Insurance companies sell group policies that some courts have ruled provide little or no coverage. Congress approved ERISA to “protect” employees’ pensions but in doing so unwittingly gave disability insurance companies a free pass to play the game on a field that is not level.
Posted in Regulatory Compliance Consulting | No Comments »
If you are a mortgage broker or mortgage originator doing business in Massachusetts you need to understand how MGL93H and Regulation 201.CMR.17 impacts how you need to handle personal information and manage your business in the future. Effective March 1, 2010 licensed mortgage brokers are responsible for the safety and security of any Massachusetts residents personal information that is collected, handled or stored by you or your staff. Your mortgage business must have a written plan, known as a WISP “Written Information Security Plan” in place and being followed, to not only protect the safety and security of the personal information of your clients, but also to protect your business. Below is a checklist to help you get organized and develop the plan you will need to comply.
Posted in Regulatory Compliance Consulting | No Comments »
FDA Part 11 compliance is a huge issue for all firms that are regulated by the FDA (Food and Drug Administration), including but not limited to food manufacturers, pharmaceutical companies, biotechnology organisations, and clinical laboratories.
This regulation, introduced in 1997, states the terms and conditions required to ensure that electronic records and signatures can be considered trustworthy and reliable.
This involves the implementation of necessary controls and procedures such as auditing, system validation, audit trails, and electronic signatures.
Essentially, FDA Part 11 compliance is a rule on how to store records and documentation that show you are complying with the plethora of other rules set by the FDA. So, although the FDA have good intentions - to protect the public from harm - it’s easy to see how compliance can become such a burden for FDA regulated companies.
And with recent news that President Obama is, once again, increasing funding for the FDA - by another 23% (on top of a 19% increase from 09) - regulations are only going to get tighter in the next few years.
In fact, this increase in stringency and regulatory requirements is displayed by the fact that the FDA sent almost double the number of enforcement letters to pharmaceutical companies in 2009 when compared to those sent out in 2008. And with expectations of this figure to double by the end of 2010, FDA regulated organisations really need to be ‘on-the-ball’ if they want to avoid enforcement action.
So, how can these regulatory requirements be handled effectively, efficiently and in a way that conforms to FDA Part 11 compliance?
With a good learning management system.
Learning management systems provide an easy-to-use platform for employees and supervisors alike to handle the training workload, ensuring it is completed on-time and to an acceptable standard.
For FDA Part 11 compliance, learning management systems also contain the ability to record, audit, and authorise all training records - providing a solid, regulatory compliant platform so that you and your employees can focus on more important things.
Posted in Regulatory Compliance Consulting | No Comments »
Having started my own business I am only to aware how important having a good business solicitor is. From the outset every business has responsibilities to its employees as well as the general public they are providing to. This being said from the outset it is worth looking at company policy to ensure you have made clear what your company is about and what you are offering your customers.
Business Solicitors can talk you through the many legal aspects of your business and from the outset ensure that you are in a responsible position to move forward with your trade.
For matters pertaining to VAT, national insurance, tax and business insurance, its wise to speak to a solicitor so that you know that you are covered and do not receive any nasty surprises should issues arise down the line. As with any product or service make sure that you shop around for the service that fits you. Its important that the relationship you have with your solicitor is a good one and finding a solicitor that you get on with makes the process a lot easier.
Health and Safety is something that businesses come under fire for, issues that may affect your business such as Accident claims. Solicitors will help Advise and manage your Health & Safety requirements, make sure that you are compliant with your obligations, support you with HSE/Local authority investigations, help with improvement and prohibition notices, and ensure that you have adequate defense in the unfortunate case of prosecutions.
Have you made sure that planning / building regulations regarding your premises satisfy those asked for by the government. If there are issues with your building speaking to a solicitor is a great way of getting you in contact with the people that can help you resolve the issues and ensure that any lease or property dispute is quickly resolved.
You may be required to obtain a license before you can start trading. This is dependent on the product you are selling or the services you are providing. Speaking to a solicitor in the early stages of a business can help ensure that the correct regulatory bodies are dealt with and subscribed to.
Intellectual Property can be daunting to new designers, inventors and fledgling businesses. Ensuring that your intellectual property remains yours is something that many businesses find extremely worrying. A good solicitor will ensure that you remain the holder of any intellectual property and that any one trying to undermine your position will find it untenable.
Every company needs to have stationery that reflects the professionalism of the company, but even in this case you need to think carefully about how you design your letterheads and stationery so that you have all of the legal information that is required of you laid out clearly.
|
Business solicitors can ensure that the legal side of your business is up together and that any issues including Property disputes, Health and safety, Intellectual property etc are all well understood and dealt with in the correct manner. Article Source: |
 |
Posted in Regulatory Compliance Consulting | No Comments »
If a property owner was in default with their mortgage payments and could not satisfy the outstanding debt or bring the mortgage and any outstanding penalties current during the pre-foreclosure stage, they were surely going to be faced with having to leave their home. In some cases, property owners that were upside down in their mortgage or through financial hardship found themselves in a position where expenses were just too overwhelming may have chosen to just walk away from their homes, no matter how difficult it was for them and their families.
