A big part of BPS Resolver’s business continues to be in the arena of Risk Assessments. I’m a firm believer that the Risk Control Self Assessment (RCSA) is the easiest component of a GRC program to implement and also possibly the most powerful. These are collaborative sessions, supported by software, in which management teams or project teams attempt to look into the future and determine what events might transpire that will keep them from achieving their corporate objectives. This is the best definition of a Risk. Our customers and partners that do this right have embedded it into their strategic planning process. The risk Heatmaps are the other side of the planning coin. In some cases, budgets are not assigned to initiatives or departments unless a proper Risk Map can be presented and defended.

It’s easy to jump on BP these days but it strikes me that in one of these simple sessions, someone would have come up with the Risk that they may have a leak (major or minor) in a deepwater well. This would have led to a discussion on the controls that exist – or should exist – to ensure this does not happen. Apparently there is a control for this and they did not have it place. The next step would have been to determine mitigating activities and plans if this risk were to occur and management would conclude that indeed it would be a good thing ( a REALLY good thing ) to have a detailed plan for this type of event.

If the first interaction with the press started with a statement indicating that BP had a detailed and thorough plan to deal with this situation, and they could even depict that plan along with the resources committed, I think the public reaction would have been different. If such a plan existed, the financial impact to BP, both in enterprise value, damage to their brand and the amount of cash needed to repair the situation would have been lessened. More importantly, the environmental and economic impact to the Gulf region would have been curtailed as well.

BPS Resolver often facilitates RCSA’s and often these types of high impact, low likelihood Risks emerge. Consider what these Risks might be for your business and ask yourself as a management team whether they are the ‘Elephant in the Room’ or whether you have thoughtful plans and the resources necessary to deal with them.

Steve Taylor
CEO
BPS Resolver Inc.

Toronto – July 22, 2010 – BPS Resolver Inc., a recognized leader in Governance, Risk and Compliance (GRC) Management, announced today the highly anticipated release of their recently enhanced Issues & Actions Tracking (IAT) solution.

BPS Resolver’s IAT solution represents a new step in composing highly configurable defined fields, workflows and reports. IAT enables the identification, allocation, prioritization, sizing, scheduling, additional testing and monitoring of issues and action plans, and uses many features found in BPS Resolver’s BPS Suite to create meaningful relationships between issues/action plans and other risk-based activities. Finally, you have the information and insight you need to locate systemic root causes of risk management failures and to provide the oversight required by senior management.

“BPS Resolver’s IAT is a powerful issues and action tracking system, allowing users to collect and manage issues and action plans across the enterprise as part of an integrated approach to risk management” said Steve Taylor, CEO of BPS Resolver Inc. “What is unique about IAT, is that it has seamless integration capabilities with other BPS Resolver Suite solutions or 3rd party products”

IAT can be used on its own or in conjunction with other solutions in BPS Suite. Auditors can use the software to identify and report audit findings. Compliance officers can identify issues for failed control tests and ensure that there are appropriate follow-up plans. Operational risk managers can use the software to log and track loss events and support regulatory investigations.

BPS Resolver’s GRC Suite of solutions enables businesses to create and maintain a successful, efficient and effective enterprise wide Governance, Risk and Compliance (GRC) program. Companies are recognizing the benefits of productivity and profitability when GRC programs are automated across their enterprise. Through the use of a combination of Resolver*Ballot, Resolver*Net and Resolver*Risk, companies from various industries can have unparalleled success embracing and managing risk at all levels within the organization.

About BPS Resolver Inc.

BPS Resolver solutions are acquired by companies that have material exposure to failures in legislative compliance, shareholder assurance and long term sustainability. We make it simple for companies to effectively mobilize people to address these issues proactively and to demonstrate and document these efforts to third parties. BPS Resolver adds value by replacing informal, unreliable, expensive or inflexible systems with easy to adopt and easy to use solutions. We proudly support over 300 top brand companies in over 100 countries. Our approach has generated thousands of happy users where we are the governance, risk and compliance system of record.

