point for an initial risk assessment,” Meijer said. “However, every organization has its own risk profile with different vulnerability levels for each category of risk.”</p><p>Meijer also pointed out that the most commonly overlooked operational risks inside an organization are those related to silos. “Silo mentality can result in a lack of understanding of operational risk as a driver for other risk types or could result in not identifying certain operational risks due to not fully understanding the entire process and interdependencies.”</p><p>This is the exact reason why Meijer emphasizes the importance of risk managers following a cross-silo (holistic) approach, which includes integrating the following strategies into their plan:</p><ul><li>Developing an organizational-wide view of operational risk, including determining the organization’s risk appetite.</li><li>Designing and implementing a single, unified governance risk and compliance framework to identify, assess, mitigate and manage (monitor) risk.</li><li>Developing systems to manage operational risk across different business units.</li><li>Producing robust operational risk policies.</li><li>Developing operational risk control matrices and risk reporting.</li></ul><p>“It is not easy to objectively measure the added value of an effective operational risk management program,” Meijer explained. “However, certain statistics and trends can prove added value and success of an effective operational risk management program, e.g., incidents, KRI and KPI levels, client satisfactory surveys audit findings and exit interviews.”</p><p>As a speaker at the 2013 GFMI Proactive Operational Risk Management Conference in New York, Meijer looks forward to hearing from his risk management colleagues with other organizations about their challenges. “Operational risk management is a relatively new discipline and still in development,” he said. “I’d like to get new ideas about how to further develop the risk management framework of within my current organization.”</p><p>The GFMI Proactive Operational Risk Management Conference will take place in New York, September 9-11. For more information, visit the <a href="http://www.global-fmi.com/POPR_GJ">Proactive Operational Risk Management Web page</a> or contact Tyler Kelch, Marketing & PR Coordinator, GFMI at 312-540-3000, ext. 6680 or <a href="mailto:tylerke@global-fmi.com">tylerke@global-fmi.com</a>.</p><p><b>About Global Financial Markets Intelligence</b></p><p><i>GFMI is a specialized provider of content-led conferences for the financial markets. Carefully researched with leading financial market experts, our focused quality events deliver key bottom-line value through targeted presentations, interactive discussions and high-level networking opportunities. </i></p><p> </p></div>ERM vs GRC: Which adds more value?https://globalriskcommunity.com/profiles/blogs/grc-vs-erm-software-which-adds-more-value2013-04-29T11:30:00.000Z2013-04-29T11:30:00.000ZSteven Minskyhttps://globalriskcommunity.com/members/StevenMinsky<div><p>Businesses began with Enterprise Risk Management (ERM) from the dawn of civilization. The first businesses were small and therefore one person knew all their customers, suppliers and processes. They knew all the risks within their business how they were connected to affect their business goals, which made it easy to manage both the upside and downside “impact of uncertainty on objectives”.</p><p>However, as the size of organizations grew in the industrial age, everyone became a specialist and groups of specialists were organized into departments. Risk began to be managed primarily within these departments resulting in a compliance type approach of just enforcing standards or buying insurance to limit this downside. The software industry in the 1980’s produced thousands of individual software applications that focused on just one small piece of risk or compliance activity, and as a result, organizations grew increasingly complex and business processes were disconnected from each other. The concept of Enterprise Risk Management for most became ad hoc and disorganized. Very few had mature and aligned enterprise-wide risk management practices, meaning resources were allocated based on “squeaky wheel” or “ghosts of Christmas past” principals rather than “bang for the buck” of business impact priorities to corporate goals.</p><p><strong>Technology changes everything</strong><br /> In 2005, a new kind of software became possible which works across departments and business silos to discover the relationships to manage the complexity and automatically reconnect people, processes, goals and assets they use. Working much like social network platforms like Facebook or LinkedIn, <strong><a title="Enterprise Risk Management Software" href="http://www.logicmanager.com/product/">Enterprise Risk Management Software</a></strong> helps make the connection between risk in every job description and the allocation of resources to control these risks based on the priority of impact to the business goal of the organization.