Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
Envisioning a Compliant Workforce
Updating the Research Compliance Handbook
The Election's Impact on the FTC Will Bring Big Changes, But Being Vigilant Must Remain a Priority
Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
The Future of AI Regulation and Legislation: 5 Key Takeaways
Investigations and Cognitive Interviews
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
As companies prepare their Form 10-Q disclosures, it's worth bearing in mind a number of special considerations amid the current economic and political environment....more
Le 26 mars 2025, le Commissariat à la protection de la vie privée du Canada (le « CPVP ») a déployé, à l’intention des organisations, un outil d’autoévaluation du risque réel de préjudice grave à la vie privée (l’« outil »)....more
On March 26, 2025, the Office of the Privacy Commissioner of Canada (OPC) released a privacy breach real risk of significant harm assessment tool (Tool) for organizations....more
With evolving regulations and emerging risks—including tariffs, DEI-related controversies, and cybersecurity concerns—some public companies are refining their approach to assessing and updating risk factor disclosures. Beyond...more
As companies prepare to file Form 10-Qs, they should give special attention to risk factors in light of recently announced global tariffs. The situation is particularly challenging due to the fluid environment, including the...more
Environmental, social, and governance (ESG) criteria or standards or sustainability issues have impacted all sectors of society, including corporate and professional policyholders and their risk managers, insurance...more
As it did with data privacy, California seeks to lead the charge when it comes to regulating the use and deployment of Artificial Intelligence (AI) tools. Joining Colorado and Utah, the other two states with enacted AI laws,...more
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
Colorado recently became the first state to regulate the use of high-risk artificial intelligence (AI) systems to prevent algorithmic discrimination by developers and deployers of AI systems. The Colorado AI Act is broad in...more
Key Points - Colorado’s new AI law creates new obligations for developers and deployers of high-risk artificial intelligence (AI) systems. Similar to the EU AI Act, the law is risk-based and defines a “high-risk” AI system as...more
Colorado is the latest state to introduce a bill focused on consumer protection issues when companies develop AI tools. The bill imposes obligations on developers and deployers of AI systems. Additionally, the bill provides...more
Sustainability is not a new concept. Environmental, social, and corporate governance (ESG) was created as a term back in 2004 in a report called “Who Cares Wins,” which was an initiative created by the United Nations. The ESG...more
Start Planning Now to Reduce Your Increased Money Laundering, Sanctions, and Conflicts of Interest Risks The introduction and use of generative artificial intelligence (GenAI) and predictive data analytics (PDAs) by...more
On March 6, 2024, the Securities and Exchange Commission adopted its highly anticipated climate-related disclosure rules. The rules faced public scrutiny since their proposal two years ago, with the SEC receiving more than...more
Proposed rules are moderately scaled-back in final version; Scope 1 and 2 are required if material; Scope 3 is out; compliance will still be burdensome - On March 6, 2024, by a split vote of 3-2, the U.S. Securities and...more
Antitrust and Competition - The European Commission Carried Out Unannounced Inspections in the Tires Sector - On 30 January 2024, the Commission conducted dawn raids at the premises of several companies active in the tires...more
The oversight obligations of boards continue to expand. Recent enforcement actions and new laws in areas such as cybersecurity, artificial intelligence and supply chains create new challenges for boards, as we explain in this...more
In the December Public Company Watch, we cover key issues impacting public companies, including a preview of the SEC’s latest regulatory agenda, an update regarding the Fifth Circuit vacating the SEC’s share repurchase rules,...more
The Economic Crime Bill received Royal Assent on 26 October 2023. Included in the Act is the failure to prevent fraud offence, under which large companies will be liable when a specified fraud offence is committed by an...more
Guidance for the largest US financial institutions is intended to promote climate risk management consistent with general safety and soundness practices. On October 30, 2023, the three US federal bank regulatory agencies...more
1. Don’t exaggerate your AI product’s abilities. The FTC has recently warned businesses that false or deceptive claims about the capabilities of AI products can subject companies to liability, as it would for any deceptive...more
Report on Patient Privacy 23, no. 10 (October, 2023) By 2016, it should have been clear to HIPAA covered entities that a security risk analysis—and corresponding risk management plan—were compliance basics. Yet, a new...more
On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The final rules require...more
On July 26, 2023, the U.S. Securities and Exchange Commission adopted enhanced disclosure requirements regarding cybersecurity risk management, strategy, governance and incident reporting for public companies. The final rules...more
On July 26, 2023, the Securities and Exchange Commission (“SEC”) voted to approve final rules governing cybersecurity disclosures of public companies (“Final Rules”). The Final Rules make meaningful changes to the current and...more