Posted in Regulatory Compliance Consulting | No Comments »
God forbid, but if you got hit by a bus tomorrow, do you have a trusted lieutenant who can keep your company on track?
To help you answer this question, think about the following comments:
You may see different versions of this question in your life as:
Research shows that well over 50% of companies promote their CEOs from within. Such companies understand a central tenet of business-that a well-crafted succession plan vastly minimizes disruption when the CEO leaves, expected or not. (Jack Welch, former CEO of General Electric) Build leadership capacity incrementally. Upgrade corporate training so that it becomes an industry-wide credential. (Dan Carrison and Rod Walsh Business Leadership The Marine Corps Way)
Do you truthfully answer this Yes or No?
Why?
Why Not?
How can the notes you just made help in your life, job and business? What one issue from your thoughts you noted when truthfully answering this question, will you start improving, TODAY?
Because risks are what really go wrong when you are not looking: stupid things like bounced checks, losing your best customers or best people when you are blindsided. You need to create peripheral vision in your business so you are not blindsided.
You need a perspective of life under the microscope and to have lived to tell the tale. Insights give a common sense approach to what people make complex, as companies grow.
|
Bottom line? - Risks are what really go wrong when you are not looking: stupid things like bounced checks, losing your best customers or best people when you are blindsided. You need a perspective of business under the microscope and to have lived to tell the tale. After analyzing and helping over 200 companies, I have learned one key point:”What You Don’t Know About Your Business Can Cost You Your Business.” From the author of the newly released book, ‘Stick Out Your Balance Sheet & Cough: Best Practices for Long Term Business Health’. Available on Amazon. So open this book and say Profit. A video of Gary discussing his book is available at http://www.youtube.com/watch?v=OXhsY8hP70A From Gary W Patterson, http://www.FiscalDoctor.com FiscalDoctor® Copyright 2010 Article Source: |
 |
Posted in Regulatory Compliance Consulting | No Comments »
Harder laws and more rigorous enforcement cost nearly 200000 U.S. gun dealers their federal firearms licenses since the mid-1990s. Guided by abrupt declines in states including Washington D.C., CA and FL, the amount of federally licensed firearms traders fell seventy-nine percent across the nation since 1994, subsequent to Congress adopting gun-control measures that yet set off argument.
Posted in Regulatory Compliance Consulting | No Comments »
The states of Tennessee and Montana both authorised laws pertaining to firearms and ammo earlier this year. The jurisprudences from both states basically stated that firearms and ammo fabricated inside their respective state and not distributed or shipped outside of that state were exempt from the federal firearms license laws. The states legal attitude was based on the 10th Amendment which states as follows:
Posted in Regulatory Compliance Consulting | No Comments »
If you’re in the electrical utility sector and you hear NERC Audit you’re likely to start sweating. Not because you may not have a NERC compliance plan, but because of the simple fact that there really isn’t any good information that exists that tells you everything you have to do and exactly how to do it. As you know there is NERC, FERC, and even SERC. How can you keep them all straight along with the litany of other regulatory issues you have to deal with? One of my best pieces of advice is to breakdown the different standards of NERC into manageable pieces.
Creating a NERC Compliance Plan
First, take apart all the standards and sectionalize them. NERC has done a decent job of trying to separate these into groups. For instance, Cyber Security has standards that go from CIP 001-009. However, if you break apart all the different issues that go into just those standards, you will no doubt have a million different action items on your plate. My specialty and focus has been on CIP 4, because this is where I have listened to a lot of screaming clients who have become frustrated with the auditing process taking place. The fines that these audits generate can cost upwards of $7,500 per person per day. I was recently at the TechAdvantage Expo in Atlanta, and spoke with many industry executives who said they have had to pay fines of several hundred thousand dollars and more for not complying with CIP 4.
The best thing to do is break apart the standards and review each one in detail and then parse them out to your different department heads, who can be made responsible for implementation. As the NERC compliance plan manager, you will need to get buy in from your senior management so that they will dictate to your peers the fact that they will need to report to you on their findings. You will need to coordinate their efforts and then tell your senior management you want to provide them with updates on the plan bi-weekly or at least monthly. By doing this, it will help keep them engaged and continue to provide you with the resources you need to devise a NERC compliance plan.
Let’s just take, for example, the Cyber Security standards. The very name could be a little misleading because it would imply that this standard should go to your IT department. They are the ones that will need to implement all kinds of cool techno stuff that will provide you with cyber intrusion protection tools, right? Not necessarily. Take for example the CIP 004. This clearly states that you must have a system in place for conducting awareness training, background risk assessments, and access documentation and credentialing on all of your employees and contractors. You may now look at this and then realize this is more of a security department or HR concern rather than a technical one.
