PwC Forensic Insight únor 2019
Brexit and its impact on pharma and life sciences industry

PwC Forensic Insight February 2019

Read the Czech version here.

PwC Forensic Insight February/2019
Prepare. Respond. Emerge Stronger

Increasing requirements for an effective Compliance system

Currently, the biggest problem for companies is not the loss of funds due to fraudulent behaviour or the payment of fines, but rather the long and demanding investigations conducted by law enforcement or regulatory authorities that damage a company's reputation.
Compliance is thus becoming more important than ever. Particularly after the publishing of a methodology by the Supreme Public Prosecutor's Office in August 2018 examining in detail the possibility to exculpate legal entities from their criminal liability if they are able to prove that their Compliance system is working effectively.

1. Risk analysis: The first step to success

A Compliance system cannot be effectively set up without detailed knowledge of the risks the company is facing. It is critical to:

  • identify specific actual as well as potential risks;
  • assess the effectiveness of the implemented measures and internal controls put in place to reduce those risks;
  • consider what other controls or measures should be put in place; and
  • document the entire risk analysis process.

2. Design of an effective Compliance system

Two international ISO standards can provide guidance for properly setting up a Compliance system:

  • ISO 37001: Anti-bribery management systems; and
  • ISO 19600: Compliance management systems.

The key is:

  • to tailor it to the size and specifics of the business;
  • to design and implement appropriate and interconnected internal measures - preventive, detective and reactive; and
  • to monitor and assess the detected non-compliances.

3. Regular checks and continuous enhancement

It is important to keep in mind that an effective Compliance system does not mean a one-off setup. It is crucial that the company's management ensures that:

  • the Compliance system is really working i.e. is not only on paper, but is a true part of the corporate culture;
  • its functionality is regularly checked and tested to reflect new risks resulting from the company's business activities;
  • its adherence is enforced within the company; and
  • corrective actions or measures are designed and implemented without undue delay.
Tips
The challenge for many firms is to design a Compliance system in a way that allows it not only to detect non-compliance, but also to assess its importance for the company's business. The amount of data that businesses have at their disposal in electronic format increases every day. The very same data can be used for an effective detection of cases where internal rules were violated.
Data analysis - the alfa and omega of effective detection
  • searches for anomalies, discrepancies or other deviations, so-called red flags, in a company's electronic data; and
  • determines the riskiest transactions. Internal resources can then focus on a review of transactions with high risk.
Advanced data analysis v even benefits from artificial intelligence techniques. It is therefore not necessary to define a set of rules to detect anomalies and deviations, the system itself identifies them with the use of big data analysis and self-learning software. For more information about Forensic Data Analysis, please see HERE.

Upcoming events
15.3.2019 Investigate – simulation of forensic investigation (see HERE

Would you like to receive a regular NEWSLETTER with the latest information and top tips? All you need to do is to REGISTER.

Do you want to know more? Contact us:

Kateřina Halásek Dosedělová, CFE, FCCA
PwC | Forenzní služby
+420 724 369 351 | LinkedIn
[email protected]

Pavel Jankech
PwC | Forenzní služby
+420 739 342 277 | LinkedIn
[email protected]

IMG_1687

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)