• No results found

BRIBERY AND CORRUPTION

N/A
N/A
Protected

Academic year: 2021

Share "BRIBERY AND CORRUPTION"

Copied!
28
0
0

Loading.... (view fulltext now)

Full text

(1)

ACL EBOOK

BRIBERY

AND

(2)
(3)

CONTENTS

Failing to Manage Bribery and Corruption Risks Can Be Very Expensive…_____________________________________________4

A Global Risk _____________________________________________________________________________________________________________________8

So Why is Bribery Still Commonplace and Such a Risk? ____________________________________________________________________9

What Can Be Done to Address the Risks Associated with Bribery and Corruption? _________________________________10

Whose Job is it Anyway? Start by Defining Roles and Responsibilities ________________________________________________12

A Fork in the Process Roadmap: Choose a Standalone or an Integrated Process ____________________________________13

Build an Anti-Bribery & Anti-Corruption Program: 5 Step Process _____________________________________________________14

Identify and Assess Risks _____________________________________________________________________________________________________14

Identify Mitigation Procedures to Reduce the Risks and Their Impact ____________________________________________________16

Monitor ________________________________________________________________________________________________________________________18

Manage Exceptions ___________________________________________________________________________________________________________20

Reporting and Ongoing Assessment ________________________________________________________________________________________22

Anti-Bribery & Anti-Corruption Compliance Process Flow ______________________________________________________________24

How Does Your Organization Rank? ________________________________________________________________________________________25

(4)

4 - Bribery & Corruption: The essential guide to managing the risks

(5)

For many corporations, the risks related to bribery and other forms of corrupt

payments rank among the most serious risks that must be managed. The direct

impact of financial penalties is not the only problem for businesses, as

the damage to

brand and reputation from negative publicity

can have an even greater and more

long-term impact.

Some organizations, such as multinationals and those in specific industries, including defense, major construction and resources, are particularly at risk, but it typically extends to any organization competing for contracts across the globe. Virtually no business is completely free of the risks associated with some form of corrupt payments.

Many people in the world of audit, compliance, legal, and risk management will be well aware of high profile instances in which organizations had to pay many hundreds of millions of dollars in fines and penalties to U.S. and other national authorities for failing to comply with anti-bribery and corruption regulations.

This e-book outlines the key aspects of an effective process framework for managing the risks of bribery and corrupt payments.

“Many of you are familiar with our pending litigation against various executives of Magyar Telekom, Siemens, and Noble. Litigation is ongoing against individuals in all three matters, and these cases have sent an unambiguous

message that we will vigorously pursue cases to hold individual accountable for FCPA violations – including executives at the highest rungs of the corporate ladder.

In fact, this April, we obtained the second

highest penalty ever assessed against an

individual in an FCPA case, when one of

the Siemens executives agreed

to pay $275,000.”

(6)

6 - Bribery & Corruption: The essential guide to managing the risks

“Bribery is a specific offence which concerns the practice of offering something, usually money, to gain an illicit

advantage and corruption is

an abuse of a position of trust in order

to gain an undue advantage.

Government of Ireland definition

“By its nature corruption can be difficult to detect as

it usually involves two or more people

entering into a secret agreement

. The agreement can be to pay a financial inducement to a public official for securing favor of some description in return.

In overseas corruption this can manifest itself in a company paying a bribe for the benefit of an overseas public official in

order to win a contract. This can be done through a third party — commonly known as an agent or advisor — who then passes the bribe on to the public official or directly by

the company to the public official.

Ingenious methods of making the payments are used by those involved, including moving the money through a number of offshore companies (which, on the face of it, have

nothing to do with the intended recipient) registered in various jurisdictions.”

UK Serious Fraud Office

(7)

“The Foreign Corrupt Practices Act (FCPA), enacted in 1977, generally

prohibits the payment of bribes to foreign officials to assist in obtaining or retaining business

. The FCPA can apply to prohibited conduct anywhere in the world and extends to publicly traded companies and their officers, directors, employees,

stockholders, and agents. Agents can include third party agents, consultants, distributors, joint-venture partners, and others.

