Areas of Board inquiry into compliance - a podcast by Thomas Fox

from 2021-01-31T22:10:42.023393

:: ::

Where does “tone at the top” start? With any public and most private U.S. companies, it is at the Board of Directors. But what is the role of a company’s Board in compliance? We start with several general statements about the role of a Board in U.S. companies. First, a Board should not engage in management but should engage in oversight of a CEO and senior management. The Board does this through asking hard questions, risk assessment and identification. 
A white paper by Deloitte & Touche LLP, entitled “Risk Intelligence Governance - A Practical Guide for Boards”, laid out six general principles to help guide Boards in the area of risk governance. These six areas can be summarized as follows:


Define the Board’s role. There must be a mutual understanding between the Board, CEO and senior management of the Board’s responsibilities.


Foster a culture of risk management. All stakeholders should understand the risks involved and manage such risks accordingly.


Incorporate risk management directly into a strategy. Oversee the design and implementation of risk evaluation and analysis.


Help define the company’s appetite for risk. All stakeholders need to understand the company’s appetite or lack thereof for risk.


How to execute the risk management process. Maintain an approach that is continually monitored and has continuing accountability.


How to benchmark and evaluate the process. Systems need to be installed which allow for evaluation and modifying the risk management process as more information becomes available or facts or assumptions change.

All of these factors can be easily adapted to compliance and ethics risk management oversight. Initially it must be important that the Board receive direct access to such information on a company’s policies on this issue.
Three key takeaways:

The Board’s role is to keep really bad things from happening to a company.

There are six general areas the point can inquire into and lead from.

A Board should have direct access to information on the company’s compliance program.

Further episodes of 31 Days to a More Effective Compliance Program

Further podcasts by Thomas Fox

Website of Thomas Fox