Tag: Risk Assessment

The Continued Evolution of Best Practices for Compliance Programs

In 2019 and 2020, the federal government released significant information which directly impacted compliance professionals. We cover all three releases in this eBook, the 2020 Evaluation of Corporate Compliance Programs – Guidance Document, the 2019 Framework for OFAC Compliance Commitments, and the 2019 Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations.

These three documents provided not only the government’s refreshed thinking on what constitutes a best practices compliance program. I have combined all three onto a best practices document.

DOJ Revises its Guidance on the Evaluation of Corporate Compliance Programs

Without any fanfare, the U.S. Department of Justice Criminal Division has once again revised its Evaluation of Corporate Compliance Programs (“ECCP”).  The ECCP  remains  organized around three overarching questions that prosecutors ask when evaluating compliance programs, with some revisions, which are in bold text below:

Is the corporation’s compliance program well designed?
Is the program being applied earnestly and in good faith? In other words, is the program being implemented adequately resourced and empowered to function effectively?
Does the corporation’s compliance program work in practice?

While most of the document is identical to the 2019 Guidance, there are subtle and noticeable revisions.  The revisions appear to be designed to help provide additional clarity when answering the above three questions. 

» Read More

Fraud Risk Assessment – A Recipe for Greater Success!

In addition to establishing an ethical environment, board members and management must also take the lead in implementing and maintaining a formal fraud risk management program. One key element of such a program is a fraud risk assessment.

Risk assessments are part of the discipline of risk management, where enhanced frameworks and techniques have emerged. Risk management comprises the identification, assessment, and prioritization of risks followed by the coordinated and efficient use of resources to monitor, minimize, and otherwise control the impact of the risks on the organization.

Skip to toolbar