GRC Professional Podcast

Grant Thornton Head of Risk and Compliance Jo-Anne Hayes talks about the importance of having privacy policies around the onboarding and use of digital, online tools, pilots and free trials.

Would your company pass the Fair and Reasonable Test? “People have started saying ‘well, we shouldn't just be thinking about could-we, but we should be thinking about should-we. And I think if you bundle up fair and reasonable, if you bundle up privacy as a human right, if you bundle up potential rights to claim against companies, that should-we questions could be your north star and your guiding light until we have actual legislation to live by.” – Lyn Nicholson, General Counsel, Holding Redlich. The Australian government has agreed in principle to many recommendations made in the review of the Privacy Act—one of which is the fair and reasonable test, which will require regulated entities to make an impact assessment before collecting personal data for products or services. Holding Redlich General Counsel Lyn Nicholson talks about the potential impact of the fair and reasonable test because it might not be a bad idea to use it as a guiding principle even though it is not a requirement…. yet. Resources • Government response to the Privacy Act Review Report: https://www.ag.gov.au/rights-and-protections/publications/government-response-privacy-act-review-report#:~:text=In%20its%20response%20to%20the,to%20best%20protect%20this%20information • Dymocks confirms 1.2 million customers shared on the dark web in data breach: https://www.abc.net.au/news/2023-09-15/dymocks-confirms-1-million-customers-details-leaked/102863820 • Data Breach could cost Medibank $ 35 million in 2024: https://www.itnews.com.au/news/data-breach-could-cost-medibank-35-million-in-2024-599566 • Equifax fined $13.4 million following data breach: https://www.cshub.com/attacks/news/equifax-data-breach-fine

Are there cultural challenges in your organisation? How are you measuring them? Are your solutions proactive or reactive? Have you developed a psychologically safe workplace? Ombpoint Managing Director Lindall West stresses, the importance of proactively approaching people risk in organisations. Resources Respect@ Work: https://www.respectatwork.gov.au/ Anti-Discrimination and Human Rights Legislation Amendment (Respect at Work) Bill 2022: https://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/bd/bd2223a/23bd027#:~:text=The%20purpose%20of%20the%20Anti,2020)%20(the%20Report). Ombpoint: https://ombpoint.com/organisations-are-auditing-their-culture-and-conduct-are-you/

CCL Consultants Principal & Australian Compliance Institute Course Facilitator Bronwyn Gallacher talks about the Treasury Laws Amendment (More Competition, Better Prices) Bill and the impact that the increased maximum penalties could have on Qantas and other matters after the royal assent of the amendment. Resources Treasury Laws Amendment (More Competition, Better Prices) Bill 2022: https://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/Bills_Search_Results/Result?bId=r6923 ACCC Takes court action alleging Quantas advertised flights it had already cancelled: https://www.accc.gov.au/media-release/accc-takes-court-action-alleging-qantas-advertised-flights-it-had-already-cancelled Record penalties of $438 million ordered against Phoenix Institute and CTI for acting unconscionably and misleading students: https://www.accc.gov.au/media-release/record-penalties-of-438m-ordered-against-phoenix-institute-and-cti-for-acting-unconscionably-and-misleading-students

GRC Solutions Head of Content Adrian Phoon talks about an upcoming webinar and future discussion groups to be conducted in conjunction with the Australian Compliance Institute. Register for The Compliance Webinar now!: https://thegrcinstitute.org/Events/eventdetail/2188 Have your say on future topics: https://www.surveymonkey.com/r/L9BFKG5 Event Description The Discussion Group will feature a range of guest speakers. The aim is to equip members with practical advice from subject matter experts and promote discussion and knowledge-sharing between peers. To launch the discussion group, we are offering a webinar event, that will be open to members and non-members. This webinar from 12-1pm on Monday 20 November. This is an opportunity for non-members to get an understanding of the topics we cover and how they might benefit from participating in discussion groups.

LexisNexis Head of Content Regulatory Compliance Kieran Seed, outgoing-Australian Compliance Institute CEO and Interim-Australian Compliance CEO discuss the state of financial crime-related risks and regulation through the lens of the Lexis Nexis Whitepaper, 2023-2024 AML-CFT Compliance Roadmap Leveraging ISO 37301. Download your copy of the 2023-2024 AML-CFT Compliance Roadmap Leveraging ISO 37301 now: https://www.lexisnexis.com.au/en/insights-and-analysis/research-and-whitepapers/2023/2023-2024-aml-cft-compliance-roadmap Resources CPS 230 Operational Risk Management: https://www.apra.gov.au/operational-risk-managementAPRA and ASIC commence joint administration of the new Financial Accountability Regime: https://www.apra.gov.au/news-and-publications/apra-and-asic-commence-joint-administration-of-new-financial-accountability ISO 37301: https://www.iso.org/standard/75080.html Related Financial Crime Podcasts AML & Financial Crime 2023 Wrap-Up: https://soundcloud.com/user-89551722-76965574/aml-financial-crimes-congress-wrap-up-1 AML & Financial Crime Congress 2022 & Sanctions: https://soundcloud.com/user-89551722-76965574/aml-financial-cirmes-congress-2022-sanctions Thinking about Board Education in AML Compliance: https://soundcloud.com/user-89551722-76965574/thinking-about-board-education-in-aml-compliance AML & Financial Crime Congress 2023 Presentation - Carolyn Hanson: https://soundcloud.com/user-89551722-76965574/aml-financial-crime-congress-2023-carolyn-hanson Other Related Podcasts Showing evidence in ISO37301: https://soundcloud.com/user-89551722-76965574/showing-evidence-in-iso-37301-draft The Ecosystem of FAR: https://soundcloud.com/user-89551722-76965574/the-ecosystem-of-the-far-draft-2

