AML, auditor, board, Dodd-Frank, ERM, Foreign Corrupt Practices, information, internal audit, internal control, investor, laws, management, method, objective, practices, Public, public company, régulation, regulators, risk, risk-management, risk-manager, Sarbanes-Oxley, SOX, stakeholder
Les termes mis en caractères gras sont de mon fait.
Stakeholders increasingly expect boards of directors to do more to oversee the organizations they direct. Some of these expectations are spelled out in laws and regulations—the Sarbanes-Oxley, Dodd Frank, Foreign Corrupt Practices, Anti-money Laundering acts—and stock exchange listing standards, to name just a few. Regulatory-driven board risk oversight expectations, by design, have focused on protecting the public and entity value preservation. The newest board risk oversight expectations, perhaps the most important to date, are being elevated by institutional investors representing billions of current and future pensioners and controlling trillions of dollars of investments. These highly influential investors are calling on CEOs and boards to spend more time and effort directing and overseeing long term value creation. Boards, in turn, are asking CEOs to provide long term value creation strategies, together with their assessment of risks to those objectives. The next logical step is for boards to ask for assurances from internal audit departments and enterprise risk management (ERM) specialists that the risk information they get from management linked to top value creation and value preservation objectives is reliable.
This post analyzes these developments and proposes “objective centric ERM and internal audit” as the best way forward for public companies and their boards. It is based on a paper published in the Spring 2017 Edition of Ethical Boardroom titled Focusing ERMand InternalAudit on What Really Matters: Long-Term Value Creation and Preservation.
Highlights:Institutional investors who control trillions of dollars of investor funds are calling on CEOs to focus on long-term value creation and strategy and boards of directors to oversee that process.
This post focuses on an important question linked to these developments: Are boards receiving reliable information they need to meet investor expectations on their company’s long-term value creation and preservation objectives and, perhaps more importantly, risks that threaten their achievement?
The author believes that current risk management and internal audit methods and processes are ill-equipped to meet these new expectations.
He proposes a new approach—objective centric ERM and internal audit—as the way forward.