The best practices in Corporate Governance, Risk Management and Compliance (GRC)
John Galarani
Compliance Officer specializing in Corporate Investigations and Governance Corporate, Risk and Compliance ( GRC)
With the purpose of materializing the integrity principle, compliance is the permanent search for coherence between what is expected from an organization—respect for rules, purpose, values, and principles that constitute its identity— and what it actually practices on a daily basis.
The compliance program of an organization must include a set of mechanisms and procedures, policies, guidelines, code of conduct, whistleblower channel, and other instruments with the purpose of preventing, detecting, and correcting deviations of conduct, frauds, acts of corruption, money laundering, illicit acts committed against the public administration, among other issues.
In addition, it must align the activities of everyone in the organization with its principles, values, and purpose, while promoting a culture of integrity.
■ The board of directors and executive management must commit to and support the fostering of an ethical culture and the strengthening of the organization’s compliance program;
■The board of directors and executive management must ostensibly and publicly declare the importance of the values and policies that make up the organization’s compliance program, always acting unequivocally and consistently with what they preach;
■ The board of directors and executive management must ensure that the instance responsible for the organization’s compliance program has the means to put it into practice, ensuring the allocation of adequate necessary financial, material, and human resources;
■ Governance agents must promote the continuous improvement of the organization’s ethical culture, so that its actions are always consistent with the principles, values, laws, and regulations to which it is submitted.
In addition to compliance with laws and regulations, the organization must define organizational policies applicable to its operating reality and to the .
Policies should reflect strategic guidelines and be grounded in the organization’s values, principles, and purpose.
Although they may vary according to the structure, industry, legal nature, or maturity of the governance, some of the most common policies for Brazilian organizations can be mentioned:
●such as the hierarchy regime;
●risk management;
●communication;
●crisis management;
领英推荐
●transactions between related parties;
●contributions and donations;
●compensation of executive management and board members;
●diversity, equity, and inclusion;
●distribution of results;
●prevention and detection of illegal acts;
●anti-corruption;
● stock trading;
●information disclosure;
Brazilian Institute of Corporate Governance (IBGC)
John Galarani
Rio de Janeiro/Brazil, September 03, 2024
#corporate #governance #riskmanagement #compliance #IBGC
A business nerd?? on a journey to support others by finding value information, making it useful and sharing knowledge on ??Risk &??Strategy
6 个月Very helpful!
Compliance Officer specializing in Corporate Investigations and Governance Corporate, Risk and Compliance ( GRC)
6 个月The best practices in Corporate Governance, Risk Management and Compliance (GRC)