Topics

Risk & Compliance Resources

PDF

End-to-End Migration to Smarsh Enterprise Archive

Archiving platforms are mission-critical systems for today’s organizations and ensuring that data migration is correct and compliant with industry standards is a key business concern. FTI Technology’s Archiving Services for Smarsh provide an end-to-end process for clients to safely and efficiently migrate data from legacy archive systems into Smarsh’s Enterprise Archive.

Blog Post

Understanding Data Nuances at the Intersection of E-Discovery and Compliance

Adoption and demand for governance, risk and compliance software has been growing steadily in recent years, with reported success in helping organizations manage and mitigate a variety of risks. Alongside this increase in reliance on GRC tools, and their improved ability to store information in a defensible manner, has been the need to extract information from them for the purposes of data discovery in disputes and investigations.

Blog Post

Q&A: Modernizing and Prioritizing a Governance, Risk and Compliance Strategy

This Q&A with Senior Managing Directors Mike Carter and Michael Spadea, co-leads of FTI Technology’s Risk & Compliance practice, covers common challenges in today’s environment, and what clients need to watch for when implementing new tools and procedures for governance, risk and compliance.

PDF

Third-Party Risk Management (TRPM) Technology Services

In an era where organizations increasingly rely on third-party vendors and partners, managing risks associated with these external entities is critical. The complexity of these relationships, combined with global supply chains and rapidly evolving regulatory landscapes, necessitates a robust Third-Party Risk Management (TPRM) program enabled with technology to provide efficient workflows for supply chain risk assessments, vendor diligence procedures, and external screening and market data integration.

PDF

Streamlining Off-Channel Communications Systems

Organisations in regulated industries, particularly financial services, are grappling with the increased complexity of managing compliance across multiple communications channels. The growing use of personal devices and encrypted messaging apps such as WhatsApp, Telegram and Signal for business purposes has prompted a new wave of regulatory scrutiny. The U.K. Financial Conduct Authority recently emphasised regulatory compliance expectations for preservation of off-channel communications, following a similar approach taken by the Securities and Exchange Commission and Commodity Futures Trading Commission in the U.S. This push comes as regulators aim to enforce transparency, accountability and proper record-keeping, which are critical for preventing market abuse, insider trading and other forms of misconduct.

White Paper

Off-Channel Communications Enforcement Intensifies, Compounds Importance of Comprehensive Information Governance

Scrutiny over off-channel communications and emerging data sources such as modern communications tools, collaboration platforms, personal devices, chat applications and ephemeral messaging, has become a serious and increasing focus in regulatory enforcement. Over the past two years, the Securities and Exchange Commission and the Commodity and Futures Trading Commission have issued more than $2 billion in fines to financial services institutions for record keeping failures related to messaging applications. Following suit, this year, the Department of Justice and the Federal Trade Commission have shared new guidance to specifically emphasize expectations that off-channel communications be preserved and monitored as part of routine compliance programs.

Blog Post

Establishing a Successful Compliance Triumvirate Through Technology, Data Management and Human Behavior

Data risks and the ongoing growth of cloud-based communications within enterprises continue to present challenges for compliance teams in the financial services sector. Whereas communications data was once stored and managed in centralized servers within the walls of enterprise data centers, now much of the data that financial services institutions are required to preserve, monitor and report against is stored across a myriad of platforms outside the perimeter of the enterprise and without robust compliance controls. Meanwhile, regulatory authorities worldwide are increasingly focused on gaps in institutions’ ability to uphold robust compliance programs and fulfill their records management requirements.

Case Study

Software Provider Leans on FTI Consulting to Evaluate Global Compliance Analytics and Metrics

A global software company needed to modernize its compliance program. With a focus on applying data and technology effectively in support of a global framework, the organization engaged FTI Consulting’s Risk & Compliance experts to assess the existing program’s maturity, data sources, analytics dashboarding and existing tools, and guide the company in transforming its program.

Blog Post

Understanding the Intersection of Compliance and Generative AI

When Department of Justice Deputy Attorney General Lisa Monaco spoke at the American Bar Association’s National Institute on White Collar Crime in March, she clarified the department’s views on the role of artificial intelligence in committing, monitoring for and prosecuting against corporate crime. A key point was that legal and compliance teams should be proactive about the use of AI within their organizations as a potential source of risk, and that the DOJ may take action against organizations for failing to properly monitor and govern AI use.

White Paper

How Compliance and Risk Officers Can Balance the Benefits and Risks of AI in Compliance

Artificial intelligence (AI) is revolutionizing industries and the way we interpret data, with generative AI leading as a groundbreaking subfield. Generative AI offers immense potential for streamlining numerous compliance functions and operations. However, these advances also come with significant compliance challenges and digital risks. Without diligent oversight, poor application of generative AI technologies can open organizations up to significant corporate compliance, regulatory, litigation, and reputational risks. This white paper explores the role generative AI may play in reshaping organizational approaches to risk and compliance. It will discuss ways corporate compliance officers can proactively mitigate risks and enable an approach of informed and vigilant adoption.

White Paper

Forecasting Digital Risk in 2024

After a feverish period of disruption across many facets of technology, it’s becoming more difficult to delineate between what could happen and what will happen in the months and year ahead. Business leaders often rely upon industry forecasts to prepare for anticipated change that is likely to impact their operations, go-to-market strategies, hiring plans, etc. Yet in a hype-filled environment in which it seems like anything is possible, organizations must be highly discerning about how they prepare for evolving digital risk and establish resilience for future technological disruption.

White Paper

Compliance Tech Priorities in 2023

Respondents to a survey conducted by Compliance Week and FTI Consulting largely indicated third parties to be the most heightened area of risk to their businesses this year, with reporting and dashboarding and enhancing analytics capabilities among top priorities.

Blog Post

A New Era of Risk Part 3: Risk and Impact of Emerging Data Sources Underestimated in Most Organizations

This blog series discusses research and trends across the spectrum of Digital Insights & Risk Management. Part 1 in the series, by Sophie Ross, defined the concept of digital risk and shared a state of the industry across the big picture of this problem space, and Part 2 focused on data privacy issues. This post discusses the disparity between belief and reality regarding emerging data sources in today’s corporate environments. It features insights from business leaders including information governance professionals and legal department leaders.

Blog Post

Building a Data-Driven Compliance Program

Data is becoming central to the Department of Justice’s view of compliance programs. As recent enforcement actions show, compliance programs are expected to be inclusive of all data relevant to employee communications about work. Further, corporations are encouraged to hold employees accountable to compliance metrics and benchmarks — thus necessitating tools and data that can generate and report on those metrics.