Risk, Compliance & GRC Thought Leadership.
Risk, Compliance and GRC Perspectives and Reflections.
Continuity has deep expertise across these critical domains: regulatory, banking and technology. This puts us in the forefront — as thought leaders helping you solve risk and compliance management problems, effectively and efficiently. Our blog is authored by former regulators and bankers. They cover an array of risk and compliance issues facing the financial industry today.
Reflections on the ABA Regulatory Compliance Conference
Pam Perdue, EVP, Chief Regulatory Officer Each year when we return from the American Bankers Association Regulatory Compliance Conference, the temptation is to quickly itemize, recap and synthesize everything that we learned and experienced. This year, rather than do that immediate processing, I chose to wait a week. As the conference “high” abated, I was
Retrospective On 2018’s Top Regulatory Trends
Pam Perdue, EVP, Chief Regulatory Officer Every year, our experts in the Regulatory Operations Center take a stroll back through the data to identify trends and themes that shaped the industry during the previous twelve months. Read on to see the disturbing discoveries we made during our deep dive into the wild ride that was
How do I Implement ERM?
Derek Yankoff, Chief Strategy Officer What does ERM do, actually? Defines and assigns Risk Values (i.e., Inherent Risk, Threats, Vulnerabilities, Annual Rates of Occurrence, Annual Loss Expectancy, Risk Appetite, Risk Tolerance, and Audit Frequency) for every Subject to be assessed. Provides ‘use cases’ that give context to the Subjects to be assessed by risk owners
Don’t Confuse a Control Risk Assessment with an Enterprise Risk Assessment
Derek Yankoff, Chief Strategy Officer In managing the internal audit function, the institution’s Audit Committee is responsible for commissioning a Control (or “Auditor’s”) Risk Assessment, developing audit plans and the overseeing the execution of the audit program. A Control Risk Assessment documents the internal auditor’s or outsourced audit service provider’s understanding of the institution’s significant