Governance, risk and compliance principles have recently been articulated as an integrated collection of all capabilities to ensure that organisations reliably achieve objectives, address uncertainty and act with integrity.
Our advisory services in this field encompass several statutory and regulatory frameworks, global standards, territorial and extraterritorial anti-corruption laws, economic sanctions, fraud, anti-money laundering and anti-terrorist financing laws as well as foreign investment regulations. We also advise on global standards affecting or applicable to businesses such as ESG standards, ethics and compliance frameworks and standards and global best practice.
Corporate governance issues are uppermost in the minds of board members, executives, employees, investors, shareholders, communities and stakeholders today. The GRC team at Aluko & Oyebode assist our Nigerian and multinational clients to navigate complex corporate governance codes applicable in Nigeria, develop and implement practices and procedures to avoid governance issues arising currently or in future. We also support clients who have suffered corporate governance failings and advise on the appropriate remedial steps to be taken.
We help our clients proactively implement effective programmes to address governance issues, regulatory matters and compliance issues, including ongoing disclosure requirements and filings, capital market activities, fiduciary duties and shareholder relations that all prescribe best practice.
Legal Risk Management
In order to manage, minimize and/or control the exposure of investment to and impact of risks that arise in the normal course of business, companies practice risk management. We work with our clients to develop effective risk management processes that align with good corporate governance as well as ethics and compliance best practices. We advise our clients on legal risks that may arise and provide the necessary legal support in their decisions to strategically accept and manage risks by applying GRC processes.
For many years, our firm has assisted clients operating in highly regulated sectors in complying with heightened scrutiny and regulatory oversight, as well as to navigate the complexity of Nigeria’s legal and regulatory system. We also support clients in responding to regulatory inquiries and strengthening compliance measures, and in developing robust compliance programmes.
We guide our clients in developing compliance matrixes and by providing updates on a regular basis, they are best placed to stay in good standing with relevant regulations and regulatory agencies.
The GRC services we offer are in the general areas of:
- Compliance Programmes
- Corporate Governance
- Environmental, Social and Corporate Governance (ESG)
- Business Ethics
- Anti-Trust, Competition and Consumer Protection
- Ethics and Compliance Risks Management
- Data Protection and Cyber Security
- Governance, Risk and Compliance Training
- Regulatory Compliance
- Regulatory Transitioning for Businesses
- Regulatory Interface
- Business Assurance Reviews
- Reporting and Whistle Blowing
- Internal Investigations
- White Collar/Business Crimes Investigations
- Remedial/Post Incident Management and Monitoring
Consistent with the Firm’s general approach to the practice of law, the Team is able to address the needs of our clients in a practical, value-oriented and cost-effective manner. Please contact Adeolu Idowu, email@example.com for further information and a proposal on our GRC services.
Governance, Risk and Compliance SUBPRACTICES
We support our clients to develop compliant relationships with regulators and government agencies and to manage their regulatory interface. We are able to provide the most practicable solution to clients and deliver the best outcomes.
We work with our clients as a technical resource to ensure that they identify and meet regulatory prescriptions.
We also use our longstanding relationships and firm reputation to achieve the best outcome on regulatory challenges
Our team provides legal advice in the face of legal or regulatory breach allegations or during external investigations by government agencies.
We conduct reviews and investigations into allegations and prepare reports of findings and recommendations.
We assist with the implementation of our recommendations or the ruling of a regulator and monitor compliance through a structured and effective monitoring programme.
Leveraging on our extensive relationship network with regulators across all industries we can be appointed as trusted and accountable post incident monitors during a post investigation ruling to address infractions that were found, design and implement remediation plans, correct patterns, implement measures for sustained compliance, and provide independent reports to the regulator to comply with its ruling.
We assist clients in creating a culture of effective reporting so as to detect and respond to issues in a timely manner before they escalate.
We develop a system that assures confidentiality while channeling sensitive information to standby teams trained to respond timeously and avoid degeneration or escalation detrimental to business reputation.
Our reporting and whistle blowing strategies include:
- Assessment of any existing framework
- Assessment or drafting of policies to address reporting
- Development of a reporting and whistle blowing framework
- Training of staff on what, how, when to report to ensure effective implementation of the programme.
- Support with investigation of reported issues.
- Support for remedial programmes to address findings.
- Intake and Incident management: Intake methods include hotline, web form, email etc. for reporting freely, confidentially, sometimes anonymously if desired and without a fear of retaliation.
Our team is able to assist in developing efficient strategies to ensure that all business arms, departments and locations are run in a manner consistent with its company code of compliance, policies and procedures.
