Risk Assessments, Control Environments and Plug Power

09/06/23 • 22 min

The award winning, Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on sanctions compliance? Look no further than Compliance into the Weeds! In this episode, Tom and Matt consider the recent pronouncements from the SEC regarding risk assessments together with control environments and all this played out in the Plug Power enforcement action.

The importance of risk assessments and a strong control environment in companies cannot be overstated. These elements are crucial for effective internal controls and proper financial reporting, as emphasized by the SEC's chief accountant, Paul Munter. In this episode Tom and Matt underscore the need for thorough evaluation of potential pitfalls in risk assessments, citing insufficient personnel, changes in board or management composition, and hasty adoption of new strategies or technologies as potential triggers for flawed assessments.

They highlight the significance of small control failures and entity-level failures, such as weaknesses in IT controls, as indicators of a weak control environment.. Join Tom Fox and Matt Kelly as they delve deeper into the topic of risk assessment in the latest episode of the Compliance into the Weeds podcast.

Key Highlights

· Munter’s statement

· Enhancing Control Environment through Risk Assessments

· The Importance of Risk Assessments and Controls

· Attracting and Retaining Competent Individuals

· Flaws in Risk Assessment Beyond Insufficient Personnel

· Lessons Learned

Resources

Matt in LinkedIn

Matt blogged twice on these issues. A report on Munter’s statements here and on the Plug Power enforcement action here

Tom

Learn more about your ad choices. Visit megaphone.fm/adchoices

Key Highlights

· Munter’s statement

· Enhancing Control Environment through Risk Assessments

· The Importance of Risk Assessments and Controls

· Attracting and Retaining Competent Individuals

· Flaws in Risk Assessment Beyond Insufficient Personnel

· Lessons Learned

Resources

Matt in LinkedIn

Matt blogged twice on these issues. A report on Munter’s statements here and on the Plug Power enforcement action here

Tom

Learn more about your ad choices. Visit megaphone.fm/adchoices

Previous Episode

3M FCPA Enforcement Action

The award winning, Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on sanctions compliance? Look no further than Compliance into the Weeds! In this episode, Tom and Matt consider the recent FCPA enforcement action involving the Chinese business unit of 3M.

The importance of post-event documentation and monitoring in preventing fraud and corruption cannot be overstated, as highlighted by the recent FCPA incident involving 3M China. Tom believes that while training and control environment adjustments are crucial, they may not be enough to prevent misconduct if individuals are determined to commit such acts. He emphasizes the need for hard evidence, such as post-event documentation, and recommends looking to the heavily regulated pharmaceutical sector for guidance.

Matt stresses the importance of rigorous post-event documentation to ensure the legitimacy of business activities. Both Fox and Kelly gained these insights from their extensive experience in the field of compliance and their analysis of various fraud cases. To learn more about their unique perspectives on post-event documentation and monitoring, join them on this episode of the Compliance into the Weeds podcast.

Key Highlights

· Background facts

· GTE in FCPA enforcement actions

· What happens when conduct is done secretly

· Concerns over the use of messaging apps

· Lessons Learned

Resources

Matt in LinkedIn

Tom -blog post on the FCPA Compliance and Ethics Blog

Learn more about your ad choices. Visit megaphone.fm/adchoices

Next Episode

Failure to Have Effective Compliance Program

The award winning, Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on sanctions compliance? Look no further than Compliance into the Weeds! In this episode, Tom and Matt consider the recent DOJ enforcement action involving Verizon Business Network Services for failure to have an effective cyber security compliance program.

The recent case of Verizon's non-compliance with cybersecurity standards and subsequent remediation efforts has sparked a significant conversation in the realm of cyber compliance. Tom views this case as a roadmap for companies to enhance their cybersecurity programs, emphasizing the importance of gap analysis and pressure testing. He draws parallels between cybersecurity compliance and the Foreign Corrupt Practices Act (FCPA) compliance, suggesting that Verizon's case could serve as an example for other companies.

Matt applauds Verizon's voluntary self-disclosure and extensive remediation efforts. He underscores the importance of disclosure, cooperation, and remediation in both cybersecurity and corruption cases, viewing Verizon's actions as a positive example for other companies. Join Tom Fox and Matt Kelly as they delve deeper into this topic in the latest episode of the Compliance into the Weeds podcast.

Key Highlights

· Verizon's Cybersecurity Program Failures

· Enhancing Cybersecurity Compliance through Remediation Measures

· Automating Compliance Efforts with GRC Tools

· Potential Penalties for Non-Disclosure of Cybersecurity Issues

Resources

Matt in LinkedIn

Matt on Radical Compliance

Tom

Instagram

Facebook

YouTube