Compliance Bricks and Mortar for May 17

These are some of the compliance-related stories that caught my attention this week.


The Board Member’s Oversight of AI Risk – Moving from Middle to Modern English

By Sean Dowd, Rich Kando, and Chris Crovatto, AlixPartners LLP
Harvard Law School Forum on Corporate Governance

Risk assessments take on many forms, but there are three critical components of a risk assessment that, when consistently applied, help to compartmentalize a company’s often highly complex risk environment and measure progress. A risk assessment requires (1) the identification of the inherent risks present within a company’s operations, in this case a company’s GenAI program and its use case, (2) the effectiveness of a company’s existing safeguards in addressing those inherent risks, and (3) the remaining residual risks after the application of those safeguards.


PCAOB Adopts New Quality Control and Auditor Responsibility Standards

by David Lynn
The Corporate Counsel .net

On Monday, the PCAOB adopted two new standards. First, the PCAOB adopted a new audit quality control standard, replacing the existing AICPA standard that pre-dated the creation of the PCAOB. The new standard requires all PCAOB registered firms to identify their specific risks and design a quality control system that includes policies and procedures to address those risks. 


How Bank Regulation and Supervision Can Weaken Financial Stability

By Hamid Mehran and Chester Spatt
The CLS Blue Sky Blog

We argue that bank regulation and supervision interfere with pricing risk by creating opacity. Given that market disclosures enhance the efforts of supervisors, and vice versa, more disclosure could enhance financial stability (see Spatt, 2010)[1]. In addition, we believe that disclosure would provide information on the competence and performance of regulators and supervisors (reducing adverse selection about regulators) and increase their incentives (reducing moral hazard). This would make capital markets more effective in addressing future banking problems and reducing reliance on bank regulators who have arguably failed the public. We question the value of withholding vast amounts of banks’ privileged information and argue that, although this unique regulatory practice has a long history, it is not ethical in the context of fair treatment of investors in public entities. Indeed, firms are required under the securities laws to disclose material nonpublic information, at least when they raise capital.


CFPB Survives Another Attack

Consumer Financial Protection Bureau v. Community Financial Services Association of America, Limited __ US ___ (2023)

The Bureau’s funding statute satisfies the requirements of the Appropriations Clause. The statute authorizes the Bureau to draw public funds from a particular source—“the combined earnings of the Federal Reserve System”— in an amount not exceeding an inflationadjusted cap. 12 U. S. C. §§5497(a)(1), (2)(A)–(B). And, it specifies the objects for which the Bureau can use those funds—to “pay the expenses of the Bureau in carrying out its duties and responsibilities.” §5497(c)(1). The Bureau’s funding mechanism also fits comfortably within the historical appropriations practice described above. P. 15– 16.

Author: Doug Cornelius

You can find out more about Doug on the About Doug page

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.