Treating Compliance Like an Asset
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
SCOTUS Clean Air Act Cases: What’s New?
First 100 Days of the New HSR Rules with Antitrust Partner Kara Kuritz
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
From Permits to Penalties: A Deep Dive Into Coastal Development Law
Compliance into the Weeds: Boeing’s New Safety Initiatives and Compliance Reforms
PODCAST: Williams Mullen's Benefits Companion - Gag Clause Prohibitions
Cannabis Law Now Podcast - Cannabis in the Show Me State: An Interview with BeLeaf Medical's Mitch Meyers
Compliance Tip of the Day – COSO Objective 1 – Control Environment
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Episode 374 -- Justice Department Resumes FCPA Enforcement with New, Focused Guidance
2 Gurus Talk Compliance – Episode 54 – The FCPA is Back On Edition
Cruising Through Change: The Auto-Finance Industry’s New Era Under Trump Unveiled — The Consumer Finance Podcast
2023 CRA Rule Repeal: Lessons to be Learned
The Classification of Gasoline & Gasoline Fumes as a Carcinogen: Considerations for Corporate Executives & Attorneys
#Risk New York Speaker Series – Upping Your Game with Tom Fox
Unlocking Crypto's Future: Insights From Coinbase's John D'Agostino — The Crypto Exchange Podcast
Hot Topics in International Trade - Let's Be Serious-Supply Chain Audits
With the seemingly never-ending updates to B2B contracts for compliance with new (and amended) comprehensive state privacy laws, the U.S. Department of Justice’s bulk data transfer rule, and artificial intelligence (AI)...more
On July 10, 2025, the EU published its Code of Practice for General-Purpose AI Models, a comprehensive, though not exhaustive, framework designed to guide Artificial Intelligence ("AI") providers in complying with the...more
Le 18 juin 2025, le ministre de la Sécurité publique a déposé le projet de loi C-8, Loi concernant la cybersécurité, modifiant la Loi sur les télécommunications et apportant des modifications corrélatives à d’autres lois (le...more
The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more
The European Banking Authority (EBA) has published its spring 2025 risk assessment report alongside a press release, outlining key developments and emerging risks within the European Union/European Economic Area (EU/EEA). The...more
On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more
In 2023, a data center experienced a complete power loss during a scheduled electrical grid maintenance. Less than five months later, that same facility faced another major power outage. However, this time the impact was...more
The American Water Works Association (“AWWA”) announced the release of its 2025 State of the Water Industry Report (“Report”). AWWA describes itself as the: …largest nonprofit, scientific and educational association...more
European cybersecurity risk management and reporting obligations have received a substantial facelift. The Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the EU (“NIS 2”) became effective...more
The NIS2 Directive has significantly reshaped the cybersecurity landscape across the EU. Since the implementation deadline in October 2024, EU Member States have been working to incorporate new standards into their national...more
Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more
The U.S. Food and Drug Administration (FDA) recently finalized its March 2024 select updates to its guidance "Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions” (“Premarket...more
On June 26, FERC approved a new reliability standard (CIP-015-1) proposed by the North American Electric Reliability Corporation ("NERC") to enhance cybersecurity of the nation's bulk electric system ("BES"). In a related...more
The FDA has finalized its guidance on cybersecurity for medical device premarket submissions, providing additional insight into the agency’s expectations for how manufacturers integrate cybersecurity risk management into...more
The Delegated Regulation, which contains regulatory technical standards (RTS) on threat-led penetration testing (TLPT) requirements under the EU Digital Operational Resilience Act (DORA), was recently published in the...more
Overview - On June 23, 2025, the New York State Department of Financial Services (“NYDFS”) issued an industry letter encouraging all regulated entities to review their cybersecurity and sanctions compliance programs in light...more
On June 23, the New York State Department of Financial Services (NYDFS) issued an industry letter to all regulated entities — banks, insurers, money transmitters, virtual currency companies, and others — cautioning that...more
Our Privacy, Cyber & Data Strategy Team discusses how to overcome five challenges companies face in the wake of a data security incident when reviewing impacted data to comply with legal obligations....more
Citing “escalating global conflict,” the New York Department of Financial Services issued an alert on Monday, June 22, 2025, to its regulated covered entities, urging them to be vigilant against potential security threats,...more
On June 18, 2025, the Minister of Public Safety introduced Bill C-8, An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts (Bill C-8). If passed, Bill C-8...more
Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies,...more
If you're in risk management, you sit at the intersection of privacy, security and compliance. It's a juggling act, and data privacy is just one ball in the air. You're overworked and your tech stack doesn't play nice...more
Cybersecurity firm CSC recently issued its CISO Outlook 2025 Report, which predicts cybersecurity challenges CISOs will face in the next year. The report, from a survey of 300 CISOs and cybersecurity professionals globally,...more
Spring is a time of renewal, and the US Securities and Exchange Commission (SEC)–under its new chairman, Paul Atkins–has shown that. On 12 June 2025, the SEC withdrew 14 proposed rules impacting funds and asset managers,...more
On June 12, the Securities and Exchange Commission (SEC) formally withdrew 14 proposed rules for investment advisers, broker-dealers and public companies, many of which had been pending for several years. Should the SEC...more