Healthcare Enterprise Risk Management
Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
Envisioning a Compliant Workforce
Updating the Research Compliance Handbook
The Election's Impact on the FTC Will Bring Big Changes, But Being Vigilant Must Remain a Priority
Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
The Future of AI Regulation and Legislation: 5 Key Takeaways
Investigations and Cognitive Interviews
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
What Is Vendor Onboarding? Vendor onboarding is the process of establishing a company as an approved provider of technology, goods, or services to your organization. It’s also an essential early step in the vendor risk...more
Ready to ditch outdated guidelines and adopt a fresh take on your IT Disaster Recovery plans? Spring is the season of renewal, making it the perfect time to refresh not only physical spaces but also strategies and...more
The European Commission has published a letter (dated 21 January 2025) addressed to the Joint Committee of the European Supervisory Authorities (ESAs) rejecting certain draft regulatory technical standards (RTS) the ESAs...more
The Digital Operational Resilience Act (“DORA”), an EU regulation designed to bolster the resilience of financial entities against Information and Communications Technology (“ICT”) risks, entered into force on January 16,...more
Matt Van Buskirk, co-founder of Hummingbird Regtech, joins RegFi hosts Jerry Buckley and Sherry Safchuk for a conversation about the importance of equipping regulators and in-house compliance teams with the tools and...more
It’s safe to say that there could be a whole series dedicated to Artificial Intelligence (AI) and the various use cases and ramifications of such groundbreaking technology. While there are ethical considerations, security...more
EPA Aims to Mitigate Risk of Cyberattack on Public Water Systems On March 3, 2023, the U.S. Environmental Protection Agency (EPA) issued its Memorandum Addressing Public Water System (PWS) Cybersecurity in Sanitary Surveys or...more
Integrated Risk Management (IRM) and Governance, Risk Management and Compliance (GRC) are critical areas for business security and success. But all too often these programs aren’t thoroughly tested – or worse, aren’t...more
A ransomware attack is no company’s idea of a good time, but I do sense one positive development emerging from the epidemic of attacks we’ve witnessed this year: Boards and senior management agree that they must move beyond a...more
SCCE’s Compliance & Ethics Institute is the primary educational and networking event for compliance and ethics professionals worldwide. Leading industry professionals cover real‑world compliance issues, emerging trends, and...more
On March 1, 2021, the Consumer Product Safety Commission (CPSC) signaled its intent to increase enforcement of its product safety regimen by seeking to more than double its current $135 million budget via a public letter from...more
Compliance Solutions Across Industries - Are you looking to: - Create a stronger compliance program for your organization? - Explore key takeaways from recent international and domestic enforcement actions? -...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
It’s a business maxim: Where business goes, risks follow. And in recent years, business has found itself in places that might not have been part of the original plan: Digital processes, global business, outsourcing to third...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
When the U.S. Department of Justice revised its Evaluation of Corporate Compliance Programs at the beginning of June, one theme was abundantly clear: the importance of data to a successful program. That shouldn’t surprise...more
Developing Contingency Plans: The NYDFS Mandate on Licensed Virtual Currency Businesses - The events surrounding COVID-19 have increased the use of fintech products, both out of necessity and convenience. Shelter-in-place...more
The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency. The announcement from the Superintendent of Financial Services of the State...more
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
The California Consumer Privacy Act (CCPA) took effect on New Year’s Day. California is the first state in the union to create a data privacy law for its residents. Other states will follow soon. For compliance purposes,...more
In this multi-part blog post series, I am exploring the increased use of technology to continue to drive the performance of corporate compliance programs. I am considering the use of Artificial Intelligence (AI) in a best...more
Over the past few blog posts, I have been considering the use of artificial intelligence (AI) to make compliance more robust in the three prongs of prevent, detect and remediate. ...more
I am exploring the use of artificial intelligence (AI) to make compliance more robust in the three prongs of prevent, detect and remediate. This series is based upon an article in the Harvard Business Review (HBR), entitled...more
Four Things Compliance Practitioner Should Know About the Eurasian Economic Union - An effective Compliance risk management at emerging markets for any business significantly depends on timeous observation of changes in...more