alteredstate Director Craig Chappell talks about productivity, efficiency and getting more time back for yourself. Don't miss the Productivity + Workshop: Workload and Workflow Mastery! Register Now: https://thegrcinstitute.org/Events/eventdetail/2187 Event Details Productivity + Workshop: Workload and Workflow Mastery The Australian Compliance Institute is pleased to be able to provide access to this workshop by alteredstate for our members. With multiple competing priorities, juggling the compliance workload can be overwhelming and take up valuable time in itself. This workshop will help you manage the requests and demands on your time, freeing you up so you can achieve balance and clarity for your priorities. Balance is essential for your well-being, as the schedule for compliance deadlines only accelerates constantly. You need to be at your best to deliver your best. These workshops will take you through approaches to your workload and will be followed up by one-on-one coaching to ensure you are putting the lessons into practice. The structure of the sessions will be: • Workshop session one: 8 November – 10:30 am – 2:30 pm • Workshop session two: 15 November - 10:30 am – 2:30 pm 1:1 Coaching to start after 20 November. Register Now: https://thegrcinstitute.org/Events/eventdetail/2187

"Documentation of accountability is just the starting point; it is imperative that you can demonstrate that it is embedded in the BAU of your organisations. And remember, as businesses evolve, role changes and go into different areas of accountability--it's quite dynamic." Adder Rock Consulting Principal Richard Sheldon looks at the ecosystem around the Financial Accountability Regime. Resources CPS 511 Remuneration: https://www.apra.gov.au/sites/default/files/2021-08/Final%20Prudential%20Standard%20CPS%20511%20Remuneration%20-%20clean_0.pdf CPS 230 Operational Risk Management: https://www.apra.gov.au/sites/default/files/2022-07/Draft%20Prudential%20Standard%20CPS%20230%20Operational%20Risk%20Management.pdf CPS 234 Information Security: https://www.apra.gov.au/sites/default/files/cps_234_july_2019_for_public_release.pdf Financial Accountability Regime: https://www.apra.gov.au/financial-accountability-regime In Case You Missed It: Delegation of Compliance https://soundcloud.com/user-89551722-76965574/delegation-of-duty-in-compliance

The AML & Financial Crime Congress 2024: Connecting the Dots will be held on 15 May 2024. Until then, here is a session from this year's congress. At the AML & Financial Crime Congress 2023, Financial Crime Compliance Professional and Australian Compliance Institute member Carolyn Hanson discussed a practical approach to financial crime compliance in high-risk environments and jurisdictions. Enjoy! Register now for the AML & Financial Crime Congress 2024: Connecting the Dots - https://thegrcinstitute.org/Events/eventdetail/2185

Australian Compliance Institute Director Annette Donselaar closes GRC 2023 Conference in August, calling on risk and compliance professionals to step up.

Outgoing Australian Compliance Institute CEO Naomi Burley and Strategic and Engagement Consultant Carole Ferguson discuss the requirements of consolidating multiple member superannuation accounts under the SIS(ACT)through the lens of the Australian Securities and Investments Commission (ASIC)action against AustralianSuper. Resources ASIC sues AustralianSuper over multiple superannuation accounts: https://asic.gov.au/about-asic/news-centre/find-a-media-release/2023-releases/23-249mr-asic-sues-australiansuper-over-multiple-superannuation-accounts/ ASIC v AustralianSuper Concise Statement: https://download.asic.gov.au/media/tv1d2sli/23-249mr-concise-statement.pdf ASIC warns super trustees to boost efforts to consolidate duplicate member accounts : https://asic.gov.au/about-asic/news-centre/find-a-media-release/2023-releases/23-175mr-asic-warns-super-trustees-to-boost-efforts-to-consolidate-duplicate-member-accounts/

What are the limits of AI as a tool? What risks can AI pose to businesses? KartaSoft CEO James Worsfold and KartaSoft Business Analyst David Golding explore key AI benefits, risks and misconceptions. Resources Safe and Responsible AI - https://assets.kpmg.com/content/dam/kpmg/au/pdf/2023/safe-and-responsible-ai-in-australia-report.pdf NSW Artificial Intelligence Assurance Framework - https://www.digital.nsw.gov.au/policy/artificial-intelligence/nsw-artificial-intelligence-assurance-framework ISO/IEC 23894 - https://aistandardshub.org/ai-standards/information-technology-artificial-intelligence-risk-management/ A Parliamentary Inquiry Into Generative AI Closed in July - https://www.aph.gov.au/Parliamentary_Business/Committees/House/Employment_Education_and_Training/AIineducation Digital Platforms Regulators make Joint Submission on Safe and Responsible AI - https://www.oaic.gov.au/engage-with-us/submissions/dp-reg-joint-submission-safe-and-responsible-ai-in-australia-discussion-paper KartaSoft: https://www.linkedin.com/company/kartasoft/?originalSubdomain=au