</p><p>This was a huge threat to the thousands of incumbent traditional software providers that were being used within businesses and they reacted by adopting the term <a title="GRC Software" href="http://www.logicmanager.com/knowledge-center/best-practice-articles/erm-vs-grc-what-is-the-difference/">GRC Software</a>, without changing the core design of their products. GRC stands for Governance, Risk and Compliance but is really a disparate, disconnected and overlapping collection of 28 primary single functions (with with numerous sub-categories). Sometimes these stand-alone applications are bolted together, with each component still an isolated software module, designed to do only one type of compliance with risk as an afterthought, or yet another separate module that compounds the isolation problem. When you add up the different single function software packages (estimated to be over 400), you end up with a random collection of vendors dating back over the past 25 years of incumbent, outdated technologies now renaming themselves under a banner of GRC software\ without agreeing on any standards. No apples-to-apples comparisons can be made across modules.</p><p>How does an organization make sense of all of this? How do you know what you are buying is the right platform and right vendor for your organization?</p><p>With <a title="Enterprise Risk Management software" href="http://www.logicmanager.com/product/">Enterprise Risk Management software</a> is about using standards to bridge departmental silos to gain efficiencies and manage all risks from the mail room to the board room and everywhere in between, while linking them all to the business goals of the organization.</p><p><strong>GRC Software is a dying platform</strong></p><p>Industry analysts agree that titling these as “GRC software” is a myopic Band-Aid approach to putting these things under one governance umbrella, and as a result is shrinking in adoption, whereas the ERM common platform, architected from the start to take advantage of the synergies and empower collaboration across business silos, is forecasted to almost double in the next 2-3 years from 14% to 25%. Boards, regulators and shareholders understand that with GRC, you can’t see the forest through the trees, and are requiring a holistic ERM analysis and reporting approach.</p><p><a title="ERM software" href="http://www.logicmanager.com/product/">ERM software</a> adoption is rapidly increasing because, just as Facebook and LinkedIn have quickly become ubiquitous social networks, ERM software provides a corporate network to help understand and manage the complexity of organizational relationships, as well as align everyone to common goals and reduce unnecessary redundancies and overlap between activities, so resources can be better applied, with more transparent decision making, to better manage risk and achieve performance.</p><p>To learn more about how straightforward building this corporate network is for your organization and the business case for streamlining governance with ERM<strong> <a title="watch this 5 minute video" href="http://www.logicmanager.com/streamline-governance-activities-erm-video">watch this 5 minute video</a></strong>.</p><p> </p></div>Managing Model Risks Associated with VAR Modelshttps://globalriskcommunity.com/profiles/blogs/managing-model-risks-associated-with-var-models2013-04-10T18:22:58.000Z2013-04-10T18:22:58.000ZMichele Westergaardhttps://globalriskcommunity.com/members/MicheleWestergaard<div><p>Errors in financial models that banks use on a daily basis could lead to tremendous financial and non-financial losses. It is crucial for banks to understand how they could minimize and manage model risk effectively. In addition, the OCC and the Federal Reserve have recently released new guidelines on model risk management, which will significantly modify their existing model risk management practices.</p><p> </p><p>Vilen Abramov, Vice President, Model Risk Control at KeyBank answered a series of questions written by GFMI before the forthcoming <a href="http://www.global-fmi.com/ModelRisk2013_VA">2<sup>nd</sup> Edition Model Risk Conference</a>, June 10-12, 2013 in New York, NY. Mr. Abramov shares his thoughts below on the management of risks associated with VAR.</p><p><b> </b></p><p><b>What are the key processes and techniques for ensuring model risk is minimized in VaR models?</b></p><p> </p><p><b>Vilen Abramov:</b> KeyBank has established three lines of defense for the model risk control. In case of VaR models, the first line of defense is the Market Risk Management (MRM) group. As the first line of defense, MRM has established controls for all stages of the VaR production process in the following manner.