grc (116)

The Society of Corporate Compliance and Ethics (SCCE) held their annual Ethics and Compliance conference from September 20 to 24 in Las Vegas. This year, I was fortunate enough to be selected to hold a three-hour workshop on risk-based compliance: “Meeting Increased Customer Expectations, Not Just Regulatory Requirements.”

 

8028278069?profile=originalThe SCCE holds this conference to promote ethical and compliant practices in organizations and to equip ethics and compliance professionals with skills and tools necessary to

Read more…

8028274053?profile=originalWe’d like to congratulate the 25% of US-based companies that achieved GDPR compliance by the May 25th deadline, and to share a little guidance on how to stay compliant over time.

As we all know, the GDPR is a huge deal. In addition to the scope of this new regulation, there’s also the consequences of non-compliance, i.e. up to €20 million or 4% of annual global revenue, whichever is higher.

Aside from incurring steep fines and lofty litigation, the risk of non-compliance also includes losing your

Read more…

8028278090?profile=originalEmergency situations like natural disasters, data breaches, fraud, and the like arise, by definition, without warning, leaving you little to no time to prepare. So how do you build a BCDR plan that is flexible to handle any situation and is always up to date without huge investments?

The hallmark of a successful BCDR program is leveraging the information you already have to discover the potential impact and remediation tactics for an anticipated disaster. So, if you’re collecting information arou

Read more…

It’s been a rough two years for Wells Fargo.

Ever since the existence of the bank’s massive cross-selling scandal came to light in 2016, Wells Fargo seemed to be trapped in a downward spiral of failure after failure in risk management. In 2016, we were the first to identify the root-cause of the cross-selling scandal as being a failed risk management program, and correctly predicted there would be more Wells Fargo risk management mishaps in the future.

In 2018, regulator investigations finally con

Read more…
To run an effective ERM program, you need the right metrics.

Risk professionals today are facing an unprecedented level of scrutiny. Risk managers are not only responsible for protecting and securing their organizations, they also have to provide evidence that their risk management programs are actually effective at managing risk.

At the very minimum, risk managers must prove they are meeting the expectations of not only regulators, examiners, and their board of directors, but also their customers

Read more…

8028274101?profile=originalSince 2015, Chipotle has suffered multiple scandals of food-borne illness. The latest Chipotle outbreak has left more than 700 people ill. What does the Mexican grill have yet to learn?

In my last blog, “Hey, Chipotle, Can You Say Risk Management Rehab?” I took a look at the company’s timeline, and more specifically asked the question as to whether changing their CEO structure twice in less than two years was really the answer to their spicy woes.

This latest Chipotle outbreak, which has been ongo

Read more…

GDPR Readiness: How Do You Stack Up?

8028273687?profile=originalThe GDPR is the strictest set of data protection rules any nation has published, featuring some of the most severe penalties connected to data privacy seen yet. Now that the compliance deadline has passed, we started to wonder about GDPR readiness. How are companies stacking up to the new regulation?

We compiled a host of GDPR statistics to answer that exact question, alongside some quick facts about what this new regulation is asking of international companies. 92% of US-based multi-national com

Read more…

8028272266?profile=originalRisk management in the insurance business is a bit of a head scratcher. On the one hand, insurance companies are selling what many people consider to be a risk mitigation. On the other hand, insurance companies themselves face a variety of risks they need to mitigate.

Let’s briefly consider a misconception about insurance as it pertains to risk management. Too often, people think insurance is a sufficient, catch-all control activity. But while insurance is a perfect way to protect a business from

Read more…

Operational risk and its supporting software play a critical role in an organization; but how can its activities add value along the way?
8028274681?profile=original
Have a look at the White Paper: Operational Risk and Supporting Software and learn from recent trends in operational risk, risk management and GRC software to support risk identification, assessment, consolidation, and more.

==>  Learn more

What are your thoughts on this topic? Please share in the comments

Read more…

8028273264?profile=originalMichigan State University has employed a new Chief Compliance Officer in response to the Larry Nassar scandal. By creating an Office of Enterprise Risk Management within the university, MSU is getting on the right track.

Earlier this year, former MSU doctor and USA gymnastics coach Larry Nassar was charged with sexually assaulting 332 students. Shortly after this story broke, Michigan State was embroiled in two other sexual harassments scandals and has since struggled to escape the spotlight.

