First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Accounting Systems and Controls

Risk appetite in practice

From time to time, I am asked about the best risk management activity I have seen. Perhaps the best overall ERM was at SAP. I wouldn’t say it was perfect but it did include not only periodic reviews but the careful consideration of risk in every revenue transaction (including contracting) and development activity.

 

, , ,

Don’t outsmart yourself: AI and compliance

I’m a big fan of artificial intelligence. The older I get, the more I appreciate that real intelligence needs all the help it can get. Corporate ethics and compliance officers, however, need to pause before betting big on AI as a solution to all our needs.

 

, , , , ,

The current state of risk oversight: Useful or useless?

All the surveys, including this one, report that executives do not believe risk management practices at their organization are making a significant contribution to the development and execution of their strategies.

 

, , , , , , ,

When an acceptable level of risk is not acceptable

We are used to identifying a risk, analyzing the potential consequences and their likelihood, and then establishing a ‘risk level’. We evaluate whether the level of risk is acceptable or not, based on risk appetite, risk criteria, or the like. But is that sufficient?

 

, ,

The sharing economy expands the tax base

The sharing economy has disrupted the traditional taxi, hospitality and other sectors, and is expanding the tax base available to governments and revenue agencies worldwide.

 

, , , , , , , , , , , ,

Lawful access: The Privacy Commissioner reiterates its position

Patricia Kosseim, Senior General Counsel and Director General, Legal Services, Policy, Research and Technology Analysis for the Office of the Privacy Commissioner of Canada, was asked, at the request of Commission’s counsel, to provide an overview of the legislation for protecting privacy in Canada and to answer questions about lawful access issues from a federal perspective.

 

, , , , , , , , ,

Government legal and fiscal measures designed to keep businesses in Quebec

On February 21, 2017, the Quebec government announced a plan to strengthen the Quebec economy as an executive-driven economy. The plan includes the enhancement of existing measures and the development of a number of new fiscal and legal measures designed to keep businesses in Quebec and facilitate the transfer of family businesses, therefore limiting the risk of their sale to foreign interests. The key measures include:

 

, , , , , , , , , ,

Why do so many practitioners misunderstand risk?

My apologies in advance to all those who talk about third–party risk, IT risk, cyber risk, and so on. We don’t, or shouldn’t, address risk for its own sake. That’s what we are doing when we talk about these risk silos. We should address risk because of its potential effect on the achievement of enterprise objectives.

 

, , ,

Trump at work, week one

The first week of Trump’s administration has revealed a highly activist White House, hewing with surprising fidelity to campaign promises. The pace of change is materially faster than anticipated and the implications may be felt sooner rather than later.

 

, , , , , , , , , , ,

CRA’s Report on the Charities Program 2015-16

In January 2017, the CRA released its Report on the Charities Program 2015–2016, which provides interesting insights into Canada’s charitable sector. A common thread weaving through issues related to obtaining and maintaining charitable status is the need to create, maintain, and report/file information required by the Charities Directorate and the Income Tax Act.

 

, , , , , , , , , ,

Anti-money laundering update: Politically exposed persons

On December 20, 2016, the Financial Transactions and Reports Analysis Centre of Canada released new guidelines in respect of politically exposed persons and heads of international organizations. A separate guideline was released for each of financial entities, securities dealers, life insurance companies, agents and brokers and money services businesses. The Guidelines will be effective June 17, 2017.

 

, , , , , ,

Adequacy of Canadian privacy law

Potential amendments could mean Canadian businesses receiving personal information from Europe will have more exposure to the differences in the data protection laws and enforcement regimes in the EU member states.

 

, , , , , ,

Substantively enacted corporate income tax rates

corporate income tax rates

Ernst and Young’s tables of substantively enacted corporate income tax rates have been updated to December 31, 2016. The tables are prepared on a monthly basis and you can subscribe to them on Knotia.ca. The determination of the substantively enacted date of a corporate income tax rate change follows the guideline provided in EIC-111 (generally […]

 

, , , , , ,

A new front opens in the SOX battle

When potential material weaknesses are discovered during SOX or internal audit testing, my suggestion is to review the issue with the legal function. They can advise the CEO and CFO whether this should be disclosed as part of the Section 302 certification. This new front is clearly starting to open. Don’t let it pull you under.

 

, , , ,

Previous Posts