News & Analysis as of

Third-Party Risk

The 10 Hallmarks of an Effective Compliance Program: Still the Foundation

by Thomas Fox on

The joint Department of Justice (DOJ) and Securities and Exchange Commission (SEC) 2012 FCPA Guidance came out five years ago this month. As a commentator focusing on the doing of compliance, we should pause to once again...more

COSO Framework: Fraud, Corruption and Compliance (Part I of II)

by Michael Volkov on

Global companies need to actively work to prevent fraud and corruption. Fraud and corruption go hand-in-hand. To commit bribery, bad actors have to gain access to money for unauthorized (illegal) purposes. A failure to...more

Compliance and Technology – Rational Actors Need to Adopt Technology

by Michael Volkov on

I always enjoyed the assumption underlying economic models – assuming people are rational actors, then . . . Sometime people do not act rationally, and sometimes people react out of fear or make unrealistic assumptions....more

When It Comes to Perception of Third-Party Risks, Cyber Security Tops Corruption

by NAVEX Global on

Compliance professionals face a daunting task when it comes to managing their third parties. Particularly for global companies, the challenges of mitigating these risks without suffering legal, financial or reputational harm...more

CFPB releases consumer protection principles for consumer-authorized sharing of financial information

by Ballard Spahr LLP on

The CFPB has released a set of “Consumer Protection Principles” for participants “in the developing market for services based on the consumer-authorized use of financial data.”...more

No More Excuses: CCOs Have to Embrace Technology

by Michael Volkov on

It is time for an honesty check – many CCOs do not like change. CCOs, however, need to embrace change as a powerful force. Compliance is an evolutionary process – it is constantly changing. A compliance program has to move...more

Mitigating Third Party Data Breach Risks

by Reed Smith on

Increasingly, organizations look to third parties to collect, process, and store their data. In some instances, organizations reduce their net risk by outsourcing these data functions to companies with a core competence in...more

Key Takeaways from FTC Settlement with Lenovo Over Pre-Installed “Man-in-the-Middle” Software

On September 5, 2017, the Federal Trade Commission (“FTC”) announced that it had agreed to enter into a settlement with Lenovo Inc., which allegedly preloaded some of its computers with invasive software that compromised...more

Lenovo Settles FTC Charges Regarding Pre-Installed Software That Compromised Consumers' Cybersecurity and Privacy

On September 5, 2017, the Federal Trade Commission (FTC) announced that it and 32 state attorneys general had settled charges with Lenovo regarding the company's practice of pre-loading software on its laptops that...more

The Objective of Due Diligence: To Protect Your Culture

by Michael Volkov on

There has been so much attention paid to due diligence. We have reams and reams of articles highlighting the importance of due diligence. In addition, numerous vendors of due diligence services and technologies fill the...more

Financial Controls and Contract Management Systems

by Michael Volkov on

Compliance officers understand that a company’s greatest risks surround access to and use of money. A CCO has to understand a company’s financial controls, and in a perfect world, should have a seat at the table in the...more

Day 17 of One Month to More Effective Continuous Improvement-Financial Health Monitoring

by Thomas Fox on

Continuous improvement can take many ways, shapes and forms. Typically, when it comes to third-party risks, a Chief Compliance Officer (CCO) or compliance professional will consider the ownership structure to see if there is...more

Retaining a “Risky” Third-Party

by Michael Volkov on

Every company has done it. Chief Compliance Officers have had to hold their respective noses and push forward with due diligence to retain a risky third party. Rather than reject the third party, a CCO convinces him or...more

Day 5 of One Month to More Effective Continuous Improvement-Auditing of Third Parties

by Thomas Fox on

Third parties still present the highest risk around FCPA compliance. It is therefore critical that you use monitoring and auditing when it comes to continuous improvement for this high-risk area. Today I want to consider...more

What is the Financial Health of Your Third Parties?

by Thomas Fox on

What are some of the ways to consider third party risk, management of that risk and strategic risk in a compliance program? Typically, a Chief Compliance Officer (CCO) or compliance professional will consider the ownership...more

NYDFS Updates FAQs to Clarify Cybersecurity Regulations

by Ballard Spahr LLP on

The New York Department of Financial Services (NYDFS) recently updated frequently asked questions (FAQs) about its cybersecurity regulations, 23 NYCRR 500, to address four new issues. NYDFS published its initial set of FAQs...more

New OCC Bulletin on Third-Party Oversight Highlights Fintech Relationships

by Pepper Hamilton LLP on

On June 7, the Office of the Comptroller of the Currency (OCC) issued OCC Bulletin 2017-21 (Frequently Asked Questions to Supplement Bulletin 2013-29; Third-Party Relationships: Risk Management Guidance). This is the OCC’s...more

FCPA COMPLIANCE REPORT-EPISODE 337, JAMES GELLERT ON ASSESSING 3RD PARTY FINANCIAL HEALTH FOR COMPLIANCE

by Thomas Fox on

In this episode, I visit with James Gellert, CEO of RapidRatings, a company which uses a financial dialogue to determine third party supplier health and viability. Gellert explains what supply chain resilience is and how...more

Keeping Your Airline IT Resilient - In light of new IT threats, airlines should revisit their BCDR arrangements

A number of major carriers have suffered high-impact IT events in the past several months. Estimates of losses in these cases have exceeded £100m. This is on top of (no doubt significant) remedial costs, reductions in share...more

From Bottom Bunk to Top Mind

I recently had the honor of being named to Compliance Week’s list of Top Minds for 2017, earning the title of “The Great Communicator” from Bill Coffin, Donna Rice, and the CW team....more

New Safe Harbor Requirement to Maintain Immunity from Copyright Infringement

by Stinson Leonard Street on

Online Service Providers Re-File Your DMCA Agent Designations to Prevent Expiration - If your company has a website that allows third parties to post any kind of content (text, pictures or video), then it may be liable...more

Third-Party Data Breaches: Weakest Link in Cybersecurity

by Revision Legal on

One problem that many companies discover as they develop cybersecurity measures is that third-party data breaches is the weakest link in its data management chain. Many companies find it a business necessity to outsource...more

Corporate News - May 2017

by Hogan Lovells on

Corporate governance – 4MLD and changes to the PSC regime - Companies House recently published its business plan for 2017-18, its strategic plan for 2017-2020 and a press release with details of additional anti-money...more

Advertising Litigation Report: Vol. 2, No. 2 - National Advertising Division (NAD) and National Advertising Review Board (NARB)

The Colgate-Palmolive Company (Tom’s of Maine “Naturally Dry” Antiperspirant), NARB Panel Report No. 215 (Jan. 25, 2017) - A National Advertising Review Board (NARB) panel determined that the National Advertising...more

Advertising Litigation Report: Vol. 2, No. 2 - National Advertising Division (NAD) and National Advertising Review Board (NARB)

The Colgate-Palmolive Company (Tom’s of Maine “Naturally Dry” Antiperspirant), NARB Panel Report No. 215 (Jan. 25, 2017) - A National Advertising Review Board (NARB) panel determined that the National Advertising...more

227 Results
|
View per page
Page: of 10
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.