Second, when you’re looking for vendors to help you analyze all of the different options, remember this one true statement. No single company has a system to manage all NERC compliance plan issues. I’ve seen it many times before where companies advertise that they can make you NERC compliant by just hiring them. This is a fallacy. There are many consulting companies out there that are very reputable and can certainly assist you with the interpretation and development of a NERC compliance plan, but they cannot implement the systems and technology to make you compliant. I go back to the CIP 4 standard for Cyber Security where vendors proclaim to be able to achieve compliance in a certain time frame. One of the most important issues as part of that standard is conducting a risk assessment background check on anyone that has access to critical assets. To do a background check, you need to be a certified CRA (Credit Reporting Agency). But even to this same point, doing things that might involve other pieces of that standard, for instance handling encryption and password protection of those assets that same company would not be the correct fit.
Remember that creating a NERC compliance plan is a goal driven task. Have yourself or a consulting company review the different aspects of NERC that apply and coordinate with your top managers to make this a goal for you and your peers.
Implementing a NERC Compliance Plan
One of the morals of this story is to get your suppliers to illustrate how they comply with a specific standard of NERC. If they say they comply with multiple standards, then ask them to show you how and run it by NERC for verification. Also, make sure their pricing is in line with how they sell it to you. There are multiple occurrences where a vendor will sell something to one company and then turn around and sell the exact same thing to another company but at a much higher mark up since there is a regulation surrounding that industry. Don’t be fooled by those gimmick tactics and allow vendors to prey on your fear of not having a NERC compliance plan in place.
In summary, get a breakdown of which standard applies directly to you, create a matrix chart of which pieces of which standard apply to what departments, get your senior managers involved to dictate these goals to your peers and provide them with updates. Then, when going out to vendors, have them prove how it directly relates to a NERC compliance plan; ask them if they sell that same tool to others and how much it is. Doing these things in this order will help you become the go-to person on regulatory issues, and, in a utility company…that is highly valued.
Posted in Regulatory Compliance Consulting | No Comments »
An owner of a small trucking company contacted us this week to get some help with his safety management controls - he knows there are things he needs to do but he hadn’t been doing them.
He is a smart man and he knows his assets are at risk - the DOT can be thorough and fines get pretty high, and there are rumors of lawsuits when things go wrong.
This small carrier has been around more than 2 years, so I asked if they had a safety audit - if there were any violations on the SA the fixes are important - no need letting yourself in for repeat violations, as this CAN lead to maximum penalties.
Why, yes, the man said, they have had a safety audit, in March last year. And after rummaging around in some files for a few minutes, they did find the safety audit document. But there are no violations here - not one. How can this be?
The carriers DQ Files are less than 40% compliant, their D & A testing program is less than 6 months old, they have a hit-and-miss HOS monitoring program with a few examples of flagrant false logs, some minor 11 and 14-hour violations, and countless form and manner violations, his maintenance folders have none of the required elements. Let’s just say there is MUCH room for improvement.
So why was there such a contradiction between what I found and what a safety auditor found 18 months ago? The safety auditor said there were NO VIOLATIONS.
Now, I suppose it is possible this carrier was doing EVERYTHING right in March 2008 and just let things go to heck since then. Or, maybe the carrier never got around to doing anything but the safety auditor didn’t do a very thorough job. My money is on the second explanation.
Sadly, I have seen this numerous times since we started our small consulting practice a couple years ago. Safety auditors and investigators doing compliance reviews are sometimes so lenient, carriers think the DOT has no teeth.
Sounds like a good world right?
You try and make a living, and when the DOT sends enforcers out, they are creampuffs.
But overly lenient investigators don’t do carriers any favors, encouraging complacency in the motor carrier community.
I feel sorry for the honest business people who TRY to do the right thing.
They have a Compliance Review, the investigator points out one or two little things, they throw some effort at these things and forget about DOT requirements.
Then, one day a terrible accident takes place. Where are those friendly, overly lenient DOT investigators now? Nowhere to be found, I assure you.
This time you have a CR and the investigator is very thorough indeed. This time they leave no stone unturned. The fines may still be inconsequential, but that doesn’t matter. Once a federal agent puts down on his scorecard that you were doing something that was a violation of a DOT Reg., the plaintiffs attorney (who may be an expert on DOT Regs) goes after the full amount of your insurance limits AND any assets you have or that you might EVER have.
You thought that lenient investigator was doing you a favor, eh?
The best thing DOT investigators can do for you is conduct thorough, tough Compliance Reviews. Sadly, most investigators are not very thorough at all.
A safety audit is supposed to be a lightweight CR, and nearly everyone passes. But, it is meant to be an education event for the carrier.
Most safety auditors don’t do a very thorough job either.
The one I just looked at yesterday was, by definition, one of the worst, but it is a trend that I see all too often.
Any idiot can get a DOT number - it only takes a few minutes. Even the ones who TRY to follow the regs should have several violations when they have a safety audit. It is nearly impossibly to do everything right. But too many safety audits are done showing a carrier was doing nothing wrong when, in truth, the carrier was doing very little right.
Posted in Regulatory Compliance Consulting | No Comments »