- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Kyle Brasseur2023-06-01T18:08:00
Tailoring your risk assessments to guidance from your relevant regulators is a good idea, a panel of compliance practitioners agreed. But it certainly isn’t the place to start.
Five senior compliance professionals shared their insights as part of a session on risk assessment programs at Compliance Week’s 2023 National Conference in Washington, D.C. Stephanie Cherny, director, global enterprise compliance at Intuit, moderated the discussion.
It is beneficial to fashion your risk assessments in a way that could answer questions raised by the Department of Justice (DOJ) in its Evaluation of Corporate Compliance Programs guidance or the Securities and Exchange Commission (SEC) in staff bulletins, said Hemma Lomax, vice president, associate general counsel and head of compliance at Zendesk. But more important is first understanding what your company does and its primary risk areas.
“I don’t think the answer is what everyone else is doing—it has to be what’s right for our company,” she said.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
The Department of Justice announced changes to its evaluation procedures for corporate compliance programs in criminal investigations, including monitoring off-channel messaging by employees, executive compensation programs, and how the agency selects compliance monitors.
The former superintendent of the New York State Department of Financial Services explained how the structure of a cybersecurity program is like a compliance program and can be divided into four buckets during a panel discussion at CW’s Cyber Risk & Data Privacy Summit.
How can a company prove its compliance bona fides to a regulator, should one ever come knocking on its door? The Home Depot has prepared for such a scenario with detailed guidance pegged to the DOJ’s “Evaluation of Corporate Compliance Programs.”
When the DOJ released its revised Evaluation of Corporate Compliance Programs, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of AI tools by their firms.
The Department of Justice’s Evaluation of Corporate Compliance Programs has made the importance of artificial intelligence governance frameworks clear, but it didn’t say what role compliance should play. Here’s the answer.
The U.S. Department of the Treasury’s Financial Crimes Enforcement Network issued an alert to financial institutions about their obligations to report deepfakes, warning artificial intelligence has given bad actors additional tools in their arsenal.