For further information, please contact:
Elaine Buzma
Marketing Manager, BPS Resolver Inc.
Tel: (416) 622-2299 x 306
E-mail: elaine.buzma@bpsresolver.com
Website: www.bpsresolver.com

BPS Resolver’s Resolver*Risk 5.2 enhances the File Export Capabilities and adds Additional New Benefits

Toronto – July 15, 2010 – BPS Resolver Inc., a recognized leader in Governance, Risk and Compliance (GRC) Management, announced today the release of the highly anticipated enhanced version of its GRC management software, Resolver*Risk. The release of Resolver*Risk 5.2 demonstrates BPS Resolver’s ongoing commitment to product enhancement.

Resolver*Risk now enables users to export file attachments en masse, using a new “Generate Zip File” feature within Hierarchical Reports, enabling the delivery of evidence to external parties such as external auditors or regulators.

In addition, the existing set of functions has been expanded to include a number of logical functions. Functions like IF, CHOOSE and LOOKUP can now be used to create advanced logic in calculations of values in the application.

Other beneficial additions include:
• Ability to easily clear values entered into the application
• Expanded legends available on home page pie charts
• Completion Reminder information now editable by non-admin users
• Role information now optional in Hierarchical Reports
• All newly created test items are Framework Items
• Customers using LDAP integration can now include external users in the application

“With the release of Resolver*Risk 5.2, BPS Resolver is exhibiting a dedication to continually enhance our clients’ risk and compliance management processes,” said Phil Obendorf, VP Product Development, BPS Resolver Inc.

The release includes significant new developments that allow users to complete tasks with great efficiency. “The high degree of usability and innovative reporting capabilities are most often cited as the reason companies choose Resolver*Risk over the competition,” said Steve Taylor, President of BPS Resolver Inc.

About BPS Resolver Inc.

BPS Resolver products are purchased by companies that have material exposure to failures in legislative compliance, shareholder assurance and long term sustainability. We make it simple for companies to effectively mobilize people to address these issues proactively and to demonstrate and document these efforts to third parties. BPS Resolver adds value by replacing informal, unreliable, expensive or inflexible systems with easy to adopt and easy to use solutions. We proudly support over 300 top brand companies in over 100 countries. Our approach has generated thousands of happy users where we are the governance, risk and compliance system of record.

For further information, please contact:
Elaine Buzma
Marketing Manager, BPS Resolver Inc.
Tel: (416) 622-2299 x 306
E-mail: elaine.buzma@bpsresolver.com
Website: www.bpsresolver.com

Medicare Audits & Appeals

Over the past decade, CMS (the Centers for Medicare & Medicaid Services) has ramped up efforts to insure that healthcare providers are solely paid for services rendered that (1) meet requirements as originally established within the Social Security Act and subsequent regulations, (2) meet Medicare provider contractual obligations (Conditions of Participation) and (3) meet CMS payment criteria or Medicare coverage criteria.

CMS is investing millions of dollars in dozens of separate – but coordinated – enforcement efforts to force providers to adhere to Medicare rules & regulations. Unfortunately, although the vast majority of providers support the aggressive pursuit of fraud & abuse, wide ranging challenges face those same providers when striving to achieve 100% compliance with Medicare coverage criteria.

Top 5 Barriers to Medicare Compliance

Ok, let’s be honest. While the barriers to Medicare compliance are too numerous to address in the body of this discussion, the following would be generally considered as the TOP 5:

1) First and foremost, the Medicare regulatory environment is so dynamic that even the most highly trained and skilled professionals struggle with day-to-day updates. Decentralized and potentially conflicting guidance from 100s of CMS contractors, continually changing regulations and disparate CMS payment criteria / Medicare coverage criteria resources are just a few major focus areas.

Today, the nation’s leading source of CMS Payment Criteria / Medicare coverage criteria is the CMS PI Warehouse. Simply put, the Warehouse is a “game changer” for healthcare providers seeking the absolute best guidance and insight to CMS documentation, billing, payment and medical necessity related issues.

