The new DOJ plan to require compliance officers to provide a certification as a part of corporate resolutions has stirred up conversation and concern amongst compliance teams and leadership. Yet, that fear may be misaligned, note Jonny Frank and Kathleen Nolan in a podcast for the Society of Corporate Compliance and Ethics.
According to Jonny and Kathleen, these certifications could lead to increased power and prestige for CCOs.
In this podcast, they draw parallels to Sarbanes-Oxley and lay out a five-step process for certification:
- Select a framework for the certification criteria that the organization will grade itself against.
- Conduct a scenario-based compliance risk assessment.
- Assess and design key control activities.
- Create a sub-certification waterfall: set accountable owners throughout organization to certify compliance effectiveness in their area.
- Arrange for a third party or internal audit to assess the program.
Listen here to learn more, including the importance of documenting your processes.