Great Women in Compliance: Creating Space to Speak Up: The Story Behind Psst.org
REFRESH Nonprofit Basics: Insider Transactions and Nonprofits
FCPA Compliance Report: Death of CTA
Auditing Your Hotline and Case Management System
PODCAST: Williams Mullen's Benefits Companion - Good News for the ACA in 2025
RoboCop: Overview of Corporate Basics and Compliance Filings
The Corporate Transparency Act
John Wick - What You Need To Know about the Corporate Transparency Act
Cannabis Law Now Podcast: Cannabis Companies and the Corporate Transparency Act
US Expatriate Tax Planning - Part 2 - A Podcast with Janathan Allen
EEO-1 Filing After June 4: What to Do Now, and How to Prepare for Next Year - Employment Law This Week®
Examining FinCEN FAQs, Proposed Legislation and Other CTA Developments
US Expatriate Tax Planning - Part 1 - A Podcast with Janathan Allen
AGG Talks: Cross-Border Business - Episode 12: A General Counsel’s Map for International Business Expansion - Part 2
AGG Talks: Cross-Border Business - Episode 12: A General Counsel’s Map for International Business Expansion - Part 1
Navigating the Corporate Transparency Act - Payments Pros – The Payments Law Podcast
DE Under 3: OMB Announced Finalized Overhaul to Federal Race & Ethnicity Data Collection Standards
Webinar: Corporate Transparency Act
What Nonprofit Leaders Need To Know About the Corporate Transparency Act
Regulatory Phishing Podcast - The Impact of Cybersecurity Compliance on Corporate Transactions
The Financial Stability Board (FSB) has published its finalised Format for Incident Reporting Exchange (FIRE), together with a press release and updated webpage. FIRE provides a standardised format for financial institutions...more
Lawmakers expressed bipartisan support for significantly amending or eliminating some cybersecurity incident notification requirements during a recent hearing of the U.S. House Committee on Homeland Security's Subcommittee on...more
In July 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules requiring public companies to report material cybersecurity incidents under new Item 1.05 of Form 8-K beginning on December 18, 2023. Our...more
On November 7, 2024, the Transportation Security Administration (the “TSA”) published a Notice of Proposed Rulemaking (the “Proposed Rule”) that would mandate cyber risk management (“CRM”) and reporting requirements for...more
NIS2 (Network and Information Systems Directive 2) is the updated version of the NIS Directive, which the EU first introduced in 2016. The original NIS Directive aimed to enhance cybersecurity across member states by...more
The Financial Conduct Authority (FCA), Prudential Regulation Authority (PRA) and Bank of England are consulting on proposals to require firms to report operational incidents and material third party arrangements. In the face...more
This guide discusses important themes and trends for the coming annual reporting season. It also includes a “housekeeping checklist” designed to assist you as you prepare your annual report. ANNUAL CYBERSECURITY...more
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
The U.S. Securities and Exchange Commission (SEC) Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules officially went into effect in December 2023. Aimed at improving cybersecurity risk...more
On Tuesday, the SEC announced settled charges against four companies for “making materially misleading disclosures regarding cybersecurity risks and intrusions. The charges against the companies, Unisys Corp., Avaya Holdings...more
Cyber regulation is changing in Australia. As governments globally grapple with the everchanging and increasingly challenging cyber landscape, Australia is poised to implement new laws and update existing regulation in order...more
The Securities and Exchange Commission (the “SEC”) has issued five compliance and disclosure interpretations related to the disclosure of material cybersecurity incidents under Item 1.05 of Form 8-K....more
On June 24, 2024, the Division of Corporation Finance (“Corp Fin”) of the Securities and Exchange Commission (“SEC”) issued five new Compliance and Disclosure Interpretations (“C&DIs”) related to the disclosure of “material”...more
The SEC’s Division of Corporation Finance yesterday published five new Compliance and Disclosure Interpretations, or “C&DIs,” all concerning Item 1.05 of Exchange Act Form 8-K, Disclosure of Cybersecurity Incidents....more
Last month, the Director of the Division of Corporation Finance (“Director”) of the Securities and Exchange Commission (“SEC”) issued new guidance regarding disclosures of material cybersecurity incidents via Form 8-K under...more
A significant shift in cybersecurity compliance is on the horizon, and businesses need to prepare. Starting in 2024, organizations will face new requirements to report cybersecurity incidents and ransomware payments to the...more
The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more
The Security and Exchange Commission (SEC) Director of the Division of Corporate Finance, Erik Gerding, released a statement on May 21, 2024 that may have regulated entities scratching their heads about compliance and the...more
In a statement yesterday, the Director of the SEC’s Division of Corporation Finance commented on the relatively new Form 8-K Item 1.05 requirement. Last summer when the SEC adopted the final rules relating to cybersecurity...more
Erik Gerding, Director, Division of Corporation Finance, released a statement on the preferred methods to disclose certain cybersecurity incidents. Mr. Gerding noted “The cybersecurity rules that the Commission adopted on...more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
Most businesses in the United States will have to file incident reports—including for ransomware payments—under the Proposed Rule. The Department of Homeland Security has the authority to issue subpoenas and even penalties...more
Last week, Paul Hastings attended the Securities and Exchange Commission (SEC) Speaks 2024 event presented by the Practising Law Institute (PLI) in cooperation with the SEC on April 1 and 2. The SEC Speaks program provides...more
The Australian Prudential Regulation Authority (APRA) released Prudential Standard CPS 230 in March 2017. At a glance, the regulation aims to strengthen the cybersecurity resilience and operational risk management of the...more
Key Points - - New SEC rules from 2023 require public companies to report material cybersecurity incidents promptly and detail their cybersecurity risk management strategies in annual reports — requirements that increase...more