Australian Compliance Institute CEO Naomi Burley talks about what to expect from the International Federation Compliance Associations Congress 2023. Register Now: https://thegrcinstitute.org/Events/eventdetail/2174 International Federation of Compliance Associations: https://www.ifca.co/

Adder Rock Consulting Richard Sheldon addresses delegation of duty in a continuously evolving regulatory ecosystem. Podcast Notes Financial Accountability Regime 2023: https://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/Bills_Search_Results/Result?bId=r6988 RBC: https://www.rbcroyalbank.com/personal.html CPS 511: https://www.apra.gov.au/remuneration-requirements-for-all-apra-regulated-entities CPS 230: https://www.apra.gov.au/sites/default/files/2023-07/Prudential%20Standard%20CPS%20230%20Operational%20Risk%20Management%20-%20clean.pdf From Fires to Firewalls: APRA Member Therese McCarthy Hockey: https://www.apra.gov.au/news-and-publications/apra-member-therese-mccarthy-hockey-grc2023 About Richard Sheldon is Risk, Governance & Compliance Specialist and a former Senior Executive of the world's 10th largest Bank, Royal Bank of Canada. Richard has a 30-year track record of implementing AML, Compliance, Risk and Cultural programs to meet global regulations, optimising organisational structures, providing prudent advice and solutions to regulatory challenges. He has been instrumental in the development of risk, conduct & culture frameworks, reporting and governance structures to meet the increasing evidential obligations on financial institutions, including those relating to FAR, Whistleblowing, CPS 511 and CPS 230.

CCL Consultants Principal and and Australian Compliance Institute facilitator Bronwyn Gallacher talks about 10980NAT Graduate Certificate in Compliance & Risk Management - Weekly Delivery - Livestream Register Now: https://thegrcinstitute.org/Events/eventdetail/2183 Course Information This certificate has been designed exclusively for senior GRC professionals looking to further develop their skills for career progression to the most senior level. Throughout this principles-based course, participants will tackle scenario-based challenges and be encouraged to creatively apply the skills learned to relevant and topical issues. Those who successfully complete this course will have the skills to excel in leadership positions. If you have completed the 10964NAT CertIV in Compliance & Risk Management, you only require an additional 3 years experience before completing this Graduate Certificate. Mode of Delivery - This course will be delivered on a weekly basis. - 10 sessions in duration. There will be weekly tutorials each Monday night via live stream, from 6:30pm-8:30pm (latest finish 9:00pm). Register Now: https://thegrcinstitute.org/Events/eventdetail/2183 About the Facilitator Bronwyn Gallacher is a CCRP (Fellow) Founder, Managing Director and Principal Lawyer of CCL Consultants Pty Ltd (CCL). Bronwyn is also ALDI Stores Code Arbiter under the Australian Food and Grocery Code of Conduct, Competition and Consumer Act 2010.

Australian Compliance Institute CEO Naomi Burley talks about GRC 2023 Conference and the upcoming IFCA Congress. Podcast Notes 2023 IFCA Congress: https://thegrcinstitute.org/Events/eventdetail/2174 International Perspective on ESG: https://thegrcinstitute.org/Events/eventdetail/2173 CPS 230: https://www.apra.gov.au/sites/default/files/2023-07/Prudential%20Standard%20CPS%20230%20Operational%20Risk%20Management%20-%20clean.pdf FAR: https://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/Bills_Search_Results/Result?bId=r6988 Consultation Commences on AML/CTF Reforms: https://www.austrac.gov.au/consultation-commences-amlctf-reforms

Podcast Notes Australian Compliance Institute CEO Naomi Burley and Strategic Engagement Consultant Carole Ferguson address challenges related to non-disclosure agreements, conflicts of interest and reputational risk in the context of PWC and the Australian Tax Office. Further Resources Ziggy Switkowski AO to lead independent review of PwC Australia: https://www.pwc.com.au/media/2023/ziggy-switkowski-leads-pwc-independent-review.html ATO says millions in annual tax could have been lost due to PwC confidentiality breaches: https://www.abc.net.au/news/2023-02-16/australian-tax-office-million-scheme-pricewaterhousecoopers/101980548 Downfall and bankruptcy: https://www.britannica.com/event/Enron-scandal/Downfall-and-bankruptcy

Australian Compliance Institute CEO Naomi Burley talks about the GRC Conference: Step-Up. Register Now: https://thegrcinstitute.org/Events/eventdetail/2139

