Easy solution: almost there
I'm actually with an earlier poster - we're no longer dealing with a technology problem, this is a human problem. The issue with the above "Easy solution" is that it doesn't create personal responsibility and is thus unlikely to work. Example: what changed after MS got YAF (Yet Another Fine)? Exactly, nada, nothing. The moment you pull directors from behind that legal shield a company represents and make them PERSONALLY liable for such offenses, THEN matters will change.
The guys at the top need to know that they are going to get personally hit before they will act, at the moment it's still too easy for incompetents to hide behind "I didn't know" (Enron defense) and sacking some poor shlob to he/she leaves and takes the blame away. Nothing beats the risk of personally having to take the rap to focus someone's attention.
It's a human problem - not technical.