2) Providers nationwide are making documentation, coding & billing decisions based upon an array of information and insight from sources other than CMS. While these sources may provide an important advisory role they don’t have authority over Medicare payments. Some of these include consultants, professional associations, commercial admission screening or “medical necessity” criteria, peers, lawyers, certification organizations, physician advisors and software vendors.

3) Making changes isn’t nearly as easy as it sounds. With a 10% unemployment rate and potential fraud implications associated with Medicare billing practices, it can be very difficult to gain buy-in from key decision-makers. No one wants to be the messenger when it can mean major repayments and reduced cash flow for the foreseeable future.

4) The nation’s best attorneys – like Robert Benvenuti, the former Inspector General of Kentucky – are advising clients to make every effort to adhere to Medicare coverage criteria. However, arguing vague notions of “medical necessity” can be a boon for unscrupulous attorneys and consultants. There are far too many consultants and other attorneys looking to tap into provider emotions and cash-in on provider retainers.

5) Discussions and education of medical staff can be very stressful and is often avoided for political (or personal survival) reasons.

Overcoming the Barriers to Medicare Compliance

No real magic here – simply, embrace CMS Payment Criteria / Medicare Coverage Criteria as the core foundation of your financial infrastructure. Put another way, don’t let anything – other than documented CMS & CMS contractor guidance – be the foundation for your decisions relating to potential Medicare beneficiary coverage & payment.

Sound simple? It’s really not. In order to “embrace” Medicare coverage criteria, you first have to know what it is. In order to know what it is, you have to find it, evaluate it, understand it, synthesize it and then do something with it. Oh yeah, you also have to convince everyone around you that it is the right thing to do and hope that the coverage criteria doesn’t change before you can get it implemented.

This is where the CMS PI Warehouse comes into play – it is the game changer. The Warehouse is the ultimate source for providers looking to understand and integrate real-time CMS Payment Criteria / Medicare Coverage Criteria at the heart of their organizations. The Warehouse does the heavy lifting for you. Backed by over 25,000 hours of industry-leading expert analyses, the Warehouse is the ultimate solution to overcoming Medicare compliance barriers.

CMS PI Warehouse – What is it?

It really is the game changer. The Warehouse is your one-on-one, real time connection to the nation’s leading Medicare professional compliance resources. We’ve taken the best and brightest Medicare coverage experts and invested over 25,000 hours in identifying, evaluating, analyzing and synthesizing Medicare coverage criteria from 10,000+ CMS and CMS contractor documents. We’ve packaged the outcomes in a web-based, security conscious solution that is truly unmatched in the industry.

• Dedicated CMS Internal Audit Functionality

• CMS Targeted Audit Focus Areas

• 10,000+ CMS Document Library

• CMS Payment Criteria / Medicare Coverage Criteria Modules

• Easily Modified Continuing Education Program Templates

• On-line CMS Appeals Processing

• Management Reporting, Work Queues and much, much more…

Tim Johnson Executive
Director Jackson
Davis HealthCare

Too many companies and organizations are *reactive* rather than *proactive* in identifying and mitigating risks.  It amazes me how businesses fail to learn the lessons they see in the news every day.

When the Nigerian would-be terrorist tried to blow up a plane on Christmas Day 2009 with explosives stashed in his underwear, I, like many others, wondered how TSA/Homeland Security could have missed that.  There are explosives-detecting machines in many airports – the devices the size of a phone booth that blows air at you – but they’re not in *all* airports.  I don’t know whether the airport at which he boarded had those devices, but even if they didn’t, I’ll bet they made him take off his shoes.

It’s been nearly ten years since the Shoe Bomber tried to blow up a plane.  Perhaps the lesson at that time was not, “Hey, you can blow up planes with explosives hidden in your shoes,” but “You can blow them up with explosives hidden *anywhere* in your clothing.”  Now that we’ve figured out what WMD one’s Fruit-Of-The-Looms can be, we should take this a step further and remember the lessons learned back in the 1970s when people tried to smuggle drugs internationally by swallowing packets of heroin.  See where I’m going with this?  Bring on the full body scan machines, which we should have brought on after the Shoe Bomber, but make sure they can look deep enough.  Don’t wait for someone to blow up a plane with swallowed explosives.  You can bet someone’s working out that angle in a cave in Afghanistan right now.

