Assessing Desktop Dangers: A New Approach
In an insightful article, republished with permission from Tom Fox's FCPA Compliance and Ethics Blog, Julie Myers Wood, the CEO of Guidepost Solutions, a leading security, compliance, and risk management firm, discusses the importance of desktop risk assessments in maintaining a robust compliance program.
A desktop risk assessment is a type of risk assessment that focuses on areas such as resources, C-suite and Boardroom risks, FCPA risks related to the supply chain, due diligence at the vendor/agent level, documentation support, culture and attitude, disciplinary guidelines, communication of information and findings, and opportunities to improve compliance.
According to Wood, this type of assessment is crucial for prioritising and acting on compliance issues. Materials that can be reviewed for a desktop risk assessment include a company's policies and written guidelines, senior management support for compliance efforts, resources dedicated to compliance, and operational responsibilities for compliance.
The FCPA Guidance, which provides a framework for the U.S. Department of Justice and the Securities and Exchange Commission's enforcement of the Foreign Corrupt Practices Act (FCPA), emphasises the importance of risk assessment as fundamental to developing a strong compliance program. It does not advocate for a 'one size fits all' approach to compliance programs or risk assessments, instead highlighting the need to analyse and address the particular risks a company faces.
One of the key areas of focus for a desktop risk assessment is the due diligence program for third parties, as they represent the highest risk to most companies under the FCPA. The review should also ensure timely responses for employees seeking compliance guidance and assess mechanisms for reporting suspected compliance violations and actions taken on any internal reports.
The compliance procedures in place for the company's mergers and acquisitions (M&A) team should be reviewed, focusing on the pre-acquisition phase. A key element of any best practices compliance program is internal and anonymous reporting, which should be encouraged and supported.
Wood also advises college students to 'eat the sushi,' which means being willing to try new and unfamiliar things. This metaphor was used to emphasise the importance of leadership in taking calculated risks and embracing change.
Disciplinary actions for employee compliance violations should be applied uniformly, regardless of location. The review should consider employee commitment to the company's compliance regime, including compliance policies regarding employee incentives and disciplinary procedures for violations.
Performing an annual desktop risk assessment with a full worldwide risk assessment every two years can help keep abreast of compliance issues that may change and need more or greater risk management.
Despite the importance of desktop risk assessments, there are no available search results that specifically name the companies in which Julie Myers Wood held CEO or other leadership roles before acquiring Guidepost Solutions. This underscores the need for companies to continually evaluate their compliance programs and make necessary adjustments to stay ahead of potential risks.
Read also:
- Globally Expanding Bonkers Corner Makes its Debut in UAE After Success in Mumbai Streets
- Susanne Otto to Develop Additional Housing Units
- Deepwater Port Construction Permits for Projects within the South Central Region's Air Regulations
- Citizen Thekla Walker, Minister, urges: "Let's face our responsibilities at home"
