SOX, Basel etc. are laws designed to prevent shareholder fraud. These are very good steps taken in the right direction. However, is this enough to prevent shareholder fraud? I do not believe that shareholder fraud can be prevented till these laws are enforced.
Not just enforced but enforced with vigor - put a few of these scum bags in jail so the rest of them know better. Unfortunately, the Enron debacle that put the spotlight on this crime also showed us the weakness in our system to prevent it. "Kenny boy" did not spend a night in jail thanks to his political connections. He did not get to enjoy his ill-begotten millions either - for now, that will suffice as the best the shareholders could have gotten under the circumstances.
As CIO, you have a responsibility to prevent shareholder fraud. Indeed, you may be in the unique position to actually know where the internal controls are weak and causing the problem. Now comes the tough part - what do you do with this knowledge?
While you think through that dilemma, here is one way to solve it - empower the internal auditors with the information they need to be more effective. In the wake of SOX, many companies have established independent audit committees and given teeth to the internal audit process. Perhaps, this process might save you the trouble of taking on your boss!