You can always count on cyber-criminals and fraudsters to come out of the woodwork when a national crisis occurs. The COVID-19 pandemic has resulted in a multitude of criminal schemes....more
5/6/2020
/ Cloud Computing ,
Compliance ,
Coronavirus/COVID-19 ,
Cyber Crimes ,
Department of Justice (DOJ) ,
Email Policies ,
FBI ,
Fraud ,
Phishing Scams ,
Remote Working ,
Risk Management ,
Websites
Let’s face it – we have all suffered (and are continuing to suffer) through an extraordinary time. I know this is just another profound grasp of the obvious but the world is slowly recovering but with lots of changes and the...more
Under the U.S. Federal Sentencing Guidelines, in order to receive credit for having an effective compliance program, and thereby reduce the fines imposed on the organization, a Board of Directors must be “knowledgeable about...more
Companies dedicate time and resources to enterprise risk management. This is a much broader focus than legal and compliance risks – instead, enterprise risks identifies some of the major catastrophes — e.g. one company had...more
In this global pandemic crisis, every company is being tested. No matter how much time was put into emergency planning it is difficult to imagine that anyone could have foreseen the scope and nature of the current crisis....more
3/16/2020
/ Best Practices ,
Business Continuity Plans ,
China ,
Compliance ,
Coronavirus/COVID-19 ,
Crisis Management ,
Emergency Management Plans ,
Employer Liability Issues ,
Infectious Diseases ,
Policies and Procedures ,
Public Health ,
Risk Management
Chief compliance officers are heroes. They labor every day to advance a company’s ethics and compliance program without much recognition, with few resources, and with well-known gaps in their programs....more
3/3/2020
/ Anti-Corruption ,
Chief Compliance Officers ,
Compliance ,
Compliance Management Systems ,
Corporate Culture ,
Corporate Governance ,
Corruption ,
Ethics ,
Internal Controls ,
Leadership ,
Risk Management ,
White Collar Crimes
As companies move forward on third-party risk management programs, and as automated third-party risk solutions are being implemented, compliance professionals have to re-examine and re-balance the allocation of resources and...more
Compliance officers face almost an infinite number of risks – not to be trite, but CCOs can drive themselves crazy identifying every plausible legal and compliance risk a company faces. I am exaggerating a little bit to make...more
2/11/2020
/ Anti-Corruption ,
Chief Compliance Officers ,
Compliance ,
Compliance Management Systems ,
Cooperative Compliance Regime ,
Corporate Governance ,
Ethics ,
Internal Controls ,
Policy Management ,
Risk Management ,
Third-Party Risk ,
White Collar Crimes ,
Willful Misconduct
I am reluctant to start off the New Year with a negative comment or posting. But I have a significant concern about the path and current state of ethics and compliance....more
1/24/2020
/ Automation Systems ,
Chief Compliance Officers ,
Compliance ,
Corporate Governance ,
Ethics ,
Internal Controls ,
Leadership ,
Risk Management ,
Senior Managers ,
Technology ,
Vendors
Moving on, 2019 was a big year in OFAC compliance. The Sanctions Compliance Guidance was a major change in sanctions compliance. OFAC has set high expectations for compliance. Whether companies have received and responded to...more
The path of the compliance profession has been remarkable. Recently, I have seen a number of tweets and postings from compliance thought leaders touting the accomplishments of compliance and the transformation of the...more
1/17/2020
/ Analytics ,
Anti-Corruption ,
C-Suite Executives ,
Chief Compliance Officers ,
Compliance ,
Compliance Management Systems ,
Compliance Monitoring ,
Corporate Culture ,
Corporate Governance ,
Leadership ,
Risk Management ,
Senior Managers ,
Technology ,
White Collar Crimes
As a passionate supporter of the compliance function, I continue to advocate for compliance officers and the importance of compliance to overall governance. Good compliance means good business – we all know that....more
As everyone knows, I am an eternal optimist. Being a cynic always leads to negative energy and results. As a former federal prosecutor, I am deeply committed to the idea of doing the right thing....more
1/15/2020
/ Anti-Bribery ,
Anti-Corruption ,
Chief Compliance Officers ,
Compliance ,
Compliance Management Systems ,
Compliance Monitoring ,
Corporate Culture ,
Corporate Governance ,
Corporate Management ,
Corporate Misconduct ,
Innovative Technology ,
Leadership ,
Risk Management ,
White Collar Crimes
Global companies face extraordinary risks through their reliance on third-party agents, distributors, consultants and vendors/suppliers. Federal prosecutors and regulators have had a record year in FCPA and sanctions...more
12/15/2019
/ Automated Systems ,
Compliance ,
Corporate Entities ,
Enforcement Actions ,
Foreign Corporations ,
Foreign Corrupt Practices Act (FCPA) ,
Legal Technology ,
Risk Assessment ,
Risk Management ,
Risk Mitigation ,
Sanctions ,
Third-Party ,
Third-Party Liability ,
Vendors
Corporate cultures do not operate in a silo or free from external influences.
