First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Corporate Administration

Jim Comey and the practitioner’s dilemma

It is often difficult to make the right decision when facing challenges in an organization. Maintaining integrity, standing your ground and doing what you believe to be right and part of your responsibilities can be difficult and can make you question the decisions you make.

 

, , , ,

My cyber confession

Should we give up auditing information security and the management of cyber risk? Not at all. But we should do so with eyes wide open. We should recognize the limitations of our knowledge, tools and techniques and the likelihood that hackers have new techniques that are unknown both to auditors and management.

 

, , , , , , , , , ,

Learning the basics on GDPR’s right to be forgotten

To manage the Europe Union’s new GDPR properly, ethics and compliance officers need to consider many parts within their organization, from IT capabilities, exception clauses, and customer service demands. And these parts must be managed and organized in such a way that they work together so that they do not fall apart.

 

, , , , , , , , , , ,

New GRC guidance from OCEG might be missing a crucial point

GRC is “the integrated collection of capabilities that enable an organization to reliably achieve objectives, address uncertainty and act with integrity”. A new Guide from OCEG, A Practical Guide About GRC Metrics and Measurement, says, a major part of GRC is about “break[ing] down silos between governance, strategy, performance management, risk management, compliance management, internal audit and other departments”.

 

, , , , ,

Ethics & compliance leaders could use a good dose of marketing 101

Just as a brand isn’t what the company says about itself, but what other people say about the company, employee behavior is the final expression of your E&C marketing program’s success.

 

, , , , , , ,

When liability waivers are upheld

This case illustrates that waivers can be a complete bar to the right to sue and that participants being provided a waiver have the option to opt out of the activity if they are not comfortable with solely bearing the risk associated with it.

 

, , , , ,

Reporting on risk to the board

Those charged with reporting on risk to the board and to the executive team should understand what they are trying to achieve, what information they need to be successful and how they can help.

 

, , , , , , ,

Changes to Montreal’s class action division shows move toward harmonization with Ontario procedure

This new class action process has widely been seen as a welcomed step towards creating greater efficiency and predictability

 

, , , ,

Drafting interest rate calculation provisions in corporate finance transactions

If a loan document does not comply with the provision for calculating a “nominal” annual rate of interest in order to comply with section 4 of the Interest Act, then the interest rate is capped at 5% per annum. Commercial practice and appellate jurisprudence had confirmed that such provisions complied with section 4. Section 4 states:

 

, , , , , , ,

Ontario budget 2018: Financial services updates

The 2018 Ontario Budget includes a number of financial services related developments, with a strong focus on innovation.

 

, , , , , , , ,

Guidance on recording of customer telephone calls updated

The Office of the Privacy Commissioner of Canada recently updated its information and guidance on recording of customer telephone calls to bring it up to date, make it web-friendly and responsive for user feedback.

 

, , , , , , , , ,

Your business and your will – Shareholders’ agreements

A Shareholders’ Agreement is a very important component of any business owner’s succession plan.

 

, , ,

How do you manage culture?

psychological safety

There are many aspects or dimensions to culture, just as there are many dimensions to the behavior you want it to drive. They may include:

 

, , , , , ,

10 top ways to be a wildly effective compliance officer

Competition law

To be wildly effective, compliance officers should have a positive working relationship with the other functions in the business, especially Legal, Audit and Human Resources.

 

, , , ,

It’s official: Mandatory data breach notification coming on November 1, 2018

The coming into force of mandatory breach notification and record-keeping requirements on November 1, 2018 should be viewed by organizations as an effort to align Canadian legal and regulatory requirements with those in the United States and Europe (especially with the General Data Protection Regulations – or GDPR – coming into force in May 2018).

 

, , , , , ,

Previous Posts Next posts