Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
Preparing for a Government Healthcare Audit
Tackling Credit Push Fraud: Understanding Nacha's Risk Management Package (Part Two) — Payments Pros: The Payments Law Podcast
Compliance into The Weeds: The Complexity of Risk Assessments
Behavioral Health Compliance
The Importance of Assessment Areas
RegFi Episode 8: The Technological Path to Outcomes-Based Regulation with Matt Van Buskirk
What Physicians Need to Understand About Balance Billing
What Nonprofit Board Leadership Needs To Know About Internal Investigations
Taking a Behavioral Approach to Compliance
Episode 291 -- Interview of Mary Shirley on Her New Compliance Book
ChatGPT Risks for Compliance Programs
Season 2 Episode 3 - The Role of Ethics and Compliance Programs in International Business
In the Boardroom With Resnick and Fuller - Episode 4
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
"Board-er" Patrol in Privacy and Cyberattacks - Unauthorized Access Podcast
What Issues Did the California Privacy Protection Agency Raise? On July 16, 2024, the California Privacy Protection Agency (Agency) discussed proposed updates to the California Consumer Privacy Act (CCPA) regulations....more
In a development that is expected to complicate many litigation challenges alleging that the presence of low levels of microplastics in food is inherently unsafe, officials from the US Food and Drug Administration (FDA or...more
On 24 June 2024, the European Union (EU) adopted its 14th sanctions package directed against Russia, imposing an asset freeze against an additional 116 individuals and entities and expanding sectoral sanctions targeting key...more
On July 15, 2024, the California Privacy Protection Agency (CPPA) released proposed updates to the California Consumer Privacy Act (CCPA) regulations, including updates to the draft risk assessments, automated decisionmaking...more
The agreed text of the AI Act was published on July 12, 2024, essentially starting the clock on the legal deadlines contained in it. Its obligations will apply in tiered phases, with the first key obligations being enforced...more
The Development: China's Supreme People's Court ("SPC") recently released a Judicial Interpretation of Several Issues Concerning the Application of Law in the Trial of Civil Dispute Cases Arising from Monopolistic Conduct...more
On June 24, 2024, the Commerce Department published a Final Determination under its Information and Communications Technology and Services (ICTS) authorities. The determination prohibits the Russian-controlled cybersecurity...more
With new comprehensive privacy laws in Texas and Oregon going into effect on Monday, July 1, we invited enforcers from the Texas and Oregon Attorneys General Offices – Tyler Bridegan and Kristen Hilton – to join our Wiley...more
As Artificial Intelligence (AI) continues to evolve and integrates into business processes, the Office of the Privacy Commissioner for Personal Data (PCPD) released its Artificial Intelligence: Model Personal Data Protection...more
The UK Competition & Markets Authority (“CMA”) has published the first in a series of anticipated merger control decisions in the artificial intelligence (“AI”) space, providing insight on its approach to the application of...more
After years of internal discussion, the Board of the California Privacy Protection Agency (CPPA), at their March 8th meeting, voted to progress toward formalizing the proposed regulations on risk assessments and automated...more
On March 14, 2024, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced its first enforcement case of the year and its first ever involving dealings with a Russian designated for sanctions...more
The new EU Corporate Sustainability Reporting Directive (“CSRD”) is set to revolutionize ESG reporting for companies around the world. Certain large EU companies are already conducting double materiality assessments and...more
Just as risk assessment is the bedrock for an effective compliance program, root cause analysis (“RCA”) similarly underpins successful remediation of compliance violations. The DOJ’s March 2023 Evaluation of Corporate...more
This week, SAP SE (SAP), the German-based software company, agreed to pay over $200 million to resolve investigations by the US Department of Justice (DOJ) and US Securities and Exchange Commission (SEC) into violations of...more
From the classroom to the boardroom, attacks on diversity, equity, and inclusion (DEI) gained significant momentum in 2023. Bolstered by their victory at the Supreme Court in the Students for Fair Admissions (SFFA) cases,...more
On January 8, 2024, New York Governor Kathy Hochul and the New York Office of Information Technology Services (NY ITS) announced two major initiatives on artificial intelligence (AI) that will impact private and public...more
On December 21 President Biden signed the Foreign Extortion Prevention Act (FEPA) as part of the Fiscal Year 2024 National Defense Authorization Act. The legislation addresses a perceived gap in the Foreign Corrupt Practices...more
The California Privacy Protection Agency (“CPPA”) published a revised set of Draft Cybersecurity Audit Regulations ahead of the CPPA Board’s December 8, 2023 meeting. When the CPPA Board met on December 8, several key...more
This week, the California Privacy Protection Agency (CPPA) released preliminary draft regulations on automated decisionmaking technology ( or “ADMT”) that would require disclosures and associated opt-out and access rights...more
Keypoint: The California Privacy Protection Agency continued its rulemaking efforts by releasing revised draft cybersecurity audit regulations although the Agency has yet to initiate the formal rulemaking process....more
The five-member Board of the California Privacy Protection Agency (the “CPPA”) held a public meeting on September 8, 2023, to discuss a range of topics, most notably, draft regulations relating to risk assessments and...more
In advance of its September 8, 2023 board meeting, the California Privacy Protection Agency (“CPPA”), the state’s privacy regulatory body, has unveiled draft regulations that could significantly impact cybersecurity...more
On July 26, 2023, the Securities and Exchange Commission (“SEC”) voted to approve final rules governing cybersecurity disclosures of public companies (“Final Rules”). The Final Rules make meaningful changes to the current and...more
Artificial intelligence (“AI”), once limited to the pages of science fiction novels, is now viewed as a key strategic priority for both the UK and EU. The UK, in particular, plays a prominent role at the cutting edge of...more