We conduct on site assurance reviews of business operations at all its locations, subsidiaries and segments to determine the degree of conformity with central codes of compliance, policies, procedures and processes to give your business the assurance of the necessary conformity and compliance. These can cover policies on matters like Gifts, Entertainment and Courtesies; Conflicts of Interest; Interaction with Government Officials; Use of Agents and Consultants; Harassment; Drugs and Alcohol; External Communications; Use of Company Assets; Document Management etc.
The detailed reports from these reviews provide oversight that can help to proactively identify issues or pockets of non or partial compliance, and recommendations to address breaches, compliance challenges or mitigate the outcome. External assurance can offer important new insights to complement internal control.
We review, advise and equip our clients before, during and after changes in regulation and regulators, changes in governments or policies that may affect the clients’ operations and business vision.
In providing this service, we assess business readiness, regulatory capture assessments, transition arrangements for PEP relationships, threat landscape, compliance weaknesses or infractions and provide advisory services based on findings.
In addition, we provide legal support and advise to our clients on political risks and methods of adequate preparedness and risk reduction or mitigation.
Our Corporate Governance Advisory Services cover board constitution, board ethics, and best practice. We provide support in ensuring that the process of corporate governance institutionalisation is compliant with laws, regulations and international best practices and standards. We are able to provide customised board training and support our clients by establishing internal mechanisms for best governance practices that help sustain businesses in a company in the long term. We develop policies related to delegations of authority, declaration of interest, conflicts of interest etc.
Cyber security is a constant threat for all organisations. Organisations require strong information and data architecture, infrastructure and policies. Risk prevention and mitigation measures are to be applied against external and internal threats to ensure a secure and resilient infrastructure. Our team is able to provide this needed support.
We provide support with a combination of measures to protect data through the deployment of appropriate policies and training to staff and stakeholders on the use of technology assets, Bring Your Own Device (BYOD) policies and application of Data Privacy laws and regulations.
We support responses to complex cyber incidents and assist in responding to government audits and investigations.
We are also able to work with our alliance partners to provide services including:
- Uncovering negative campaigns
- Data leakage assessments
- Active threat intelligence
- Cyber forensics
- Cyber protection framework development
We provide robust data privacy and protection advice to companies across all sectors to safeguard their businesses.
Our team is well versed and experienced in data protection and privacy laws from research and serving clients over the years. We represent clients on a wide variety of issues, including privacy, data protection, cyber security preparedness, responses to data breaches, dispute resolution and litigation, information management and records retention, cyber insurance and regulatory investigations.
We assess the data protection needs of businesses to determine the information to be covered by the policies. We assess storage methods for efficiency and put in place the necessary protections and policies. We provide training on the prescribed policies and insight into best practices.
We assist our clients in making their businesses a source for good - aligning their strategies and operations and taking strategic actions to advance broader societal objectives.
We help our clients in various industries develop ESG strategies that align with their objectives and industry best practices as a business.
We apply the various applicable frameworks including the UN Principles for Responsible Investment, UN Global Compact Principles, UN Guiding Principles on Business and Human Rights, International Labour Organisation Conventions, International Financial Corporation Performance Standards, United Nations Convention Against Corruption, OECD Principles of Corporate Governance, OECD Guidelines for Multinational Enterprises etc. and stay abreast with developments impacting ESG.
Our Team provides the following ESG Advisory services:
- ESG Identification and Analysis
- ESG Program Design and Execution
- ESG Assessment
- ESG Due Diligence
- ESG Reporting
- ESG Assurance and Monitoring
We are able to offer the development of a full compliance programme to organisations.
This service will involve:
- Design and/or review of our client's compliance or ethics code
- Design and/or review and drafting of compliance policies and procedures
- Review and identification of legal obligations that may affect the client’s operations
- Performance of organisational risk mapping
- Design of risk-coded frameworks with compliance requirements; timelines and penalties for non-compliance
- Restructuring of compliance responsibilities across teams
- Development of an effective compliance programme
- Implementation support
Our team assists institutional donors, fund managers and non-profit organisations to effectively develop assurance programmes to manage grants and ensure that the fund is managed in compliance with its stated ethos and objectives.
We ensure compliance of grants, charitable funds and assets with their usage objectives. We apply review mechanisms to verify and develop structured processes to establish and demonstrate integrity and consistency with the core objectives at every stage of project implementation.
We conduct due diligence in the onboarding of various stakeholders including shareholders, directors, clients, suppliers, key employees and so on. This can also extend to accounts payable and suppliers/clients’ review. This service can support clients’ policies regarding Use of Agents and Consultants, Conflicts of Interest, Engagement of Politically Exposed Persons etc.
We will look at addresses, data and document collection, tax profile validation, regulatory protocols and self-declarations, legal credit agreements, online and social media accounts and profiles and confirm that information supplied is complete, accurate and up to date.