Many organizations maintain formal policies related to business ethics with strong direction from the organization’s culture and leadership, as well as regulatory and compliance requirements. From the Sarbanes-Oxley Act through similar rulings and legislation around the world, to SEC 2009-268 and increasing anti-bribery and corruption laws, there is renewed emphasis being placed on good corporate governance and ethical behaviour.
Active Risk Manager (ARM) helps organizations deliver robust and efficient ethics programs by providing automated support for the following key dimensions of a business ethics framework:
- Identification and documentation of key regulatory drivers dealing with business ethics (e.g. the Foreign Corrupt Practices Act)
- Identification and assessment of the key business risks around unethical practice as linked to the ethics drivers (the objectives)
- Documentation and continuous evaluation and audit of the key controls deployed to protect ethics policies
- Management of the policies, version control and workflow to ensure that policies have been communicated and understood
- A highly efficient method of capturing exceptions to policy and defined records required to be managed, such as gifts over set levels, conflicts of interest and concerns around unethical practices – linked to whistle blowing
- A continuous communication, monitoring and reporting process to bring all these aspects together through email alerting, tailored reporting for different management levels and summarized
ARM’s breadth means that governance and ethics can be handled in the same system as related domains such as Corporate Social Responsibility, Reputation Management and Controls Management.