Boardroom failures, financial regulatory lapses, auditor and security analyst conflict of interest, unsatisfactory banking practices, and fraud compelled the passage of Sarbanes-Oxley in 2002 and Dodd-Frank in 2010, placing organizations under greater government scrutiny. The higher standards set by the legislation place enormous responsibility on organizations to be prepared to conduct their own internal investigations and to police themselves more effectively or face penalties and fines.
When the Dodd-Frank Act first passed, Peter Zeidenberg, a
DLA Piper partner who worked as a federal prosecutor at the Department of
Justice and the U.S. Attorney’s Office, remarked,
“Most companies will have to deal with an internal investigation at some point.
You’re very lucky if you don’t. In any large company, it’s hard to imagine that
at some point in time there’s not going to be some suggestion or allegation of
internal misconduct.”
SEC Whistleblower
Program is Gaining Traction
Three years later, Zeidenberg has been proven correct and one
of the most visible elements to come out of the Dodd-Frank legislation has been
the Securities and Exchange Commission’s (SEC’s) Whistleblower program. Over
6,500 people have offered confidential information to the SEC in hopes of
earning the 10%-30% of the settlement amount that the legislation promises,
according to the Wall Street Journal. In fact, the awards are increasing in both
size and frequency over the past year and appear to be gaining awareness
overseas. The SEC’s most recent annual report noted that 11 percent of the tips
received had come from overseas and that they expect that percentage to
increase. Adding fuel to the fire, last week in a speech in New York, soon-to-be-former
U.S. Attorney General Eric Holder encouraged more potential whistleblowers to
step up to help prevent the next financial collapse.
This week, the SEC
announced the award of a record $30 million to an overseas employee who reported
fraud at an American company with global operations. Interestingly, had the
employee reported the fraud earlier, the bounty might have been even larger, according
to the SEC.
Eric Holder and the SEC are sending a clear message to
corporations and their employees in the US and around the world. Companies are
expected to not only change the practices that contributed to the financial
crisis’ in 2002 and 2008, but also monitor those changes and ensure that their
organizations are complying with the numerous regulations that are a part of
Sarbanes-Oxley and Dodd-Frank or face consequences.
Essential Compliance
Step One: An Investigative Infrastructure
Publicly traded companies—and especially multinational
corporations—can take an essential step toward compliance by establishing a
comprehensive investigative infrastructure that enables visibility and
searchability of all network endpoints.
Simply installing EnCase® Enterprise puts
you solidly on the path to compliance with key sections of Sarbanes-Oxley (SOX)
and in a state of readiness to respond to demands for information from the SEC.
It's working for legal, HR, and risk/compliance teams inside 70 percent of the
Fortune 100, it’s discreet and nondisruptive to business operations, and it’s
the foundation for other
EnCase products that support compliance, information security, and
e-discovery readiness, as well.
Comments? Stories
from the Risk/Compliance Trenches? I welcome discussion in the section
below, whether on this topic or on one you would like to see us write about here
in the blog.
No comments :
Post a Comment