First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Accounting Systems and Controls

Canada publishes a somewhat consolidated economic sanctions list

On October 13, 2017, Global Affairs Canada published the country’s first consolidated list of blacklisted individuals and entities under the Special Economic Measures Act (“SEMA”), known as the “Consolidated SEMA Sanctions List”. The Consolidated SEMA Sanctions List is intended to provide a single accessible website for members of the public to search for individuals and entities listed under SEMA sanctions regulations.

 

, , , , ,

What a CEO needs to hear to invest more in compliance – strategy

Investment decisions are strategic. They are based on a business case and cost/benefit analysis. Expense decisions are more tactical, and are often associated with things an organization must do to keep running – like meet a regulatory requirement so they can check the box.

 

, , , , , ,

Bill 141 – Proposed amendments to the Act respecting the Autorité des marchés financiers with regard to whistleblowing

Following the example of the Ontario Securities Commission, the Authority implemented a whistleblower program in June 2016. Contrary to Ontario, Quebec’s program does not give financial awards to whistleblowers, but it does guarantee a framework that ensures confidentiality and protects whistleblowers against reprisals. However, no legislative amendment guaranteeing these protections has been introduced until now.

 

, , , , , ,

Should you adopt the updated COSO ERM Framework? My assessment

It has been 13 years since the original COSO ERM Framework and eight years since ISO 31000:2009 was published. The updated COSO ERM Framework was an opportunity for COSO to “leap forward”. But did it?

 

, , , , , , , ,

How well did COSO address comments on the ERM draft?

My impression is that COSO only tinkered with the draft. But, have they done enough to move practices forward, in the right direction? Will this update change the percentage of executives answering the piercing question by Deloitte, “Does risk management support, at a high level, the ability to develop and execute business strategies”, up from 13% close to 80%?

 

, , , , , ,

Which are the best principles for effective risk management?

I will let you decide which is the best set of principles: which is clearer in setting expectations for the effective management of risk and which is better as a basis for assessing the maturity of risk management.

 

, , , ,

Conducting an internal investigation? Here are 4 things to consider

search-warrant

Many internal investigations (such as harassment claims, fraud, misuse of company assets, etc) often involve the use of digital devices and may require a forensic analysis of those devices to find evidence of an employee’s actions.

 

, , ,

Three cybersecurity trends driving the Bank of Canada’s call for cybersecurity to be treated as a ‘public good’

As the level and sophistication of cyber-attacks continue to grow, there will be a mounting pressure on regulators to continue to develop coordinated, meaningful, mandatory minimum standards that are enforceable against all financial institutions and FMIs as well as their service providers.

 

, , , , , ,

Is the COSO ERM update a success or failure?

Recently, COSO published an update to their 2004 ERM Framework. The product, retitled Enterprise Risk Management: Integrating with Strategy and Performance, is available from the AICPA or IIA.

 

, , , , ,

The root compliance problem: Shadow process

Sometimes I revisit my compliance roots in the world of Sarbanes-Oxley – a place much more concerned with financial reporting than corporate ethics and culture, I know. Yet lessons from one group that can help the other still abound.

 

, , , , , ,

Small business corporate tax rate reduction 2018

The government news release announcing the reduction in the small business corporate income tax rate did not address whether there would be corresponding changes to the dividend gross-up or non-eligible dividend tax credit rate.

 

, , , , , , , , , , , ,

Government of Ontario issues consultation paper on alternative financial services

The Consultation Paper is one of a series of consultation papers issued by the Government of Ontario following the enactment of Bill C-59, which amended the Consumer Protection Act, 2002 and which addressed various items including payday loans and debt collection.

 

, , , ,

Wells Fargo and KPMG – did KPMG fail the investors?

My friend Francine McKenna recently had a piece (she is co-author) published by MarketWatch: Where was KPMG, Wells Fargo’s auditor, while the funny business was going on? It is scathing in its discussion of the role played by KPMG.

 

, , ,

Six principles for effective risk management

In World-Class Risk Management, I review the eleven principles in the ISO 31000:2009 global risk management standard and condense them to just six.

 

, , , , , , ,

Update from the Canadian Securities Administrators on its Regulatory Sandbox for Fintechs

The week of June 26, the Canadian Securities Administrators (CSA) published some additional information on its CSA Regulatory Sandbox. The CSA Regulatory Sandbox, which was first launched on February 23, 2017, is an initiative of the CSA, designed to support Fintech businesses seeking to offer innovative products, services and applications in Canada.

 

, ,

Previous Posts Next posts