Now you can’t bring liquids onto a plane, or if you do, they can’t be more than three ounces and must be stored in a Ziploc bag.  (What, to make it more inconvenient for the terrorist to have to remove it first?)  How does TSA *know* the liquid inside isn’t dangerous?  They never check *mine*.  It could be acid, poison, nitroglycerine, who knows.  Do we have to wait for someone to create havoc with a TSA-approved hand lotion travel bottle?

I don’t mean to pick on TSA/Homeland Security particularly (or to angle for a spot on the no-fly list – that’s shampoo, really!  When no one can wash their hair the terrorists have won!) but it’s one example of many that I see in the news headlines of organizations that spend more time closing the barn door rather than making sure the horse doesn’t escape to begin with.

Every day I speak with people all over North America who say they don’t have an interest in ERM or doing regular risk assessments, or senior management doesn’t think it’s necessary, or they lost the budget again for it, or they just don’t see the value.  Because volcanoes, underwater oil gushers, terrorists and mysteriously faulty brakes happen to *other* companies, right?

By: Nicole Chardenet, Inside Sales

When identifying risks, the question often asked is “What keeps you up at night?”. Let me explain why this is a, well… risky question to ask.

Consider that the principle goal of risk management is to ensure that an organization performs as expected. In other words, it achieves its objectives. Therefore the risks that you identify need to be directly related to your organizations objectives. Risks not related to the achievement of corporate goals are off strategy – a distraction.

“What keeps you up at night?” is a disembodied question that will result in both relevant and irrelevant risks. Here is the question to ask…

“Considering the objective to… (describe a key objective), what events may prevent the organization from achieving this objective?”.

The result will be risk events that are well aligned with management’s goals. Feel free to present your interviewee with a list of potential risk internal and external risk categories to refer to when answering the question. For example, economic, competitive, strategic, HR, financial, technology, information, and corporate integrity are some of the major categories. There are up to 100 subcategories that fall under these major categories as well (business is complex!).

This objectives-focused question will ensure that your risk management process is strategic and focused on corporate performance.

by Richard Wilson
BPS Resolver Risk Advisory Practice Leader

TORONTO, May 17, 2010 – BPS Resolver Inc., a recognized leader in governance, risk and compliance (GRC) management announces today a strategic partnership with The Corporate L.I.F.E Centre International Inc. (CLCI) in Enterprise Risk Management and Strategic planning.

 “We are very excited to work with CLCI,” said Steve Taylor, CEO, BPS Resolver. “Teaming up with CLCI to provide Enterprise Risk Management and Strategic Planning to a wide range of companies is an exciting development for our company”.

Over the years CLCI has been highly successful in helping organizations create the strategic direction and translate the strategies into operational terms for execution. They work with the senior leadership team to clarify and validate the strategic direction, implement the appropriate Performance Measurement and Management Systems using the Balanced Scorecards to guide the execution of strategies, and ensure that the right talent is in the right place to execute successfully.                  

“After careful consideration of several GRC Software companies in this field, CLCI has chosen to partner with BPS Resolver Inc. based on their exceptional products and services in the industry, as well as their visionary ability to lead the evolution of strategic risk management solutions venture wide,” said Mansoor Osmani, President CLCI.

“This partnership between BPS Resolver Inc. and CLCI is truly a fusion of two leaders in their field providing leading edge Enterprise Risk Management and Strategic Planning solutions to their clients.” said Steve Taylor, CEO, BPS Resolver Inc.

About CLCI

CLCI’s mission is to help their clients transform their businesses into High Performance Organizations™ (HPO). CLCI is a boutique management consulting firm passionate about helping clients achieve strategic performance improvement by implementing performance measurement and management systems.

CLCI’s Integrated Performance Management™ (IPM) methodology is based on the premise that organizations can successfully reach their full potential by transforming into High Performance Organizations. The key to their success is the well-defined and proven methodology, process, tools and facilitation techniques they use.