GRC Institute CEO Naomi Burley and Strategic Engagement Consultant Carole Ferguson discuss greenwashing and the implications of the Australian Securities and Investments Commission's (ASIC) litigation against Mercer and Vanguard Investments. Mercer: First Court Proceeding in Greenwashing: https://asic.gov.au/about-asic/news-centre/find-a-media-release/2023-releases/23-043mr-asic-launches-first-court-proceedings-alleging-greenwashing/ Vanguard: ASIC commences Vanguard Investments: https://asic.gov.au/about-asic/news-centre/find-a-media-release/2023-releases/23-196mr-asic-commences-greenwashing-case-against-vanguard-investments-australia/ Info sheet 271: How to avoid greenwashing when offering or promoting sustainability-related products: https://asic.gov.au/regulatory-resources/financial-services/how-to-avoid-greenwashing-when-offering-or-promoting-sustainability-related-products/ Corporations Act 2001 Section 1013D: http://classic.austlii.edu.au/au/legis/cth/consol_act/ca2001172/s1013d.html Corporations ACT 2001 Section 1013DA: http://classic.austlii.edu.au/au/legis/cth/consol_act/ca2001172/s1013da.html Regulatory Guide 65 1013DA Disclosure Guidelines: https://asic.gov.au/regulatory-resources/find-a-document/regulatory-guides/rg-65-section-1013da-disclosure-guidelines/ Greenfluencers: https://www.forbes.com/sites/solitairetownsend/2022/12/09/greenfluencers-how-social-media-creators-are-becoming-sustainability-superheroes/

In this episode, GRC Institute ( soon to be the Australian Compliance Institute) CEO Naomi Burley discusses the reasons behind the upcoming name change, the new website, the Annual GRC Conference 2023 and the International Federation Compliance Associations (IFCA).

The AML & Financial Crime Congress 2023 has come and gone. Still, the subject matter expertise and shifts in the regulatory and legislative landscape will hopefully help financial crime compliance professionals build fit-for-purpose and ethical compliance frameworks that will ultimately play their part in protecting the Australian financial system. GRC Institute CEO Naomi Burley touched on some critical topics at the annual event held on 14 June. Resources: • AML CTF Reforms Consultation Part 1 closed 16 June: https://www.austrac.gov.au/consultation-commences-amlctf-reforms • National Anti-Scam Centre: https://www.austrac.gov.au/consultation-commences-amlctf-reforms • Modern Slavery Act Review: https://www.austrac.gov.au/consultation-commences-amlctf-reforms For Members Only • GRC Institute Anti-Money Laundering Networking Group: https://thegrcinstitute.org/Events/eventdetail/2105 • GRC Institute Fraud & Scams Discussion Group: https://thegrcinstitute.org/Events/eventdetail/2105

The AML & Financial Crime Congress is less than a month away! The GRC Institute CEO Naomi Burley takes a high-level view of Australia's financial crime compliance landscape and gives a sneak peek at what to expect from the AML & Financial Crime Congress 2023 on 14 June. Click the link to register and join the conversation! https://thegrcinstitute.org/Events/eventdetail/2141

This episode is the first in our Frequently asked questions series! Here is where we publicly answer all Your Frequently Asked Questions! Let us know what you want to know! Resources • Here is a link to our courses! https://thegrcinstitute.org/events/eventtype/2 • Join us next month for the AML & Financial Crime Congress. https://thegrcinstitute.org/Events/eventdetail/2141 • Watch this space for updates on the Annual GRC Conference. https://thegrcinstitute.org/Events/eventdetail/2139

KPMG Director of Compliance and Conduct, Alex Ong, conducted workshops with GRC Institute Members looking at the trends and challenges that risk and compliance challenges that come with managing conduct risk. Alex talks to the GRC Professional Podcast about some critical issues related to conduct risk, common challenges and some misconceptions.

GRC Institute CEO Naomi Burley talks about the work that the GRC Institute will be doing to in 2023 to help compliance and risk professionals to get their jobs done. “Throw forward ideas, think that's what really enjoyed last year, and we want to see more of this year, is members throwing in their opinions on things because I have to say our members are the leaders in this field so, you know, what you have to say in those discussion groups is absolutely valuable to all the other participants.” Check out some supporting resources, training, events and discussion groups mentioned in this episode of the podcast. AML & Financial Crime AML Financial Crimes Congress: https://www.thegrcinstitute.org/Events/eventdetail/2141 AUSTRAC Compliance Reports: https://www.austrac.gov.au/business/how-comply-and-report-guidance-and-resources/reporting/austrac-compliance-reports Podcast: AML & Financial Congress 2022 Sanctions Edition: https://www.thegrcinstitute.org/news/view/3193 Training List of Training Courses: https://www.thegrcinstitute.org/events/eventtype/2 FNSSS00010 AML & CTF Skill Set - Livestream: https://www.thegrcinstitute.org/Events/eventdetail/2129 Compliance Management System ISO 37301 Putting the Compliance Management Standard into practice and elevating your program: https://www.thegrcinstitute.org/Events/eventdetail/2152 ISO 37301 Compliance Management Standard: https://www.iso.org/standard/75080.html Podcast: Culture in ISO 37301: https://www.thegrcinstitute.org/news/view/3070 Conference & Publications GRC2023 Conference: https://www.thegrcinstitute.org/Events/eventdetail/2139 GRC Institute Member Discussion Groups: https://thegrcinstitute.org/events/eventtype/3 Podcast: GRC2022 Conference Highlights: https://www.thegrcinstitute.org/news/view/3249 The First Practice Note: Assurance : https://thegrcinstitute.org/news/view/3296 International Federation of Compliance Associations Podcast: IFCA International Compliance Conference: https://www.thegrcinstitute.org/news/view/3224

GRC Institute the CEO Naomi Burley and Strategic Engagement Consultant Carole Ferguson discuss enforcement action taken by the Australian Securities and investments Commission against Perpetual and the American Express related to inadequate Target Market Determination (TMD).