The FCPA also requires issuers to maintain accurate books and records and have a system of internal controls sufficient to, among other things, provide reasonable assurances that transactions are executed and assets are accessed and accounted for in accordance with management’s authorization. The sanctions for FCPA violations can be significant. The SEC may bring civil enforcement actions against issuers and their officers, directors, employees,

stockholders, and agents for violations of the anti-bribery or accounting provisions of the FCPA. Companies and individuals that have committed violations of the FCPA may have to disgorge their ill-gotten gains plus pay prejudgment interest and substantial civil penalties.

Companies may also be subject to oversight by an independent consultant.

(8)

8 - Bribery & Corruption: The essential guide to managing the risks

A GLOBAL RISK

The

U.S. Foreign Corrupt Practices Act (FCPA)

and the U.K. Bribery Act are just two

examples of government legislation that aim to address the problem by levying

massive fines and other penalties against organizations and individuals involved in

bribery. The specifics of regulations vary by region and applicable laws.

The FCPA, for example, is only applicable to public companies whose shares are traded in U.S. exchanges and only relates to corrupt payments to government officials. The U.K. Bribery Act is more wide-ranging and also applies to corrupt payments to non-government officials. Other national legislation, such as the Chinese Article 164, the Brazilian Clean Company Act and the

Canadian Corruption of Foreign Public Officials Act, among many others, all seek to do essentially the same thing and impose very severe penalties on corporations that resort to bribery.

Despite increasing global legislation and enforcement, the extent of bribery and corrupt payments does not appear to be in decline. PwC’s 2014 Global Economic Crime Survey reported that most organizations have actually seen an increase in the problem. Bribery and corruption, along with other forms of fraud and economic crime, continue to be a major concern for companies of all sizes across all regions and in virtually every sector.

More than 40 countries have

adopted the OECD Anti-Bribery

Convention, which establishes

“legally binding standards to

criminalize bribery of foreign

public officials in international

(9)

SO WHY IS BRIBERY STILL COMMONPLACE AND SUCH A RISK?

Dealing with the problem of bribery and corrupt payments is not always easy. Formal

policies in most large companies clearly forbid such practices, but this does not mean

they will not occur. Behavioral education and compliance training is simply not

enough to mitigate the risk.

Payment and receipt of bribes, as well as other forms of facilitation and consulting fees, gifts, entertainment, travel and other benefits, are a well-established part of business and government culture in many parts of the world. Until relatively recently, these practices were widely accepted by large, global companies as simply a part of the cost of doing business. The reality for many business managers is that it can be extremely difficult to remain competitive and win new business in foreign markets without

resorting to some form of activity that may be illegal or, at best, in a “grey area.”

As a result, in spite of the implementation of increasingly stringent corporate policies, the temptation is to do whatever is necessary to close a deal and then find a way to avoid getting caught. This often means that large payments manage to make their way into the bank accounts of influential individuals in governments or corporations in order to win a contract, but are carefully disguised in a way that makes them difficult to detect through normal control mechanisms.

(10)

10 - Bribery & Corruption: The essential guide to managing the risks

WHAT CAN BE DONE TO ADDRESS THE RISKS ASSOCIATED WITH BRIBERY AND CORRUPTION?

“We encourage companies to maintain robust compliance programs, to voluntarily disclose and eradicate misconduct when it is detected,

and to cooperate in the government’s investigation. But we will not wait for companies to act responsibly. With cooperation or without it, the department will

identify criminal activity at corporations and investigate the conduct ourselves, using all of

our resources, employing every law enforcement tool, and considering all possible

actions, including charges against both corporations and individuals.”

Assistant Attorney General Caldwell,

(11)

As with many different forms of risks faced by corporations and other large organizations, there are ways to manage the risks

associated with bribery and corruption so that the extent of risk is reduced to a level that is acceptable to the organization.

Effective enterprise risk management (ERM) involves a process that, in principle, can be applied to any type of risk.

Some organizations develop a comprehensive framework for ERM, where strategic risks are assessed and holistic programs put in place to monitor and mitigate risks organization-wide, while others have far more rudimentary approaches. Most research indicates that those businesses with capable risk management processes outperform those with ad hoc, disparate or informal systems.

