Miranda Lin discusses recent risk-related incidents at the U.S. Securities and Exchange Commission (SEC), and the apparent lack of adequate internal controls enforced within the organization. The author identifies some of the possible improvements to be made to the SEC’s internal controls environment regarding their people, process, and systems.