GRC Institute CEO Naomi Burley talks about some of the achievements of the GRC Institute. Related: Culture in ISO37301: https://www.thegrcinstitute.org/news/view/3070 AML & Financial Crimes 2022: Sanctions Edition: https://www.thegrcinstitute.org/news/view/3193 GRC 2022 Conference Highlights: https://www.thegrcinstitute.org/news/view/3249

KordaMentha Partner Alice Saveneh-Murray talks about the importance of board Education in Financial Crime Compliance. Interviewee Alice Saveneh-Murray Partner | Financial Crime Melbourne Alice is a Partner in our Financial Crime team. She is an experienced leader and trusted advisor to the financial crime risk community and brings deep subject matter expertise and innovative strategies to support client engagements, Boards and a wide range of industry initiatives.

GRC Institute Risk Management Professional of the Year for 2022 and MT ST. Michael's College Risk and Compliance Manager Gina Conde talks about the importance of resilience, empathy, emotional intelligence and honest self evaluation. Bio Gina Conde Gina is an experienced practising professional in risk management, internal auditing, compliance, and project management in medium and large commercial, government and not-for-profit organisations in Australia and overseas. At present, she is the Risk and Compliance Manager for Mt St Michael's College in Brisbane, Queensland.

Compliance Professional of the Year for 2022 Renai Williams talks about her professional journey and what she thinks makes an effective compliance professional.

Arctic Intelligence CEO & Founder Anthony Quinn talks about some key findings from their second annual AML Benchmarking Report: https://arctic-intelligence.com/insights/blog/arctic-intelligence-launch-2022-aml-industry-benchmarking-report Podcast Notes Latest Independent audits: https://www.austrac.gov.au/news-and-media/media-release/austrac-orders-audit-sportsbets-and-bet365s-compliance-financial-crime-laws Arctic Intelligence: https://arctic-intelligence.com/ Arctic Intelligence Launches 2022 AML Industry Benchmarking Report: https://arctic-intelligence.com/insights/blog/arctic-intelligence-launch-2022-aml-industry-benchmarking-report Podcast: Risk Assessments with Anthony Quinn: https://thegrcinstitute.org/news/view/3015

GRC Institute Director Naomi Burley touches on some of the highlights from the GRC 2022 Conference. Podcast Notes Financial Accountability Regime : https://treasury.gov.au/consultation/c2022-311520 Cyber Resilience: https://asic.gov.au/regulatory-resources/corporate-governance/cyber-resilience/ Crypto assets: https://asic.gov.au/regulatory-resources/digital-transformation/crypto-assets/ Greenwashing: https://asic.gov.au/about-asic/news-centre/find-a-media-release/2022-releases/22-294mr-asic-acts-against-greenwashing-by-energy-company/ Climate and sustainability disclosures: https://asic.gov.au/about-asic/news-centre/find-a-media-release/2022-releases/22-161mr-asic-encourages-submissions-to-the-international-sustainability-standards-board-consultation-on-global-baseline-climate-and-sustainability-disclosures/ Risk Culture 10 Dimensions: https://www.apra.gov.au/risk-culture-10-dimensions CPS 230 Operational Risk Management Resilience: https://www.apra.gov.au/sites/default/files/2022-07/Draft%20Prudential%20Standard%20CPS%20230%20Operational%20Risk%20Management.pdf Austrac on Optus Breach: https://www.austrac.gov.au/optus-data-breach-working-our-reporting-entities Bullion Dealers: https://www.austrac.gov.au/business/industry-specific-guidance/bullion-dealers Superannuation: https://www.austrac.gov.au/business/how-comply-guidance-and-resources/guidance-resources/australias-superannuation-sector-risk-assessment-2016 Preventing Exploitations of Emergency and disaster Support payments: https://www.austrac.gov.au/business/how-comply-guidance-and-resources/guidance-resources/emergency-disaster-support-payments Ransomware and Crypto assets: https://www.austrac.gov.au/news-and-media/media-release/austrac-works-businesses-target-ransomware-and-criminal-use-digital-currencies FINTEL Alliance : https://www.austrac.gov.au/about-us/fintel-alliance OAIC and Facial Recognition: https://www.oaic.gov.au/updates/news-and-media/oaic-opens-investigations-into-bunnings-and-kmart Collection of Personal Data: https://www.oaic.gov.au/privacy/your-privacy-rights/your-personal-information/collection-of-personal-information AFCA Data Cube: https://www.oaic.gov.au/privacy/your-privacy-rights/your-personal-information/collection-of-personal-information Quick Guides for Assurance( Members Only): https://thegrcinstitute.org/news/view/3219

