by Lora Bentley, IT Business Edge
As recently as last week, Yale University behavioral economics professor Robert Shiller told reporters the current mess in the financial markets results in part from a failure to manage risk. Last year, the Securities and Exchange Commission offered new guidance on a risk-based approach to Sarbanes-Oxley section 404 implementation. In between, companies like CA began offering governance, risk and compliance (GRC) products and services, and Standard and Poor's even began tracking enterprise risk management as a key to evaluating a company's financial health.
Risk management is the new hot topic in today's economic climate. Businesses are doing everything they can to ward off the fraud that caused Enron to collapse, Bernard Madoff's clients to lose everything, Lehman Brothers to enter bankruptcy, and so on. Ethics and Compliance Officer Association Executive Director Keith Darcy says his organization has more than doubled its membership in the last eight years alone. In that time, he says, the markets have seen a "flight to integrity." People are investing in businesses they trust and pulling their money out of those they don't trust.
But more than panic is driving the trend toward ethics and risk management positions in the executive suite. It's also good business. Jeff Smith, who serves as legal officer and risk officer for the Michigan-based Consulting Services Support Corp., says, "Once a number of companies begin to better manage and mitigate their own unique risks of loss, it only makes sense that other corporations that wish to retain competitive advantage and attractiveness to shareholders would follow suit." That, he says, results in the wealth of risk management and ethics-centered positions that are available today.
“The first challenge is often to help others realize that they have a reason to learn from you...”Jeff Smith, Consulting Services Support Corp.
The positions will differ a bit in terms of title, salary levels will vary, and some may have a broader set of responsibilities than others. For instance, Inter-American Development Bank in Washington, D.C., is seeking a "principal integrity officer." The person's responsibilities? Planning and executing fraud and corruption investigations. Smith's responsibilities at CSSC, however, run the gamut. He says simply, "I manage risk in the areas of insurance, law, compliance, ethics and any other areas that my CEO or I may identify within the organization."
Protiviti managing director Paul Schulz notes that the most effective risk and ethics officers are those, like Smith, at the executive level. He says, "Overall direction and management of enterprise risk is the key role... In essence, CRO and equivalent roles are at the fulcrum of creating and managing the mechanisms that cut across organizational and business unit boundaries to identify, manage, and mitigate risks in a wide variety of categories."
Darcy agrees. "The chief ethics and compliance officer must have C-suite status. They must have independence," he says, "They must have unfiltered access to the board, and they must have a seat at the strategy and policy table because that's where the big decisions are made."
Posts
No comments:
Post a Comment