2023 CRA Rule Repeal: Lessons to be Learned
The Classification of Gasoline & Gasoline Fumes as a Carcinogen: Considerations for Corporate Executives & Attorneys
Hot Topics in International Trade - Let's Be Serious-Supply Chain Audits
Regulatory Rollback: Inside the CFPB’s FCRA Guidance Withdrawal — The Consumer Finance Podcast
Cruising Through Change: The Auto-Finance Industry’s New Era Under Trump Unveiled — Moving the Metal: The Auto Finance Podcast
Regulatory Rollback: Inside the CFPB's FCRA Guidance Withdrawal — FCRA Focus Podcast
Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder
2 Gurus Talk Compliance: Episode 53 – The AI as a Whistleblower Edition
Compliance Tip of the Day: Internal Controls for Third Parties
Healthcare Enterprise Risk Management
GILTI Conscience Podcast | Navigating Brazil's New Transfer Pricing Landscape: A Shift to OECD Standards
Importance of Compliance Management in times of transition
Great Women in Compliance: From Hotline to Headline: The DOJ’s Whistleblower Awards Reboot with Mary Inman and Liz Soltan
Compliance into the Weeds: Autonomous AI Whistleblowing Misconduct
Understanding MALPB Charters: A Collaborative Approach to Banking Innovation — Payments Pros – The Payments Law Podcast
Law Firm ERGs Under Scrutiny: Navigating Compliance, Risk, and Culture - On Record PR
Compliance Tip of the Day: Risk Assessments and Internal Controls
Daily Compliance News: June 3, 2025 the $500MM for Compliance Edition
Navigating Legal Strategies for Covering GLP-1s in Self-Insured Medical Plans — Employee Benefits and Executive Compensation Podcast
Cybersecurity firm CSC recently issued its CISO Outlook 2025 Report, which predicts cybersecurity challenges CISOs will face in the next year. The report, from a survey of 300 CISOs and cybersecurity professionals globally,...more
Spring is a time of renewal, and the US Securities and Exchange Commission (SEC)–under its new chairman, Paul Atkins–has shown that. On 12 June 2025, the SEC withdrew 14 proposed rules impacting funds and asset managers,...more
On June 12, the Securities and Exchange Commission (SEC) formally withdrew 14 proposed rules for investment advisers, broker-dealers and public companies, many of which had been pending for several years. Should the SEC...more
The cybercrime group known as Scattered Spider is at it again, according to Google’s Threat Intelligence Group. This criminal group is known to focus its cyber attacks on one sector at a time. Last spring, it was the retail...more
North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more
The intersection of privacy, cybersecurity, and AI is reshaping risk and regulation in fintech. In a recent episode of The Fintech and Blockchain Podcast, our team explored how fast-moving developments—from AI-powered...more
96% of companies currently use the public cloud, but Gartner predicts that there's more to that reliance than a convenient source of digital storage. Their leading experts believe that the cloud will be a business necessity...more
Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. Join Tom Fox, the Voice of Compliance as he visits with top innovative minds, thinkers and creators in the...more
In late May 2025, the Securities Industry and Financial Markets Association (SIFMA), together with the American Bankers Association, Bank Policy Institute, Independent Community Bankers of America, and Institute of...more
During the Biden administration, there was a push to prioritize and modernize cybersecurity responses, and the National Institute of Standards and Technology (NIST) agreed to work with the technology industry to develop a new...more
Politicians’ and tech giants’ embrace of nuclear energy to power AI heightens the urgency to protect critical infrastructure from cyber threats....more
On June 2, 2025, the U.S. Department of Labor (DOL) announced a significant expansion of its compliance assistance tools by launching an Opinion Letter Program across five key enforcement agencies, including the Employee...more
As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more
This regular alert covers key policy and regulatory developments related to EU geopolitical risks, including in particular, economic security, Russia’s war against Ukraine, health threats, and cyber threats. It does not...more
The European Union Agency for Cybersecurity (ENISA) has launched the European Vulnerability Database (EUVD), a tool designed to enhance digital security across the EU. The EUVD is available here....more
On May 19, the GAO published a report discussing the use and oversight of AI in financial services. The report highlighted the benefits of AI, such as improved efficiency, reduced costs, and enhanced customer experience,...more
Imagine receiving an email from an unknown actor claiming to have taken approximately 2 terabytes of data from your organization’s network. The threat actor provides a file tree and sample files to substantiate its claim....more
The mining sector is increasingly at risk from cyber attacks, and many companies are racing to defend themselves against the backdrop of a rapidly changing threat landscape. Ross Phillipson and Anna Rudawski explore what is...more
The Cross Market Operational Resilience Group's (CMORG) AI Taskforce has released its AI Baseline Guidance Review (dated January 2025), accompanied by a press release. The CMORG AI Taskforce conducted a baseline review of...more
On May 5, the OIG for the Fed authored a report with several recommendations for the CFPB following a major security incident regarding confidential supervisory information (CSI). The OIG issued four findings with seven...more
Cyber security supply chain risks are growing, and attacks on vendors and other third parties cause severe disruption to businesses. For example, in recent years we have seen many incidents that have involved threat actors...more
The EU Cyber Resilience Act (CRA), adopted by the European Parliament in 2024, marks a major milestone in European cybersecurity legislation. As the first EU-wide law focused on the cybersecurity of digital products, it...more
During the 2024 legislative session, the Colorado General Assembly passed Senate Bill 24-205, which is known as the Colorado Artificial Intelligence Act (CAIA). This law will take effect on February 1, 2026, and requires...more
On May 1, 2025, additional cybersecurity requirements introduced by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) took...more
Cybercriminals look for two things when seeking a victim—access and opportunity. ERISA retirement plans offer both. Cybercriminals exploit weaknesses in systems, software, or human behavior to find opportunities for easy...more