Compliance 360 Predicts Trends in Corporate Governance, Risk, Audit and Compliance Management for 2012

As Whistleblower Programs Hit Their Stride, Proving Compliance Effectiveness and Viewing GRC as a Strategic Business Component are Increasingly Critical

ATLANTA – November 29, 2011 – Compliance 360, bringing order and efficiency to the complexity of compliance, today announced its predictions for governance, risk, audit and compliance management (GRC) for the upcoming year. As the attention of regulatory bodies becomes more firmly focused on GRC results, corporations and their boards of directors need to focus their attention on reducing the likelihood of whistleblowers and proactively demonstrating compliance effectiveness in 2012.

• Increasing Threat from Bounty Hunters: Personal greed has long been the primary motivator behind fraud and abuse, and regulators are now increasingly using a variety of rewards to help identify and prosecute offenders. The SEC and CFPB now have formal whistleblower bounty hunter programs, using a percentage of the sanctions as rewards. As these and similar programs begin to hit their strides, compliance officers and their boards of directors will face increasing threats to their internal compliance programs and, ultimately, their institutional brands.

• Demonstrating Compliance Effectiveness is Critical: Historically, regulators have been satisfied with companies that have implemented compliance programs, but now they want proof that the programs are actually working. In 2012, more regulatory authorities will require a process that distills data – demonstrating the overall effectiveness of a company’s compliance program.

As an offshoot of this growing requirement, progressive corporations need to take steps to “keep their friends close and keep their auditors closer.” By proactively sharing their compliance self-assessments and mitigation programs with auditors, companies can establish a strong reputation with their auditors and regulators and use that reputation to minimize the likelihood and impact of potential compliance breakdowns and whistleblower allegations.

To learn more about how to demonstrate compliance program effectiveness, visit: http://www.compliance360.com/ EffectiveCompliance

• The “G” in GRC Becomes Much More Important: Boards are more sophisticated than ever before and many are demanding processes and tools to facilitate and streamline their oversight responsibilities. For example, many board members are now using iPads and related portal products to review enterprise risk management (ERM) programs in much more timely detail to better monitor a broad range of risk indicators. In fact, recent research by Dr. Mark Beasley, Deloitte Professor of Enterprise Risk Management and ERM Initiative Director at North Carolina State University, showed that 59 percent of boards are requiring management to strengthen risk oversight. They are also taking a more active role in confirming management’s assertions on the company’s ethics and regulatory compliance posture.

• GRC is (Finally) Recognized as Strategic to the CEO and Board of Directors: As governance becomes more sophisticated, boards are increasingly recognizing the value that GRC brings to the company. Nothing destroys share price faster than brand damage resulting from ethics charges, product-quality issues, deferred prosecution agreements, Corporate Integrity Agreements and formal investigations by authorities. Many CEOs and their boards are also beginning to recognize that a robust GRC program can be used to clear regulatory hurdles for strategic acquisitions and facilitate growth into new markets and geographies.

• The Rise of Analytics: GRC systems collect enormous amounts of data. Compliance 360’s customers, in aggregate, manage more than 1.4 million laws and regulations. From the board down, GRC users need to see trend lines and correlations to identify and address root-cause issues before auditors come calling. As examples, the additional insight corporations can glean by linking training programs to the types of issues received via a whistleblower hotline, or mining various systems to determine how to change audit plans for the next cycle, can be highly valuable.

About Compliance 360

The original Governance, Risk and Compliance (GRC) software company born in the cloud, Compliance 360 brings order and efficiency to the complexity of enterprise governance, risk management, compliance and audit management. Compliance 360’s software and services enable people to organize and control their internal processes to ensure compliance and minimize risks to their business performance, corporate image and shareholder value. The cloud-based Software-as-a-Service (SaaS) design and delivery allows all this to happen securely with minimal IT infrastructure costs. The Compliance 360 family of GRC software applications includes regulatory compliance software, policy management software, internal audit software, incident management software, ERM software and a wide variety of specialty applications. More than 250,000 professionals every day in financial services, insurance, healthcare, distribution and other regulated industries rely on Compliance 360 to protect their reputations and brands. See www.compliance360.com for more.

#   #   #

Editor’s Note: Compliance 360 is a registered trademark of Compliance 360, Inc. Virtual Evidence Room is a registered service mark of Compliance 360, Inc. Any other trademarks are recognized as proprietary to their owners.