DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
If you’ve made the decision to implement an internal reporting system (or whistleblowing hotline), you might be wondering what to do next. ...more
In the ever-evolving, intensely competitive corporate landscape, the quest for operational efficiency has given rise to a strategic model that’s reshaping the very fabric of business functions — outsourced administrative...more
On July 26, 2023, the US Securities and Exchange Commission (SEC) released final rules requiring disclosure by public companies of material cybersecurity incidents and policies and procedures related to cybersecurity risk...more
On July 17, 2023, the Innovation, Cybersecurity and Technology (H) Committee of the National Association of Insurance Commissioners (NAIC) released for comment a highly anticipated model bulletin (Model Bulletin) on...more
On July 5, an industry-led working group convened by the UK’s financial regulator published a draft voluntary code of conduct for ESG data and ratings providers (the Code). The Code would apply to all companies based in the...more
On October 26, 2022, the Securities and Exchange Commission ("SEC") proposed a new rule under the Investment Advisers Act of 1940 ("Advisers Act") to prohibit registered investment advisers from outsourcing certain services...more
Following closely on its proposal for substantial new cybersecurity requirements for investment advisers and registered investment companies, the Securities and Exchange Commission (SEC) unveiled a new slate of proposed...more
On March 9, 2022, the U.S. Securities Exchange Commission (the Commission) announced proposed amendments to its rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies...more
Key Takeaways: ..On August 13, 2021, FINRA issued Regulatory Notice 21-29 (“RN 21-29”) to remind member firms that they must establish and maintain an adequate supervisory system, including written supervisory procedures...more
As we now enter the third quarter of our discontent with the Coronavirus worldwide pandemic, one thing is very clear: Centralized vendor risk management is imploding....more
Internal controls are a key tool to operationalize your third-party risk management program. The basic internal controls, that should be a part of any financial controls system. There were four significant controls the...more
On April 30, 2019, the Assistant Attorney General for the Criminal Division, Brian A. Benczkowski, announced an update to the Department of Justice’s (“DOJ”) 2017 guidance document entitled Evaluation of Corporate Compliance...more
On December 20, 2018, the Ontario Court of Appeal released its decision in the Rana Plaza Class Action (Das v George Weston Limited, 2018 ONCA 1053) affirming the Ontario Superior Court of Justice’s decision to dismiss the...more
Although organizations have dealt with privacy issues for years, only in the past decade have they begun to view the complexities of privacy as requiring formal organizational structure, dedicated employees, and/or dedicated...more
Facebook recently announced a new policy: At least 33% of the lawyers hired to represent the social media giant must be a female or minority. Law firms vying to service Facebook’s legal work must demonstrate their active...more
Over the last few months, the New York Department of Financial Services (“DFS”) cybersecurity regulation has undergone multiple revisions. But late last week, DFS issued its final regulation, which will go into effect on...more
A recent announcement regarding the UK’s Stewardship Code serves as a reminder of the current similarities and differences between the US and UK corporate governance schemes, as well as their ongoing convergence. By way...more
Tennessee has joined other states in formally approving lawyers’ cloud-storage of client-confidential data. The Board of Professional Responsibility (“BOPR”) held that lawyers ethically may use cloud storage for...more
This week the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) announced a second-round of cybersecurity examinations, continuing its initiatives on the issue. The move follows the SEC’s: March 2014 roundtable...more
On December 10, the DFS issued an industry guidance letter to all New York DFS-regulated banks announcing new targeted DFS cyber security preparedness assessments. The new cyber security assessments will become part of all...more