Ernst &Young Services AABS RAS FIDS Services Corporate Compliance - Ernst & Young - United States

Centered on the principle that corporate compliance should be fully integrated into the organization, Ernst & Young helps organizations design and implement compliance infrastructures, processes, and controls to prevent and detect non-compliance, as well as enhance business performance.

Learn more about how we can help (pdf, 772.6kb).

Read more about Corporate Compliance

How can you use a lean approach for compliance and control?
What are the elements of privacy risk management and compliance? Organizations that handle personal information face complex challenges to effectively manage privacy risk and compliance.

How do you assess risk?
How should you conduct investigations? Organization should have the capability to identify, prioritize, investigate and resolve issues. This illustration can help you implement an investigation.

How do you know if your GRC system or overall program is effective?
How do you measure the performance of GCR? A high-performing GCR capability delivers business benefits and is achieved through effective, efficient and responsive process.

How do you know if your program is performing?
How do you manage the business risk of fraud? It’s critical to recognize that fraud risk is not about “good guys” and catching “bad guys.”

How do you manage information risk in the extended enterprise?
Three elements must be kept in balance. Find out what they are. 

How do we manage the business risk of fraud?
How do I know if my program is performing? Measuring performance has no laws that demand your program is efficient or delivers business value.

How do you measure the performance of GRC?
How do you know if your GRC system is effective? Some executives are asking “Is this work really working? Are we delivering outcomes that matter?”

How should you conduct investigations?
How do you assess risk? A high-performing risk assessment capability can help your organization do more than just meet mandated requirements to conduct such assessments.

What are the elements of privacy risk management and compliance
How can you use a “lean” approach for compliance and control? Applying “lean principles” to your program can deliver improved performance at decreased cost.

The hard work of culture-building
For risk management to be truly everyone's business, actions must be taken that are far more bold and encompassing than mere structural tweaks. Partner Hank Prybylski presents 10 actionable steps companies can take to weave risk management into your company's culture (pdf, 2mb), including eliminating "groupthink," and establishing the right performance metrics to influence behavior.

Investigative strategies from a former federal prosecutor
What do prosecutors think about while conducting an investigation? (pdf, 108.7kb) What are the strategies and tactics they employ to advance an investigation? How do they investigate a company, its officers or other entities or individuals? Senior Manager Carlos Singh provides insights from his former role as a federal prosecutor.

Looking beyond controls: leveling the playing field to address compliance risk
Executives often find themselves addressing compliance issues reactively in response to litigation or regulatory action, resulting in increased costs and negative public exposure. In this Metropolitan Corporate Counsel article (pdf, 79K), Ernst & Young Principal Senior Manager Larry Iwanski and Senior Michael Ricks discuss a more proactive approach of using a compliance risk assessment to drive the prioritization of compliance resources. Learn the difference between "inherent" and "residual” risk, why it's important, and other leading practices of risk assessments.

SEC Chairman: economic uncertainty makes compliance more critical
Former SEC Chairman Christopher Cox recently cautioned an audience of compliance officers against cutting compliance budgets in response to the economic downturn. He warned that "When a company cuts compliance, violations will occur. And if violations occur, punitive actions should and will be taken. In the current environment, that is true now more than ever. There will be no favor granted because a company made a cost-cutting decision to minimize their compliance budget.” Read the full speech.

Weighing the costs of corruption or compliance
Corruption is a growing problem for businesses. Our 10th global fraud survey offers analysis of insights from nearly 1,200 executives into their experiences of bribery and corruption. We also describe the steps to create what we believe is an effective anti-corruption compliance program.

Compliance publications

• Building the Business Case for Investing in Records Management reprinted from Compliance Week (pdf, 502.9kb)
• Compliance, convergence and how IT fits reprinted from CIO Magazine (pdf, 164kb)
• Corporate monitors: taking corporate cooperation to the next level reprinted from Corporate Counselor (pdf, 106kb)

Open Compliance and Ethics Group
A founding member of the Open Compliance and Ethics Group (OCEG), Ernst & Young has co-developed visual representations of key governance, risk and compliance initiatives in the "GRC Illustrated" series.

• Data privacy and security (pdf, 1.6mb)
• Fraud risk (pdf, 344kb)
• Investigations (pdf, 553.7kb)  
• Program performance (pdf, 1.6mb)
• Risk assessment (pdf, 489.4kb)
• Information management (pdf, 144kb)