Aug 30, 2019
Risk & Compliance: rapid emergence and new challenges

If the general view is true: that in the Netherlands compliance is ‘still in its infancy’, then it’s a child that has had to grow up very quickly. Because in the boardroom of the early ’90s, anyone mentioning the term ‘compliance’ would have been met with blank stares. So, what’s changed? And how can organisations comply with stricter rules without sacrificing agility? Before we can answer those questions, we need to go back in time.

In the financial sector, self-regulation was the motto until well into the 1980s. The establishment of the Securities Traffic Supervision Foundation (STE), the predecessor of the Netherlands Authority for the Financial Markets (AFM), was the first attempt in the Netherlands to regulate securities trading by the government. In 1992, the STE’s powers were laid down in the Securities Trading Supervision Act which, for example, prohibited company managers from buying securities in companies in which they themselves are active.

Driven by the increased complexity and globalisation, the main focus of the financial sector shifted from self-regulation to government supervision. Due to new legislation, compliance within organisations became more important. Although a specific compliance role was not required by law, the first Dutch compliance officers at financial institutions appeared around this time. In 2001, the Association of Compliance Officers was founded.

Jun 18, 2019
Compliance in practice: “Believe my Excel sheet”

In many companies it’s standard practice: sending a flood of e-mails and Excels to the various business units for the periodic audit. Departments fill in the questionnaires, mail them back and the head office goes through them. But how does an organisation know if it is compliant today, when all the information is scattered and unclear?

Jun 18, 2019
Problems In Risk And Control Management

Risk and control management are areas that are always going to be of chief importance when it comes to business operations. One poor decision can have serious ramifications to a business’s health – many of which can be avoided by appraising the risk involved. However, part of the issue is that risk and control management has its flaws, just like anything else. Here are some of the main examples of where things can go wrong with what should be your prime line of defense.

May 29, 2019
How poor Access Management in your information systems can lead to fraud

Information systems fraud is about as high a set of stakes as you can get. Millions of dollars can be lost over time, as some historical examples have shown us. Also, should you be found out of compliance with regulations, resulting legal action from clients and governing bodies can add fees and fines to the financial burden.

Because of this, it is important for all businesses to identify potential pain points for fraud. One of the more surprising areas of opportunity for this is poor access management. Here is how this can play out.

May 15, 2019
Remote monitoring is problematic for multinationals

A multinational’s headquarters can be compared to a lighthouse. Thanks to its revolving beam of light, the lighthouse sees all the company’s branches, but the beam can’t shine in every direction at once. Which is a problem, especially for access management. How can you limit business risks if you lack the tools to constantly monitor thousands of roles and rights?

Apr 2, 2019
How to overcome the burdens of risk and compliance?

Ask yourself the following questions

  • Do you have a complete overview of your controls and do you know what your control objectives are?
  • Do you want to reduce the burden of your control activities?
  • Are you fully informed about which controls are executed by whom, in which timeframe, and where potential issues may arise?
  • Is risk & control management a structural part of all your organisation’s activities? And do you monitor your risks & controls consistently?
  • Are there processes in place that continuously monitor if the corporate policy is truly followed?
  • And are these processes evaluated regularly?

In other words, are you really in control?

Mar 18, 2019
How to control your ERP access configuration

ERP systems are complex IT solutions that support business processes within organisations. Such systems support a large spectrum of configurations and customisation. Within the range of configurations, ERP systems also allow for multiple security configurations which, if not addressed correctly, can cause various business disruptions as well as security leaks, eventually resulting in potential fraud, errors, lack of compliance with regulations and/or process inefficiency.

Mar 12, 2019
The future of controls and identity management

Controls and identity/access management are two areas that are vital to anyone concerned with security at any business level. Gone are the days where complex passwords and two-step authentication were enough to keep data and assets safe.

Mar 4, 2019
KPMG and GRC SaaS solutions

Governance, risk, and compliance (GRC) has become a top executive priority, but many organizations are strug­gling to manage and control risk effectively today. The growing interest in GRC solutions stems mainly from outside forces. Several high-profile data breaches, as well as regulations such as the EU's General Data Protection Regulation (GDPR), have put pressure on businesses to increase their security measures not only for their own data but also for that of their customers.

Feb 25, 2019
Why KPMG is creating Software as a Service solutions

KPMG Advisory recently introduced various cloud services (Smart Tech Solutions, Sofy) onto the market which are based on the Software as a Service (SaaS) model. IT solutions developed and maintained by KPMG, in collaboration with alliance partners, are offered to clients as subscription-based cloud services. As a professional services firm, KPMG’s entry into the marketplace for off-the-shelf software products by delivering them in a SaaS model is a new concept for us. What’s the rationale behind the introduction of this new business model?

Feb 18, 2019
Actualities in the SaaS world

SaaS (Software as a Service) has rapidly evolved from a new additional concept for different businesses into the gold standard for technology. For example, statistics show that 73% of companies have indicated that nearly all of their apps will be running on SaaS by 2020. The main reason is that SaaS provides financial savings for many businesses, with small and large businesses benefitting the most.

Mar 6, 2018
Why any Tax Manager should be focusing on data

Have you ever stopped to think what your role as a Tax Manager will look like five years from now? And if you've already formed a picture, does that picture please you? In my case, it does. For the tax industry is becoming more versatile, interesting and more important to any organisation. As a consequence, you will have to become an expert on the opportunities of data and technology.

Feb 7, 2018
Does the modern CFO have a split personality?

Omni-channel, superconvenient and lightning-speed service; the needs of today's customer are clear. Efficiency, productivity and cost-savings; management of organisations more often than not know how to put their agendas into words as well. The modern CFO is charged with the task of meeting all of these requirements. Steady progress in backoffice process automation must be ensured while facilitating innovation at the organisation's front, all at the same time. Is the modern CFO required to have a split personality in order to facilitate this process?