Technology vendors everywhere want to serve big Wall Street banks, so when one of those banks talks about risks they see in their software supply chain, compliance and audit professionals should listen – which brings us to an...more
Compliance officers know that internal reports are the fuel upon which your compliance program runs – the more reports you receive, the better you understand the compliance issues within your organization and the faster you...more
Artificial intelligence keeps improving at all sorts of things – including how to challenge corporate ethics and compliance programs. Even while you may still be struggling to tame the risks of generative AI, its more...more
2024 was a year of numerous and notable cybersecurity failures – although, to be fair, most years are now marred by numerous and notable cybersecurity failures. That’s no longer anything special. What makes 2024 interesting...more
For many years, corporate compliance officers have followed a certain natural process. First, regulators adopt a new rule, then you decipher how the arrival of that new rule might require changes to your policies, procedures...more
3/26/2025
/ Artificial Intelligence ,
Compliance ,
Corporate Counsel ,
Corporate Governance ,
Deregulation ,
Employees ,
EU ,
Policies and Procedures ,
Regulatory Reform ,
Risk Assessment ,
Risk Management ,
Trump Administration
The other day, I attended a panel discussion of compliance officers talking about how corporate compliance might change with the arrival of the Trump Administration. Except, we never got around to that discussion – we were...more
Artificial intelligence reached another milestone at the start of February, this one particularly relevant for corporate compliance officers: on February 2, 2025, the first five articles of the EU AI Act went into effect....more
2/11/2025
/ AI Act ,
Artificial Intelligence ,
Compliance ,
Data Privacy ,
Data Protection ,
EU ,
Innovative Technology ,
Machine Learning ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Risk Mitigation ,
Technology Sector
California sets the pace for all sorts of trends in the world – so perhaps compliance officers should take note of two recent advisories the state’s attorney general published on artificial intelligence. They capture a lot...more
2/5/2025
/ Artificial Intelligence ,
California ,
Compliance ,
Data Privacy ,
False Advertising ,
Healthcare ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
State Privacy Laws
Ask a compliance officer to name their top worry about artificial intelligence, and odds are they will blurt out something to do with privacy. That doesn’t just tell us what the risks of AI are – it also gives us hints about...more
The other week I was talking with a chief compliance officer, and asked her what she believes her biggest challenge will be in 2025. “Artificial intelligence,” she immediately replied. “Our IT department thinks they control...more
Look around the business landscape today, and supply-chain risks are everywhere – which means that sooner or later, those risks will appear on the compliance function’s radar screen too. They probably already have....more
12/18/2024
/ Chief Compliance Officers ,
Chief Information Security Officer (CISO) ,
China ,
Compliance ,
Corruption ,
Cybersecurity ,
Deregulation ,
Due Diligence ,
Economic Sanctions ,
EU ,
Exports ,
Multi-Factor Authentication ,
Regulatory Requirements ,
Risk Management ,
Supply Chain ,
Trump Administration
A few weeks back the U.S. Financial Crimes Enforcement Network (FinCEN) published a bulletin urging financial firms to do better at identifying deepfakes that fraudsters might use to evade customer due diligence programs. The...more
11/27/2024
/ Anti-Money Laundering ,
Artificial Intelligence ,
Compliance ,
Deep Fake ,
Due Diligence ,
Enforcement ,
FinCEN ,
Fraud ,
Internal Reporting ,
Popular ,
Regulatory Requirements ,
Risk Management
Sometimes questions about corporate compliance programs can be more complicated than they first seem. Such was the case when a compliance officer recently asked me, “Can you point to anything specific that says why compliance...more
CISOs, compliance officers, corporate boards, and other senior executives are quick to worry these days about the risks of artificial intelligence – but fear not! Some of the brightest minds in technology have built a tool to...more
9/19/2024
/ Artificial Intelligence ,
Board of Directors ,
Chief Compliance Officers ,
Chief Information Security Officer (CISO) ,
Databases ,
Ethics ,
Governance Standards ,
Liability ,
Machine Learning ,
Noncompliance ,
Risk Management
Compliance officers need to think about fraud and misconduct risks all the time, which means you need to talk to others in your organization about exactly how those risks might happen – but what’s the right way for you to do...more
Ethics and compliance officers have long had an uneasy relationship with corporate sustainability efforts, mostly because most compliance officers aren’t quite sure they want – or know how to handle – responsibility for it. ...more
7/11/2024
/ Carbon Emissions ,
Contract Management ,
Cybersecurity ,
Environmental Social & Governance (ESG) ,
Forced Labor ,
Human Rights ,
Human Trafficking ,
Modern Slavery Act ,
Policies and Procedures ,
Popular ,
Risk Management ,
Supply Chain ,
Sustainability
Corporate compliance officers have been bracing for regulation of how companies can use artificial intelligence in their daily business operations. Now we have a fresh glimpse of what that regulatory landscape might look like...more
Attention all compliance officers at large technology companies – have you checked your mail lately? Because you might find a letter from the Securities and Exchange Commission with FCPA risk written all over it....more
5/29/2024
/ Anti-Corruption ,
Compliance ,
Contract Management ,
Corruption ,
Distributors ,
Due Diligence ,
Enforcement ,
Foreign Corrupt Practices Act (FCPA) ,
Recordkeeping Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Settlement ,
Technology Sector ,
Third-Party
Explaining how a strong culture of ethics and compliance can help your enterprise to succeed is tricky business. So imagine my delight when I came across a recent speech from a banking regulator who did exactly that....more
Risk assessments are one of the most important tasks a compliance officer performs – and also one of the most confounding. How do you keep assessing your organization’s risks in a disciplined, methodical manner, when the...more
One year ago, compliance officers began 2023 dazzled by the potential of artificial intelligence, and braced for new regulations to govern how corporate organizations use AI. Then a funny thing happened: governments didn’t...more
The U.S. Securities and Exchange Commission recently announced that its long-awaited greenhouse gas disclosure rule will be delayed yet again, most likely until April 2024. This raises an important question for compliance and...more
12/29/2023
/ Audits ,
Climate Change ,
Compliance ,
Data Collection ,
Environmental Social & Governance (ESG) ,
Greenhouse Gas Emissions ,
Proposed Rules ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Supply Chain ,
Third-Party
Everyone even peripherally involved with corporate governance, compliance, or risk management knows that corporate boards need more CISOs to help them navigate today’s cyber-saturated world. Even better, plenty of CISOs are...more
Don’t faint from surprise at this news, but corporate compliance is a world with lots of lingo that can be difficult to understand. Case in point: a “policy about policies” – something that sounds obscure, but actually is one...more
Compliance and technology executives, we need to talk. Or, more accurately, you need to talk more often – to each other.
In the last 18 months, the Securities and Exchange Commission sanctioned three companies for making...more