Tagged: Risk Assessment

Episode 94 — How to Conduct a Risk Assessment for Sanctions Compliance

OFAC’s new framework guidance for sanctions compliance programs stretched into new territory with its risk assessment requirement. This new approach reflects OFAC’s recent aggressive enforcement programs. The scope of a risk assessment has to mirror the breadth of enforcement risks and has to include review of: (i) customers, supply chain, intermediaries, and counter-parties; (ii) the products and services it offers, including how and where such items fit into...

Are Risk Assessments Just a Report on the Obvious?

If you give a Chief Compliance Officer truth serum and ask him/her whether they believe a risk assessment is valuable, what do you think the CCO say? Let’s start with the cynical side – not that I am a pessimist. Many CCOs will candidly tell you that a risk assessment provides them with a colorful and expensive report on the company’s risks that contains no...

DOJ’s Compliance Program Evaluation: Risk Assessment, Policies and Procedures and Third-Party Risk Management (Part III of IV)

To design and implement an effective ethics and compliance program, companies have to conduct a risk assessment and tailor its policies and programs to its risk profile. DOJ’s Compliance Evaluation reinforces this framework for a compliance program. Risk Assessment At the outset, a company has adopt a specific methodology for its risk assessment, the types of information it will collect and analyze, and the metrics...

Forget About a Risk Assessment – Conduct a Risk AND Compliance Program Assessment

A Chief Compliance Officer can get lost in terms, titles, risk management solutions, effective services, magic bullets, absolute requirements and ultimately confusion. Whether the strategy is called lines of defense or some other moniker of professionalism and deep thought, the real work occurs in the trenches and with a practical eye to minimizing risks while protecting the company.  When a CCO adheres to common sense...

Third Party Risk Management: Balancing Due Diligence Screening and Monitoring

In response to aggressive FCPA enforcement and recurring problems with third parties, companies have spent substantial resources and time to design and implement comprehensive ethics and compliance programs. A key part of this effort was to implement robust due diligence programs to screen and identify potential risks created by third party intermediaries. Hui Chen, DOJ Compliance Counsel, called 2015 “The Year of Due Diligence.” Many...

AML Risks and Foreign Correspondent Banking

With the Panama Papers scandal and government promises of continued aggressive AML enforcement, financial institutions face a variety of risks that require increased vigilance and mitigation strategies. One of the most challenging risks facing all financial institutions is foreign correspondent banking. In essence, a foreign correspondent banking relationship is built on the effectiveness of a foreign bank’s AML compliance program and ongoing monitoring capabilities. Such...

FinCEN Issues New Beneficial Ownership Regulations

Under the dark cover of the Panama Papers scandal, FinCEN moved quickly to issue its beneficial; ownership regulations. For all of the US regulatory and financial industry bluster, it is about time. The United States stands far behind other countries in requiring transparency with regard to financial ownership. It is unfortunate that it took the Panama Papers scandal to give FinCEN the political opportunity to...

Cyber Security Compliance: The Role of the CCO

For years, cyber security has been the province of IT specialist and technicians. Those days are long gone. If you ask a Board of Directors to identify a company’s most significant risk – cyber security is tops. That is no big surprise. When you consider the consequences of a cyber intrusion or a more likely breach, companies suffer serious reputational and financial harm. Directors, senior...

Defining Compliance 2.0: The Board (Part 1 of 5)

This week I am devoting five postings to defining the “new” model of ethics and compliance – Compliance 2.0. If you read through compliance writings, blogs, articles, white papers, and other sources, you will see the term “Compliance 2.0” bandied about.  It is a term that has yet to be defined but is taking on a life of its own – a reflection perhaps of...

FinCEN Proposes to Apply AML/BSA Requirements to Investment Advisers

FinCEN is an active law enforcement agency. They have taken on more responsibility over the last five years for AML enforcement, and they show no signs of letting up. FinCEN’s proposal to expand beneficial ownership requirements for financial institutions is expected to be released before the end of the year. FinCEN’s proposal in this area will have a significant impact on companies subject to AML...