About BPS Resolver Inc.

BPS Resolver products are acquired by companies that have material exposure to failures in legislative compliance, shareholder assurance and long term sustainability.

We make it simple for companies to effectively mobilize people to address these issues proactively and to demonstrate and document these efforts to third parties. BPS Resolver adds value by replacing informal, unreliable, expensive or inflexible systems with easy to adopt and easy to use solutions.

To achieve this, BPS Resolver brings together the best possible technology foundations with the most current industry information and best practice. Since 2002 we have invested over $20 Million in product development and continue to invest a high percentage of our revenues in maintaining and development of leading products.

For further information, please contact:
Elaine Buzma
Marketing Manager, BPS Resolver Inc.
Tel: (416) 622-2299 x 306
E-mail: elaine.buzma@bpsresolver.com

I was talking to a client recently about the bigger risks that could seriously harm their company. He cited a recent example where a newly acquired small entity almost caused the parent company to be delisted from their exchange. The acquired company refused to share some of their financial information with the parent and as a result they weren’t able to file quarterly reports until the subsidiary was sold. They came within a inch of being delisted.

Every company has hidden liabilities such as this. Some are obvious such as having too much reliance on a single customer for revenue, or too much reliance on a single supplier for goods or services. In other cases the problem is equally risky but not as obvious. An effective way to get visibility on ALL of these major risks is to combine business continuity planning (BCP) with risk management.

Risk management tries to determine the likelihood of uncertain events occurring, while BCP assumes these uncertain events occur and plans alternate routes and recoveries. During your risk identification process you will inquire about events that may prevent your company from achieving its objectives. Try reverse engineering this process to say, “assume that this objective fails – what events could cause this to happen?”. The answers you receive will include catastrophic risks that no one assumes will happen.

For example, asking about risks related to loosing a big revenue stream may result in a limited list of risks due to optimism about how the company is operating. However, assuming that the big revenue stream just disappeared, and asking for potential causes, will uncover new potential risks. The optimism that blinds you to potential risk will be replaced by creative thinking about previously unconsidered risks.

A case in point is the recent volcanic eruption in Iceland that grounded entire fleets of planes. If you asked what risks would ground an entire fleet, volcanoes may not have been identified. But assuming the entire fleet has just been grounded, and asking for potential reasons why, will prompt potentially uncreative people to think more broadly.

by Richard Wilson
BPS Resolver Risk Advisory Practice Leader
richard.wilson@bpsresolver.com

In 2010 it’s not uncommon for a Board to give their management team a mandate to implement a risk management capability.  I’m seeing it more and more.  In this situation the internal or external consulting team engaged to implement the mandate will need to approach the management team in a very specific way.

Firstly, expect that the CEO or CFO may not fully understand the benefits of risk management and may interpret this as a challenge to their corporate governance.  It is important to communicate the benefits of an ongoing risk management process upfront.  Clarifying to management that this is a value sustaining or value creation activity is critical. Here are several key benefits:

• Increase the likelihood that your organization will achieve its objectives (by integrating risk management with the strategic plan)
• Lowering business volatility by increasing visibility on events that can derail your performance
• Treating risk as “neutral” so that opportunities can also be identified and pursued
• Creating a centralized view or risks and creating efficiencies in risk identification and treatment
• Closing the gap between risk management and capital allocation
• Etc…

Secondly, position it as a process, as opposed to a project.  Processes get dedicated resources, projects don’t!

Thirdly, demonstrate how a well run risk management program creates a culture of accountability across the organization for identifying and managing risk.  This will result in higher product/service quality, fewer incidents, and better planning overall.

Finally, show your CEO how the market rewards companies with sound risk management practices.  Ratings agencies, capital markets, and creditors are all starting to differentiate risk-informed companies from the rest of the competition.

These are just some of the tangible benefits that you should communicate to your management team to ensure they are supportive of your risk management program.

by Richard Wilson

BPS Resolver Risk Advisory Practice Leader

Richard.wilson@bpsresolver.com