Compliance 5.4

Question 1

Compliance

Answer 1

• Meeting the standards of laws, policies, and regulations.

Question 2

Scope of Compliance Laws

Answer 2

• Domestic and international requirements.

Question 3

Internal Compliance Requirements

Answer 3

• Monitor and report on organizational compliance efforts.
• Managed by the Central Compliance Officer (CCO)
• Also provides compliance information to the customers and potential investors.

Question 4

External Compliance Requirements

Answer 4

• More prevalent when working with a third parties with their own requirements.
• May require annual or ongoing reporting.
• Missing or invalid reporting could result in fines and/or sanctions.

Question 5

Sarbanes-Oxley Act (SOX)

Answer 5

• Public Company Accounting and Investor Protection Act of 2002.

Question 6

The Health Insurance Portability and Accounting Act (HIPAA)

Answer 6

• Extensive healthcare standards for storage, use, and transmission of health care information.

Question 7

The Gramm-Leach-Bliley Act of 1999 (GLBA)

Answer 7

• Disclosure of privacy information from financial institutions.
• Encourages financial institutions to disclose their privacy policies to the their customers.

Question 8

Non-Compliance Fines and Sanctions - Class 6

Answer 8

• Fines of up to $50,000 or up to 1 year in prison.
• Both can happen

Question 9

Non-Compliance Fines and Sanctions - Class 5 Felony

Answer 9

• Under false pretenses
• A fine of up to $100,000, up to 5 years of prison, or both

Question 10

Non-Compliance Fines and Sanctions - Class 4 Felony

Answer 10

• An intent to sell, transfer, or use individual identifiable information for commercial advantage, person gain, or malicious harm.
• Can result in $250,000, or up to 10 years in prison, or both

Question 11

Non-Compliance Fines and Sanctions - Class 3 Felony

Answer 11

• Civil fines
• Max is $100 for each violation, total amount not to exceed $25,000 of an identical requirement or of the same calendar year.

Question 12

Reputational Damage

Answer 12

• Additional consequences if falling out of compliance.
• Organizations are often required to disclose.
• Can result in stock prices to drop, at least for the short term.

Question 13

Loss of License

Answer 13

• Another consequence if falling out of compliance.
• Can prevent organizations from selling their product.
• Cannot make purchases from another company.
• Expensive to re-license.

Question 14

Contractual Impacts

Answer 14

• Some business deals may require a minimum compliance level.
• W/out compliance, the contract may be in breach.
• Can be resolved with or without a court of law.

Question 15

Due Diligence/Care

Answer 15

• A duty to act honestly and in good faith.
• investigate and verify

Question 16

Compliance Monitoring

Answer 16

• Personnel can be responsible for this task.
• The individual ensures compliance in a day-to-day operations.

Question 17

Due Care

Answer 17

• Refers to internal activities.

Question 18

Due Diligence

Answer 18

• Often associated with third-party activities.

Question 19

Attestation and Acknowledgement

Answer 19

• The executive in charge of this compliance process who “signs-off” indicating the compliance contract is in “good standing”

Question 20

Compliance Monitoring - Internal

Answer 20

• Internal tools can be used to keep track of all the compliance tasks.

Question 21

Compliance Monitoring - External

Answer 21

• Provide access or information to third party participants.
• May require ongoing monitoring of third party operations.

Question 22

Automation

Answer 22

• A must for large organizations.
• Collects data from people and systems.
• Compliance requirements can be very different from companies.
• This process will vary