Compliance in the Former Soviet Central Asian Republics
Inside a $175M Deal: Tim McLoughlin & Joshua Hayes Live From RDU Startup Week
Tariffs and Trade Series: What Investors Need to Know
Managing Sanctions Compliance
Understanding Human Trafficking and Modern Slavery: A Business Imperative with Clint Palermo
Adventures in Compliance: The Novels – A Study in Scarlet, Introduction to Compliance Lessons
FCPA Compliance Report: Ellen Hunt on Compliance ROI and on a Due Diligence and the US Sentencing Guidelines
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Podcast - What Are Joint Ventures and When Should They Get Cleared?
The Demystification of Employee Retention Credits for Private Equity Deals — PE Pathways Podcast
OG Talks: Good Energy and Navigating Transactions
M&A Considerations for Serial Acquirers
PODCAST: Williams Mullen's Trending Now: An IP Podcast - IP and M&A Transactions
Implementing IP Best Practices to Maximize Exit Value
Tech Debt is Common. What does it mean for IPO readiness from a cybersecurity perspective?
Due Diligence in AI: Thinking like your biggest critic
Due Diligence in AI: 3 things you need to survive AI scrutiny
A Third Party's Perspective on Third Party Risk
The EU Corporate Sustainability Due Diligence Directive
Regulatory Phishing Podcast - The Impact of Cybersecurity Compliance on Corporate Transactions
Welcome to the latest issue of Bracewell’s FINRA Facts and Trends, a monthly newsletter devoted to condensing and digesting recent FINRA developments in the areas of enforcement, regulation and dispute resolution. This month,...more
Effective information security is no longer just dependent on an organisation’s own internal cybersecurity controls. The UK Information Commissioner’s Office (ICO) highlights that third-party service providers are processing...more
What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more
Most people know what a deepfake is but have not put much thought into how it could affect business operations. Deepfakes are videos, pictures, or audio that have been convincingly manipulated to misrepresent a person saying...more
We recently dove into what vendor risk and vendor risk management entails. Once you understand that this is the risk that results from vendors, it’s simple to extend this and establish that vendor risk assessment (VRA), or...more
Key Takeaways: ..On August 13, 2021, FINRA issued Regulatory Notice 21-29 (“RN 21-29”) to remind member firms that they must establish and maintain an adequate supervisory system, including written supervisory procedures...more
Vendor risk management (VRM), or third-party risk management, is the management, monitoring, and evaluation of risks that result from third-party vendors and suppliers of products and services. It’s a crucial initiative...more
We previously reported that the Connecticut Insurance Department had issued Bulletin IC-42 to all licensees, providing guidance for compliance with the State's Insurance Data Security Law (the Act). However, in light of the...more
This client alert will briefly outline key upcoming deadlines under the New York State Department of Financial Services (DFS) Cybersecurity Regulation (the “Regulation”). These include annual filing deadlines coming up in...more
Almost all parties are required to exchange personal data as part of a merger and acquisition transaction. With data breaches on the rise, any buyer in a M&A transaction cannot afford to ignore privacy and data security...more
On September 15, 2017, the FTC released its eighth “Stick with Security” principle, which offers advice that individuals and organizations should consider when hiring others to process sensitive data. A few tips for making...more
New privacy torts have recently emerged in certain Canadian jurisdictions, including intrusion upon seclusion and publicity given to private life. Intrusion upon seclusion allows a plaintiff to sue if (1) a person has...more
The CFTC recently approved the National Futures Association’s interpretive notice (the “Cybersecurity Notice”) on the general requirements that members should implement for their information systems security programs...more
The SEC announced last week that an investment adviser had agreed to settle charges that it failed to take required steps to protect against and respond effectively to a cybersecurity breach. The action comes on the heels of...more
On September 15, 2015, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a National Exam Program Risk Alert (2015 Risk Alert) to provide broker-dealers and investment...more
Tennessee has joined other states in formally approving lawyers’ cloud-storage of client-confidential data. The Board of Professional Responsibility (“BOPR”) held that lawyers ethically may use cloud storage for...more
This week the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) announced a second-round of cybersecurity examinations, continuing its initiatives on the issue. The move follows the SEC’s: March 2014 roundtable...more
Recent data breaches have brought cybersecurity to the attention of insurance companies, and serve as a reminder to third party administrators ("TPAs") that cybersecurity issues are a serious compliance and regulatory...more