Blog

Interview with William Meehan, Executive Director, Capital Markets Trading Compliance at CIBC

The Volcker rule was published in December 2013 by US regulators and requires banks with over $10B trading assets and liabilities to prove that they are not participating in proprietary trading through the reporting requirements. It is a new regulation which has limited guidance from the regulators, causing confusion among banks. At the current time, the main focus for banks is to better understand the V

When we talk about probability and risk as they relate to healthcare they are two terms that often get confused and misused. In November 2014 I attended a National Press Club luncheon featuring Anthony Fauci, M.D., director of the National Institute of Allergy and Infectious Diseases (NIAID).[1] I attended Dr. Fauci’s lecture focused on the Ebola outbreak. As a Laboratorian and Health Educator there were many questions that I wanted to pose and gain knowledge on how the world was responding to t

Most people think of Risk Management in terms of finance, insurance and business. In healthcare, Risk Management seeks out errors with the potential to cause human harm. Risk Management consists of identifying, evaluating, and controlling the risk of these potential errors through a variety of quality control measures that become your medical practices’ Quality Control Plan. Risk Management is defined in ISO 14971 as the “systematic application of management policies, procedures, and practices t

Implementation deadlines have been and gone but banks are still living in Dodd-Frank’s shadow. One of the issues is that best practice hasn’t yet been agreed: the regulators still need to clarify standards. This is leaving many fumbling around in the dark for the right route to compliance.

While the regulators iron out the standards, several financial institutions have cobbled together ‘half-way house’ applications so they can tick the compliance box. Some have even resorted to Excel for a quick

Starting January 1, 2015, insurers across the United States are subject to a National Association of Insurance Commissioners (NAIC) model law requiring them to annually submit an Own Risk and Solvency Assessment (ORSA). ORSA is a self-assessment of sorts, requiring large and medium-size insurance groups* to report on their current and future risk management process.

ORSA Model Act outlines a few basic dimensions on which insurers will be analyzed. They include (1) effectiveness of risk management

Compliance professionals have it tough. While risk managers work in shades of grey (or often, red, yellow, and green), compliance officers are often asked to answer the more direct question: Do we meet this regulatory mandate?

While the task may differ, compliance professionals without enterprise risk management in their toolbox are at a significant disadvantage. Regulations are changing constantly, responsibility for compliance ranges from high level executives to analysts on the front line, and

The National Association of Insurance Commissioners adoption of the Risk Management and Own Risk and Solvency Assessment Model Act (RMORSA) requires insurance organizations to take a broader approach to risk management. As US insurers begin to mobilize their efforts to comply with the regulation by the 2015 deadline, it’s important for insurers to take a step back, leverage their existing risk management operations, and develop their RMORSA efforts with a mind to the future.

The groundwork for RM

The European Securities and Markets Authority (ESMA) has done it again. They quietly published a revised European Market Infrastructure Regulation (EMIR) timeline which postpones commencement of Trade Repository (TR) reporting until February 2014. This is no surprise as the recent third round of their Questions & Answers (Q&A) still left uncertainty among market participants.

There is no doubt that the regulation comes at a significant cost and requires wide-ranging operational enhancements to en

Risk Leadership: 3LoD

I saw this abbreviation, 3LoD, in a presentation the other day and it took me a few seconds before I worked out it refers to the Institute of Internal Auditors' whitepaper entitled The Three Lines of Defence. There are some very good aspects to the paper and a few I am not so keen on.

3LoD has a good summary of the different roles and responsibilities of management, risk and compliance teams and internal audit:

• Managers manage their risks by putting into place processes and s

Businesses began with Enterprise Risk Management (ERM) from the dawn of civilization. The first businesses were small and therefore one person knew all their customers, suppliers and processes. They knew all the risks within their business how they were connected to affect their business goals, which made it easy to manage both the upside and downside “impact of uncertainty on objectives”.

However, as the size of organizations grew in the industrial age, everyone became a specialist and groups of

Federal and state regulatory compliance requirements have grown exponentially and touch all operational areas. Compliance has become very complex and expensive with extensive new regulations, multiple overlapping information sources, and operational impacts that are difficult to identify and track. Financial Institutions typically manage compliance workflows manually, which is difficult in multiple branch or interstate operations, and across multiple lines of business. As a result, compliance an

After EMIR, Basel III and Dodd Frank, MiFID II is now on the horizon. Are you keeping up with the latest regulatory developments in the market?

Alarmed by the impact of the latest financial crisis, regulators globally have released a set of new regulations. While most financial institutions are already working diligently on the implementation of EMIR, Basel III and Dodd Frank, the change in the EU Council presidency to Ireland and the current consultations around MiFID II give further incentives

The past three years have seen a number of man-made and natural disasters bring risk management demands to the forefront of executives and board directors. Fat-tail risks that have a low probability, but a very high impact to the organization, such as the Japanese tsunami, the Gulf of Mexico oil spill or the euro-zone liquidity crisis, have been front and center, creating a renewed interest in enterprise risk management (ERM) practices.

John Brown, Director, Risk Management, Supply Chain & Techni

In my last blog and On-Demand Webinar “Presenting Risk Management to the Board,” I was asked for help identifying government regulations that hold Boards responsible for Enterprise Risk Management (ERM) compliance.

Definition: First some background, the SEC Proxy Disclosure Enhancements rule defines ERM compliance as extending the board's role in risk oversight to the threshold of material impact of the risk regardless of the level. Boards of Directors were previously only responsible for CEO- le

A chemical plant explosion in Japan on Sunday shows the consequences of poor risk management in a really personal way. The Nippon Shokubai Co. produces a chemical that is a critical link in the supply chain for one-fifth of all the world's diapers. A diaper shortage is expected.

One, where was the risk management program to prevent the explosion? As is always with these things, in the next 6 weeks, evidence of an employee warning their management about conditions that could result in an explosion

Looking back over my most popular blogs, there was a lot of interest in "5 Steps for Better Risk Assessments" back in March this year. Due to this interest I have created a complimentary 25 minute on-demand video webinar on this same subject complete with detailed "how to" examples and visuals that are not possible in a blog format.

Click here to watch this On Demand Webinar or read the full invitation below:

On-Demand Complimentary Webinar Invitation:

Risk managers are charged with ensuring transp

First, what is Sarbanes-Oxley (SOX) 404 compliance? It is the legal requirement for public companies that senior management state that their company's financial reporting is accurate. Sounds simple? The expense and the value are all in the execution. How is that done? Simply put, the flow of information from the financial reports themselves is traced and connected to the activities that generate that information and the resources that are depended upon to generate that information. That sounds l