Monday, May 18, 2009

Visual Risk IQ to present at Blue Cross / Blue Shield Internal Audit and Fraud Conference

Just wrapped up the speaker notes for tomorrow's presentation at the National Internal Audit and Fraud conference for Blue Cross / Blue Shield.  I'll be co-presenting with Chicago-based Vonya Global.  Partner Veronika Fritz will be joining me for tomorrow's presentation. 

As we tweeted last month, there are few industries with data challenges quite like HealthCare and this conference has many of the audit and risk officers from big, influential players.  Think about the number of Explanation of Benefits (EOBs) that you've ever received.  How many of them actually explained things so you understood them?  Were the charge amounts right?  The first time?  

CCM-T is all about increasing the depth and frequency of data analysis, so anomalies and errors are identified earlier in the process.  There is a large and growing subindustry within HealthCare that pays for itself simply on correcting billing errors AFTER the fact.  What would it be worth to get every invoice right, the first time, before it's sent?  CCM-T can help.    

Our slides and Q&A from the session should be posted later this week.   Or better yet, meet us in St. Louis!

Joe Oringel
Visual Risk IQ
Charlotte NC, USA

Tuesday, May 12, 2009

APEX Analytix, Inc. Acquired by PNC Equity Partners, II, L.P.

APEX Analytix, Inc. Acquired by PNC Equity Partners, II, L.P.

Some M&A activity in the Continuous Controls Monitoring (CCM) space this week. For those of you unfamiliar with Apex Analytix, they are an AP-focused player in CCM, with a long heritage in recovery audit services.

In our opinion, their points of distinction in the CCM space have been their move from being a services-only firm to a technology-enabled services firm. They now sell the software (called FirstStrike) that they previously developed as "internal use" for their recovery audit projects. Visual Risk IQ is an affiliate partner with Apex, and uses output from First Strike as one of many inputs for a Continuous Risk Assessment program that we've implemented for one of our clients.

Stay tuned for updates on what the acquisition may mean for Apex.

FTC Relaxes Enforcement Date on FACTA Red Flag rules. More time to implement CCM-T for Compliance

FTC Grants Three-Month Delay of Enforcement of ‘Red Flags’ Rule Requiring Creditors and Financial Institutions to Adopt Identity Theft Prevention Programs (source: - April 30, 2009)

The Federal Trade Commission will delay enforcement of the new “Red Flags Rule” until August 1, 2009, to give creditors and financial institutions more time to develop and implement written identity theft prevention programs. For entities that have a low risk of identity theft, such as businesses that know their customers personally, the Commission will soon release a template to help them comply with the law. This announcement does not affect other federal agencies’ enforcement of the original November 1, 2008 compliance deadline for institutions subject to their oversight.

As many of you know, Visual Risk IQ was a sponsor at MISTI's SuperStrategies Conference in mid-April, and the conference provided us the opportunity to network with Internal Audit and GRC professionals from all over the US, including a mix of consulting firms and medium and large businesses. The importance of FACTA compliance at the Conference was clearly mixed, with some firms such those in Utilities, Financial Services, and Healthcare having large projects or program offices established to address compliance, with other firms in the same industry being wholly unfamiliar with the regulation.

For more information on FACTA and the red flag compliance rules, please see the following resources:

FTC's web site on Red Flag Rules

FTC's Article Summary

What is happening at your organization? How is this relaxed enforcement date affecting your organization? Why?