</p><p> </p><p>- inputs stage controls</p><p> </p><p>(i) positional data reconciliation</p><p>(ii) terms and conditions mapping</p><p>(iii) market data integrity testing</p><p> </p><p>- processing stage controls</p><p> </p><p>(i) risk factors set completeness and granularity review</p><p>(ii) scenario definitions review</p><p> (iii) calibration procedures review</p><p> (iv) benchmarking pricing models</p><p> (v) documenting modeling assumptions/limitations/simplifications</p><p> </p><p>- output stage</p><p> </p><p>(i) backtesting general VaR (GVaR) and stressed VaR (SVaR)</p><p>(ii) p-value testing for GVaR and SVaR</p><p>(iii) stress testing and sensitivity testing</p><p> </p><p>MRM has established documentation standards which are in line with OCC 2000-16 and FRB SR 2011-07 guidance. It covers three major modeling validation stages: evaluation of conceptual soundness, evaluation of ongoing monitoring and evaluation of outcome analysis.</p><p> </p><p>The second line of defense is the Quantitative Risk Analysis (QRA) group. QRA independently validates VaR models on an annual basis. This role is responsible for reviewing the tests created by the MRM, for creating additional tests to their own satisfaction, and for making the final assertion that test coverage and depth is sufficient.</p><p> </p><p>The third line of defense is the Risk Review Group (RRG). RRG reviews the first and second lines of defense validations and ensures that the model validation standards are met. This role may also run additional tests if needed.</p><p> </p><p><b>What are the latest techniques and approaches for quantifying model risk?</b></p><p> </p><p><b>VA:</b> At KeyBank, MRM group is acting as an independent model validator for Treasury and Capital Markets areas. MRM has established performance metrics for all models and urged lines of business (LOBs) to start collecting the model performance data. This will allow MRM to quantify potential losses caused by the models' underperformance.</p><p> </p><p>As the first line of defense, MRM has established VaR performance metrics as well. In addition to the VaR backtesting and p-value testing, MRM uses the following metrics.</p><p> </p><p>- VaR netting effect</p><p> </p><p>VaR is neither sub-additive nor super-additive measure. In the case of super-additivity, using marginal VaRs for risk weighted assets (RWA) calculations may lead to a lower capital. On the other hand, in case of sub-additivity, using marginal VaRs for RWA calculations may lead to lower number of exceptions, and as a result lower multiplication factor and lower capital. In order to cure the potential underestimation of the regulatory capital, MRM has quantified the impact of the marginal VaR approach by comparing it to the netted VaR approach.</p><p> </p><p>- VaR scaling effect</p><p> </p><p>It is well know, that the “square root of time” scaling (e.g. when converting 1-day VaR into 10-day VaR) may lead to VaR underestimation. MRM has quantified the impact of the scaled VaR approach by running real 10-day VaR and comparing it to the scaled version.</p><p> </p><p>- SVaR time period selection</p><p> </p><p>MRM has established the SVaR/GVaR ratio metric to measure appropriateness of the time period selected for the SVaR calculations.</p><p> </p><p>- VaR regime shifting</p><p> </p><p>MRM has established “non-equally weighted VaR/equally weighted VaR” ratio to measure models’ sensitivities to the changes in the market conditions.</p><p> </p><p><b>What is the role of internal audit in managing model risk, for example, in VaR models?</b></p><p> </p><p><b>VA:</b> As it was stated earlier, RRG is KeyBank’s internal audit team which manages model risk. Its role is to ensure that the development process is followed (including sign off for model validation and for documentation), to ensure independence of VaR modelers from the affected LOBs and to ensure compliance with the regulatory and internal guidance and policies. As a trusted advisor, RRG makes recommendations for improvement, monitors remediation efforts and helps to ensure that adequate risk management practices are followed. The results of these activities are provided to key stakeholders, including the Board of Directors and associated committees, executive and line of business management and regulators.</p><p> </p><p><b>How could you ensure model risk management is an integral part of the wider enterprise risk management programme?</b></p><p> </p><p><b>VA:</b> KeyBank’s model risk control function is residing within Risk Management department. The model risk management responsibilities are handled by the three Risk Management subgroups: Quantitative Risk Analysis, Market Risk Management, and Strategic Analytics. These three subgroups along with RRG, Credit Portfolio Management (CPM), and Treasury constitute Model Risk Management Committee (MRMC). The MRMC provides governance and oversight of KeyBank’s model risk management. The committee operates as a subcommittee of the Enterprise Risk Management Committee (ERMC).</p><p> </p><p><b>You have attended our first Model Risk conference, what do you think you would gain by attending the second edition?