Episode 331- NAVEX State of Risk and Compliance Programs
What the Board Should Be Asking About the Compliance Program
Common Scenarios Triggering False Claims Act Violations, Part 3: Claims and Investigations
Compliance into the Weeds: Of Fat Fingers, Internal Controls and Compliance
Vicky Hanks of Blake Morgan on Building an Effective Employee Brand - Passle's CMO Series Podcast
Better Investigative Interviewing
Hot Topics in International Trade
Episode 301 -- Steve Naughton on Compliance and Complaince Education at Loyola Law School Program
Episode 298 -- Electronics Communications Risks and Ephemeral Messaging
Episode 297 -- Susan Divers on LRN's 2023 Program Effectiveness Report
The Justice Insiders Podcast: SEC Plays Chicken with Jarkesy
JONES DAY TALKS®: The Evolution of Corporate Compliance Programs: Key Issues for Multinational Companies
Compliance & Disaster Preparedness
Compliance Series Part 3: Ensuring Compliance Programs are Effective
Compliance Programs Part 2: Designing a Successful Compliance Program
Compliance Programs Part 1: What is a Compliance Program and Why do Businesses Need One?
Law Firm ILN-telligence Podcast: Episode 73: Daniel García Piñeros, Gamboa, García & Cardona Abogados
Episode 284 -- How to Implement a Compliance Compensation System
Episode 276 -- Review of Phillips and Franks Int'l SEC FCPA Settlements
One Month to More Effective Internal Controls - Day 17 - COSO Objective IV: Information and Communication
Late last week, the U.S. Department of Justice (DOJ) filed its complaint-in-intervention in a qui tam lawsuit against the Georgia Institute of Technology (Georgia Tech), alleging that the university failed to meet certain...more
Judge Engelmayer’s 107-page dismissal of most of the U.S. Securities and Exchange Commission (SEC)’s claims against SolarWinds provides valuable guidance, and some comfort, for public companies and Chief Information Security...more
In a stinging rebuke of its attempted cybersecurity-related enforcement against a public company, a federal judge recently dismissed most of the charges that the U.S. Securities and Exchange Commission (SEC) had filed against...more
Last month, the SEC announced another enforcement action emphasizing the need for early disclosure of cybersecurity events. In the recent action, the company had taken three weeks to act on internal alerts of malware on its...more
Section 13(b)(2)(B) of the Securities Exchange Act of 1934 requires public companies to “devise and maintain a system of internal accounting controls.” In a recent opinion, a New York federal court rejected the Securities...more
The U.S. District Court for the Southern District of New York has dismissed many of the Securities and Exchange Commission’s (SEC’s) claims against software development company SolarWinds and its chief information security...more
On July 18, 2024, U.S. District Judge Paul Engelmayer of the U.S. District Court for the Southern District of New York issued a comprehensive 107-page opinion that may have significant implications for the Securities and...more
Think of it as the compliance version of The Butterfly Effect – a small, unnoticed, action, or failure to act, somewhere in the organization that balloons over time into a much larger, material issue. Maybe an employee is...more
On July 18, 2024, a New York federal judge dismissed most of the US Securities and Exchange Commission’s ("SEC") claims against SolarWinds Corp. ("SolarWinds" or the "Company") and its Chief Information Security Officer...more
On June 18, 2024, the SEC announced the settlement of administrative proceedings brought against a marketing and business communications firm for alleged internal accounting control deficiencies that caused the firm’s failure...more
The U.S. District Court for the Southern District of New York has dealt a significant blow to the cybersecurity enforcement efforts of the U.S. Securities and Exchange Commission (SEC or Commission). In its July 18, 2024,...more
The U.S. District Court for the Southern District of New York on July 18, 2024, dismissed most of the SEC's landmark cyber enforcement litigation against SolarWinds Corp. (SolarWinds or the Company) and the Company's Chief...more
In the ever-evolving compliance landscape, the recent enforcement action by the Securities and Exchange Commission (SEC) against RR Donnelley is a significant case study. This incident underscores the importance of robust...more
In a significant expansion of internal controls enforcement, the SEC announced a $2.1 million settlement with R.R. Donnelley & Sons Co. (“RRD”) for its handling of a 2021 ransomware attack and resulting disclosure failures. ...more
The SEC continues to expand its cybersecurity enforcement authority to include allegations that a company's failure to monitor its managed security service providers (MSSP) amounts to violations of federal securities laws....more
The Securities and Exchange Commission entered into a resolution agreement with R.R. Donnelley & Sons (RRD) on June 18, 2024 with RRD agreeing to pay $2.125 million to resolve disclosure and control violations alleged by the...more
Taking stock, looking ahead - The start of a new year is an important opportunity for boards to take a step back and reassess their agendas to help ensure that they are appropriately focused on the most critical issues for...more
This memorandum outlines key considerations from White & Case's Public Company Advisory Group for foreign private issuers ("FPIs") during the 2024 annual reporting season, divided into two sections: Form 20-F Housekeeping...more
Lately, I have been asked a lot about security in Business Central and how good it is… Permissions, Roles, Field Level Permission with an APP, and so on. How do you know if anything has been compromised, or if you have a...more
In recent guidance, the Department of Justice made clear that it will very rarely grant an extension of registrants’ deadline to disclose material cybersecurity incidents under the SEC’s Final Rules. Under the Securities and...more
We have received several requests for a list of the compliance policies that make sense for every multinational company. So, as a follow-up to our earlier two posts providing “twelve steps to international compliance” (see...more
With the 2023 annual report season upon us, it is time for companies to take stock of risk factors for 10-Ks and 20-Fs, and consider whether recent economic, political, technological, and regulatory developments have had (or...more
On November 1, 2023 the New York Department of Financial Services ("DFS") released amended cybersecurity regulations ("Regulations"). These changes will impose additional controls, demand more frequent risk assessments, and...more
Public companies are required to make prompt public disclosures on Form 8-K about a large number of specified events. While Form 8-K does not mandate current reporting of all material events, it goes a long way toward...more
On October 30, 2023, the US Securities and Exchange Commission ("SEC") announced that it filed charges against SolarWinds Corp. ("SolarWinds" or the "Company") and its Chief Information Security Officer ("CISO") in connection...more