Ever wonder how critical your hotline is? Here is what experts on COSO have to say about hotlines:
Title: Leveraging COSO Across the Three Lines of Defense
By
The Institute of Internal Auditors
Douglas J. Anderson & Gina Eubanks
Figure Heading: “Principle 1. The organization demonstrates a commitment to integrity and ethical values.”
Section Heading: “2nd Line of Defense (Risk, Control, and Compliance)
Quote: “• Specific members of the 2nd Line may be requested to support compliance hotlines, investigate potential wrongdoing, or perform other specific duties related to integrity and ethical values.”
Figure Heading: “Principle 14. The organization internally communicates information, including objective and responsibilities for internal control, necessary to support the functioning of internal control.”
Section Heading: “1st Line of Defense (Risk Owners/Managers)
Quote: “• Establishes separate communication channels such as whistleblower hotlines, which serve as fail-safe mechanisms to enable anonymous or confidential communication when normal channels are inoperative or ineffective.”
Title: 2013 COSO Framework Deloitte Training
Deloitte
Heading: “Demonstrates Commitment to Integrity and Ethical Values (cont.)” “ICEFR Examples”
Quote: “Evaluating misconduct reported through an anonymous hotline”
Heading: “Principle 14 Communicates Internally” “Enhanced Aspects of Principle 14:”
Quote: “Providing separate channels of communication for anonymous or confidential communication when normal communication channels are inoperative or ineffective (e.g., through whistle-blower hotlines).”
Heading: “Principle 15 Communicates Externally” “Enhanced Aspects of Principle 15:
Quote: “Providing separate channels of communication for anonymous or confidential communication when normal communication channels are inoperative or ineffective (e.g., through whistle-blower hotlines).”
The Wall Street Journal
Risk & Compliance Journal
Deloitte
Risk management strategy and analysis from Deloitte
Title: The 2013 COSO Framework and the Audit Committee
Heading: “COSO and the Role of the Board and Audit Committee”
Quote: “The establishment and maintenance of open lines of communication between management and the board, and the provision of separate lines of communication, such as whistleblower hotlines.”
Title: Updated 2013 COSO Framework – fraud risk assessments
Subtitle: Fraud Investigation & Dispute Services
(No Stated Author. Source: www.ey.com)
Previous Heading: “EY fraud risk assessment approach”
“The assessment incorporates a multilevel approach to fully assess the company’s risk of fraud”
Chart Section Heading: “Entity level review”
Examples include:
- Event reporting/whistle-blower hotlines
- Compliance resources/staffing
- Compliance monitoring plan
Title: An Overview of the COSO 2013 Framework
KPMG
Section Heading: “Information and Communication: Principle #14 and Points of Focus”
Figure Heading: “The organization internally communicates information, including objectives and responsibilities for internal control, necessary to support the functioning of other components of internal control.”
List Heading: “Points of Focus”
Point: Provides separate communication lines – Separate communication channels, such as whistle blower hotlines, are in place and serve as fail-safe mechanisms to enable anonymous or confidential communication
Section Heading: “Information and Communication: Principle #15 and Points of Focus”
Figure Heading: “15. The organization communicates with external parties regarding matters affecting the functioning of other components of internal control.”
List Heading: “Points of Focus”
Point: “Provides separate communication lines – Separate communication channels, such as whistle blower hotlines, are in place and serve as fail-safe mechanisms to enable anonymous or confidential communication”
Title: Fraud Risk Management Guide
Subtitle: A joint publication of COSO and the ACFE
Heading: Fraud Risk Assessment Scorecard
Heading: “Considering Various Types of Fraud”
Quote: “Our fraud risk assessment team gathers information about potential fraud from internal sources such as interviews with personnel, brainstorming sessions, complaints received from the whistleblower hotline, and analytical procedures.”