Treating Compliance Like an Asset
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
SCOTUS Clean Air Act Cases: What’s New?
First 100 Days of the New HSR Rules with Antitrust Partner Kara Kuritz
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
From Permits to Penalties: A Deep Dive Into Coastal Development Law
Compliance into the Weeds: Boeing’s New Safety Initiatives and Compliance Reforms
PODCAST: Williams Mullen's Benefits Companion - Gag Clause Prohibitions
Cannabis Law Now Podcast - Cannabis in the Show Me State: An Interview with BeLeaf Medical's Mitch Meyers
Compliance Tip of the Day – COSO Objective 1 – Control Environment
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Episode 374 -- Justice Department Resumes FCPA Enforcement with New, Focused Guidance
2 Gurus Talk Compliance – Episode 54 – The FCPA is Back On Edition
Cruising Through Change: The Auto-Finance Industry’s New Era Under Trump Unveiled — The Consumer Finance Podcast
2023 CRA Rule Repeal: Lessons to be Learned
The Classification of Gasoline & Gasoline Fumes as a Carcinogen: Considerations for Corporate Executives & Attorneys
#Risk New York Speaker Series – Upping Your Game with Tom Fox
Unlocking Crypto's Future: Insights From Coinbase's John D'Agostino — The Crypto Exchange Podcast
Hot Topics in International Trade - Let's Be Serious-Supply Chain Audits
On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more
Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more
Cyber regulations are crucial for the protection of individuals and businesses and aid in risk minimization; failure to comply with these regulations can result in severe consequences such as financial penalties, legal...more
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Law Workshop featured three panels of...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: North Dakota Passes Law...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more
The OECD's AI recommendations encourage Member States to uphold principles of trustworthy AI. Status of the AI Regulations - The Adherents have agreed to promote, implement, and adhere to the Recommendation. The Principles...more
The NAIC’s privacy protections and cybersecurity working groups have continued their building efforts....more
On 14 February 2025, the Cyberspace Administration of China (“CAC”) issued the “Administrative Measures for Personal Information Protection Compliance Audits” (the "Measures"), which will take effect on 1 May 2025. The...more
On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates...more
As if legal and compliance professionals had enough responsibilities on their plates, DOJ dropped another shoe (to join the tariffs, sanctions and export controls, and immigration issues) and upped the stakes for ethics and...more
On April 23, 2025, Quebec’s Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents (Regulation) will come into force. Issued by...more
On April, 8 2025, the Department of Justice’s final rule, implementing the Biden-era Executive Order 14117 restricting the transfer of Americans’ Sensitive Personal Data and United States Government-Related Data to countries...more
The US Department of Justice’s (DOJ’s) Final Rule on preventing access to US sensitive personal data, published in the Federal Register on January 8, 2025, will prohibit or significantly restrict the transfer of or other...more
INTERPOL’s Commission for the Control of INTERPOL’s Files (CCF) has finished its first session of the year and has listed the 2025 sessions on INTERPOL’s website as follows...more
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more
Ling Chi was a slow and torturous method of execution practiced in Imperial China. Better known in English as "death by a thousand cuts", ling chi took a terribly long time to kill the condemned prisoner....more
The UK Payment Systems Regulator (PSR) has published a policy statement outlining its approach to publishing authorised push payment (APP) scams data for 2024. In 2025, the PSR will take a different approach to publishing...more
Artificial Intelligence (AI) has been touted as the answer to a multitude of business challenges. However, AI – along with machine learning and large language models (LLMs) – is still fraught with technical and regulatory...more
On February 20, 2025, the Polish Personal Data Protection Office (UODO) published an updated version of the guide on personal data protection breaches. The first edition was released in 2018. The latest version...more
As we previously reported, in 2023 the New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500). As of November 1, 2024, Class A Companies and Covered Entities...more
The U.S. Department of Justice’s (DOJ) sweeping new rule on cross-border data transactions is set to take effect in substantial part next month, with broad implications for companies that transfer U.S. personal data or...more
The European Supervisory Authorities (ESAs) have published joint guidelines on the system established by the for the exchange of information relevant to the assessment of the fitness and propriety in the official EU...more
On February 27, NYDFS reminded covered entities subject to the Cybersecurity Regulation to submit their annual compliance notifications for the 2024 calendar year. Covered entities must submit the compliance filing by April...more