employment law summit l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Employment Law Summit PowerPoint Presentation
Download Presentation
Employment Law Summit

Loading in 2 Seconds...

play fullscreen
1 / 17

Employment Law Summit - PowerPoint PPT Presentation


  • 239 Views
  • Uploaded on

Employment Law Summit. Risk Assessment – Benefits & Pitfalls Kirsten Hotchkiss, SVP Employment Law & Compliance Duleep Thomas, SVP – General Auditor. Topics. Employment Law & Risk Assessment Forms of Risk Assessments Interdependencies of Risk Assessments

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Employment Law Summit' - byrd


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
employment law summit

Employment Law Summit

Risk Assessment – Benefits & Pitfalls

Kirsten Hotchkiss, SVP Employment Law & Compliance

Duleep Thomas, SVP – General Auditor

topics
Topics
  • Employment Law & Risk Assessment
  • Forms of Risk Assessments
  • Interdependencies of Risk Assessments
  • Risk Assessments at Wyndham Worldwide
    • Global Business Risk Assessment
    • Fraud Risk Assessment
    • Accounting Risk Assessments
    • Compliance Risk Assessments
  • Benefits of Risk Assessments
  • Limitations, Constraints & Challenges
  • Critical Success Factors
  • Legal Matters
employment law and risk assessments
Employment Law and Risk Assessments
  • Introduction
  • Basic components of compliance and ethics program and similarity to employment law concepts
  • COSO FRAMEWORK
      • Control Environment
      • Risk Assessment
      • Control Activities
      • Information and Communication
      • Monitoring, Compliance and Remediation
forms of risk assessments
Forms of Risk Assessments

Risk Assessments could take several forms. Following are some of the more common forms:

  • GLOBAL BUSINESS RISK ASSESSMENT - Business Objectives focused; typically done as part on an overall risk management program
  • FRAUD RISK ASSESSMENT – Focused on fraud schemes & scenarios and controls; typically performed as part of the overall control assessment program
  • FINANCIAL REPORTING RISK ASSESSMENT – Controls over Financial Reporting; performed by auditors as part of the inherent and control risk assessment
  • COMPLIANCE RISK ASSESSMENT – Compliance with laws and regulations; performed by the Compliance groups as part of an overall compliance effectiveness program
interdependencies of risk assessments
Interdependencies of Risk Assessments
  • Cross and interdependencies exist within risks identified in the various risk assessments
  • Important to understand and recognize the significance of these interdependencies
  • Risk Assessment efforts should be coordinated in order to be efficient and effective
  • Should be components of an overall Governance, Risk & Compliance program
risk assessments at wyndham worldwide
Risk Assessments at Wyndham Worldwide

The following is a snapshot of the various risk assessments performed at Wyndham Worldwide:

  • Global Business Risk Assessment
    • Collaboratively performed by the Compliance Group and Internal Audit
    • Now owned by Senior leadership at business units – periodic updates
  • Fraud Risk Assessment
    • Collaboration between Finance, Information Technology and Internal Audit
    • Now owned by business units – linked to SOX control sets
  • Financial Reporting Risk Assessment
    • Collaboration between Controllers and Auditors
    • Drives audit strategy
  • Compliance Risk Assessment
    • Led by Compliance teams
    • Part of compliance strategy

We will be discussing some of these Risk Assessments……..

global business risk assessment steps involved
Global Business Risk Assessment – Steps Involved

The Global Business Risk Assessment entailed the following steps:

  • Buy-in from senior leadership across the enterprise
  • Structured interviews
    • Functions/Responsibilities
    • Business Objectives & Initiatives
    • Risks & Controls (rated for significance and likelihood)
    • Monitoring Groups involved
    • Key Performance Indicators
  • Confirmation from interviewees
  • Compilation of results
    • Risk Themes – ranking – Composite Risk Profile, by business unit
    • Detailed Risk Narratives
    • Observations by Functional Areas
  • Presentation and hand-off to business units
  • Presentation to the Audit Committee
  • Next steps
    • Recalibration – by business units
    • Periodic updates by business unit
global business risk assessment risk themes
Global Business Risk Assessment - Risk Themes

The following 19 risk themes (listed alphabetically) and associated definitions were developed as part of this effort:

fraud risk assessment steps involved
Fraud Risk Assessment – Steps Involved

The Fraud Risk Assessment entailed the following steps:

  • Initial Diagnostics of various components of the Anti Fraud Program & Controls
    • Inventory of existing initiatives
    • Evaluation of effectiveness of current efforts
    • Assessment of coordination between the various current efforts
    • External benchmarking
  • Issuance of a refined anti-fraud policy, approved by the Compliance Governance Board
  • Conduct of a formal Fraud Risk Assessment
    • Training of constituents
    • Compilation of Schemes & Scenarios, rated by significance and likelihood
    • Linkage to control activities compiled as part of our SOX program
    • Development of “risk themes” and related taxonomy
  • Presentation to the Audit Committee
  • Next steps
    • Focus on response strategies; expand on potential schemes and scenarios
    • Periodic updates by business units
fraud risk assessment risk themes
Fraud Risk Assessment - Risk Themes

The following 10 risk themes (listed alphabetically) and associated definitions were developed as part of this effort:

compliance risk assessment
Compliance Risk Assessment
  • A more granular approach to compliance with specific laws, less focus on financial controls
  • Target specific business process and practice owners
  • Target specific legal risk areas, for example:
    • Foreign Corrupt Practices Act
    • OFAC
    • Wage and Hour
    • EEO/FE Practices
    • Privacy and PCI
highlights of risk assessments
Highlights of Risk Assessments
  • Global Business Risk Assessment
    • Over 50 key business leaders interviewed across the enterprise
    • Over 400 observations captured
    • 19 themes of risks identified
    • Risk themes plotted on a Heat Map
    • Basis for management follow up and audit plan
    • Will be utilized by business unit management as part of strategic planning process
  • Fraud Risk Assessment
    • Corporate personnel and all business units at key locations participated
    • Risk inventory (schemes and scenarios) compiled at business unit level
    • 10 themes of risk identified
    • Risk themes plotted on Heat Map
    • Basis for management follow up and audit plan and for SOX scoping process
    • Will be utilized by business management to refine response strategies, as appropriate
composite risk maps heat maps

Risk ID # 3

Risk ID # 1

3, 4, 14, 16, 18

Risk ID # 8

3, 4, 6

Risk ID # 4

7, 24

Risk ID # 2

2, 13, 25, 28

Risk ID # 9

22

Risk ID # 6

2, 5, 9, 20, 21, 22,

23,27, 30

Risk ID # 5

12, 14, 26

Risk ID # 10

3, 4, 6, 8, 11, 12,

20, 23, 24

Risk ID # 12

29

Risk ID # 7

1, 7, 10, 15, 16, 17,

18, 19, 22, 25, 26

Risk ID # 14

3, 4, 6, 23

Risk ID # 11

13

HIGH

HIGH

Risk ID # 16

Risk ID # 13

Risk ID # 16

Risk ID # 15

Risk ID # 18

21, 24, 28

Risk ID # 19

MEDIUM

LOW

Composite Risk Maps – Heat Maps
benefits of risk assessments
Benefits of Risk Assessments
  • Most effective if managed and executed as part of an overall Governance, Risk & Compliance program
  • Ensures engagement of the entire organization in the risk management efforts of the enterprise
  • Provides a basis for monitoring the effectiveness of the various controls within the organization
  • Several other benefits, include, but are not limited to:
    • Creates risk awareness
    • Structured risk assessment and aggregation
    • Facilitates prioritization and focus
    • Input for the Strategic Plan
    • Development of the audit plan
    • Linkage to control activities – part of the SOX program
limitations constraints challenges
Limitations, Constraints & Challenges
  • Breadth of participation – needs to have more depth in order to develop meaningful action steps
  • Depends on culture of the organization – participants have to be forthcoming
  • Currency of the information – manual compilation is tedious and may not yield current info.
  • First effort may not yield a full and complete inventory of risks – training within the organization
  • May not be effective or efficient unless all risk assessment efforts are coordinated
critical success factors
Critical Success Factors
  • Buy-in of senior leadership
  • Engagement and coordination with other Monitoring Groups
  • Automation – currency of information
  • Follow-up by key constituents – prioritization through ‘funneling’ of risks
legal issues
Legal Issues
  • Privilege
  • Confidentiality
  • Risk Acceptance vs. non-compliance