You have been hired by the CEO of a newly established global financial services company as the Chief Risk Officer (CRO). The financial services industry includes Commercial Banks (including Credit Unions and Savings and Loan Institutions), Stock Brokerage Firms, Asset Management Firms, Insurance Companies, and Finance Companies.

Outside of efforts by the Human Resources Department, which are recognized as being very limited in nature, the new company has no internal risk, loss or compliance mitigation program in place as part of the company structure. Specifically, there is no: Compliance Department, Auditing Department, Legal Department, Security Department, Investigations or Information Security (IS) Department.

Given the large amount of money the company deals with, the CEO is concerned about the lack of any internal fraud prevention framework and methodologies (policies, processes or procedures) to prevent internal fraud and white collar crime. As the new Chief Risk Officer for one of the company types referenced above, you are tasked with developing the company's overall internal risk mitigation strategy and supporting infrastructure to do so.

The Board of Directors has requested that you submit a proposal detailing your overall risk mitigation plan and here are the five key areas they suggest you focus on:

Risk Strategy:

What are the Risk and Regulatory requirements?

Overall Organizational Chart:

What will your organization look like even if not every position is staffed?

Implementation Plan:

What's your implementation strategy going to be and what is the timing? I.e. What departments have to be created first? Why?

Policies and Procedures:

What types of policies and procedures are necessary to prevent internal fraud and white collar crime? Why? Be specific.

Software and Technology:

What is it? What does it cost? Why is it needed?

In your proposal to the Board, outline the essentials but be sure to include secondary tasks your organization would have to accomplish?

Additionally, you want to address what role each department (Compliance Department, Auditing Department, Security Department, Legal, Investigations or Information Security (IS) Department) is going to play in preventing internal employee theft and white collar crime in the company.

You should also include and be prepared to discuss with the Board of Directors your methodology, which includes an explanation as to why you are putting emphasis (or more emphasis) into one department vs. another and how those decisions are going to reduce the risk and financial losses from internal theft and white collar crime that the fast-growing new global financial services company is facing.

Additional Considerations:

1)BUDGETING:You do not have an unlimited budget (You have been given $6,500,000 for staffing, technology and operating expenses to start) so make each technology and business decision count!

2)DEPARTMENTAL RESPONSIBILITIES:It is not acceptable to only staff one department as risk from internal theft/white collar crime is never limited only to one area. What will the general responsibilities be for individuals in each department?

3)STAFFING COMMENT:While all business units have to be created, the staffing levels do not have to be the same in each department depending on the work that will be done in that department and the emphasis you are (or are not) placing on it.

4)STRUCTURE:While this is not a human resources/staffing exercise... generally, what personnel emphasis will you place in each department (i.e. how many employees are you going to place in each department (including Supervisors, Managers, and Directors etc) and why? Discuss why those departments are receiving priority over others.

5)OTHER DEPARTMENTS NEEDED:Are there other departments you need to create that do not fit into the structure required, but which you believe will add value to the new internal risk/white collar crime-fraud prevention organization you are creating? What are they? What will their function be? Why do you need them?

6)RESEARCH:Feel free to conduct online research into the type of financial services company you choose to focus on to help develop your overall internal anti-fraud plan (structure, technology, methodology, policies and regulatory model).

7)GEOGRAPHIC BUSINESS BOUNDARIES:Concerning the new company'sgeographic business boundaries (domestic, international or both), the geographic boundaries are the same as your chief competitor's markets: whatever markets your type of company competes in, you will be competing in.

8)CONVINCING THE BOARD:There is not one right or wrong answer as to how you fulfill this internal risk/anti-fraud prevention operation for your company, but remember you must convince the company's Board of Directors that you have a solid, well thought out plan. Most importantly, they are interested in your evaluation, thought process and analysis as to what it is going to take to successfully operate in this space, and how you are going to mitigate risk and prevent employee losses and theft associated with providing financial services globally.

9) Be sure to properly document your industry sources, and business justifications, which came from other sources, in your proposal to the Board. This "backstops" your proposal recommendations and ensures the Board doesn't think you are taking credit for things that aren't your original intellectual property.