A Top 5 list should be viewed with suspicion — it is often just a headline grabbing posting with the clear purpose to gain readers’ attention. In defense, however, it is interesting to compare articles on risk rankings....more
1/30/2024
/ Anti-Corruption ,
Artificial Intelligence ,
Board of Directors ,
Compliance ,
Corporate Governance ,
Cybersecurity ,
Diversity and Inclusion Standards (D&I) ,
Economic Sanctions ,
Environmental Social & Governance (ESG) ,
Foreign Corrupt Practices Act (FCPA) ,
Foreign Relations ,
Risk Management
I always enjoy retrospective “year in review” postings to start off the new year. For years, I have sought to identify and capture important compliance trends, typically focused on specific professionals in the compliance...more
One of the benefits of old(er) age is perspective and experience. (As we age, we have to find the positive reasons to tout). If there is one thing (of many) the compliance profession has demonstrated, it is that compliance...more
Just to play devil’s advocate (or perhaps to push my agenda), I have conflicting views on corporate use of ephemeral messaging applications. On the one hand, I understand the importance of managing electronics communications...more
Honestly, I have been avoiding this topic since it presents a real morass of risks and potential traps for the unwary company and Chief Compliance and Chief Legal Officers....more
10/17/2023
/ Compliance ,
Corporate Misconduct ,
Criminal Investigations ,
Data Preservation ,
Data Privacy ,
Data Security ,
Data Storage ,
Department of Justice (DOJ) ,
Electronic Communications ,
Instant Messaging Apps ,
Policies and Procedures ,
Risk Management ,
Securities and Exchange Commission (SEC)
Call me a skeptic. Call me cynical.
I understand that the International Organization for Standardization (ISO) provides valuable standardization services and guidance. The ISO is comprised of 169 member countries....more
The Ethics and Compliance Initiative (“ECI”) is a terrific organization that provides important ethics and compliance insights and leadership. Starting in 1994, ECI has conducted a longitudinal, cross-section study of...more
Third-party relationships supporting core operations are now more important than ever for most organizations. Yet too often, procurement, information security, compliance, and other professionals are overburdened with the...more
Third-party relationships supporting core operations are now more important than ever for most organizations. Yet too often, procurement, information security, compliance, and other professionals are overburdened with the...more
Corporate boards face a panoply of risks – and the nature of these risks are quickly evolving. Cybersecurity has quickly risen to the top of the list of corporate risks. Add to that the new SEC regulations on cybersecurity...more
8/22/2023
/ Artificial Intelligence ,
Board of Directors ,
Compliance ,
Compliance Management Systems ,
Cybersecurity ,
Data Breach ,
Innovative Technology ,
Machine Learning ,
Popular ,
Ransomware ,
Risk Management ,
Securities and Exchange Commission (SEC)
We are all familiar with the mantra on the importance of managing third-party risk to prevent anti-corruption, sanctions, money laundering and associated risks. Over the last ten years, however, we have observed a new and...more
NAVEX’s annual report on the state of risk and compliance is a must read. Each year NAVEX supplies helpful insights that compliance professionals, corporate managers and board members can use to benchmark their respective...more
The term cybersecurity is thrown about because it covers so many risks. There is no common definition of cybersecurity and the technical elements included in the term. From a technical standpoint, cybersecurity covers...more
If you read about the world of hackers and cyber threats, you will quickly become numb to the creativity and variety of techniques that may threaten your organization. Like all risks, however, the key is to consider...more
If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy. The rapid elevation...more
NAVEX’s annual report on the state of risk and compliance is a must read. Each year NAVEX supplies helpful insights that compliance professionals, corporate managers and board members can use to benchmark their respective...more
7/6/2023
/ Anti-Bribery ,
Anti-Discrimination Policies ,
Anti-Retaliation Provisions ,
Compliance ,
Corruption ,
Cyber Attacks ,
Cybersecurity ,
Data Protection ,
Data Security ,
Diversity and Inclusion Standards (D&I) ,
Ethics ,
Harassment ,
Ransomware ,
Risk Management
With the recent release of ChatGPT, we are witnessing the exponential adoption of a new technology, new “large language models” (LLMs) that without question will transform society. It reminds me of the famous computer...more
In today’s world of cyber threats, many companies have fallen victim to ransomware attacks. Corporate boards and senior executives face serious issues when their companies are attacked. The payment of ransom is not only...more
6/1/2023
/ Compliance ,
Criminal Prosecution ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Economic Sanctions ,
Hackers ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
Risk Management ,
Russia
I’m old enough to remember when seat belts were optional. And I remember people up in arms when seatbelt laws first passed. But now, my young adult children and their friends simply get in the car and buckle up without...more
Once defined, installed, and surrounded with a consequence management system, a corporate culture is not fixed in stone. To the contrary, as the business adapts through growth, innovation or in response to outside market and...more
The Justice Department finally released its new policy to improve corporate preservation of data generated by executives and employees. In this new technology era, companies have had significant gaps in collecting and...more
3/22/2023
/ Bring Your Own Device (BYOD) ,
Compliance ,
Corporate Misconduct ,
Criminal Investigations ,
Data Preservation ,
Department of Justice (DOJ) ,
Electronic Communications ,
Electronically Stored Information ,
Evidence ,
Information Governance ,
New Regulations ,
Risk Management
It is fun to follow all the early year views of trends, predictions and survey results. The beginning of the year includes lots of perspectives and analyses.
Corporate boards are at the center of these important views....more
I always enjoy pulling out the crystal ball and looking forward with due consideration of last year’s trends. It is a perspective that gives us all the opportunity to identify important trends and to set an agenda for the...more
I admit I may be a little late in completing some of my 2022 retrospective postings. Nevertheless, I have to announce Corruption, Crime & Compliance’s Person of the Year Award. Although my posting is not done with as much...more
It is easy to be dogmatic in blog postings — to express an unvarnished opinion that sounds valid. While it may not be supported by hard data or valid evidence, compliance officers are used to trusting their “gut feelings,”...more