U.S. companies, particularly those in the financial services industry, continue to wrestle with compliance regulations: Recent headlines show that the current regulatory environment remains a top issue for CEOs and that many companies have difficulty measuring the effectiveness of compliance training programs. Meanwhile, in recent weeks, PricewaterhouseCoopers was fined for watering down a bank report, and a complaint filed with the Federal Communications Commission (FCC) alleges that 30-some U.S. tech giants are violating Safe Harbor agreements.
Regulatory issues No. 1 challenge for U.S. CEOs
The regulatory environment in the wake of the recent recession is the top issue that could have the most impact on business operations, according to a Forbes Insight and KPMG study. Of the 400 U.S. CEOs surveyed across all major industries, 34% reported spending more time with government officials and regulators than they did before the downturn, or are considering doing so.
Financial services is among the sectors most affected due to the sheer number of regulations requiring transparency and risk reduction processes, according to Forbes. Companies also face additional regulatory costs, such as those related to revamping data monitoring systems to remain compliant. KPMG representatives advised CEOs to extract business value from mandated compliance processes, such as by using regulatory data to analyze sales and compile insight into product profitability.
PwC hit by penalties for diluting bank report
Wall Street consulting firm PricewaterhouseCoopers (PwC) is facing heat from New York financial regulators. The firm, according to interviews and confidential documents reviewed by The New York Times, watered down its report on one of the world’s largest banks, Bank of Tokyo-Mitsubishi UFJ. PwC agreed to pay a $25 million fine, and one of its regulatory consulting units cannot undertake assignments from New York-regulated banks for two years.
In 2007, the Bank of Tokyo-Mitsubishi recruited PwC to quantify its improper transactions with U.S.-blacklisted countries. The initial draft of PwC’s report showed that the bank excluded names of Iranian customers to evade detection. The consulting firm, however, under pressure from Bank of Tokyo-Mitsubishi’s legal team and executives, deleted or diluted harsh characterizations and critical passages when it filed the report, according to the Times‘ sources.
This case highlights how authorities are reassessing their relationships with consulting firms, according to the Times. While regulators have previously ignored these firms’ potential conflicts with banking institutions, federal authorities are now releasing guidelines for employing consultants.
Compliance officers struggle to measure training effectiveness
Many firms, especially those in financial services, have improved their compliance and ethics training programs but are finding it difficult to measure their efficacy, according to two Navex Global researchers who spoke with Thomas Reuters. Chief compliance officers also have difficulty making a business case for investing in such programs, said the researchers.
The best training programs, the researchers found, are those customized to the needs of a particular job and contribute to an organization-wide “culture of compliance” that encourages ethical behavior. There is a gap in compliance training, the researchers said, because effectiveness measures vary widely. To improve training, the researchers advised partnering with other business groups within an organization to draw on their expertise, as well as investing more in manager training.
U.S. tech titans violating Safe Harbor, FTC complaint claims
More than 30 large tech companies are violating their Safe Harbor commitment to keep European citizens’ data private, according to a complaint filed with the Federal Trade Commission (FTC). The Washington, D.C.-based Center for Digital Democracy (CDD) claimed that these firms, which include AOL, Adobe, Salesforce, Datalogix and Marketo, are “compiling, using and sharing EU consumers’ personal information without their awareness and meaningful consent.”
In the complaint, the CDD also claimed that the aforementioned tech firms are involved in “data profiling,” entangled in a “web of powerful multiple data broker partners who, unknown to the EU public, pool their data on them so they can be profiled and targeted online.” It also alleges that the FTC is failing to enforce Safe Harbor regulations by neglecting to impose sanctions. Currently, the U.S. and EU are negotiating a new data privacy agreement that could give European citizens the same rights of redress as U.S. citizens should their data be used wrongly.