In order to bring you the best possible user experience, this site uses Javascript. If you are seeing this message, it is likely that the Javascript option in your browser is disabled. For optimal viewing of this site, please ensure that Javascript is enabled for your browser. Governance, risk and compliance (GRC) - Grant Thornton LLP

Governance, risk and compliance (GRC)

Recent regulatory enactments have altered the corporate governance landscape. Organizations are held accountable for accuracy and integrity in their business operations, and they must have effective and reliable governance and compliance procedures in place.


Grant Thornton helps companies:

  • understand and comply with regulatory requirements
  • implement the right corporate governance framework in regard to these regulations
  • establish appropriate compliance practices

Our services include:

  • Internal audit  – Assess your control environment and safeguard business assets and processes, including those that protect data and IT systems.
  • Sarbanes-Oxley (SOX) consulting  – Comply with the financial disclosure and internal control requirements of the Sarbanes-Oxley Act of 2002 and related Securities and Exchange Commission (SEC) rules.
  • Governance and regulatory compliance – Review and assess your regulatory compliance processes, assess the regulatory concerns and recommend the necessary improvements required to successfully satisfy regulatory mandates.
  • Anti-money laundering and Foreign Corrupt Practices Act compliance  – Ensure you do not become the complicit partners in money laundering or the illegal influence of foreign officials.
  • Fraud assessment and controls  – Evaluate fraud risk factors at business unit and significant account level; determine if controls exist to mitigate and are effective.
  • Licensing, royalty, cost and pricing compliance  – Determine contractual compliance and assist with dispute resolution.
  • Enterprise risk management (ERM) – Strategically identify, analyze and monitor potential risks to your organization.
  • Red Flags Rule compliance - Understand the Red Flags Rule and determine compliance strategy to help combat identity theft.

 

Boardroom awareness: Service organization reports in transition to new U.S. and international standards 

The global economy is driving up the use of outsourcing arrangements as corporations seek to offload more and more business functions to service organizations. Those responsible for corporate governance must confront a host of potential new risks related to these third-party relationships. For almost 20 years, user and service organizations have relied upon U.S. Statement on Auditing Standards No. 70 (SAS 70) to report on controls at a service organization. The increasing importance of internal controls and related reporting, combined with the fact that many countries do not have their own standards for reporting on internal control over financial reporting at service organizations, generated a need to develop an international standard and align the U.S. standard with it.

Fraud in the recovery 

As companies pick up the pieces following a bruising bout of the economic blues, they need to be on the lookout for a different kind of fraud. With a range of factors at play -- from overworked employees to weakened internal controls--the likelihood of fraud may be higher than companies expect. This paper discusses the key issues organizations face when it comes to identifying, dealing with, and protecting themselves from two important types of fraud: fraud committed by or against a private enterprise and fraud committed by entities against the federal government. From heightened fraud risk to due diligence strategies for companies purchasing distressed assets, this paper provides a sound overview of fraud prevention in today's economic environment.

Red flags rule

The Red Flags Rule: What you need to know 

Beginning Dec. 31, 2010, all companies that send invoices will need to have in place a red flags compliance strategy to help combat identity theft. The Red Flags Rule, a component of the Fair and Accurate Credit Transactions (FACT) Act signed into law in December 2003, requires that financial institutions and creditors implement a plan to identify, detect and respond to attempts to use stolen identity information.

To learn more about what the rule requires, the types of businesses that must comply and things to consider when formulating your compliance, download the white paper, The Red Flags Rule: What you need to know.