Yet again, another profound grasp of the obvious. Employees, managers and senior leadership all bring their own experiences, perspectives,...more
12/12/2019
/ Anti-Corruption ,
Compliance ,
Conflicts of Interest ,
Corporate Culture ,
Corporate Governance ,
Corruption ,
Ethics ,
Foreign Corrupt Practices Act (FCPA) ,
Political Expression ,
Risk Management ,
Tone At The Top
In today’s aggressive enforcement environment, corporate board members have a target on their respective backs. Even with robust liability insurance, corporate boards are operating in a state of “ignorance is bliss.” ...more
We all are living in an era of rapid technological development – everyone understands that basic point. Even in a small way, we can observe the impact in ethics and compliance. Start with the simple transition from “paper”...more
Corporate boards all want to believe that their companies maintain an ethical culture. Each board members knows the right words, platitudes and buzz words to use. No one can fault them there. But like every issue in life,...more
I guarantee you if you ask your corporate board to define “ethical culture” and “compliance,” and their actual day-to-day responsibilities in this area, you will quickly realize most board members have no clue. ...more
Businesses are increasingly relying on the cloud to store confidential and sensitive information. One-third of information technology budgets are used for cloud services. Rapid growth in cloud storage is expected over the...more
9/12/2019
/ Best Practices ,
Board of Directors ,
Cloud Computing ,
Compliance ,
Confidential Information ,
Cybersecurity ,
Data Management ,
Data Protection ,
Incident Response Plans ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management ,
Senior Managers
We all know that businesses rely on a large number of third-party vendors to support their business operations. Many of these third parties require access to a company’s data and its internal information and technology...more
9/11/2019
/ Class Action ,
Compliance ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Loss Prevention ,
Data Protection ,
Hackers ,
Incident Response Plans ,
Insurance Claims ,
Internal Controls ,
Popular ,
Public Relations ,
Risk Assessment ,
Risk Management ,
Third-Party Service Provider
Not to say, I told you so, but around the same time that the Capital One data breach occurred, I was reminding clients that nearly half of all significant data breaches or cyber-incidents occur because of internal actors. ...more
9/10/2019
/ Amazon Marketplace ,
Capital One ,
Cloud Computing ,
Compliance ,
Credit Cards ,
Cyber Attacks ,
Data Breach ,
Data Security ,
Data Theft ,
FBI ,
Financial Services Industry ,
GitHub ,
Identity Theft ,
Internal Controls ,
Personally Identifiable Information ,
Popular ,
Risk Management ,
Risk Mitigation ,
Slack ,
Third-Party Service Provider ,
Vendors
This is likely to be a politically incorrect posting. I hope I do not offend too many people, especially those new data privacy professionals.
As kids, we were always excited when an ice cream truck visited our...more
The California Consumer Privacy Act (CCPA) presents numerous compliance challenges for businesses. Given the heightened focus on consumer privacy and ever-increasing enforcement risks, companies have to move quickly to...more
8/21/2019
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Risk Management
When the federal government fails to assume responsibility for establishing law and policy in important federal areas of jurisdiction, the individual states then spring into action to fill the vacuum. ...more
8/20/2019
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Employee Training ,
Enforcement Authority ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Risk Management ,
State and Local Government