by clicking the arrows at the side of the page, or by using the toolbar.
by clicking anywhere on the page.
by dragging the page around when zoomed in.
by clicking anywhere on the page when zoomed in.
web sites or send emails by clicking on hyperlinks.
Email this page to a friend
Search this issue
Index - jump to page or section
Archive - view past issues
GRC Professional : GRC Summer 2013
27 ADVERTORIAL The data revolution: Managing the exponential risk It's undeniable that the world as we know it is changing at an exponential pace with the emergence of social networks, mobile devices and new payment methods (NPM). Conversely, it is not so much a technological revolution, but a revolution of information. BY TYSON WIENKER What does this 'liquid information' mean for GRC professionals? A 2012 KPMG governance report identified two key areas of risks posed by emerging technologies: • Information data privacy and security; • Leveraging social media and data to shape real-time business decisions and manage reputational risks. Indeed, the speed and complexity of this changing, technologically-driven business environment has pushed governance processes, control and risk management to the fore as a key concern. • Business transactions can be facilitated in real time anywhere in the world at anytime and by anyone, and can be monitored up to 300,000 times faster than a year ago; • Legacy, manual KYC/DD systems rarely take into account the speed with which business needs to react to a situation to minimise risks; • Real-time screening solutions bring organisational risk approach and implementation into the 21st century. Ultimately, ongoing monitoring and screening plays a crucial role in the mitigation of risk for all organisations. Technology-based platforms with comprehensive databases such as Lexis Diligence and Bridger Insight XG can help aggregate the vast majority of information needed when verifying individuals or corporate entities, to protect your organisation's interests. www.lexisnexis.com.au/grc phone1800 772 772 email firstname.lastname@example.org Policing requires power and the ability to impose consequences. the Libor rigging and Barclays' AML penalties ($US455m). If we look further back in history, the OFAC penalties sustained by Arab Bank ($US24m), ABN AMRO ($80m), Bank of New York ($38m), Lloyds Bank ($350m), Credit Suisse ($536m), ING ($619m), JP Morgan Cha se ($88m) and Wachovia ($160m) are a result of what litigators euphemistically refer to as "bad facts". And we can look at the most recent fine of $1.9b again st HSBC. That is an impressive list of bad facts. And then there was the cou rt application issued in early August 2012 against the Standard Chartered Bank seeking revocation of its banking licence in the US for violations of sanctions laws a nd AML/CTF requirements. Standard Cha rtered Bank was expected to show the court why its US dollar clearing operations should not be suspended pending a formal licence revocation hearing, and a civil penalty could also be forthcoming. Ultimately, the matter settled for a generous fine of $327m. The court application also accused the bank's consultant, Deloitte & Touche, of knowingly helping Sta nda rd Cha rtered circumvent the restrictions, and it quotes a Standard Chartered group director in London as using an expletive to dismiss sanctions policies against Iran. This proceeding ha s now being wholly discontinued. Policymakers have given GRC the fu nction of policing the behaviour of those who control or carry out the business activities of the financial institutions. Yet those who run the businesses have primacy over the wishes of those who work in GRC. Policing requires power and the ability to impose consequences. If the local police force had no ability to arrest offenders they detect committing crimes, or they suspect of crimes, then our society would be a radically different place. Society would be, in effect, lawless because there is no policing power. Policing requires power and consequence. In policing behaviour, the GRC function can only be effective if there are other positive drivers motivating the behaviour of those in X
GRC Spring 2012
GRC Autumn 2013