Upping Your Game: Episode 1 – Meeting Hui Chen’s Challenge
SBR – Author’s Podcast: Understanding Complexity with Dr. Jean Boulton, Part 1: Ethics, Compliance, and Organizational Dynamics
Innovation in Compliance: Exploring the Fractional COO Model with La Tonya Roberts
Daily Compliance News: April 29, 2025, The GenZ/RTO Edition
Adventures in Compliance: The Novels – A Study in Scarlet, Introduction to Compliance Lessons
FCPA Compliance Report: From Compliance to Commercial Value: Removing Friction with AI
Compliance Tip Of the Day: Using AI to Transform Whistleblower Response
Because That’s What Heroes Do: Deep Space 9 – Episode 30: Deep Trek Themes from Tacking into the Wind
Compliance Tip of the Day: The Future of Continuous Monitoring
FCPA Compliance Report: Ellen Hunt on Compliance ROI and on a Due Diligence and the US Sentencing Guidelines
Compliance and AI: Transforming Compliance Through AI with Marcelo Erthal
Breaking Down the Shifting Vaccine Policy Landscape – Diagnosing Health Care Video Podcast
Compliance Tip of the Day: Leveraging AI for Real-Time Third-Party Risk Management
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Innovation in Compliance: Design-Centric Compliance Training with Karen Oddo
Compliance Tip of the Day: AI and Predictive Analytics
FCPA Compliance Report: Kristy Grant-Hart on A 360° Review of the Future of Compliance
Great Women in Compliance: Creating Space to Speak Up: The Story Behind Psst.org
Daily Compliance News: April 23, 2025, The R-E-S-P-E-C-T Edition
Aligning Business Goals with Legal Strategies Amid Regulatory Change – Speaking of Litigation Video Podcast
On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more
EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more
On January 28, 2025, FINRA published its Annual Regulatory Oversight Report (the Report). The Report highlights emerging risk areas and recent developments, common compliance deficiencies, and best practices for member firms....more
What has happened: On 21 January 2025, the European Commission sent a letter to the Chair of the Joint Committee of the ESAs with its decision to reject the draft Regulatory Technical Standards (“RTS”) on subcontracting...more
As part of Data Privacy Awareness Week, Ward and Smith is spotlighting the most common types of data breaches that businesses encounter. In Part 1, we explored the industries most vulnerable to cyberattacks, highlighting the...more
The European Union’s Digital Operational Resilience Act (DORA) came into effect on January 17, 2025. DORA aims to harmonise rules concerning the provision of information and communication technology (ICT) services to...more
It is no secret that ransomware dominates headlines, and cybersecurity incidents have become part of our everyday language. However, the criminal “business model” behind ransomware keeps evolving. Originally published in...more
After a two-year implementation period, the EU Digital Operational Resilience Act (DORA) takes effect on 17 January 2025. DORA is part of the EU’s Digital Finance Package and aims to strengthen the financial sector’s...more
The EU Digital Operational Resilience Act (“DORA”) is due to apply from 17 January 2025. It is designed to ensure regulated financial entities can withstand and recover from technology issues such as cyber events and...more
Compliance and Regulations - Ensure adherence to SEC regulations with appropriate privacy and cybersecurity policies tailored to SEC requirements....more
No organization can eliminate data breach risks altogether, regardless of industry, size, or even if the organization has taken significant steps to safeguard their systems and train employees to avoid phishing attacks....more
On October 16, 2024, the New York State Department of Financial Services (NYDFS) released guidance highlighting the cybersecurity risks associated with artificial intelligence (AI) and how covered entities regulated by NYDFS...more
Keypoint: The New York Department of Financial Services (NYDFS) circulated an industry letter offering guidance to NYDFS “Covered Entities” for assessing and managing AI-related cybersecurity risks, including threats...more
On October 16, 2024, the New York State Department of Financial Services (NYDFS or the “Department”) published an industry letter (the “Guidance”) regarding the increased reliance on artificial intelligence (AI) and the...more
BACKGROUND - On October 16, 2024, the New York State Department of Financial Services (DFS) issued an industry letter, Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks,...more
On October 16, 2024, the New York Department of Financial Services (NYDFS) issued an Industry Letter that discusses the cybersecurity risks associated with the use of artificial intelligence (AI) and outlines strategies to...more
The COVID-19 pandemic has significantly reshaped the facilities management (FM) outsourcing landscape. Companies have transitioned from fully office-based work to home-based work, and now to hybrid models, prompting a...more
The Cyber and Analytics Unit within the Member Supervision program of the Financial Industry Regulatory Authority, Inc. (“FINRA”) recently published a cybersecurity advisory regarding increasing cybersecurity risks at...more
In the aftermath of a vendor's hack that crippled an industry, ensure your business is up to date on best practices for mitigating the risks of third-party cyber incidents. Many businesses struggle to adequately consider the...more
Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more
The Australian Prudential Regulation Authority (APRA) released Prudential Standard CPS 230 in March 2017. At a glance, the regulation aims to strengthen the cybersecurity resilience and operational risk management of the...more
On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions. Additionally,...more
On July 26, 2023, the US Securities and Exchange Commission (SEC) released final rules requiring disclosure by public companies of material cybersecurity incidents and policies and procedures related to cybersecurity risk...more
Most people know what a deepfake is but have not put much thought into how it could affect business operations. Deepfakes are videos, pictures, or audio that have been convincingly manipulated to misrepresent a person saying...more
Join members of McDermott’s Global Privacy & Cybersecurity team and Alan Gutierrez-Arana of Mazars for the next installment in our PCI DSS 4.0 series. PCI DSS 4.0 brings major changes to payments with an increased focus on...more