Let’s look at the key aspects of an effective process framework for managing the risks of bribery and corrupt payments. While the specific risks and best response will always vary to some extent from one organization to another, as well as from one part of an organization to another, there are key factors and steps that should be considered in any risk management process for bribery and corruption. These are all part of what we refer to in this publication as the “ABAC Program” (Anti-Bribery and Anti-Corruption).

The U.S. Department of Justice has

indicated that if a company has

performed proactive automated

monitoring of payments, then it will

take this into account when instances

of bribery still occur and will consider

reducing penalties accordingly

(12)

12 - Bribery & Corruption: The essential guide to managing the risks

TIP >>

WHOSE JOB IS IT ANYWAY?

START BY DEFINING ROLES AND RESPONSIBILITIES

Ideally, the organizational structure for dealing with the risks of bribery and corruption should reflect that of risk management

responsibilities overall. This means there are several stakeholders and levels of responsibility:

THE BOARD, RISK AND AUDIT COMMITTEES

Various executives have overall responsibility for ensuring that risks are effectively managed within the organization, with the CEO holding the ultimate job:

Chief Compliance Officer

The CCO role owns overall responsibility for protecting the organization from compliance risk and enforcement actions and often directly leads the creation and management of an ABAC program.

General Counsel

General Counsel usually plays an active role in regulatory

compliance and establishment of levels of risk appetite around specific activities.

Chief Risk Officer

Many organizations now have a formal role of Chief Risk Officer that focuses on facilitation and coordination of overall enterprise risk management (ERM) processes, ensuring that appropriate procedures are implemented by those with more direct responsibilities for avoiding potentially corrupt payments. The CRO is usually responsible for identifying and prioritizing material risks and discussing them with senior management and the Board.

Chief Financial Officer

The CFO bears responsibility for financial controls, while line and regional executives are directly responsible for the appropriateness of payments that take place within their area of budgetary and business control.

Internal Audit

As with most areas of risk, internal audit needs to consider the risks and controls related to ABAC as they develop and execute their audit plan. Internal audit’s procedures provide assurance that ABAC processes and controls are effective and working as intended. It is of course the job of business management to actually implement and maintain the ABAC processes and controls.

As there are various stakeholders in the ABAC Program process, the important thing is that all are aware of their respective roles and how they fit within the process. In order to achieve this there needs to be an effective central system that can be accessed in order to clearly communicate and share information on the process and its current status.

(13)

A FORK IN THE PROCESS ROADMAP:

CHOOSE A STANDALONE OR AN INTEGRATED PROCESS

Although it is preferable that the processes for managing the risks of bribery and

corruption are integrated into an overall enterprise risk management “ERM” process,

this is not always feasible within some organizations.

The benefits of integration are that a full range of risks can be assessed and compared with a consistent approach and within one system. This allows specific bribery risks to be evaluated within the overall business context of organizational objectives. Appropriate resources can then be allocated for management and mitigation of a range of different risks, based on the organization’s tolerance for different types of risk.

If an integrated ERM approach is not practical, the specific processes for managing an ABAC program

remain essentially the same, except without the element of comparison of the relative

impact of different risks.

As noted, if a formalized ERM process

exists within an organization, then the

anti-bribery and anti-corruption

(ABAC) risk assessment process should

ideally be carried out within the

corporate ERM framework. However, in

some organizations the overall risk

management process is fragmented

and the reality is that risks of bribery

and corruption are considered in

relative isolation.

Whichever approach is taken within an

organization, the process of defining

the risks should involve individuals

with sufficient knowledge of

regulations and the ways that the

(14)

14 - Bribery & Corruption: The essential guide to managing the risks

BUILD AN ANTI-BRIBERY & ANTI-CORRUPTION PROGRAM: 5 STEP PROCESS

1

IDENTIFY

AND

ASSESS

RISKS

The first thing to do is fully understand the nature of the risks of bribery and corrupt

payments across the organization. The specific risks can vary considerably according

to factors such as:

■ Applicable legislation ■

■ Types of business carried out ■

■ Geographical locations in which business

takes place

■ Types of customers

The purpose of any enterprise risk management (ERM) process is to identify and assess those risks that may negatively impact the organization’s ability to achieve its corporate objectives, and then determine what can be done to mitigate those risks and reduce them to a level that is acceptable. This “acceptable level” is based on the risk appetite that is usually defined by the board and risk committees.

