- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
Exception requests are often a thorn in the side of policy managers, and yet they are unavoidable for most.
An effective policy management process can ease the pain, which includes putting in place a “policy on policies” that describes a corporate policy, what it should include, and how policies get approved, reviewed, and trained upon, says Paul Liebman, a former in-house compliance and ethics attorney now in private consulting. Companies that manage policies well have a centralized policy management process and don’t issue policy exceptions lightly, he adds.
At many companies, however, policies, procedures, and directives are generated in a decentralized way within a company’s various business units, or facilities. “Figuring out what a policy is—and what an exception to a policy is—is difficult, because companies don’t have a lot of control over that process to begin with,” says Liebman.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
Ask any company how many policies it has and where they are located—from the corporate level down to the functional level—and chances are you won't get a straight answer.A typical company will have some policies controlled by corporate headquarters, sure; but most tend to be created and managed independently by ...
USAA Federal Savings Bank has been hit with its third cease and desist order from the Treasury Department’s Office of the Comptroller of the Currency in the past five years for failing to correct unsafe and unsound banking practices.
When lawmakers slam the U.K.’s chief financial regulator as “incompetent,” it not only opens the doors for others to pile criticism on it, but it sparks a debate about how the organization can be improved–or removed.
When the DOJ released its revised Evaluation of Corporate Compliance Programs, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of AI tools by their firms.
The Department of Justice’s Evaluation of Corporate Compliance Programs has made the importance of artificial intelligence governance frameworks clear, but it didn’t say what role compliance should play. Here’s the answer.
The U.S. Department of the Treasury’s Financial Crimes Enforcement Network issued an alert to financial institutions about their obligations to report deepfakes, warning artificial intelligence has given bad actors additional tools in their arsenal.