MSU’

Read more…

8028273666?profile=originalBack in March, President Trump’s administration threatened to impose steep tariffs on imported goods from some of America’s biggest trading partners. In the following months, the administration set a 25% import tax on steel and 10% on aluminum. Just as I predicted, these decisions are impacting the supply chains of American businesses, forcing them to consider the effects this kind of tumult could have on their business.

In my first blog post on the subject, I detailed a few direct and indirect c

Read more…

Chief risk officers and heads of operational risk responded to a survey held by Risk.net and identified their top risk concerns. Their number one concern was IT disruption, while their second highest concern was data compromise. Why is cybersecurity risk on everyone’s mind?

For one thing, technology is an inescapable reality of every business. Even the smallest of mom and pop shops have an electronic system to make credit card transactions, while larger corporations rely on immense data centers t

Read more…

Year over year, scandals like Wells Fargo, Equifax, Chipotle and so many others have dominated news headlines as they wreak havoc on consumers, investors, and awaken industry and government regulators. What is driving this trend?

Consumers have entrusted corporations with increasing involvement and influence in their lives through the decades. In 2014, for example, the Supreme Court ruled that corporations have some of the rights and responsibilities as natural persons. In other words, corporatio

Read more…

8028272083?profile=originalWells Fargo has suffered the consequences of repeat scandals since 2016. This week, the bank agreed to a $1 billion settlement with federal regulators who have cited their lack of effective risk management practices as the root cause of their woes.

This settlement with the Consumer Financial Protection Bureau and Office of the Comptroller of the Currency would be another blow to Wells Fargo in a long line of many.

Let’s look at a timeline of Wells Fargo’s risk management scandals:

  • 2009-2016 – Wells
Read more…

8028264484?profile=originalOn Sunday April 1, Retail group Hudson’s Bay disclosed that it was the victim of a security breach that compromised data on payment cards used at Saks Fifth Avenue and Lord & Taylor stores in North America.

As many as 5 million cards may have been compromised, which would make the breach one of the largest involving payment cards over the past year.

Customers, investors, and regulators learned of this breach not through any press release issued by the company itself, but through news of the data a

Read more…

8028275279?profile=originalOrbitz said hackers may have accessed 880,000 credit card numbers and possibly the names, dates of birth, phone numbers, and addresses of consumers who booked through the site in 2016 and 2017.

The Orbitz data breach pales in comparison to the Equifax hack of 2017 and has been buried among headlines concerning Facebook. For many, this story barely counts as “news” because it’s just honestly not that “new.”

For me, the humdrum attitude of complacency is what makes the Orbitz data breach blogworthy.

Read more…
According to reports uncovered earlier this year, Volkswagen conducted diesel-emissions testing on humans and animals from 2013 to 2015.

This report is the latest development in a global scandal which revealed that VW diesel cars were emitting 40 times the legal standard of nitrogen oxide, causing smog and posing risks to public health. Volkswagen has already issued a guilty plea in response to federal charges of fraud and conspiracy in the United States and agreed to pay more than $26 billion in

Read more…
Facebook’s market capitalization dropped as much as $60 billion after reports emerged that Cambridge Analytica, the data consulting firm used by the Trump Campaign, was given the data of around 50 million Facebook users without their consent.

The Cambridge Analytica scandal is the latest in a series of risk management failures that have plagued the social networking company, which has been grappling with its role in the dissemination of fake news propaganda during the 2016 U.S. presidential elect

Read more…

8028269068?profile=originalThe Forrester Wave™: Governance, Risk, and Compliance Platforms, Q1 2018 evaluates and ranks the 14 most significant GRC platforms available, and LogicManager has been named a Leader! But beyond measuring the current offering, strategy, and market presence of GRC providers, the report also dives into the current risk climate.

As the report states, “Managing risk is more important than it’s ever been.” In support of this statement, the report points to three growing trends in the corporate world:

Read more…

8028273466?profile=originalThe Securities and Exchange Commission charged Theranos Inc., its founder and CEO Elizabeth Holmes, and its former President Ramesh Balwani with raising more than $700 million from investors through an elaborate fraud in which they made false statements about the company’s technology, business, and financial performance. 

The way I look at it, the board was either in on the Theranos scandal, or they weren’t aware of what was going on. Either way, the board was not performing their moral and legal

Read more…

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!

lead