Updating the GRC and Audit Committees mission and charter
More often than not, GRC and audit committees are conceived with all best intentions. Often they end up having too much on their plate, because the charter and mission statements are not updated, the committee often micromanages, and routinely substitutes the judgment of the GRC officers. This can be a source of unnecessary red-tape and an added burden on the GRC function. It becomes a filter between the GRC officers and the management or board of directors. How to avoid this dilemma will be discussed in the future newsletters
For long it has been proved that GRC and audit commitments can enhance a compliance or GRC programs by creating committees with a clear role and responsibility and a charter to monitor progress and efficiency.
Annual focus and committee resources
The company's GRC structure should be fit-for-purpose and avoid the standard one-size-fits-all approach right from the start. Therefore, if the current corporate compliance risk is Bribery, Fraud and Corruption (BFC) or third party relationships, the annual focus and committee resources must be precise on solving these issues and amendments to the charters and statements must be made accordingly.
The approach taken by the particular committee is how to update, monitor and incorporate the pre-execution and a post-execution management function, that oversees the full relationship with any third party involved in the global operations. The focus on BFC compliance can be undertaken in the same manner with the addition of the commercial component to this management function.
Component of a GRC compliance program
The compliance of a BFC issues is often based on a combination of the FCPA, OECD, EU or the UKBA. As is the third party compliance. One of the key tools for monitoring is to prevent and detect any violation of its own Code of Ethics and Compliance to the global BFC mandates. Therefore it is important to develop a proper structure of the GRC committees. The full engagement with all its power and aspects of a company’s relationships and processes will be the crucial component of a successful GRC compliance program.
Each committee has a mission, a vision statement, which is interrelated to the committee charter.
The compliance committee concept is responsible for the establishment and maintenance of a series of GRC components that have to be listed and prioritized.
Indicate the seriousness and focus
Based on the above prerequisites, to remedy the potential GRC compliance pitfalls, we recommend 3 building blocks for an effective GRC committee for the supervision and the review of all GRC issues:
- The GRC committees have a clear, documented charter that sets out the functionality, goals, and parameters of the committee and its experts.
- A competent and experienced person should chair the committee combines with peers or senior level experts experienced in the decision making process and can organize resources.
- The GRC committee should be periodically reviewed for its effectiveness and adjusted as necessary to meet the stated mission, vision and goals stated in the charter.
The members of the committee must not be on the secondary level as permanent members. To provide the right tone senior officers responsible for a combination of functions would indicate the seriousness and focus. It could also indicate cross departmental functions to boost the morale. This would include senior representatives from the Accounting, Finance, Compliance & Legal and Operating Business Units.
To be continued in the next newsletter. See attached presentation on developing and updating GRC committees.