Cyber security risk across all industries, along with bribery and corruption, will challenge organizations and their boards, especially in highly regulated industries such as financial services, says a study by Ernst and Young.
EY’s Fraud Investigation and Dispute Services unit identified several key themes that companies should incorporate in their planning in 2015; the following is adapted from the report:
• Cyber readiness is challenging the C-Suite and boards.
The impact of cyber breaches continues to show that organizations and their boards must become more aggressive in developing response plans to these persistent threats. A key component for strengthening an organization’s preparedness will be increased awareness of the variety of threat actors—including “hactivists” and nation states. Regulatory bodies expect companies to provide greater transparency through more robust disclosures and to undertake actions to buttress defenses and controls.
• Increased focus on Foreign Corrupt Practices Act enforcement actions against individuals.
Increased focus by the Securities and Exchange Commission and Department of Justice on enforcement actions against individual executives is putting greater pressure on organizations to demand ethical corporate cultures and to develop a more detailed understanding of their anti-corruption compliance programs.
A critical element of these programs is a robust, global third-party vetting process, continually evaluating the conduct and political exposure of joint venture partners, agents, and distributors, among others.
• Use of forensic data analytics in anti-bribery/anti-corruption monitoring and investigations.
The survey found that 74% of respondents indicated that Forensic Data Analytics can play a critical role in mitigating corporate bribery, a top fraud risk, and 63% of respondents agree that they need to do more to improve their antifraud/antibribery procedures, including incorporating such analytics.
That methodology enables legal, compliance, and internal audit professionals to be more effective by allowing them to analyze greater volumes of data from disparate sources in a much more timely fashion.
• Despite record settlements by top U.S. banks in 2014 related to mortgage-backed securities, financial institutions are expected to remain under intense regulatory scrutiny throughout 2015.
The Consumer Financial Protection Bureau is expected to continue its focus on mortgage loans, student loans, and credit cards, and will broaden to nonbank mortgage servicers and auto lenders whose compliance efforts may lag those of traditional banks.
• Global financial institutions will continue to face scrutiny on the issues of money laundering, terrorist financing, economic and trade sanctions, bribery, and corruption, stressing the need for robust controls and monitoring systems.
Regulatory scrutiny will continue to move beyond the traditional banking sector into nonbanks, including insurance providers and gaming enterprises, increasing the need to review and enforce compliance programs and controls.
This past year the industry has seen record fines and increased scrutiny on Office of Foreign Asset Control sanctions, quality of suspicious activity reporting, and due diligence around financial institutions’ customers. State regulators are now more frequently imposing independent monitors on financial institutions as part of the settlement process.