How do you stay on top of all of your obligations in a world where regulators are increasingly interconnected? Lifetime Member & Past GRC Institute Carolyn Hanson talks about regulatory overlap of obligations from a financial crime perspective. Resources: AUSTRAC & CBA: https://www.austrac.gov.au/austrac-and-cba-agree-700m-penalty CBA Prudential Inquiry Final Report: https://www.apra.gov.au/news-and-publications/apra-releases-cba-prudential-inquiry-final-report-and-accepts-enforceable Austrac commences Proceedings against Crown: https://www.austrac.gov.au/news-and-media/media-release/austrac-commences-proceedings-federal-court-against-crown-melbourne-and-crown-perth Crown Perth royal commission finds casino giant unsuitable to hold WA's only gaming licence : https://www.abc.net.au/news/2022-03-24/crown-unsuitable-to-hold-wa-casino-licence-royal-commission/100934322 Report finds that Star not suitable to run Sydney Casino: https://www.abc.net.au/news/2022-09-13/the-star-not-suitable-to-run-sydney-casino/101432734 Anti-Money Laundering Networking Group: https://www.thegrcinstitute.org/Events/eventdetail/2094 Podcast: Modern Slavery Edition: https://www.thegrcinstitute.org/news/view/2966

101 Series Personal & Sensitive Information The GRC 2022 Conference addressed recent instances of the collection of biometric not meeting regulatory expectations from a consent, data collection or data storage context. Do you understand personal and sensitive information under the Australian privacy legislation? Managing Director and Founder of the CCL Consultants Bronwyn Gallacher addresses the issues around personal information and sensitive information under the Privacy Act. This podcast is part of 101 Series for Compliance Professionals Month. Resources: OAIC opens investigation against Bunnings and Kmart: https://www.oaic.gov.au/updates/news-and-media/oaic-opens-investigations-into-bunnings-and-kmart The Privacy Act: https://www.oaic.gov.au/privacy/the-privacy-act Personal Information and Sensitive Information: https://www.oaic.gov.au/privacy/guidance-and-advice/what-is-personal-information#:~:text='sensitive%20information'%20(includes%20information,of%20personal%20information)%5B3%5D Red Cross Blood Service Data Breach: https://www.abc.net.au/news/2016-10-28/red-cross-blood-service-admits-to-data-breach/7974036 Optus Breach and Cyber Resilience: https://www.thegrcinstitute.org/news/view/3230 The Three Lines Re-imagined: https://www.thegrcinstitute.org/news/view/3051

GRC Institute CEO Naomi Burley & Strategic and Engagement Consultant Carole Ferguson address the challenges cyber resilience in light of the recent Optus data breach. Resources: The 4 Cs : https://asic.gov.au/about-asic/news-centre/speeches/the-4cs-of-risky-business/ Court finds RI Advice failed to adequately manage cyber risks: https://asic.gov.au/about-asic/news-centre/find-a-media-release/2022-releases/22-104mr-court-finds-ri-advice-failed-to-adequately-manage-cybersecurity-risks/ Optus Cyber Attack: https://www.optus.com.au/about/media-centre/media-releases/2022/09/optus-notifies-customers-of-cyberattack Optus Main Page: https://www.optus.com.au/ Consumer Data Right: https://www.cdr.gov.au/ Cyber Risk: Be Prepared: https://asic.gov.au/about-asic/news-centre/articles/cyber-risk-be-prepared/ REP 429 Cyber Health Check : https://asic.gov.au/regulatory-resources/find-a-document/reports/rep-429-cyber-resilience-health-check/ Corporations Act 2001: https://www.legislation.gov.au/Details/C2018C00031 Related Articles: Credit Code Review, Data Breach: https://www.thegrcinstitute.org/news/view/3228 RI Advice Breach Licensing Requirements:https://www.thegrcinstitute.org/news/view/3148

This October is Compliance Professionals Month and it will kick off with he IFCA International Compliance Conference! GRC Institute CEO Naomi Burley talks a little about the layout of this event. Resources IFCA International Compliance Conference: https://www.ifca.co/ Podcast: ESG & GRC : https://www.thegrcinstitute.org/news/view/3218 DISTANCE LEARNING: 10964NAT Certificate IV in Compliance & Risk Management: https://www.thegrcinstitute.org/Events/eventdetail/2043 GRC2022 Conference - Pulsepoints : Delivering Strategic Compliance: https://www.thegrcinstitute.org/Events/eventdetail/2093

GRC Institute Director Julian Hunn talks about the nexus of the ESG and the GRC. Save the Date the Annual GRC 2022 Conference being held (online) on Tuesday 11th October 2022 – please save the date in your calendar! https://thegrcinstitute.org/Events/eventdetail/2093

