Top Banner
Creating Collaboration between Compliance and Internal Audit David A. Frankel Chief Marketing Officer EDGAR Online NOTICE: Proprietary and Confidential This material is proprietary to EDGAR Online. It contains trade secrets and confidential information which is solely the property of EDGAR Online. This material shall not be used, reproduced, copied, disclosed, transmitted, in whole or in part, without the express consent of EDGAR Online. The material shall also not be used to reverse engineer EDGAR Online’s systems or processes. © 2012 EDGAR Online, Inc. All rights reserved.
18

Creating collaboration between compliance and internal audit

Jan 15, 2015

Download

Economy & Finance

EDGAR Online

A look at how companies may create collaboration between compliance operations and the internal audit.
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Creating collaboration between compliance and internal audit

Creating Collaboration between Compliance and Internal AuditDavid A. FrankelChief Marketing OfficerEDGAR Online

NOTICE: Proprietary and Confidential

This material is proprietary to EDGAR Online. It contains trade secrets and confidential information which is solely the property of EDGAR Online. This material shall not be used, reproduced, copied, disclosed, transmitted, in whole or in part, without the express consent of EDGAR Online. The material shall also not be used to reverse engineer EDGAR Online’s systems or processes.

© 2012 EDGAR Online, Inc. All rights reserved.

Page 2: Creating collaboration between compliance and internal audit

2

About EDGAR Online (NASDAQ:EDGR)

Leader in disclosure management, financial data and GRC analytics solutions

• Our clients create, collect and analyze data using EDGR software tools and content services

• We help companies:

•Comply with filing regulations•Manage financial information•Lower risk and lower compliance costs•Gain control over and analyze information•Implement more agile and effective GRC practices

EDGAR®Online

Page 3: Creating collaboration between compliance and internal audit

3

Ever Feel Like This?

EDGAR®Online

Page 4: Creating collaboration between compliance and internal audit

Effective Risk ManagementEffective risk management = framework + process + standards

EDGAR®Online

Page 5: Creating collaboration between compliance and internal audit

5

Risk Processes & LanguageYet the majority lack common risk processes and language

Source: DeloitteRisk Management Executive Survey

EDGAR®Online

Page 6: Creating collaboration between compliance and internal audit

6

What Finance Worries About

What keeps finance executives awake at night?

EDGAR®Online

Risk spans all areas of the enterprise...

Page 7: Creating collaboration between compliance and internal audit

7

Post 2008, Alignment is CriticalAudit, compliance and business operations MUST align.

Implications of losing control and visibility...

We are all still paying for the lack of foresight in mortgage and lending. The right control, structure and analysis of data could have prevented a full-blown crisis.

Lehman teeters. After $229bn in bail-outs for Bear Stearns, and Fannie Mae and Freddie Mac, the US Treasury says it won’t part with more taxpayer money. Investors dump FS stocks.

The largest settlements paid by 11 pharmaceutical companies for bending the rules total a staggering $6 billion.

EDGAR®Online

Page 8: Creating collaboration between compliance and internal audit

8

Traditional Role of Internal Audit

EDGAR®Online

Page 9: Creating collaboration between compliance and internal audit

9

Traditional Role of Compliance

Source: COSO & Grier Consulting

EDGAR®Online

Page 10: Creating collaboration between compliance and internal audit

10

Reworking the Model

Internal audit & compliance functions are evolving

Internal Audit

• Traditional role• Assurance on risk evaluation and

management processes• Evaluate risk processes, reporting

and management

• Expanding role• Identify and evaluate risks• Coach on risk response• Champion & coordinate ERM• Develop risk-management strategy

for board approval

Compliance

• Traditional role• Preservation of reputation• Compliance controls• Legal review and enforcement• Tactical

• Expanding role• Skilled risk analysis• Proactive risk management• Preventative compliance• Champion ERM• Consult on risk management

strategy

Merging at same goal: Strategically minimize risk while achieving corporate objectives

EDGAR®Online

Page 11: Creating collaboration between compliance and internal audit

11

Risk Management NirvanaRisk management nirvana – but how do you get there?

Source: Deloitte The Risk Intelligent Enterprise

EDGAR®Online

Page 12: Creating collaboration between compliance and internal audit

12

Effective GRC Today

Effective GRC today = No more silos

• Increased regulations have put risk management at the executive and board level

• Companies want centralized oversight and consistent risk management processes

• Multi-layer controls must work collaboratively

•Internal audit•Compliance•Business operations

• Big data is adding complexity

EDGAR®Online

Page 13: Creating collaboration between compliance and internal audit

13

What is “Big Data”?

“Big data” poses a threat to both audit and compliance.

EDGAR Online definition of “big data” – as it pertains to business

“volumes of structured and unstructured data produced as a byproduct of operating a company”

Big Data is a GRC problem.

EDGAR®Online

Page 14: Creating collaboration between compliance and internal audit

14

Data: The Risk of Not Knowing

GRC is complicated by the increased volume and pace of data

EDGAR®Online

Page 15: Creating collaboration between compliance and internal audit

15

Understanding the End GoalAligning audit and compliance starts with shared data & insight

Leverage technology to:

• Transform how you collect and classify data – start with an end in mind•A taxonomy will give you more agility and operational control in accessing information

in meaningful ways

• Standardize your data creation•Example: XBRL used in SEC filings and can be extended companywide

• Implement standards-based analysis tools•Bring context to data by presenting information in a way that is semantically pure and

relevant to the decision on hand

EDGAR®Online

Page 16: Creating collaboration between compliance and internal audit

16

Enabling Risk Management

Method = common framework for viewing XBRL information

Common Measurements = benchmarking standards

Technology = shared content hub & analytics

Common Language = XBRL

EDGAR®Online

Page 17: Creating collaboration between compliance and internal audit

17

Aligning Risk Management

Benefits to aligning your risk management functions• Promote “risk-aware” thinking and decision-making at all levels

• Lower GRC costs

• Gain faster insight into and control over risk information as it’s created

• Lower overall risk with increased visibility

•Pinpoint and address issues early•Identify and evaluate business trends•Better assess the impact of business decisions•See potential new opportunities

• Become smarter and more agile

EDGAR®Online

Page 18: Creating collaboration between compliance and internal audit

18

Thank You

www.edgr.comTwitter: @EDGAR_online

David A. [email protected]: @DavidAFrankel

EDGAR®Online