It is often desirable to have a variety of individuals involved in the assessment and ranking process, including those who have different perspectives based on their

background and understanding of the way the organization works (e.g., auditors, legal and compliance specialists, business managers, accountants, controllers). The usual desired outcome is to have a “heat-map” type report that ranks the risks by likelihood and extent of impact, as well as an estimate of the costs of managing the risks to an acceptable level. It often makes sense to identify the “residual risk” — the extent of risk that remains after taking account of risk mitigation efforts such as internal controls.

(15)

ABAC TECHNOLOGY REQUIREMENTS:

o Ability to record, assess, and rank a range of risks in a structured and consistent way that provides sufficient detailed information for comparison and reference purposes.

Risk Heat Map

The use of a heat map enables the different types of specific ABAC risks to be put into context against each other, as well as other risks across the organization. The end result of this heat map ABAC risk evaluation can vary considerably assessment. So, for example, a business unit of a U.S. publicly traded company that bids

competitively for major government contracts in a region where corruption is commonplace is likely to rank the likelihood and size of risk as high. On the other hand, a privately held corporation that sells primarily into the

(16)

16 - Bribery & Corruption: The essential guide to managing the risks

BUILD AN ANTI-BRIBERY & ANTI-CORRUPTION PROGRAM: 5 STEP PROCESS

2

IDENTIFY

MITIGATION

PROCEDURES

TO REDUCE THE

RISKS AND

THEIR IMPACT

Risks are a normal part of business. Some, such as investing in new products and

markets, are very desirable for any healthy, growing, innovative company. Other types

of risks, such as those related to bribery and corrupt payments are clearly not

generally desirable. The issue is to weigh the negative aspects of risks against the cost

of managing the risks. In some cases it may make good business sense to accept that

a risk will sometimes turn into a negative event as the cost of managing and reducing

the risk is simply too high.

Once the nature of the types of bribery and corruption risk is properly understood, an important part of the risk management process is to identify the ways in which the risks can be monitored, reduced, or eliminated through mitigation efforts.

In the case of ABAC, mitigation efforts could include examples such as:

■ Corporate policies that are documented and

expressly prohibit the payment of bribes or other forms of corrupt payments.

■ Compliance training programs for those most likely

to be exposed to bribery and corrupt activities, designed to increase awareness and educate on what constitutes illegal or “grey area” activities.

■ Specific controls, such as approval, authorization,

and review processes, for payments that take place through systems for vendor payables, purchasing cards, travel & entertainment expenses.

■ Systematic monitoring of payments to look for

suspect outliers, unusual patterns and other indicators of potential cases of bribery and corruption.

For each type of mitigation procedure, whether policy, specific control, or program, it is important to consider at a detailed level all the things that could go wrong and reduce make the process or program ineffective.

(17)

ABAC TECHNOLOGY REQUIREMENTS:

o Ability to clearly identify the relevant mitigation procedures and controls for specific bribery and corruption risks.

o Ability to assess the effectiveness of each mitigation procedure or control.

(18)

18 - Bribery & Corruption:

The essential guide to managing the risks

BUILD AN ANTI-BRIBERY & ANTI-CORRUPTION PROGRAM: 5 STEP PROCESS

3

MONITOR

The ABAC risks have been defined, assessed, and ranked and decisions made about

the risk mitigation processes that need to be in place. What’s left to do…?

Quite a lot.

None of these efforts are worth much if the process, policy, or control, however carefully planned, is not actually working as intended.

One of the most critical phases of the ABAC Program is to monitor the process to determine:

(a) whether or not the controls and procedures are working as intended, and

(b) whether there are indicators of new risks for which no specific controls were developed.

