| Last updated less than one minute ago
Submit :
News                      Photos                     Just In                     Debate Topic                     Latest News                    Articles                    Local News                    Blog Posts                     Pictures                    Reviews                    Recipes                    
Follow Us
  
Role of Chief Risk Officer and Compliance Officers
Ramesh C. Manghirmalani
18 July, 2008
It is the rare company that intelligently manages the full spectrum of risk; that breaks through the organisational barriers that obscure a view of the risks and that systematically anticipates and prepares an integrated response to potential risk.
AS YOUR company’s chief risk officer or chief compliance officer, you want fast access to information so that you are better able to manage the full spectrum of risk in your company – industry-specific, compliance, competitive environmental, security, privacy, business continuity, strategy, reporting and operational risk. If you have to create a project or pull a team together in order to get the data you need, you are waiting too long. If it takes a week, a month, or often three months, for the information to be gathered, it may already be too late.

While you are trying to manage risk – for example, to determine if your customer data is being properly protected, or if there are procedures to protect your intellectual property, your company may have already sustained some incidents of non-compliance. External auditors may have already identified material weaknesses in your processes and may have already assessed fines.

As the executive of a company, you are held accountable for any breaches of security or non-compliance to company policies. How much risk do you want to chance? Are you being reactive or proactive?

Take for example the process, in which a large bank monitors new accounts in accordance with the anti-money laundering regulation in the US Patriot Act. In a large bank with hundreds of branch offices, information must first be collected from all departments at the local level. Hundreds of branch offices then send their transactional account data in spreadsheets to the regional offices where it is combined and sent to the headquarters location. At the national level, all the regional information is finally merged for the first time. While the lengthy process of collecting and collating the transactional data is going on, new accounts, violating these AML restrictions, may be opened. It is too late, the incidents have already occurred – and without you knowing it and without you being able to correct them in real time. Is this what your business model looks like?

Another example is the process by which a large hospital, with a network of health care centres, monitors compliance with the Health Information Portability and Accountability (HIPPA) Act. Since each centre operates independently, information about whether the HIPPA policies are in place and whether staffs are abiding by those policies and are protecting patients’ medical information needs to be recorded. Staffs must complete the necessary checklists, follow up on exceptions, collate the data, and send the information to the headquarters location to be merged. It can easily take three months to gather the information, and during this time, you as the chief compliance officer have no idea of your organisation’s status regarding compliance. You are literally flying blind. Since it takes a full quarter to gather the necessary information, once security violations are discovered, how long will it then take to follow up, alert the appropriate centres, investigate the incidents, get them resolved, and file reports to the authorities? Can you afford to run your business this way?

Also Read :
John Abraham launches the Yamaha Prototype Scooter in 11th Auto Expo
These are the questions you need to ask yourself:

  1. Do you want real time information at the enterprise level so that you are able to know the current status of all of your company’s governance activities?

  2. Do you want to know that the internal controls are appropriate for the business risks facing the organisation?

  3. Do you want to be able to correlate the information between regulations and policies and the procedures that fulfill those policies?

  4. Do you want to know which policies satisfy certain regulations? Which policies satisfy multiple regulations? Which procedures fulfill specific policies?

  5. Do you want to be able to know about, address and correct a violation immediately?

  6. When new regulations are put into law, do you want a system that allows you to interpret the regulations, break them into their components, create policies and procedures that fulfill them, assign and educate the employees who are responsible for completing the tasks?

  7. Do you want reports on all of these activities?

Previous Post
Google+ trying to salvage itself by hooking on teenagers
Next Post
Google named number 1 in Fortune's list of '100 Best..
Commenting System
COMMENTS (2)
Ramesh Manghrmalani
.thanks fyi. regards
Denis Carre
.Thanks for this article. The world of compliance is growing faster and bigger than ever before. The regulatory avalanche is becoming a real challenge to overcome for any organization. Chief Risks Officer (CRO) and/or Chief Compliance Officer (CCO) and/or Quality Managers (QM) are facing this very challenge every day. Staying in control of local, national and global regulations really is a prerequisite as opposed to a competitive advantage. At Compliance and Risks, we deal with this particular issue; the global regulatory avalanche. Our clients, primarily CRO/CCO/QM, have understood the need of a solution that can handle the issues raised in this article and ensure that the last seven bullet points are covered. We have developed our solution C2P to provide our clients with: . A single compliance-data repository to replace spreadsheets and email paper trails throughout the company. . A single, central application for all risk and compliance issues and tasks. . Easily available regulations and structured organised data. . Ready access to and advice from compliance experts. I would be happy to answer any questions you may have on this matter and also invite you to visit our website on www.complianceandrisks.com. Best regards, Denis Carre d.carre@complianceandrisks.com
Related Articles
What is the role of CIO and CISO compliance?
John Abraham launches the Yamaha Prototype Scooter in..
Investment in R&D needs to grow faster, China can be an..
Power Minister's intervention sought in alleged..
Technology
Google+ trying to salvage itself..
Google named number 1 in Fortune's..
Apple iBooks 2: From textbook to..
Angry Brides: An innovative try..
Individual User Corporate User ( For submitting Press Release and Jobs )
Email / Login ID
Password
Forgot Password? Click here  
Ten Whacky Ways To Fight Against..
Google Most Search 2011 Movies in India
Largest Country of the World by Area
Ten Major News of India in 2011
COPYRIGHT © 2012 Bizsol Advisors Pvt. Ltd. ALL RIGHTS RESERVED.
Follow, subscribe, or add
us to your browser search.