Episode 339: Four Sanctions Cases Everyone Should Know
Subro Sense - The ABC's of RCV and ACV
Episode 120: Interview of NAVEX Global Third-Party Risk Officials: Chris Bailey and Stephen Gooding
Homebuilder Series Webinar: Fiduciary Duties & Auditor Liability
The New Normal: Taking Responsibility for Your Vendors
A new lawsuit just filed against an AI software provider offers a clear warning for any business using artificial intelligence to monitor or record customer service calls. On June 13, a California plaintiff filed a federal...more
Third-party vendors pose a significant risk - The greatest data privacy threat to companies is commonly thought to be that company’s employees. While employees can be a threat, the majority of data breaches and ...more
At the end of January, the U.S. Securities and Exchange’s Office of Compliance Inspections and Examinations (OCIE) released its “Observations on Cybersecurity and Resiliency Practices” (Observations)....more
The California Consumer Privacy Act (CCPA) requires businesses who engage in “sales” of “personal information,” to offer consumers the right to opt out of such sales via a “Do Not Sell My Personal Information” link or button...more
Global companies face extraordinary risks through their reliance on third-party agents, distributors, consultants and vendors/suppliers. Federal prosecutors and regulators have had a record year in FCPA and sanctions...more
Internal controls are a key tool to operationalize your third-party risk management program. The basic internal controls, that should be a part of any financial controls system. There were four significant controls the...more
No. In order to be considered a “service provider” for the purposes of the CCPA, a vendor must be bound by a written contract that prohibits it from...more
In another example of a data breach allegedly caused by a vendor, Choice Hotels is contacting approximately 700,000 of its customers regarding a data breach caused by a third-party vendor that “copied the impacted data from...more
Your heart raced when the caller on the phone identified himself as an FBI agent. But the conversation was matter-of-fact. About 2,500 sets of credit card information from your clients had been posted for sale on a...more
A Verizon Communications vendor misconfigured a cloud server that caused the information of 6 million Verizon customers to be exposed on-line. When a cyber incident or data breach occurs on your vendor’s watch, regardless of...more
In what is quickly becoming the newest trending topic in class action litigation, another class action has been filed alleging the disclosure of employee personally identifiable information due to a cyber attack. This...more
On January 29, the U.S. Government released a final rule establishing new anti-human trafficking requirements for U.S. government contractors. The rule amends the Federal Acquisition Regulation (“FAR”) and seeks to strengthen...more
Many companies have developed trade secrets policies to protect their valuable information, but even forward-thinking companies may not have internal controls to avoid liability as third parties to alleged trade secret...more
Traditionally, performing third party due diligence has been primarily a data gathering activity. Now, with access to abundant information sources, the activity—and the challenges—have evolved. How do you manage and...more
As financial institutions continue to strive for reduced costs and greater efficiencies, they are increasingly turning to third-party vendors to handle a wide variety of tasks, from marketing and sales to payment processing....more