Authors: Michael G. Silverman
ISBN-13: 9780071496407, ISBN-10: 0071496408
Format: Hardcover
Publisher: McGraw-Hill Companies, The
Date Published: March 2008
Edition: (Non-applicable)
Michael G. Silverman heads a consulting practice that helps organizations manage risk and compliance, corporate ethics, and corporate governance. He is also on the faculties of Columbia University's School of International and Public Affairs and at the Financial Industry Regulatory
Authority, the largest non-governmental
regulator for all securities firms doing
business in the United States.
Understand and mitigate compliance risk in any organization
Compliance Management for Public, Private, and Nonprofit Companies is an expert guide that delivers the strategies and techniques needed to establish, manage, and improve the compliance function within any organization.
Written by FINRA faculty member Michael Silverman, this hands-on resource offers valuable advice for identifying compliance risk and addressing complex ethical issues. It also provides best practices for using the
board of directors, trustees, and senior management to promote compliance. From an
operational standpoint, it covers such critical topics as:
A wealth of case studies taken from both the author’s personal experience as well
as the mainstream media brings to life the application of covered techniques in the
real world.
Michael G. Silverman heads a consulting practice that helps organizations manage risk and compliance, corporate ethics, and corporate governance. He is also on the faculties of Columbia University's School of International and Public Affairs and at the Financial Industry Regulatory
Authority, the largest non-governmental
regulator for all securities firms doing
business in the United States.
Acknowledgments xiii
Introduction xv
Setting the Context
The Expanded Focus on Compliance 3
The Forces at Work 5
The Judiciary 6
The Legislative Response 10
The Expanding Role of Federal Agencies 12
State Governments 17
Government Examines Its Own Operations 18
The Nonprofit Sector 19
Private-Sector Oversight 21
Corporate Social Responsibility 21
Shareholders and NGOs 22
Global Telecommunications and the Internet 27
Summary 28
The Mandate for Compliance 31
Regulatory Compliance 33
Internal Corporate Compliance Systems 37
The Private Sector and Organizational Compliance 39
The Nonprofit Sector 47
The Public Sector 50
Summary 52
The Foundations of Compliance
Compliance and Ethics: Challenges and Approaches 55
Intertwined but Not Interchangeable Concepts 56
Motivations for Compliance 57
Barriers to Compliance 59
The Organization's Cultural Framework 61
Rules versus Integrity 63
Corporate Codes of Conduct 64
Creating an Ethical Culture: The Linchpin 70
Nonprofit Organizations 72
Public Sector 74
Summary 75
Leadership and Culture: The Foundations of Compliance 77
The Legal and Regulatory Underpinnings 79
Self-Regulatory Organizations: New York Stock Exchange 84
Boards of Directors 85
Nonprofit Organizations 92
Senior Management 96
Public-Sector Organizations 99
Summary 101
The Modern Compliance Organization
Managing Compliance: Goals and Structure 105
Designing the Compliance Program 106
Government and Regulators' Guidance 108
The Compliance Program Charter 110
Features of a Modern Compliance Program 113
The Compliance Structure 116
Outsourcing Compliance 124
Coordinating the Compliance Program 127
Staffing the Compliance Program 131
The Role of the Chief Compliance Officer 134
Budgeting for the Compliance Program 141
Small and Medium-Sized Organizations 144
Summary 149
Policies, Communication, and Training 151
Policies and Procedures 151
Communication 158
Training 161
Summary 173
Hotlines, Whistle-Blowers, and Investigations 175
Whistle-Blowing Programs 175
Instituting a Whistle-Blowing Program 179
Managing Information 187
Tracking Inquiries 188
International Operations 189
Related Issues 189
Conducting Investigations 191
Summary 197
Information and Technology: Challenges and Tools for Compliance 199
Federal Regulatory Requirements 200
State Regulatory Requirements 201
International Requirements 201
Technology Standards 202
The Challenge of Multiple Regulations 202
Creating a Multidimensional Compliance Framework 204
Privacy and Information Security 206
Third-Party Relationships and Outsourcing 211
Compliance Technology Tools 211
Education, Communication, and Training 213
Summary 214
Compliance and Oversight: Risk, Monitoring, Audits, and Regulators 215
Compliance Risk 215
Regulatory Requirements 216
Standards-Setting Organizations 218
Governance and Compliance Risk 219
Compliance Risk Assessment Process 221
Compliance Monitoring and Audits 235
Regulators 243
Summary 245
Compliance and Controls 247
Government Regulations 248
Internal Control Regulation and the Public Sector 251
Self-Regulatory Organizations: New York Stock Exchange 251
Standards Setting Organizations: Committee of Sponsoring Organizations of the Treadway Commission 252
The Internal Control Program 258
Summary 264
Evaluating Compliance 267
Criteria for Compliance Effectiveness 269
The Need for Evaluation 271
Techniques for Evaluating Compliance 271
Assessing Compliance Effectiveness 272
Postevaluation Actions 283
Summary 284
The Future of Compliance
Compliance, Going Forward 287
Brief Retrospective 288
A Profession with Growing Pains 288
At the Crossroads 289
The Road Ahead 294
Resources 295
Index 299