Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Daily Compliance News: July 21, 2025, The More Reasons Not to Go to China Edition
10 For 10: Top Compliance Stories For the Week Ending July 19, 2025
Compliance Tip of the Day: COSO Governance Framework - Part 5, People
Compliance Tip of the Day: COSO Governance Framework: Part 4, Culture
Daily Compliance News: July 17, 2025, The COSO Yanked Edition
Compliance Tip of the Day: COSO Governance Framework: Part 2, Oversight
Compliance Tip of the Day: COSO Governance Framework: Part 1, Introduction
Daily Compliance News: July 14, 2025, The Secret Business Sauce-Reading Edition
Episode 377 -- Refocusing Due Diligence on Cartels and TCOs
10 For 10: Top Compliance Stories For the Week Ending, July 12, 2025
Daily Compliance News: July 11, 2025, The What is a COI Edition
Treating Compliance Like an Asset
Five Tips for a New Public Company Director
Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Everything Compliance: Episode 156, To Document or Not Edition
Daily Compliance News: June 26, 2025, The? Matt Galvin Honored Edition
Compliance into the Weeds: Boeing’s New Safety Initiatives and Compliance Reforms
On April 8, 2025, the UK government published the Cyber Code of Practice (the “Code”) to support board directors in governing cybersecurity risks. The Code is available online. The UK’s data protection regulator is actively...more
Cyberattacks are affecting every company and sector. Meanwhile, the regulatory landscape is intensifying as the SEC continues to enforce the cyber-risk management disclosure rules. Every day presents a new compliance and...more
At what point has a director served too long? What about term limits? A mandatory retirement age? When do a director’s skills become stale? These issues are addressed in this issue of The Informed Board, as well as why proxy...more
On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more
On Monday the Federal Trade Commission issued a press release stating it is settling a case against Drizly and its CEO for a data breach that exposed the information of 2.5 million consumers in July 2020. The proposed...more
The crucial question that a company and its board will face if it suffers a cyber security breach is: "Had you taken reasonable steps to try to prevent a breach, and to prepare to handle any breach that occurred?" If the...more
Where We Stand - This year kicks off against the backdrop of the security flaw found in Log4j, a system-logging code library widely used in applications and services across the Internet. In the aftermath of this crisis, a...more
Cyber attacks continue to be one of the most concerning risks to businesses. COVID-19 is only exacerbating those risks. Add to that the D&O litigation that happens after a cyber event, and you have a recipe for disaster for...more
Takeaways - Boards need to take an active role overseeing cybersecurity measures. - Directors may be held personally responsible for lapses that result in attacks. - U.S. money laundering and sanctions rules may prohibit...more
Synopsis: On January 6, 2020, Andrew Smith, director of the Federal Trade Commission’s Bureau of Consumer Protection, outlined in a blog post the agency’s new approach to data security orders. The agency implemented this...more
Every company should expect that at some point it will experience a data breach. Whether as a result of hackers, disgruntled employees, or careless acts such as losing an unencrypted phone or laptop, data breaches may subject...more
In this episode, the third of three building on Akin Gump’s annual Top 10 Topics for Directors report, partner Michelle Reed discusses the critical question of cybersecurity and the corporate world. Among the topics covered: ...more
In a recent speech, SEC Commissioner Kara Stein commented on the importance of cybersecurity. The Commissioner noted that encouraging adoption of written policies and procedures, voluntary frameworks and non-binding guidance...more
A new report commissioned by Tanium and Nasdaq finds that 90% of corporate executives admit that they can’t read a cybersecurity report and up to 40% of corporate executives do not feel personally responsible for...more
Results from the SEC’s First Round of Cybersecurity Examinations - On February 3, 2015, the OCIE published a risk alert summarizing its findings from its examinations of over 100 registered investment advisers and...more
In April 2014, the Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert announcing its first cybersecurity sweep initiative. Pursuant to that initiative,...more
In an environment where even the largest and most powerful corporations have fallen victim to data breaches, it can be challenging to fathom how to protect against the sophisticated and ever-evolving threat of cyber attacks....more
FINRA recently issued a Report on Cybersecurity Practices (“Report”), growing out of its targeted examination of firms last year. To issue the Report, FINRA gave careful consideration to the needs of many broker-dealers for...more
Part 4 in our continuing series: “Cyber Risks – Director Liability and Potential Gaps in D&O Coverage”: Coverage For Investigations - One of the biggest gaps in coverage in D&O coverage today is the lack of...more