Perception, Risk and Safeguards

I gave a talk today at the Enterprise Risk Management (ERM) Symposium in Washington D.C. We divided the time 60/40 between my presentation and a group discussion on implications, especially for the Insurance industry. We had a lively discussion with CROs and risk professionals

Fraud, 'Smart Guys' and 'Better Than Average'

I was skiing the weekend before last in the Swiss Alps and as luck would have it, a rather interesting conversation developed on a chair lift. A pretty long lift as it happened . . .

The only other person on the chair was a guy who introduced himself

Accounting Regulation Reducing Fraud, Really?

An article in CFO magazine today announced the opinion that the US 'Jumpstart Our Business Startups' (JOBS) Act, whilst easing the Sarbanes-Oxley (SOX, Sarbox) standards, might pave the way for fraud. You can read

Will it make the boat go faster?

I had a interesting chat with a friend the other day, where he recounted this quote from a world record beating sailor (I forget the name, but it is not critical to the story).

Risk, misplaced confidence, early warning systems and health checks

I am sitting in a 6^th floor office in Manhattan and ruminating between meetings. Over the past couple of years

May we live in interesting times !

2011 has been a year of both turmoil and progress in the world and in many businesses. It’s certainly been a roller coaster ride!

Why CONTROLS Monitoring is not enough . . .

This picture says it all for me. I could stop here . . . .  . 

The car park barrier is the 'control' over access and use of the car park. The automatic gate opens only when you swipe your employee badge on the reader and it only lets one car through at a time. This way, it is clear that only authorised people can use the facility and that a record is kept of each visit. The automated control works perfectly and as designed. There is even a regular testing and maintenance cycle!

The tyre tracks tell us whether this control is achieving its desired effect.

Obviously not in this case!

Thats why, irrespective of the debate on where the responsibility lies, it is important to test key controls in business and equally important to check the 'tyre tracks'. The tyre tracks tell us what is actually happening and whether our risks are being effectively mitigated.

The CFO Agenda and Performance, Risk & Compliance - The Next Chapter

At the end of last year, I read an excellent book by Jeremy Hope entitled 'Reinventing the CFO' (http://www.amazon.co.uk/Reinventing-CFO-Financial-Managers-Transform/dp/1591399459/ref=sr_1_1?s=books&ie=UTF8&qid=1292578362&sr=1-1 ) .

The book challenges some long held assumptions about centralisation, planning, budgetting and forecasting as well as the role of the finance function as real business partner. The chapter headings really encapsulate the focus, but I recommend this book to anyone looking for breakthrough approaches to business as a whole, not just finance. Here are just a few;

Best Practices in Continuous Controls Monitoring (CCM)

I just reviewed this webcast again, and it is an excellent case study in increasing visibility and coverage over business risks and automating SOX control testing at Philip Morris International (PMI). 100% coverage, not sample testing. Entirely complementary with a drive to increase and enhance automated controls in SAP.

The 'End of Days' and 'Test Once - Comply Many'

Tomorrow sees yet another compliance regime, the UK Bribery Act, come into force. A much debated legislation which remains unclear in parts but reflects and puts even more teeth into the key tenets of the FCPA reglation from the US. Both these regulations have broad arms and dont limit their interest to UK and US companies. Even China is on the anti-corruption bandwagon with their own legislation recently announced.