14 March 2022
We hope that this edition of the Risk Insider finds you well. The current circumstances that we are faced with are unprecedented and devastating. We want to take this opportunity to extend our support to any businesses that have been affected during this time
With that in mind it is now more critical than ever that businesses take responsibility for, and shape the impact they have on the environment, their community, and stakeholders. Putting sustainable and responsible practices at the heart of your business is fast becoming a pivotal requirement for regulators, investors, and other stakeholders. While profit will always be a key indicator of success, it can no longer be the only benchmark. Businesses must be held to account for their actions, impact, and the value that they bring to their market. By having an integrated and long term environmental, social and governance (ESG) strategy, organisations are taking an important step in shaping who they want to be, what they want to stand for and – critically - how other’s see them.
This means that all stakeholders, from consumers to prospective investors, will look at how businesses treat their employees, how diversity and inclusion measures are managed, the sustainability and environmental impact of the business, and any social value and governance practices. This scrutiny is not going away and is only set to intensify, so engaging now will help your business in the long term. Remember ESG includes topics such as human rights, cybersecurity and data security, climate change, sexual harassment, safety, water scarcity, energy management, diversity and gender, business ethics, intellectual property protection, political involvement, compensation of all levels of employees, and others.
When it comes to cyberthreats, the old adage held true in 2022: the more things change, the more they stay the same. Hackers and other electronic criminals continued their relentless pursuit of data and sensitive information from middle market businesses, leading to record levels of several types of attacks. SME’s, small to midsize ASX listed and government agencies continue to represent a sweet spot for hackers, with companies possessing a significant amount of valuable data, but lacking the level of protective controls and staffing of larger organisations.
The COVID-19 pandemic also altered the threat landscape for SME’s, small to midsize ASX listed and government agencies due to the rapid large-scale shift to a remote work environment, and more dependency on the internet to remain productive. Many companies simply do not have experience with managing such a transition, and security vulnerabilities—even for a short amount of time—were almost inevitable. Criminals were quick to strike, unleashing a host of attacks ranging from widespread malware and viruses to targeted social engineering and phishing attacks.
After years of increasing breach attempts and successful breaches, SME’s, small to midsize ASX listed and government agencies understand the risks that cybercriminals can pose. However, while the pandemic caused a global lockdown which generally kept people at home without the luxury of venturing out to a restaurant or a movie, hackers were locked down as well, with little to do but hone their craft and exploit vulnerabilities.
In this month’s Risk Insider, we provide insights on ESG, Carbon Neutral Business and how companies can prepare for and respond to this challenge. In particular, our point of view identifies the primary drivers for these changes to the risk and control environment and lists pragmatic considerations for your consideration.
How ESG is re-shaping financial services?
In the finance sector, the emergence of ESG has a dual impact. First, it’s an opportunity for financial firms to re-shape public perception and build consumer trust. Secondly, ESG will play a major role in how investments are analysed for risk and opportunity.
In this report, we discuss some of the ESG factors that are set to disrupt financial services and the steps you can take to prepare.
Read the full report here>>
ESG — THE NEW NORMAL.
RSM Australia's Natalie Saunders recently wrote an article for WA Works Magazine on the importance of good ESG strategy.
You can read the full article here >>
ADDING VALUE THROUGH CYBER AND DATA ANALYTICS
There has been an increased pressure on businesses to simplify and secure their audit processes to protect their firm and revenue. RSM Australia has long been supporting these businesses with their ongoing audit requirements and have recently had Ashwin Pal and Matthew Cunneen come on board to bolster our cyber and data analytics capabilities.
Find out more >>
A BRIEF GUIDE TO THE ICT SECURITY CONTROLS REQUIRED BY THE AUSTRALIAN PRIVACY PRINCIPLES AND MANDATORY DATA BREACH NOTIFICATION SCHEME
On 13 February 2017 the Senate passed the Privacy Amendment (Notifiable Data Breaches) Bill establishing a Mandatory Data Breach Notification Scheme in Australia. The purpose of which is to protect the rights of individuals and strengthen community trust in businesses and agencies.
Many organisations do not either understand their obligations under this scheme or simply do not know how to comply.
HEALTH MATTERS: USING DATA TO DRIVE PERSONALISED CARE, BETTER PATIENT OUTCOMES, AND REDUCE COSTS
The move to integrated care systems had already identified digitalisation and integrated solutions as key pillars to improve patient experience and support the drive for treatment closer to home.
Find out more about the key drivers and changes that have occurred in the health sector here>>
PROTECT THE FUTURE OF YOUR BUSINESS WITH SECURITY CERTIFICATION
Cybersecurity is a real risk and one that needs to be considered and managed effectively in order to protect the future of your business. Read about why and how to start your Cybersecurity Journey.
Master the skills and knowledge you need to pass the CFE exam in 2023
22 - 25 MARCH 2022 | 19 - 22 JULY 2022 | 11 - 14 OCTOBER 2022
RSM Australia has an ongoing agreement with the Association of Certified Fraud Examiners (ACFE) as the exclusive ACFE Authorised Trainer for the CFE Exam Review Course for Australia. Since the hugely successful partnership began in 2016, RSM Australia’s Fraud & Forensic Services continues to deliver this four-day course in Australia in 2022 through our facilitators as led by Roger Darvall-Stevens.
WEBINAR | AUSTRALIA’S DIGITAL FUTURE: EVOLVING THE CONSUMER DATA RIGHT
Darren Booth presented at CEDA event on Thursday 24th Feb, where he joined Digital Economy Minister Senator Jane Hume and other key stakeholders discussing the Consumer Data Right (CDR), and how the implementation of Open Banking, Open Energy, Open Telecommunications and Open Finance will enable Australia’s digital economy strategy.
You can catch up on the webinar at any time here >>
WEBINAR | QUBIX’S ESG REPORTING AND THE ROLE OF FINANCE
Your Roadmap for Scalable, Flexible, Auditable ESG Reporting
RSM Australia's Ken De Negri was a guest speaker at the event. In case you missed it you can access the events recording here >>
CANBERRA | AUSTRALIAN CYBER CONFERENCE 2022
Tuesday 31st May - Thursday 2 June
Canberra will provide business leaders with insights and best practices taught by the industry’s top experts through keynotes, panel sessions and live demonstrations.
Sydney Partner Ashwin Pal will be speaking at this year’s conference on OT Security – Focusing on the Basics.
You can register for the event here >>
SYDNEY & LIVE STREAM | 11TH ANNUAL FRAUD PREVENTION SUMMIT
Tuesday 24 - Thursday 26 May
Back for its 11th year, the Annual Fraud Prevention Summit will equip private and public sector fraud management professionals with the best tools and knowledge to counter the growing threat of fraud.
RSM Australia's Roger Darvall-Smith, National Head of Fraud and Forensic Services and Milind Sheth, Senior Manager Fraud and Forensic Services will both be presenting at this year's event.
Follow the link to register and find out more here >>
CONGRATULATIONS TO OUR NEW PARTNERS AND PRINCIPALS