Monitoring of policies and controls can take place across the range of business process areas that are subject to bribery and corruption risks, including purchase-to-payment, vendor transactions, expense reporting, and general ledger. Human behavior can be monitored as well through human analytics, such as querying employees if they have completed ABAC compliance training, or to provide their response as to whether they followed the protocol when providing any benefit, such as

entertainment, within a foreign jurisdiction. Based on employee responses to these surveys, triggers can be setup to automatically assess their responses and flag, notify or escalate as required.

What is Human Analytics?

In its simplest of forms, surveys or questionnaires are

forms of human analytics. But the possibilities of solving

significant problems and adding strategic value are

endless with human analytics.

CLICK TO

LEARN MORE

,

ON THE

ACL BLOG >>

(19)

The single most effective method of monitoring is to examine every payment transaction and every benefit provided by the organization in order to determine if there are signs that non-compliant activities occurred, in spite of the policies and controls that are meant to be in place. This form of detailed testing of transactions and controls, based on data analysis, is used widely by internal auditors in many of their assurance activities.

This approach is even more effective when used by those directly responsible for maintaining effective payment control systems, including the financial, business, and operational managers of an organization, as well as those in specific compliance functions.

Entire populations of payment transactions, across disparate business systems, are examined in detail to look for indicators of problems such as some of the following:

■ Payments made to individuals on the “Politically

Exposed Persons (PEP)” database of foreign government officials

■ Expenses in high risk regions described using

suspect keywords such as “facilitation”, “consulting”, “donation”, “training”

■ Payments made in high risk regions to one time

or new vendors that do not fit the typical vendor profile

■ High value transaction amounts that have not

been subject to required approvals

ABAC TECHNOLOGY REQUIREMENTS:

o Links between individual controls and the tests used to examine transactions and other data.

o Ability to perform a wide range of data analysis tests on an automatic basis and link the results back to the description of the control.

o Visual analysis of testing results.

DOWNLOAD ACL’S LIST

OF THE

“TOP 10

ANTI-BRIBERY

ANALYTICS”

(20)

20 - Bribery & Corruption: The essential guide to managing the risks

BUILD AN ANTI-BRIBERY & ANTI-CORRUPTION PROGRAM: 5 STEP PROCESS

4

MANAGE

EXCEPTIONS

The transaction monitoring process can produce a high or low number of exceptions,

depending on the thresholds and parameters used in the data analysis tests. In order

to determine whether the ABAC Program is working effectively, it is important to have

a strong process for dealing with exceptions.

Not all exceptions necessarily mean that a bribe has been paid. Depending on the exact nature of the test and the way the monitoring system is implemented, an exception should mean that there is a reasonable probability that there is a problem that needs investigation and follow up. The result of the follow up may be an understanding that the exception was a “false positive” — in which case the test can be modified to reduce the chances of future false positives. The result could also be a conclusion that a control, such as an approval process where the controller needs to review all high dollar transactions to one time vendors, is not working as intended — in which case the situation must be

addressed. Of course, the exception could turn out to be an actual corrupt payment — in which case, depending on the circumstances, a series of critical notifications and actions may need to be performed.

Typically, the exception management process involves specific workflow that will vary considerably from one organization to another and will also vary depending on the nature of the exception that is identified. For example, certain high risk exceptions may always be routed directly to a senior manager. In the event that there is no

satisfactory resolution within a given timeframe, a notification would be sent to the CFO and CRO.

(21)

ABAC TECHNOLOGY REQUIREMENTS:

o Flexible workflow capabilities that can accommodate a range of alternate actions depending on the nature of exceptions generated.

o Comprehensive visual reporting on the status of exception management activities, in summary and at a detailed level.

o Ability to collaborate with any stakeholder of the organization – including vendors, partners, contractors, clients and employees and request confirmation or evidence for the validity of a transaction or payment.

o “Human analytic” capabilities, meaning the ability to assess and combine responses that individuals provide when following up on exceptions.

