Each year, compliance departments try to figure out how to allocate limited resources across their program. Risk assessments help. Regulatory guidance such as the U.S. Sentencing Guidelines note that an effective compliance program must periodically assess the risk of criminal conduct and take appropriate steps to reduce such risks. See U.S. Sentencing Guidelines § 8B2.1(c) (2015). But many risk assessments are fundamentally flawed. Instead of focusing on the future and tapping into the knowledge of the business, they are audits that test various historical components of the compliance program.
Assessing risk effectively involves forecasting in the compliance program—identifying stakeholders from different functions who are knowledgeable about various risks and asking them to project the likelihood and impact of the risk occurring. Effective compliance programs use the results of this forecasting to focus resources on the highest risk. If the forecasters tell you that the environmental risk of certain emissions releases is particularly high with a serious impact to the company, the compliance program may partner with the business to address the risk by implementing controls and investing in equipment.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]