Please feel free to contact me anytime to share your thoughts: +1 612.357.1544 (cell), +1 952.567.6215 (direct), gerry.zack@corporatecompliance.org.
Before reading this, please read Joe Murphy’s excellent column on the role of internal controls in compliance programs.[1]
Okay, are you finished? Great.
Internal controls over compliance are the foundation of any compliance program. In fact, it’s not a stretch to say that every compliance program comprises a complex assortment of preventive and detective internal controls, some of which are general in nature—meaning they are relevant to multiple compliance risk areas (e.g., conducting background checks for new hires)—while others are specific and more granular in nature (e.g., review and approval of new vendors to look for signs of shell companies).