GRC Institute Director Elizabeth Moylan talks about the gap in the compliance market. Resources Royal Commission in to Financial Services: https://www.royalcommission.gov.au/banking#:~:text=The%20Royal%20Commission%20into%20Misconduct,into%20misconduct%20in%20the%20banking%2C GRC Institute Courses: https://www.thegrcinstitute.org/events/eventtype/2 Macquarie Bank Compliance Statement : https://www.macquarie.com/au/en/disclosures/statement-of-compliance-macquarie-bank-limited.html#:~:text=Macquarie%20is%20committed%20to%20operating,(as%20permitted%20by%20IOSCO). ISO 37301: https://www.iso.org/standard/75080.html The Three Lines Reimagined: https://www.thegrcinstitute.org/news/view/3051 Save the Date the Annual GRC 2022 Conference being held (online) on Tuesday 11th October: 2022: http://www.thegrcinstitute.org/Events/eventdetail/2093

GRC Director John Price Talks about his top 10 risks and how organizations can mitigate these risks and meet regulatory expectations. Resources The Work From Home Edition: https://www.thegrcinstitute.org/news/view/2940 How is Your Cyber Risk Management?: https://thegrcinstitute.org/news/view/3133 Deloitte State of Compliance : https://www2.deloitte.com/content/dam/Deloitte/au/Documents/audit/au-audit-state-of-compliance-survey-2022-110422.pdf Prudential Inquiry into Commonwealth Bank of Australia : https://www.apra.gov.au/sites/default/files/CBA-Prudential-Inquiry_Final-Report_30042018.pdf Financial Services Royal Commission: https://www.royalcommission.gov.au/banking Looking at the Royal Commission Report: https://thegrcinstitute.org/news/view/3113 Banking Code Compliance Committee Annual Report 2020-2021: https://bankingcode.org.au/resources/bccc-2020-2021-annual-report/

GRC Institute Director Elizabeth Sheedy talks about the improving of transparency of CPS 511 Remuneration. How executive remuneration responds to guidance : evidence from the Australian banking industry: https://researchers.mq.edu.au/en/publications/how-executive-remuneration-responds-to-guidance-evidence-from-the Risk Governance: biases, blind spots and bonuses: https://researchers.mq.edu.au/en/publications/risk-governance-biases-blind-spots-and-bonuses APRA Strengthens transparency remuneration and bank disclosures: https://www.apra.gov.au/news-and-publications/apra-strengthens-transparency-on-remuneration-and-bank-disclosures Save the Date the Annual GRC 2022 Conference being held (online) on Tuesday 11th October 2022: https://www.thegrcinstitute.org/Events/eventdetail/2093

GRC Institute Director Athena Efstratiadis speaks about GRC Professional skillsets and how they have evolved over the years. Resources Critical success factors for an effective implementation of the Three Lines of Accountability: https://www.thegrcinstitute.org/news/view/3051 Guidance on Breach Reporting: https://asic.gov.au/about-asic/news-centre/find-a-media-release/2021-releases/21-235mr-asic-publishes-guidance-on-breach-reporting/ How to manage compliance risk and stay out the headlines: https://www.apra.gov.au/news-and-publications/how-to-manage-compliance-risk-and-stay-out-of-headlines Compliance & Risk 101: https://www.thegrcinstitute.org/cmspages/page/578 GRC Institute Membership: https://www.thegrcinstitute.org/cmspages/page/1842 Save the Date the Annual GRC 2022 Conference being held (online) on Tuesday 11th October 2022 – please save the date in your calendar!

Thomson Reuters Bureau Chief for the Asia Pacific Nathan Lynch talks about his book The Lucky Laundry which looks at the detrimental impacts of dirty money on people and institutions. The Lucky Laundry by Nathan Lynch can be found at your local bookstore! Resources: Record $45 million civil penalty ordered against Tabcorp: https://www.austrac.gov.au/record-45-million-civil-penalty-ordered-against-tabcorp Austrac and CBA agree to $700 million penalty: https://www.austrac.gov.au/austrac-and-cba-agree-700m-penalty Westpac ordered to $1.3 billion: https://www.austrac.gov.au/news-and-media/our-recent-work/westpac-penalty-ordered AGS Helped on largest civil penalty in Australian corporate history: https://www.ags.gov.au/publications/news/AGS_AUSTRAC_largest_%20civil_penalty_in_%20Aust_history_6Jun18 Fintel Alliance: https://www.austrac.gov.au/about-us/fintel-alliance APRA releases CBA Prudential Inquiry Final Report and accepts Enforceable Undertaking form CBA : https://www.apra.gov.au/news-and-publications/apra-releases-cba-prudential-inquiry-final-report-and-accepts-enforceable APRA releases report on industry self-assessments into governance, culture and accountability: https://www.apra.gov.au/news-and-publications/apra-releases-report-on-industry-self-assessments-into-governance-culture-and Royal Commission into misconduct in the Banking, superannuation and Financial Services Industry: https://www.royalcommission.gov.au/banking#:~:text=The%20Royal%20Commission%20into%20Misconduct,into%20misconduct%20in%20the%20banking%2C Tranche too hard: Australia edges forward with glacial AML/CTF law reform agenda: https://insight.thomsonreuters.com.au/business/posts/tranche-too-hard-australia-edges-forward-with-glacial-aml-ctf-law-reform-agenda AML/CTF ACT: https://www.austrac.gov.au/business/legislation/amlctf-act Money transferred to and from overseas: International funds transfer instruction (IFTI) reports: https://www.austrac.gov.au/business/how-comply-guidance-and-resources/reporting/money-sent-overseas-itfi Tipping off: https://www.austrac.gov.au/business/how-comply-and-report-guidance-and-resources/reporting/suspicious-matter-reports-smrs/tipping#:~:text=A%20breach%20of%20the%20tipping,effect%20on%2017%20June%202021. Podcast: AML & Financial Crimes Congress 2022 Sanctions Edition: https://thegrcinstitute.org/news/view/3193 Save the Date the Annual GRC 2022 Conference being held (online) on Tuesday 11th October 2022 – please save the date in your calendar!

