Blog Posts
Litigation Risk: The True Test of Your Control Environment
In one recent litigation matter, a company—whose name is intentionally withheld—found itself the subject of litigation following a fraud event that was not attributable to a single failed control, but rather a series of breakdowns across fraud prevention, detection, and response. As the matter progressed through discovery and expert analysis, what initially appeared to be…
Third Party Risk Management (TPRM) is more than security assessments.
A successful TPRM program begins with determining why you need a third party and ends with safely off-boarding third parties. It ensures that the decision to outsource is supported by a business justification and aligns with the corporate strategy. It also requires enforceable contracts, defined service-level agreements (SLAs), and an exit plan to minimize business…
Confidential Case Study and Lessons Learned
Beyond the Controls: How a Hunch Revealed a High-Value Internal Fraud Companies build controls and detection capabilities to prevent and detect fraud, whether external (transactional) or internal. But what other ways can we identify fraud? How else do we detect it when conventional controls won’t or can’t work? One effective way is to rely on…