</b></p><p> </p><p><b>VA:</b> It is a great opportunity to learn the best practices and listen to the new ideas. Having regulators and authors of the model risk management guidance share their ideas, provides invaluable insight into the field. Presentations provide invaluable information. Networking and building connections is very important in such a dynamic and fast growing field like model risk management.</p><p> </p><p><i>Since joining KeyBank in 2007, Vilen Abramov has risen steadily through the ranks to become vice president of modeling and model validation for market risk management, treasury and capital markets. His expertise comes from first-hand experience in market risk management, internal audit, and model validation areas. Vilen holds a Ph.D. in applied mathematics and PRM certification. KeyBank, headquartered in Cleveland and owned by KeyCorp, is the 25<sup>th</sup> largest bank in the United States with more than $86 bn in total assets.</i></p><p> </p><p>For more information please contact Michele Westergaard, Senior Marketing Manager, Media & PR, marcus evans at 312-540-3000 ext. 6625 or <a href="mailto:Michele@global-fmi.com">Michele@global-fmi.com</a>. </p></div>Risk Leadership: New Standards to Protect the Charitable Dollarhttps://globalriskcommunity.com/profiles/blogs/risk-leadership-new-standards-to-protect-the-charitable-dollar2013-01-31T02:19:15.000Z2013-01-31T02:19:15.000ZBryan Whitefieldhttps://globalriskcommunity.com/members/BryanWhitefield<div><div style="clear:both;"><b><i>Treasury's consultation paper on governance standards for charities to come into effect 1 July 2013 under the new Australian Charities and Not-for-profits Commission (ACNC) has the right approach and should provide all of us with increased confidence that our donations and tax dollars are in good hands.</i></b><br clear="none" /><br clear="none" />The paper draws on existing legislative principles for corporations to strengthen the accountability of management of charities and not-for profits and puts them in line with other business sectors.<br clear="none" /><br clear="none" />Here is a very quick overview of the six governance standards, however, <a href="/" target="_blank">you can download the entire document here</a> or <a href="/" target="_blank">you can visit the ACNC website</a> where there is additional guidance material.</div><div class="blog-text clearfix prel mtm mbm"><ul><li><b>Purpose:</b> This standard is set out simply and clearly. As a charity you are required to have a stated charitable purpose and you need to be able to communicate it to stakeholders and demonstrate your activities are in keeping with the purpose.</li></ul><p> </p><ul><li><b>Accountability to members:</b> This one is even more simply put. If the charity has a membership then those managing the charity should be accountable to them. There must be modes for members to query or raise concerns about the governance of the charity.</li></ul><p><span style="font-family:Verdana;color:#000000;"> </span></p><ul><li><b>Compliance with Australian laws:</b> You might think this one is a "no brainer", however, there is a little more to it. The ACNC wants to maintain some flexibility here to be able to take regulatory action against illegal activities without necessarily causing the charity to lose its charitable status. That is, if the situation can be corrected and the charitable purpose resumed, the ACNC wants the leeway to help make this happen.</li></ul><p> </p><ul><li><b>Responsible management of financial affairs:</b> Like the first two, this is cut and dried: be fiscally responsible.</li></ul><p> </p><ul><li><b>Suitability of responsible entities (an individual, corporation or trustee):</b> This standard draws on the approach of other regulators such as ASIC and APRA and holds the charity accountable for ensuring potentially unsuitable people are not in positions of authority. For example, it draws on disqualification under the Corporations Act as an example of an improper person.</li></ul><p> </p><ul><li><b>Register of disqualified responsible entities:</b> Again the ACNC is seeking additional scope. The ACNC will have the ability to disqualify an entity and maintain a published register of all those they disqualify. This will allow them to take action where the Corporations Law and other laws do not come into effect. Assuming they apply their powers appropriately, the register will be an additional protection for stakeholders of charities.</li></ul><p><br clear="none" /><b>IN ESSENCE -</b> The standards are not onerous and generally bring charities in line with other organisations we do business with. To meet the standards' objectives, charities will need to do enough to demonstrate compliance without creating a bureacratic nightmare that significantly increases the ratio of administration costs to the funds directly employed for the charitable purpose. <b> </b></p><p> </p><p><b><a href="http://www.rmpartners.com.au/">www.rmpartners.com.au</a></b></p><p> </p></div></div>