GRC Institute CEO Naomi Burley and LexisNexis Head of Content Regulatory Compliance Kieran Seed discuss this year's Annual AML & Financial Crimes Congress with an emphasis on the sanctions, sanction compliance and the perennial but volatile nature of sanction-related risks. Resources Don't know where to start with sanctions compliance? Here is a Complimentary Sanctions Compliance Checklist from LexisNexis. https://www.lexisnexis.com.au/en/insights-and-analysis/research-and-whitepapers/2021/complimentary-sanctions-checklist?utm_source=polaroid&utm_medium=aucorpsite&utm_campaign=21AUCRP59RCAURetailandSanctionsChecklistCampaign Save the Date the Annual GRC 2022 Conference being held (online) on Tuesday 11th October 2022 – please save the date in your calendar!

Strategic Engagement Consultant Carole Ferguson & GRC Institute CEO Naomi Burley discuss the new Internal Dispute Resolution Data Requirements. IDR Data Handbook: https://download.asic.gov.au/media/0gsbyt3i/idr-data-reporting-handbook-published-30-march-2022.pdf

Thriving People Founder & Director Rebecca Christianson talks about to communicate effectively with Gen Y and Gen X employees. Thriving People: https://www.thrivingpeopleconsulting.com/contact/

Financial Crime Professional & GRC Institute Director Julian Hunn looks broadly at the risks posed by virtual currencies and virtual assets. Mentioned in Podcast FATF Guidance on Digital Currencies: https://www.fatf-gafi.org/media/fatf/documents/recommendations/Updated-Guidance-VA-VASP.pdf Austrac Guidance on the Criminal Abuse of Digital Currencies: https://www.austrac.gov.au/business/how-comply-guidance-and-resources/guidance-resources/preventing-criminal-abuse-digital-currencies APRA Guidance on the Risk Management Approach to Crypto Assets: https://www.apra.gov.au/news-and-publications/apra-sets-out-initial-risk-management-expectations-and-policy-roadmap-for ABC's Four Corners Report on Cryptomania: https://www.abc.net.au/4corners/crypto-mania:-behind-the-hype-of-cryptocurrencies/13906076 ................................................................................................................................................... Julian Hunn is a speaker at the AML& Financial Crimes Congress: https://www.thegrcinstitute.org/Events/eventdetail/2039

GRC Institute CEO Naomi Burley talks about what to expect from the AML & Financial Crimes Congress 2022 on 7 June. Hope to see you there! What Financial Crime-related risks are high on your risk radar? https://thegrcinstitute.org/Events/eventdetail/2039

Blackmores Group Compliance and Privacy Officer Eva Gleeson shares her compliance journey from Ireland to Australia and the challenges and opportunities that she faced along the way.

Protecht Research & Content Lead Michael Howell talks about benefits of documentation and certification in ISO 37301: Compliance Management System. Protecht: https://www.protechtgroup.com/en-au/ LexisNexis: https://www.lexisnexis.com.au/en/homepage Recommended Listening Podcast: Culture in ISO37301: https://www.thegrcinstitute.org/news/view/3070

CCL Consultants Managing Director Bronwyn Gallacher talks privacy , consent, and compliance. Mentioned In the Podcast Workplace surveillance act : https://www.oaic.gov.au/privacy/your-privacy-rights/employment/workplace-surveillance Privacy Act : https://www.oaic.gov.au/privacy/the-privacy-act QR Code Data Breach: https://iapp.org/news/a/massive-and-dangerous-data-breach-exposed-more-than-500k-qr-code-check-in-addresses-in-australia/#:~:text=More%20than%20500%2C000%20QR%20code,of%20the%20breach%2014%20Feb. Use of Security Cameras: https://www.oaic.gov.au/privacy/your-privacy-rights/surveillance-and-monitoring/security-cameras QR Code Data Collection: https://www.oaic.gov.au/engage-with-us/consultations/guidance-for-digital-check-in-providers-collecting-personal-information-for-contact-tracing Critical Infrastructure Bill: https://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/Bills_Search_Results/Result?bId=r6833 Resources https://www.thegrcinstitute.org/Events/eventdetail/2052

David Jacobson from Bright Law talks about changes in the Australian Payments Systems and the aim to close regulatory gaps and expand the definition of payments systems. Resources Australian Payment Systems Review https://treasury.gov.au/publication/p2021-198587 David Jacobson follows the review in the Australian payments system https://www.brightlaw.com.au/payments-system-review-final-report/