First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Accounts payable and receivable

CASL made clearer: First CRTC decision released

Until now, the Canadian Radio-Television and Telecommunications Commission’s CASL enforcement actions have taken the form of settlements reached in confidential negotiations between the Enforcement Branch and the company. But this decision, released on October 26, 2016, is significant because it is the first CASL enforcement decision to provide guidance on compliance. The decision contains several important lessons about regulation of commercial electronic messages in Canada before class action enforcement opens on July 1, 2017.

 

, , , , , , ,

The astonishing Wells Fargo fraud

The news about the Wells Fargo staff ‘scam’ (the word used in this article in SC magazine) is mind-boggling. What I found mind-boggling is that (according to CNN Money) Wells Fargo had to fire about 5,300 workers (out of a total staff estimated at 265,000, or 2% of all employees). When 2% of employees were fired, you have to assume that more people knew or should have known. The prevailing Wells Fargo culture in reality was to do what was right for the staff, not the customers!

 

, , , , , , , ,

Risk management: What academics fail to understand

How do you expect a CEO to believe risk management enables success when all the CRO gives him is a list of what could go wrong? He needs help to see what might happen, both good and bad, and what to do about it—in other words, risk management needs to be seen by the CEO as helping him or her get where he or she needs to go. Do you share my view? If so, how do we move both the practitioner and academic community?

 

, , , , , ,

Business tax information just got clearer!

The Canada Revenue Agency (CRA) has announced that it has redesigned the correspondence it sends to Corporations regarding their business tax information, including individual Canadians, and Goods and services tax/harmonized sales tax (GST/HST) notices of assessment (NOA) and notices of reassessment (NOR). The CRA has made changes to how the notices are structured, designed, formatted, and written, making the information easier to read and understand.

 

, , , , , , , , , , ,

CRTC’s reminder on record-keeping for CASL compliance

The Canadian Radio-television and Telecommunications Commission issued an enforcement advisory directing businesses and individuals to consider the importance of record-keeping pursuant to Canada’s anti-spam legislation (CASL). Under CASL, the onus remains on the sender of commercial electronic messages (CEMs) to demonstrate that it had the proper consents in place to send CEMs (whether implied or explicit).

 

, , , , ,

Proving consent under CASL: CRTC issues enforcement advisory notice

The Canadian Radio–television and Telecommunications Commission has issued an Enforcement Advisory notice directed to businesses and individuals that send commercial electronic messages (CEMs) as part of their commercial activities. Notably, the sender of CEMs must have the consent of the recipient to send them a message, or else the message is considered spam.

 

, , , , ,

New case law dealing with CRA requests for documents

On June 3, 2016, the Supreme Court of Canada released two important decisions dealing with requests made by the Canada Revenue Agency (“CRA”) for information. The cases highlight the fact that when an individual or an organization receive such a request from CRA, they should consider whether any of the information requested is subject to solicitor–client privilege. If solicitor–client privilege applies, the information should not be produced.

 

, , , , , ,

Risk and how we run our business

I am going to use a metaphor involving the board game of Monopoly to illustrate how I feel about risk management. The players compete to win by either having more money when the game ends (if there is a time limit) or by being the only one left standing after all the others have gone bankrupt. Let’s imagine our executive team is playing a game against its main competitors.

 

, , , , , ,

Some authoritative guidance on risk management and the three lines of defense

The King Code of Corporate Governance has been a fine source of principles and practice for governance, including risk, assurance, and compliance, ever since its initial release. In this post, I want to talk about two areas I find interesting in the draft Code.

 

, , , , , , , , , ,

Private right of action under Canada’s Anti-Spam Law (CASL)

As of July 1, 2017, individuals and organizations will be entitled to institute a “private right of action” before the courts against those that contravene certain provisions of Canada’s Anti-Spam Law (“CASL”). In the event of a contravention of the message rules in CASL, a monetary penalty up to a maximum of $1,000,000 per day may be imposed. This private right of action should be taken seriously right now. From this perspective and building on previous publications, this bulletin discusses this new mechanism.

 

, , , , , , , , ,

Anti-money laundering updates

Final amendments to Regulations to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act released.

 

, , , , , , , , ,

Prepare for harmonized sales tax (HST) rate changes

HST rates are set to increase in three provinces. Businesses based in, or doing business with these provinces should prepare for the changes.

 

, , , ,

Fill in the blanks and test your “Do Not Call” skills

Complying with the Unsolicited Telecommunications Rules (UTR) includes the National Do Not Call List (DNCL) Rules, the Telemarketing Rules and the Automatic Dialing-Announcing Devices (ADAD) Rules. Test your knowledge to see if you understand these obligations.

 

, , , , , ,

Non-profit’s funding challenges lead to constructive dismissal

The Ontario Labour Relations Board (ORB) recently held that a non-profit’s non—payment of wages and funding challenges amounted to constructive dismissal of one of its employees. (See Aundrea Di Giuseppe v Hospice Richmond Hill, 2015 CanLII 56255 (ON LRB)). Background The employee was the Executive Director at Hospice Richmond Hill (the “Employer”) for over 8 […]

 

, , , , , , , , , , , , , , , , ,

The crown jewels and risk management

When considering information security or cyber risk, you usually concentrate on risk to the ‘crown jewels’ – those information assets and services that are most vital to the enterprise.

 

, , , , , , ,

Previous Posts Next posts