(22)

22 - Bribery & Corruption: The essential guide to managing the risks

BUILD AN ANTI-BRIBERY & ANTI-CORRUPTION PROGRAM: 5 STEP PROCESS

5

REPORTING

AND ONGOING

ASSESSMENT

Reporting is one of the most important and valuable steps in the ABAC Program process.

This is where risk managers, compliance officers, auditors, C-suite executives, and other

stakeholders can really get visibility into how effectively the ABAC program is working.

Ideally, the reporting system should be able to go from a top level overview of overall risk trends, all the way down to the detail of specific red flags of potential violations, including the resolution of each issue that was identified. It is a critical part of the ongoing risk assessment process.

One of the great benefits of using data analysis in the ABAC Program process is that the monitoring and assessment process can be accurately quantified.

This could mean, just as an example, that a report or visual dashboard shows –

SAMPLE VISUALIZATION TO COMMUNICATE TO EXECUTIVES:

that a total equivalent of

US$3.542B

of payments across

15

BUSINESS

units and

10

REGIONS

were analyzed and tested for

12 KEY

INDICATORS

of potential corrupt payments Of these payments,

384,

totaling

US$45.7M,

in two regions, were flagged as exceptions

75%

of these were satisfactorily resolved but

10

TRANSACTIONS

,

totaling

US$11

MILLION,

are in the process of

investigation and appear to be very high-risk items

(23)

Effective reporting means that you can see both the

ABAC TECHNOLOGY REQUIREMENTS:

o The ability to quickly and easily get an overview of the status of the entire ABAC process and move down to whatever detailed level is appropriate.

o Provide an executive storyboard that shows all material issues identified in the organization, across all risk mitigation programs, as it relates specifically to ABAC.

o Multiple levels of access control and security in order to ensure that sensitive data is only available to those who should be involved in a particular part of the process.

o Visual reporting capabilities that, where needed, are fully integrated into an overall risk

(24)

Risk & Controls

Database

Payment/Benefits

Transactions Identify & Assess

Risks

Identify & Assess

Controls

Manage

Exceptions Design & Configure

Tests

Run Tests

& Monitor

Report

Respond

& Resolve

Tests

24 - Bribery & Corruption: The essential guide to managing the risks

(25)

WE’RE HERE TO HELP

ACL has drawn upon its two

decades of experience working

with thousands of customers

worldwide to develop detailed

methodologies and best practices

for managing anti-bribery and

anti-corruption compliance.

For a free assessment of how your

organization can best integrate

technology into your

compliance program,

call 1-888-669-4225

or email info@acl.com

HOW DOES YOUR ORGANIZATION RANK?

The business media regularly reports news showing the increasing

magnitude of threats posed from failing to comply with anti-bribery

and anti-corruption legislation.

We know that some organizations are well down the path of implementing effective programs to manage these risks, while others still have a very long way to go. Where does your organization fit in this spectrum? We hope that this eBook has provided you with some helpful information on how to best manage the risks associated with bribery and corrupt payments, using technology including data-centric compliance management as a key driver.

We are here to help.

IS YOUR ORGANIZATION AT RISK

OF HAVING TO PLEAD GUILTY?

Take the Anti-Bribery Self-Assessment Quiz

(26)

26 - Bribery & Corruption: The essential guide to managing the risks

ANTI-BRIBERY AND ANTI-CORRUPTION TECHNOLOGY BUYING CHECKLIST

Make sure your ABAC compliance software platform has the following capabilities:

1. IDENTIFY AND ASSESS RISKS

o Ability to record, assess, and rank a range of risks in a structured and consistent way that provides sufficient detailed information for comparison and reference purposes

2. IDENTIFY MITIGATION PROCEDURES TO

REDUCE THE RISKS AND THEIR IMPACT

o Ability to clearly identify the relevant mitigation procedures

and controls for specific bribery and corruption risks

o Ability to assess the effectiveness of each mitigation procedure or control

3. MONITOR

o Links between individual controls and the tests used to examine transactions and other data

o Ability to perform a wide range of data analysis tests on an automatic basis and link the results back to the description of the control

o Visual analysis of testing results

4. MANAGE EXCEPTIONS

o Flexible workflow capabilities that can accommodate a range of alternate actions depending on the nature of exceptions generated

o Comprehensive visual reporting on the status of exception management activities, in summary and at a detailed level

o Ability to collaborate with any stakeholder of the organization – including vendors, partners, contractors, clients and employees and request confirmation or evidence for the validity of a transaction or payment

o “Human analytic” capabilities, meaning the ability to assess and combine responses that individuals provide when following up on exceptions

