Topics
Risk & Compliance Resources
Blog Post
Understanding Data Nuances at the Intersection of E-Discovery and Compliance
Adoption and demand for governance, risk and compliance software has been growing steadily in recent years, with reported success in helping organizations manage and mitigate a variety of risks. Alongside this increase in reliance on GRC tools, and their improved ability to store information in a defensible manner, has been the need to extract information from them for the purposes of data discovery in disputes and investigations.
Blog Post
Q&A: Modernizing and Prioritizing a Governance, Risk and Compliance Strategy
This Q&A with Senior Managing Directors Mike Carter and Michael Spadea, co-leads of FTI Technology’s Risk & Compliance practice, covers common challenges in today’s environment, and what clients need to watch for when implementing new tools and procedures for governance, risk and compliance.
Third-Party Risk Management (TRPM) Technology Services
In an era where organizations increasingly rely on third-party vendors and partners, managing risks associated with these external entities is critical. The complexity of these relationships, combined with global supply chains and rapidly evolving regulatory landscapes, necessitates a robust Third-Party Risk Management (TPRM) program enabled with technology to provide efficient workflows for supply chain risk assessments, vendor diligence procedures, and external screening and market data integration.
Streamlining Off-Channel Communications Systems
Organisations in regulated industries, particularly financial services, are grappling with the increased complexity of managing compliance across multiple communications channels. The growing use of personal devices and encrypted messaging apps such as WhatsApp, Telegram and Signal for business purposes has prompted a new wave of regulatory scrutiny. The U.K. Financial Conduct Authority recently emphasised regulatory compliance expectations for preservation of off-channel communications, following a similar approach taken by the Securities and Exchange Commission and Commodity Futures Trading Commission in the U.S. This push comes as regulators aim to enforce transparency, accountability and proper record-keeping, which are critical for preventing market abuse, insider trading and other forms of misconduct.
White Paper
Scrutiny over off-channel communications and emerging data sources such as modern communications tools, collaboration platforms, personal devices, chat applications and ephemeral messaging, has become a serious and increasing focus in regulatory enforcement. Over the past two years, the Securities and Exchange Commission and the Commodity and Futures Trading Commission have issued more than $2 billion in fines to financial services institutions for record keeping failures related to messaging applications. Following suit, this year, the Department of Justice and the Federal Trade Commission have shared new guidance to specifically emphasize expectations that off-channel communications be preserved and monitored as part of routine compliance programs.
Blog Post
Data risks and the ongoing growth of cloud-based communications within enterprises continue to present challenges for compliance teams in the financial services sector. Whereas communications data was once stored and managed in centralized servers within the walls of enterprise data centers, now much of the data that financial services institutions are required to preserve, monitor and report against is stored across a myriad of platforms outside the perimeter of the enterprise and without robust compliance controls. Meanwhile, regulatory authorities worldwide are increasingly focused on gaps in institutions’ ability to uphold robust compliance programs and fulfill their records management requirements.
Case Study
Software Provider Leans on FTI Consulting to Evaluate Global Compliance Analytics and Metrics
A global software company needed to modernize its compliance program. With a focus on applying data and technology effectively in support of a global framework, the organization engaged FTI Consulting’s Risk & Compliance experts to assess the existing program’s maturity, data sources, analytics dashboarding and existing tools, and guide the company in transforming its program.
Blog Post
Understanding the Intersection of Compliance and Generative AI
When Department of Justice Deputy Attorney General Lisa Monaco spoke at the American Bar Association’s National Institute on White Collar Crime in March, she clarified the department’s views on the role of artificial intelligence in committing, monitoring for and prosecuting against corporate crime. A key point was that legal and compliance teams should be proactive about the use of AI within their organizations as a potential source of risk, and that the DOJ may take action against organizations for failing to properly monitor and govern AI use.
White Paper
How Compliance and Risk Officers Can Balance the Benefits and Risks of AI in Compliance
Artificial intelligence (AI) is revolutionizing industries and the way we interpret data, with generative AI leading as a groundbreaking subfield. Generative AI offers immense potential for streamlining numerous compliance functions and operations. However, these advances also come with significant compliance challenges and digital risks. Without diligent oversight, poor application of generative AI technologies can open organizations up to significant corporate compliance, regulatory, litigation, and reputational risks. This white paper explores the role generative AI may play in reshaping organizational approaches to risk and compliance. It will discuss ways corporate compliance officers can proactively mitigate risks and enable an approach of informed and vigilant adoption.
White Paper
Forecasting Digital Risk in 2024
After a feverish period of disruption across many facets of technology, it’s becoming more difficult to delineate between what could happen and what will happen in the months and year ahead. Business leaders often rely upon industry forecasts to prepare for anticipated change that is likely to impact their operations, go-to-market strategies, hiring plans, etc. Yet in a hype-filled environment in which it seems like anything is possible, organizations must be highly discerning about how they prepare for evolving digital risk and establish resilience for future technological disruption.
White Paper
Compliance Tech Priorities in 2023
Respondents to a survey conducted by Compliance Week and FTI Consulting largely indicated third parties to be the most heightened area of risk to their businesses this year, with reporting and dashboarding and enhancing analytics capabilities among top priorities.
Blog Post
This blog series discusses research and trends across the spectrum of Digital Insights & Risk Management. Part 1 in the series, by Sophie Ross, defined the concept of digital risk and shared a state of the industry across the big picture of this problem space, and Part 2 focused on data privacy issues. This post discusses the disparity between belief and reality regarding emerging data sources in today’s corporate environments. It features insights from business leaders including information governance professionals and legal department leaders.
Blog Post
Building a Data-Driven Compliance Program
Data is becoming central to the Department of Justice’s view of compliance programs. As recent enforcement actions show, compliance programs are expected to be inclusive of all data relevant to employee communications about work. Further, corporations are encouraged to hold employees accountable to compliance metrics and benchmarks — thus necessitating tools and data that can generate and report on those metrics.