Healthcare Enterprise Risk Management
Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
Envisioning a Compliant Workforce
Updating the Research Compliance Handbook
The Election's Impact on the FTC Will Bring Big Changes, But Being Vigilant Must Remain a Priority
Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
The Future of AI Regulation and Legislation: 5 Key Takeaways
Investigations and Cognitive Interviews
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Cybersecurity firm CSC recently issued its CISO Outlook 2025 Report, which predicts cybersecurity challenges CISOs will face in the next year. The report, from a survey of 300 CISOs and cybersecurity professionals globally,...more
On June 16, 2025, the U.S. Environmental Protection Agency (EPA) announced the release of the draft charge questions for discussion at the upcoming Science Advisory Committee on Chemicals (SACC) meeting to review all...more
This summer, Mission: Impossible – Dead Reckoning Part Two is expected to raise the bar again with heart-stopping stunts, cliff-hanging escapes, and the relentless pace we’ve come to expect from the Impossible Missions Force...more
North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more
As the 2025 hurricane season unfolds, insurance companies prepare. Early summer is time to closely monitor hurricane forecasts, assess risks, and account for financial implications that could arise due to increased property...more
Enterprises don’t have a staffing problem. They have a systems problem. In a recent engagement, we were engaged to help improve a global SOC operation. Despite having over 30 analysts on staff, the team was missing...more
Last week, the Trump administration made its priorities clear for the nation’s cybersecurity posture in the form of the newly issued executive order entitled “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity...more
At NABITA, we are often asked whether a Behavioral Intervention Team (BIT), CARE team, Behavioral Threat Assessment and Management (BTAM) team, or, in some instances, the Threat Assessment Team (TAT) has the authority to...more
Geopolitical risks to supply chains are top of mind across C-suites, but few say what it means. The term “geopolitical risk” has largely become a code word for import, export, and economic sanctions compliance. ...more
Among all the elements of a corporate compliance program, perhaps the most difficult piece to understand is the testing and monitoring of your controls. Clearly the two are important. The U.S. Justice Department says so in...more
When contemplating advice for contractors or suppliers trying to navigate the current tariff environment, I find President Dwight D. Eisenhower’s wartime advice insightful, “In preparing for battle I have always found that...more
The National Security Agency (NSA), in coordination with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and cybersecurity agencies from Australia, New Zealand, and the...more
A Q&A with Adrienne Braumiller, and Olivia Van Pelt. Question 1: How are you advising businesses in your jurisdiction when protecting themselves from the impact of trade wars and sanctions, and what strategies can...more
In the consumer deposits and payments products space, the banking as a service (BaaS) model creates significant opportunities for fintech innovation and consumer choice — but BaaS arrangements have also drawn the attention of...more
A recent breach involving Indian fintech company Kirana Pro serves as a reminder to organizations worldwide: even the most sophisticated cybersecurity technology cannot make up for poor administrative data security hygiene....more
Recently, Fitch Ratings issued a discussion paper that outlined a “contemplated framework for the analysis of physical climate risk for [Structured Finance] and [Covered Bonds] for the potential negative implications of...more
Fraud prevention is a critical issue for nonprofit organizations. Without the right safeguards, fraud can severely damage an organization’s reputation and financial health. Nonprofits, particularly those that grow rapidly or...more
On May 22 2025, the cybersecurity agencies from the US, UK, Australia, and New Zealand published a Cybersecurity Information Sheet (CIS) on ensuring that data used to train and use artificial intelligence (AI) and machine...more
Brazil intends to regulate AI through Bill No. 2,338/2023 ("Brazil's Proposed AI Regulation"), although there are currently no specific codified laws, statutory rules or regulations in Brazil that directly regulate AI....more
The Posture Visibility Problem - CrowdStrike Cloud Security Posture Management (CSPM) provides critical visibility into misconfigurations—such as publicly accessible storage, unencrypted assets, and overly permissive...more
Risk assessments are not new in healthcare, and in specific regulatory areas are required. But, that doesn’t mean things aren’t changing. More and more organizations are embracing enterprise risk assessments (ERM) as a way...more
As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more
The risks associated with leveraging open source libraries, and the review needed, are increasing. In the first half of 2025, cybersecurity researchers observed a sharp rise in the incidence of malicious code embedded in...more
On May 15, 2025, the Center for Environmental Accountability (CEA) filed a petition under Section 21 of the Toxic Substances Control Act (TSCA) requesting that the U.S. Environmental Protection Agency (EPA) reconsider the...more
Law firms, accounting firms, and consulting firms are embracing AI to improve efficiency, deliver insight, and stay competitive. But without intentional governance, compliance, and policy frameworks, these innovations can...more