Setting the "231" Framework of an International Gaming Player
Leading gaming group in Europe
As part of a reorganization project, the Internal Control Functions requested the support of MACFIN to review the 231 framework in an overall approach (e.g. mapping processes, risks, controls, definition of roles and responsibilities, information flows, etc.). The project included the updating/implementation of the 231 Organizational Models of some Companies and a training course for over 2000 employees and collaborators.
Goals
Analyze the business model and organizational structure
assessing the impact of the 231 in Group and individual legal entities, as well as the main risk profiles and priorities for action
Identify possible areas for improvement
with reference to the "231" controls and define an Action Plan for their adjustment
Update / Implement the 231 Organizational Models
of the Group entities and contribute to their dissemination through staff training
Activity
Analysis of the potential risk profiles
resulting from organizational and regulatory changes through the mapping of company processes, sensitive activities, 231 risks and controls in place
Overall assessment of the 231 control framework
also with reference to the existing anti-money laundering (i.e. Legislative Decree 231/2007) and privacy (i.e. GDPR) controls, with the identification of the adjustment actions necessary to adequately monitor the detected risk profiles
Adaptation of the 231 Organizational Models
of the Group entities (i.e. General section, protocols, information flows to the OdV) and some organizational documents (e.g. organization and chart, procedures, etc.), taking into account the corresponding level of updating and the overall adequacy with the new organizational structure and standards in use
Design and lead a training course
through the combination of face-to-face lectures and "e-learning" modalities
Results
Overall review and optimization of the framework
Group control, coordinating the needs of the corporate units and Control Functions (Compliance, Risk Management, Internal Auditing)
Definition of a complete and standardized mapping
of Group processes, 231 risk profiles and existing controls
Cross-dissemination between employees and collaborators
of the culture of the administrative responsibility and greater awareness of the controls implemented by the Group in this area
REQUEST A MEETING
Would you like more information or request a meeting with our consultants?
REQUEST INFORMATION
ABOUT OUR SERVICES
Would you like to have more information about our services and solutions? Enter your data and we will contact you as soon as possible.
Other Success Cases
IT Governance & Cybersecurity Risk Assessment
Industry & Services | Organization, IT & Controls
Design of a Risk Reporting solution of an Insurance Group
Insurance | ESG, Risk & Compliance
Setting the "GDPR" Framework of a State-owned company
Non-Profit & Public | Risk & Compliance