Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
Envisioning a Compliant Workforce
Updating the Research Compliance Handbook
The Election's Impact on the FTC Will Bring Big Changes, But Being Vigilant Must Remain a Priority
Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
The Future of AI Regulation and Legislation: 5 Key Takeaways
Investigations and Cognitive Interviews
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Privacy Issues from Third-Party Website Tags
On April 3, NIST published practical incident response guidance aligned with its CSF 2.0 framework. The guidance outlines best practices in security incident preparation and response for organizations mapped across each of...more
Asking the right questions within your organization is key to effectively managing cyber risk. Here are 10 questions that you should ask your team...more
As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more
On October 16, the New York Department of Financial Services (DFS) issued a circular letter addressing cybersecurity risks related to the increasing use of artificial intelligence (AI) in relation to insurers, insurance...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
The life cycle of a data security incident begins and ends with preparation. Unfortunately, there is no such thing as a network or system with “zero vulnerabilities.” There are jokes about absolute network security,...more
To help protect against criminal ransomware and cyberattacks, modern manufacturing plants should ensure they have reasonable physical, administrative, and technical safeguards in place....more
The modern security ecosystem is diverse and ever-changing, a place where cyber risk is top of mind for leaders at all levels, and threats to information / data security and privacy evolve at the speed of the technical...more
Crises and uncertainty are inevitable forces in modern business, particularly in cyber and digital. General counsels and legal risk executives are well suited to lead preparedness and resiliency for future crises, uniting key...more
The U.S. Cybersecurity & Infrastructure Agency (CISA) has issued a rare “shields up” warning regarding cybersecurity attacks, saying that every organization, of every size, should be prepared to respond to disruptive cyber...more
A ransomware attack is no company’s idea of a good time, but I do sense one positive development emerging from the epidemic of attacks we’ve witnessed this year: Boards and senior management agree that they must move beyond a...more
An executive order was signed on May 12, directing the federal government to overhaul its approach to cybersecurity. Corporate compliance and risk management professionals should consider this order carefully — because, in...more
The global food and beverage e-commerce market is expected to grow to $22.4 billion in 2020, possibly reaching $36.4 billion in 2023. That’s up from $14.9 billion in 2019. Food and beverage e-commerce revenue in the United...more
The coronavirus crisis is far from over, and compliance professionals still need every scrap of guidance that regulators can provide about how to run compliance programs in these difficult times. So when the Securities and...more
The spread of Coronavirus (COVID-19) has led companies to encourage employees to work remotely. Given that cyber attackers are always ready to exploit any security vulnerability, companies should ensure that they have in...more
For the fourth year running, the Securities and Exchange Commission’s Office continues to list cybersecurity as one of the top enforcement priorities for 2019. As it relates to cybersecurity, the SEC will be focusing on...more
• The NFA has determined that registered CPOs must implement an internal controls system and highlighted best practices for such a framework. • In response to certain frequently asked questions, the NFA has also updated its...more
On December 20, 2018, the Financial Industry Regulatory Authority (FINRA) issued a “Report on Selected Cybersecurity Practices” (the “Report”) as part of its ongoing efforts to assist broker-dealer firms in developing...more
Adding insult to injury, the Securities and Exchange Commission (SEC) fined Voya Financial Advisors Inc. (VFA) $1 million and ordered a comprehensive two-year review by a compliance consultant, following a cyber-attack on...more
• Disclosures must inform investors about material cybersecurity risks and incidents, including addressing material cybersecurity risks for cyber-attacks that have not yet occurred. • Comprehensive policies and procedures...more
Cybersecurity threats to registered firms continue to rise but efforts to protect against those threats and to plan for the inevitable attack are not keeping up....more
Non-Enforcement Cybersecurity Is At the Top of SEC Examination Concerns In a recent SEC “risk alert” for registered broker-dealers and investment advisers, the SEC’s Office of Compliance Inspections and Examinations (OCIE)...more