5. GENERAL CAPABILITIES

o Designed for rapid configuration and implementation

o Software runs on a range of mobile devices

o Seamless integration across functional capabilities, including data analysis

o Modern, simple design and best practices user interface

6. REPORTING AND ONGOING ASSESSMENT

o The ability to quickly and easily get an overview of the status

of the entire ABAC process and move down to whatever detailed level is appropriate

o Provide an executive storyboard that shows all material issues identified in the organization, across all risk mitigation programs, as it relates specifically to ABAC

o Multiple levels of access control and security in order to ensure that sensitive data is only available to those who should be involved in a particular part of the process

o Visual reporting capabilities that, where needed, are fully integrated into an overall risk management dashboard

o Reporting that can be accessed from a range of technologies, including smart phones, tablets and laptops

#

(27)
(28)

Bribery & Corruption: The essential guide to managing the risks - 28

© 2015 ACL Services Ltd. ACL and the ACL logo are trademarks or registered trademarks of ACL Services Ltd. All other trademarks are the property of their respective owners.

ABOUT THE AUTHOR:

JOHN VERVER

John Verver, CPA, CISA, CMC is an acknowledged thought leader, writer and speaker on the application of technology, particularly, data analysis, in audit, fraud detection, risk

management and compliance. He is recognized internationally as a leading innovator in continuous controls monitoring and continuous auditing and as a contributor to professional publications. He is currently a strategic advisor to ACL, where he has also held vice president responsibilities for product strategy, as well as ACL’s professional services organization. Previously, John was a principal with Deloitte in Canada

ABOUT ACL

ACL delivers technology solutions that are transforming audit, compliance, and risk management. Through a combination of software and expert content, ACL enables powerful internal controls that identify and mitigate risk, protect profits, and accelerate performance.

Driven by a desire to expand the horizons of audit and risk management so they can deliver greater strategic business value, we develop and advocate technology that strengthens results, simplifies adoption, and improves usability. ACL’s integrated family of products—including our cloud-based governance, risk management, and compliance (GRC) solution and flagship data analytics products—combine all vital components of audit and risk, and are used seamlessly at all levels of the organization, from the C-suite to front line audit and risk professionals and the business managers they interface with. Enhanced reporting and dashboards provide transparency and business context that allows organizations to focus on what matters.

And, thanks to 25 years of experience and our consultative approach, we ensure fast, effective implementation, so customers realize concrete business results fast at low risk. Our actively engaged community of more than 14,000 customers around the globe—including 89% of the Fortune 500—tells our story best. Here are just a few.

References

Related documents

For eksempel påvirkes sammenlignbarheten av at man i Danmark kun har dekket heltidsstudenter i utvalget for Eurostudent (dette gjør at det er færre studenter over 30 år,

The difference in volumes between the sinker alone and the sinker plus the object gives the volume of the floating

Although some Industrial Engineering (IE) undergraduate programs have added service-focused content to their curricula, such additions are generally not fully integrated with

The results revealed that there were no significant differences in the reported intrinsic satisfaction levels among principals who have a m aster’s degree as the highest

Service Level Agreement [1,7] is the contract that is been accepted by the Cloud SP and service consumer (SC) that defines the Quality of Service (QoS), which is

Generalized anxiety disorder (GAD) is characterized by unrealistic or excessive anxiety and worrying about a number of events or activities that are persistent (more than 6 months)

Order of Authors: Ed Tipping; john f boyle; Daniel N Schillereff; Bryan M Spears; Geoffrey Phillips Abstract: We developed a simple model of the biogeochemical and

The formulation of the topic into a research problem is, really speaking the The formulation of the topic into a research problem is, really speaking the first step in a