Wait, that’s covered? Insurability of Fines and Penalties Flowing From a Cybersecurity Breach
FCPA Compliance and Ethics Report-Episode 31-the FCPA Year in Review, Corporate Enforcement Actions
FCPA Compliance and Ethics Report-Episode 30-Interview with the FCPA Professor-Part 2
Condo complaints not in writing?
Health Data on Leased Photocopier Costs Company $1.2m—What Others Can Learn
The Justice Department is encouraging companies to voluntarily disclose criminal violations — “Come in and confess” and DOJ offers promises of a declination. But even a declination comes with a requirement — the company has...more
Background - The Corporate Transparency Act of 2019 (“CTA”) became effective on January 1, 2024. Under the CTA, all “reporting companies” must file a Beneficial Ownership Information (BOI) report with the Financial Crimes...more
It has been reported that the European Central Bank will be imposing fines on as many as four lenders due to “not meeting deadlines set by the ECB for assessing their exposure to climate risks.” Specifically, ECB regulations...more
In the world of compliance and ethics, the Citigroup internal control debacle serves as a glaring reminder of the critical importance of robust, well-designed, functioning and effective internal controls. The U.K. Financial...more
The push by U.S. states to pass data privacy laws continues with Maryland being the 18th state to join their ranks. However, Maryland has taken a more stringent and comprehensive approach than many of its peers: Governor Wes...more
As U.S. states continue to pass data privacy legislation, Maryland has gone above and beyond in signing both the Maryland Online Data Privacy Act of 2024 (MODPA) and the Maryland Age Appropriate Design Code (HB 603/SB...more
On March 13, 2024, Utah enacted the Utah Artificial Intelligence Policy Act (UAIP), which imposes certain disclosure requirements on entities using generative AI tools with their customers, and limits an entity’s ability to...more
Regulators with the Federal Reserve and the Office of the Comptroller of the Currency (“OCC”) have fined JP Morgan Chase & Co. a combined total of $348.2 million over the bank’s failure to monitor client trading activities...more
On January 16, 2024, New Jersey Governor Phil Murphy signed Senate Bill (SB) 332, establishing New Jersey’s consumer data privacy law, the New Jersey Data Privacy Act (NJDPA) which will be effective January 15, 2025. This...more
Report on Patient Privacy 23, no. 11 (November, 2023) Tim DiBona clearly remembers Christmas Eve 2018 when the staff of his small firm—Doctors’ Management Service (DMS)—arrived at their West Bridgewater, Mass., office to...more
NSA and CISA Release Report on “Top Ten” Cybersecurity Misconfigurations; CISA Calls for Software Manufacturers to Implement Best Practices - On October 5, 2023, the United States National Security Agency (NSA) and...more
In recent years, the U.S. Securities and Exchange Commission (SEC) has increasingly made Environmental, Social, and Governance (ESG) issues a central element of the agency’s enforcement priorities and on September 25, the...more
Introduction: In the rapidly advancing digital age, cybercrime has become a serious global concern, and the UAE is not immune to this threat. Scammers are becoming increasingly sophisticated, using tactics such as fake calls,...more
When announcing the much publicized $125 million fine against JP Morgan for violating recordkeeping rules, the U.S. Securities and Exchange Commission (“SEC”) Chair stated that financial institutions “did not act as if they...more
If there ever is an example of a rotten corporate culture, Wells Fargo sits at the head of the class. Since Wells Fargo’s sales pressure scandal, Wells Fargo has continued to suffer from a string of scandals and misconduct. ...more
In this month’s Privacy & Cybersecurity Update, we analyze recent fines against Meta and their impact on the future of behavioral advertising, the timeline for the California Privacy Rights Act’s regulations to become...more
The Justice Department continues to push an aggressive agenda against businesses. It is committed to demonstrating its resolve to prosecute companies and individuals from the business community. Whether it is antitrust,...more
This summer was a busy one for cryptocurrency regulators, with aggressive actions potentially signaling an increase in consumer protection compliance activity. In August alone, the New York Department of Financial Services...more
The latest legal buzzword, ESG, represents the environmental, social and governance factors that many corporations are now required to consider and disclose alongside traditional financial information such as operating...more
Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more
Keypoint: As it did last year, the Oklahoma House passed a consumer data privacy bill. On March 23, 2022, the Oklahoma House voted 74-15 (with 11 excused) to pass Representative Collin Walke’s HB2969 – the Oklahoma...more
A data breach can be the result of a cyber/ransomware attack or an honest mistake. Either way, the potential impact of compromised data is huge. This impact can be financial (in the form of fines) and reputational (by...more
Despite the great strides companies have made to mitigate the risks associated with security breaches, including putting insurance in place to cover those risks, cyber criminals have remained two steps ahead, finding new and...more
FCA ENFORCEMENT SHIFT - On October 6, the Deputy Attorney General (“DAG”) announced a new Department of Justice (“DOJ”) Civil Cyber-Fraud Initiative – an effort that pulls together attorneys and experts across DOJ focused on...more
Amazon’s financial records have revealed that the Luxembourg data protection supervisory authority, the Commission Nationale pour la Protection des Données (“CNPD”), is fining the retailer’s European arm (Amazon Europe Core...more