Risk Management & Regulatory Compliance


Recent years have seen heightened concern and focus on enterprise risk management. It has become increasingly clear that a need exists for a robust framework to effectively identify, assess, and manage the various risks encountered by an organization in its efforts to create and sustain profitability within various market segments, product streams, distribution channels, and across international boundaries.

Among the most critical challenges for management of any organization is determining how much risk the entity is prepared to and does accept as it strives to create value. Companies should look to an enterprise risk management framework both to satisfy their internal control needs and to move toward a fuller risk management process. Moreover, enhanced corporate governance and risk management have become expected by shareholders, customers, and regulators alike, brought about by new laws, regulation, and listing standards. Beginning with the Sarbanes-Oxley Act of 2002 (SOX) in the United States, and continuing with the Dodd-Frank Act, legislation has been enacted or is being considered by countries throughout the world to better monitor enterprise risk. SOX extended the long-standing requirement for public companies to maintain systems of internal control requiring management to certify and the independent auditor to attest to the effectiveness of those systems. Dodd-Frank has enhanced the attention to systemic risk both within and without an organization.

The concept of evaluating and balancing risks to generate value is not new or unique to public companies and applies with equal force to private companies regardless of legal and regulatory requirements. Among the many types of enterprise-oriented risks that organizations strive to balance but which the ineffective management of could bring down the company, include:

  • Financial Risks (i.e., the flow of money into, through and out of the company)
    • Credit/Counterparty Risk – threat to company’s ability to collect money.
    • Liquidity Risk – threat to company’s ability to pay money.
    • Accounting Risk – threat to company’s ability to fairly report its financial performance and position.
    • Market Risk – threat to company’s financial position from adverse market shifts (i.e., supply chain, distribution chain, etc.)
  • Legal and Compliance (Regulatory) Risk – the adverse consequences of a failure to comply with legal or regulatory requirements.
  • Operational Risk – the adverse consequences of inadequate or failed internal processes, people, or systems.
  • Publicity Risk – the adverse consequences of public exposure as to internal risk failures.
  • Whistleblower Risk – the adverse consequences of an insider publicizing internal control failure, triggering regulatory, civil and potentially criminal liability.
  • Electronic Data Risks – the adverse consequences of a breach of confidential client data as well as proprietary trade secret information.

We have a record of helping our clients to effect change in organizational culture through the development of and training in compliance and risk management strategies and programs that have increased risk awareness and controls.  To do this, we work within your operational infrastructure to partner with existing personnel and, as appropriate, outside consultants to assist in the implementation of new systems and controls. We routinely counsel publicly traded and privately held companies with regard to enterprise-wide risk management and regulatory compliance issues affecting their businesses, including:

  • Advising on obligations under applicable regulatory regimes.
  • Conducting a preliminary assessment of the company’s regulatory risk profile and potential deficiencies (gap analysis).
  • Reviewing existing compliance programs and supervisory systems.
  • Developing and preparing enhancements as appropriate to compliance policies and procedures relating to the following statutory and regulatory regimes, among other:
    • Foreign Corrupt Practices Act
    • Anti-Money Laundering legislation (BSA and Patriot Act)
    • The Office of Foreign Assets Control
    • UK Bribery Act
    • The Dodd-Frank Act
    • SOX requirements
    • Securities Exchange Act
    • Investment Advisers Act
    • Import and export regulations
  • Responding to surprise regulatory audits and inspections.
  • Assessing and upgrading electronic document management systems and related document retention policies.
  • Developing ongoing compliance program testing.
  • Training key personnel.

We are also active compliance spokespersons and thought leaders contributing to the discussion and enhancement of best practices through professional associations, publications and presentations and various conferences.

For a preliminary analysis regarding your company’s risk management systems and/or other aspects of our Risk Management & Compliance Counseling Practice, please contact one of our practice leaders.

Representative Experience

  • Reviewing a broad spectrum of compliance policies including ethics, conflict of interest, and anti-bribery policies for a major public company.
  • Conducting board of directors ethics training programs for a private, family-owned company.
  • Conducting training for directors of a Fortune 500 company on fiduciary duties in connection with a potential tender offer.
  • Conducting internal review and assessment of compliance program and potential regulatory gaps for large, publicly traded bank and related broker-dealer relative to complex financial products.
  • Conducting officer and employee training on Foreign Corrupt Practices Act compliance and advising on compliance policies and programs for multi-national private company.
  • Developing program for large, national IRA custodian to maintain exemption from Securities Exchange Act broker-dealer registration including policies, procedures, enhancements to reporting mechanisms, checklists, training and related initiatives.
  • Counseling investment manager with regard to internal financial controls and audit inspection requirements precipitated by new regulations affecting managers with “custody” of investor assets.
  • Advising pooled investment vehicle regarding initial and ongoing due diligence matters with respect to investment opportunities.
  • Advising exempt mutual fund with respect to obligations under the Securities Exchange Act and Investment Advisers Act.
  • Advising not-for-profit trade association on proposed legislation and rulemaking to be included in financial industry regulatory reform.
  • Counseling large multi-national, privately held corporation on all aspects of Foreign Corrupt Practice Act compliance program (including implementation of an internal whistleblower program) and domestic antitrust program regarding minimum resale pricing.
  • Counseled investment manager in response to SEC examination identifying deficiencies with regard to enhancements in Gifts & Entertainment policies and procedures and assisted with implementation of same.