NEW YORK, Aug. 21, 2017 /PRNewswire/ -- While the Trump Administration has voiced plans for regulatory roll-backs, particularly in financial services, chief risk officers and chief compliance officers must maintain a focus on safeguarding their companies against strategic, operational and emerging risks, according to KPMG LLP, the U.S. audit, tax and advisory firm.
"Now is the time for companies to focus on becoming more agile so they can respond to regulatory shifts," said Kelly Watson, National Service Group Leader for Risk Consulting at KPMG LLP. "This should include determining how to best use emerging technologies to reduce costs and improve risk management and compliance."
KPMG LLP has identified five risk areas to top companies' agendas in this time of change:
- Focus on the Larger Compliance Picture - Disruption and policy uncertainty, like that created by anticipated deregulation such as a potential "dismantling" of the Dodd-Frank Act, can make it challenging to identify where to prioritize compliance efforts. The focus on board and senior management accountability and employee and business conduct, coupled with enhanced capital and more technology choices, is driving an opportunity for investment in data and technology enhancements that will increase integration and automation, and improve the responsiveness of processes to risks and changes.
- Internal Audit's Role in Regulatory Change – Organizations' internal audit functions should understand coming regulatory changes and consider:
- Whether the organization has adequate compliance processes to recognize and react to regulatory changes.
- If a review of key compliance processes has been included in the internal audit plan.
- What regulatory changes driving emerging risks should be included in the establishment of internal audit plans.
- Whether internal audit has a point of view regarding the impact of removing or reducing controls on the overall control environment - relaxation of requirements does not mean organizations should eliminate controls established to address them.
- Cyber Program Investment In Industries Facing Regulatory Change:
- Financial Services – As regulatory changes in financial services loom, some financial institutions have paused on decisions on how to allocate limited resources until they have more clarity. These delays have put a strain on cyber programs' effectiveness. However, it is important companies continue to make decisions about the direction of their programs as there is no indication breaches will slow down.
- Healthcare – While healthcare faces regulatory change and uncertainty as 'repealing and replacing' the Affordable Care Act in some fashion becomes a possibility, some companies have moved forward with additional cyber program investments in light of recent ransomware events such as the wannacry attack. Such events reveal that cyber threats can have a crippling effect on systems and processes supporting healthcare services.
- Strengthen Anti-Money Laundering (AML) – There will continue to be a strong focus on AML enforcement as terrorist financing remains a threat. There is a particular need for AML compliance guidance at foreign banks, FinTech companies, and other non-bank financial services providers with less mature AML programs. To improve AML compliance effectiveness, organizations are determining how they can utilize intelligent automation. Some are even exploring cognitive technologies to augment and enhance the efficiency and effectiveness of decision making processes currently performed completely manually.
- Third Party Risk - Organizations have growing networks of third-party intermediaries and are challenged to identify and monitor which third parties are putting them at risk, particularly in anti-bribery and corruption (ABC). Last year, the International Organization for Standardization (ISO) released the first international standard designed to help organizations prevent and detect bribery. The ISO 37001 Standard has the potential of becoming a new benchmark for grading anti-bribery and corruption systems. While certification is not required, intermediaries that become certified may have a competitive advantage, as it will help to demonstrate an investment into and a threshold of ethical business conduct.
About KPMG LLP
KPMG LLP, the audit, tax and advisory firm (www.kpmg.com/us), is the independent U.S. member firm of KPMG International Cooperative ("KPMG International"). KPMG International's independent member firms have 189,000 professionals, including more than 9,000 partners, in 152 countries.
SOURCE KPMG LLP