There has been, to say the least, a great deal of controversy over the US Department of Justice’s plan to require compliance officers to provide a certification as a part of corporate resolutions. Many fear that it could lead to significant legal risk for compliance teams and fewer individuals willing to assume compliance roles.
Jonny Frank, Partner, and Kat Nolan, Senior Consultant, at StoneTurn are not concerned. They point out that in the 20+ years since Sarbanes-Oxley, despite the predictions, there have not been the lawsuits and empty CFO and CEO chairs that some feared.
Instead, they believe, these certifications could lead to increased power and prestige for chief compliance officers.
In the podcast they lay out a five-step process for certification:
- Select a framework for the certification criteria that the organization will grade itself against.
- Conduct a scenario-based compliance risk assessment.
- Assess and design key control activities.
- Create a sub-certification waterfall: set accountable owners throughout organization to certify compliance effectiveness in their area.
- Arrange for a third party or internal audit to assess the program.
Listen in to learn more, including the importance of documenting your processes.