Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
Envisioning a Compliant Workforce
Updating the Research Compliance Handbook
The Election's Impact on the FTC Will Bring Big Changes, But Being Vigilant Must Remain a Priority
Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
The Future of AI Regulation and Legislation: 5 Key Takeaways
Investigations and Cognitive Interviews
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
Some early actions by the Trump administration have led corporate legal departments to question the extent to which they need to invest in ethics and compliance at this time, based on a perceived reduction in enforcement...more
During the NAIC Spring National Meeting, the Big Data and Artificial Intelligence (H) Working Group reviewed its blueprint to build an overarching regulatory edifice to oversee insurers’ use of artificial intelligence...more
The 1:10:100 rule—coined in 1992 by George Labovitz and Yu Sang Chang, the rule describes how much bad data costs. Preventing the creation of bad data at its source costs $1. Remediating bad data costs $10. Doing nothing...more
The North American Electric Reliability Corporation (NERC) outlined forthcoming activities to identify and address the potential impacts to reliability as a result of the rapid expansion of data centers and other large...more
As part of a multiyear rollout, the New York Department of Financial Services (NYDFS) has established May 1, 2025, and November 1, 2025, as effective dates for certain amendments to its cybersecurity regulations. These...more
The Bottomline: Five Practical Steps for Generative AI Risk Management - As the first line of defense, employees within business operations must own and manage risks related to the business, including risks resulting from...more
Unlock a New Era of Customer Risk Assessment - Legacy customer risk rating (CRR) models—built on static KYC data and subjective judgment—are no longer sufficient in a world of dynamic threats and tightening regulatory...more
In the FDA-regulated industry, a compliance program isn’t just a formality—it’s a critical tool for protecting your business, patients, and reputation. Still, too many companies treat compliance policies as static...more
The midstream oil and gas industry, a vital artery of the energy sector encompassing crucial transportation and storage infrastructure, operates within a highly competitive and intensely scrutinized market. Beyond the usual...more
Remediation occurs for a host of reasons. You may identify remediation risk from internal activities (e.g., an audit, a control break) or external activities (e.g., a complaint, a regulatory exam, a lawsuit). Sometimes a...more
Congressman Rick Crawford of Arkansas’ First District introduced H.R. 2594 which is titled: Establishment of the Water Risk and Resilience Organization. The Bill would establish a Water Risk and Resilience...more
Artificial intelligence keeps improving at all sorts of things – including how to challenge corporate ethics and compliance programs. Even while you may still be struggling to tame the risks of generative AI, its more...more
On April 3, 2025, the New York State Department of Financial Services (“DFS”) issued reminders about upcoming implementation and reporting deadlines related to its cybersecurity regulations. Upcoming deadlines require...more
On April 1, 2025, the subcommittee on Oversight and Investigations of the House Committee on Energy and Commerce held a hearing on cybersecurity vulnerabilities in legacy medical devices. The hearing was largely a...more
What Is Vendor Onboarding? Vendor onboarding is the process of establishing a company as an approved provider of technology, goods, or services to your organization. It’s also an essential early step in the vendor risk...more
Asking the right questions within your organization is key to effectively managing cyber risk. Here are 10 questions that you should ask your team...more
On March 24, 2025, the Federal Risk and Authorization Management Program (“FedRAMP”) announced a major overhaul of the program, which is being called “FedRAMP 20x.” The FedRAMP 20x announcement stated there are no immediate...more
Among the many crucial elements of effective compliance initiatives (internal reporting programs, policies, procedures, training, supply chain management, M&A, and more) are risk assessments – the intended foundational...more
The Artificial Intelligence Act (AI Act) is the world's first comprehensive legal framework for AI regulation, which entered into force on August 1, 2024. The AI Act aims to ensure that AI systems are trustworthy, safe and...more
Overview of Parking Garage Infrastructure and the Role of Structural Engineers - Reinforced concrete parking garages are a critical component of urban infrastructure, addressing the growing need for efficient parking...more
How can proactive risk management strategies help businesses navigate regulatory and economic uncertainties? In an era characterized by rapid technological advancements, economic volatility, and geopolitical...more
There are many factors to consider when assisting clients with assessing the use of artificial intelligence (AI) tools in an organization and developing and implementing an AI Governance Program. Although adopting an AI...more
Do plaintiffs’ experts get to put junk science before juries more often than their opinions are excluded? The answer is a resounding “probably.” Even in light of the December 2023 amendment to Federal Rule of Evidence and its...more
Chief compliance officers are adjusting a new, risk world, where top risks include export controls, sanctions, and immigration enforcement. At the same time, some risks remain — third-party risks, conflict of interest, fair...more
On 19 March 2025, the Legislative Council (the “LegCo”) passed the Protection of Critical Infrastructure (Computer System) Bill (the “Bill”), which is due to come into effect on 1 January 2026. This is a significant step in...more