FCPA Compliance Report: From Compliance to Commercial Value: Removing Friction with AI
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
The Privacy Insider Podcast Episode 12: Compliance Is Good Business: Getting Beyond Fines with Tom Fox of Compliance Podcast Network
Third-Party Risk The competitive world of banking struggles to keep up with technological advances, particularly in a regulatory environment.
Episode 360 -- Natalie Druckman from Certa on AI-Enhanced Third-Party Risk Management
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 223: Cybersecurity and Privacy Risks with Healthcare Vendors with Brandon Robinson of Maynard Nexsen
Compliance Tip of the Day: Board Questions and Metrics for 3rd Party Risk Management
Why Privacy is Your Secret Weapon Against Third-Party Risk
A Third Party's Perspective on Third Party Risk
Privacy Issues from Third-Party Website Tags
Episode 329 -- Bryn Sedlacek from Aravo on TPRM Holistic Risks and Unified Visibility
Corruption, Crime and Compliance: Third-Party Risks and Sanctions Compliance
Compliance into the Weeds: Sustainability and Managing 3rd Party Risk
Episode 304 -- Nathalie Druckmann, VP at Certa, on Artificial Intelligence Third-Party Risk Management
One Month to More Effective Written Standards: Day 17 – Policies for Third-Parties
FCPA Compliance Report - Brad Hibbert on Prevalent’s 2023 3rd Party Risk Management Report
Innovation in Compliance - Improving Third - Party Risk Management with Paul Valente
One Month to a More Effective Compliance Program for 3rd Parties - Day 13 - Ongoing Monitoring of 3rd Parties
Corporate Compliance and Enforcement Hot Topics with IBM VP, Una Dean
Innovation in Compliance - Contracts as a Third-Party Risk Management Tool with Brad Hibbert
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
On January 28, 2025, FINRA published its Annual Regulatory Oversight Report (the Report). The Report highlights emerging risk areas and recent developments, common compliance deficiencies, and best practices for member firms....more
It is no secret that ransomware dominates headlines, and cybersecurity incidents have become part of our everyday language. However, the criminal “business model” behind ransomware keeps evolving. Originally published in...more
In the aftermath of a vendor's hack that crippled an industry, ensure your business is up to date on best practices for mitigating the risks of third-party cyber incidents. Many businesses struggle to adequately consider the...more
Every spring, BakerHostetler collects, analyzes, and compares key metrics on the incident response matters we handled in the prior year. The output – our Data Security Incident Response (DSIR) Report – highlights key findings...more
Join members of McDermott’s Global Privacy & Cybersecurity team and Alan Gutierrez-Arana of Mazars for the next installment in our PCI DSS 4.0 series. PCI DSS 4.0 brings major changes to payments with an increased focus on...more
On February 15, Federal Reserve Board Governor Michelle W. Bowman delivered remarks at the Midwest Cyber Workshop, during which she discussed topics related to third-party service provider reliance and regulatory expectations...more
Cybersecurity is a growing concern for all nonprofit organizations, especially those that store, process, and transmit sensitive data. While it is common to think of the cyber issue as relevant to digital communications and...more
The Black Shadow hacking group’s attack on Cyberserve, reported a few days ago, has resulted (at this point in time) in the leaking of a database with more than 800,000 records pertaining to various individuals and the...more
We recently dove into what vendor risk and vendor risk management entails. Once you understand that this is the risk that results from vendors, it’s simple to extend this and establish that vendor risk assessment (VRA), or...more
Vendor risk management (VRM), or third-party risk management, is the management, monitoring, and evaluation of risks that result from third-party vendors and suppliers of products and services. It’s a crucial initiative...more
In an unusual move, Delta Airlines (Delta) sued one of its vendors last week for the data breach it experienced in 2017. It’s an unusual move for several reasons. First, in our experience when a vendor causes a data breach,...more
The Toronto Sun reported this morning that the privacy of 4,500 consumers of recreational cannabis in Ontario has been compromised. The names and addresses of individuals purchasing cannabis through the Ontario Cannabis Store...more
On September 15, 2015, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a National Exam Program Risk Alert (2015 Risk Alert) to provide broker-dealers and investment...more
On Aug. 11, 2015, federal prosecutors in the District of New Jersey and the Eastern District of New York unsealed indictments against nine individuals in the U.S. and Ukraine who were allegedly involved in a five-year,...more
Earlier this month, Benjamin Lawsky, Superintendent of Financial Services for the New York State Department of Financial Services (NYDFS), released a report finding “significant potential” vulnerabilities for cyber theft of...more
On April 9, 2015, the New York Department of Financial Services (“NYDFS”) issued a report entitled Update on Data Security in the Banking Sector: Third Party Service Providers (the “Report”). The Report details findings of a...more
On April 9, the New York State Department of Financial Services (NYDFS) released a report on bank vendor cybersecurity that highlights the risk that hackers will use third-party service providers to gain access to bank data....more
IOSCO Seeks Views on Business Continuity and Recovery Planning by Trading Venues and Intermediaries; NYS Warns on Third-Party Service Providers - The International Organization of Securities Commissions issued two...more