Risk Awareness: The Need for Transparency in Operations Tom McNamara Senior Vice President, Global Sales EthicsPoint FEI Professional Development Session Risk is… Real & reputational Compliance-based • Regulatory • Contractual • Socially responsible Manageable Reputation-based fraud is 5 to 7 times more impactful to share value than financial fraud. FEI Professional Development Session Risk Mitigation: The Process Understand your risks Evaluate • Probability • Impact • Velocity Risk Event Monitor Probability Contingency Impact Mitigate • Communication and training • Plan contingencies Monitor • Compliance obligations • Risk events • Stakeholder feedback Respond and learn Mitigation FEI Professional Development Session Risk Awareness High Open Door Policy Survey Feedback Policy & Procedures Risk Hotline/Helpline Operational Feedback and Reporting Compliance Training Disparate Data Silos Low 0% Knowledge Transparency 100% © EthicsPoint, Inc. 2009-2011 All Rights Reserved FEI Professional Development Session Disparate Data “Organizations often support between five and eight different database technologies, and 50 different sources of data from the operational side.” - Gartner Research Vice President and Research Director Kevin Strange FEI Professional Development Session Problem: Lack of Transparency Only 3% of misconduct reports come through the hotline -- ERC 2009 National Business Ethics Survey Compliance and ethics receives only 6% of available employee information about top risks -Compliance and Ethics Leadership Council research • • • 50% of observed business misconduct is never reported 60% of information reported to managers by employees is “siloed” 21% of reported information relevant risk is shared with legal or others, but is not available to compliance Issue is getting worse with three distinct generations in the workforce FEI Professional Development Session High Understanding Risk Number of geographies served Number of organizational entities Employee Headcount Union/Non-Union Weak Culture/Strong Culture Historical Significance Risk • • • • • • Survey Feedback Low 0% Hotline/Helpline • Risk Appetite • Social Responsibility Vertical Complexity Voluntary Buffer Culture Open Door Policy Process Information Gathering Systems and Technology • Regulatory Requirements • Industry Dynamics • Common Risk Components Organizational Complexity Compliance Data Integration Policy & Training Procedures 100% Analysis Knowledge |Transparency FEI Professional Development Session What should you be capturing? Industry-based operational risk • Fraud • Harassment • Issue or event Security control breaches Internal audits Regulatory and contractual compliance issues Hotline (web and telephony) Open door policy (internal reports) Exit interviews Gain transparency into siloed activities and disparate data sources. 8 FEI Professional Development Session Do you promote awareness? Employee awareness Vendor and representative awareness Repeated communication events Feedback to reporters Sanitized reports and newsletters FEI Professional Development Session Questions? Tom McNamara © EthicsPoint, Inc. 2009-2011 All Rights Reserved Senior Vice President, Global Sales EthicsPoint tmcnamara@ethicspoint.com