Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 2 - Risk Assessment
FCPA Compliance Report: Fraud Risk Management - Insights and Experiences with Peter Schablik
Compliance Tip of the Day: COSO Framework
#Risk New York Speaker Series: Exploring AI Risks in Compliance with Gwen Hassan
Healthcare Enterprise Risk Management
Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
Envisioning a Compliant Workforce
Updating the Research Compliance Handbook
The Election's Impact on the FTC Will Bring Big Changes, But Being Vigilant Must Remain a Priority
Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
The European Banking Authority (EBA) has published its spring 2025 risk assessment report alongside a press release, outlining key developments and emerging risks within the European Union/European Economic Area (EU/EEA). The...more
The UK Financial Conduct Authority (FCA) has published the findings of its multi-firm review into risk management and wind-down planning across e-money and payment firms. While the FCA had observed examples of good practice...more
Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more
On June 22, 2025, Texas Governor Greg Abbott signed the Texas Responsible AI Governance Act (TRAIGA) into law. While earlier versions of the bill mirrored broader frameworks like the EU AI Act, the final version scales back...more
The FDA has finalized its guidance on cybersecurity for medical device premarket submissions, providing additional insight into the agency’s expectations for how manufacturers integrate cybersecurity risk management into...more
Citing “escalating global conflict,” the New York Department of Financial Services issued an alert on Monday, June 22, 2025, to its regulated covered entities, urging them to be vigilant against potential security threats,...more
GROWING DEMAND FOR DATA CENTERS - As many involved in Asian infrastructure today will testify, Asia’s digital transformation is fueling an unprecedented demand for data centers....more
The US Environmental Protection Agency (EPA) has announced plans to extend the reporting deadlines for a rule under Section 8(d) of the Toxic Substances Control Act (TSCA). This rule mandates that manufacturers and importers...more
Cybersecurity firm CSC recently issued its CISO Outlook 2025 Report, which predicts cybersecurity challenges CISOs will face in the next year. The report, from a survey of 300 CISOs and cybersecurity professionals globally,...more
North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more
Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance...more
Brazil intends to regulate AI through Bill No. 2,338/2023 ("Brazil's Proposed AI Regulation"), although there are currently no specific codified laws, statutory rules or regulations in Brazil that directly regulate AI....more
Risk assessments are not new in healthcare, and in specific regulatory areas are required. But, that doesn’t mean things aren’t changing. More and more organizations are embracing enterprise risk assessments (ERM) as a way...more
As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more
On May 15, 2025, the Center for Environmental Accountability (CEA) filed a petition under Section 21 of the Toxic Substances Control Act (TSCA) requesting that the U.S. Environmental Protection Agency (EPA) reconsider the...more
On 22 May 2025, the European Commission (“Commission”) made public risk classification of countries under the EU Deforestation Regulation (“EUDR”)1 which assigned a low level of risk to 140 countries and high level of risk to...more
What Happened? As the Trump Administration’s deregulatory, pro-innovation approach to emerging technology moves forward, the use of artificial intelligence has taken center stage, and it is clear that the Administration...more
Chief Compliance Officers face the challenge of running a comprehensive yet efficient compliance program that nimbly adapts to changing regulatory requirements and business practices. As compliance consultants, we see our...more
When disruption strikes—be it a cyberattack, supply chain failure, or extreme weather—your systems and team’s ability to respond with speed, clarity, and confidence are tested....more
Governance, risk, and compliance (GRC) can feel like thankless work at times. You can’t ship risk mitigation to market. It's not usually reflected on your balance sheet. Only especially canny investors notice the absence of...more
On May 2, 2025, U.S. Environmental Protection Agency (EPA) Administrator Lee Zeldin announced the “[n]ext phase of organizational improvements to better integrate science into agency offices.” As part of this reorganization...more
Some early actions by the Trump administration have led corporate legal departments to question the extent to which they need to invest in ethics and compliance at this time, based on a perceived reduction in enforcement...more
During the NAIC Spring National Meeting, the Big Data and Artificial Intelligence (H) Working Group reviewed its blueprint to build an overarching regulatory edifice to oversee insurers’ use of artificial intelligence...more
The 1:10:100 rule—coined in 1992 by George Labovitz and Yu Sang Chang, the rule describes how much bad data costs. Preventing the creation of bad data at its source costs $1. Remediating bad data costs $10. Doing nothing...more
The North American Electric Reliability Corporation (NERC) outlined forthcoming activities to identify and address the potential impacts to reliability as a result of the rapid expansion of data centers and other large...more