What to Do When Leadership Doesn’t Take Compliance Seriously
Data Driven Compliance: Understanding the ECCTA and Its Impact with Jonathan Armstrong
Innovation in Compliance: Operationalizing Trust at Scale: A Conversation with Amanda Carty on Compliance and AI
Hill Country Authors – Exploring the Challenges of a Green Transition with Tom Ortiz
Compliance into the Weeds: A Deep Dive into Cadence Design Systems’ Export Control Violations
Daily Compliance News: August 5, 2025, The Staying Focused Edition
Adventures in Compliance: The Novels - The Valley of Fear, Introduction and Compliance Lessons Learned
FCPA Compliance Report: Navigating Corporate Scandals: Insights on Governance, Compliance, and Recovery with Steve Vincze
Daily Compliance News: August 1, 2025, The All AI Edition
Episode 381 -- NAVEX's 2025 Annual Hotline Report
12 O’Clock High, a podcast on business leadership: Building Trust and Relationships: The Power of Compliance and Ethics with Jacqui Pruet
Data Driven Compliance: Understanding the ECCTA and Its Impact on Fraud Prevention with Vince Walden
What’s in Your Operating Agreement? Legal Tips for Healthcare Providers
Nonprofit Quick Tips: State Filings in Alabama and Arkansas
Innovation in Compliance: Scaling Compliance Programs: Insights from a Navy Veteran and Compliance Leader
Compliance Tip of the Day: Strategies for Embedding Compliance into your Organization
10 For 10: Top Compliance Stories For the Week Ending, July 26, 2025
Compliance and AI: Navigating Risk Management in the AI Era with Gaurav Kapoor
Daily Compliance News: July 25, 2025, The New Sheriff in Town Edition
On April 8, 2025, the UK government published the Cyber Code of Practice (the “Code”) to support board directors in governing cybersecurity risks. The Code is available online. The UK’s data protection regulator is actively...more
On March 23, 2025, 23andMe, a pioneer in the field of genetic testing and consumer healthcare, announced it had filed for Chapter 11 bankruptcy in the U.S. Bankruptcy Court for the Eastern District of Missouri. The objective...more
If you hang out with CISOs like I do, shadow IT has always been a difficult problem. Shadow IT refers to refers to “information technology (IT) systems deployed by departments other than the central IT department, to bypass...more
In today’s hyperconnected world, cyberattacks are no longer a question of if but when. For general counsels (GCs), the responsibility extends far beyond legal risk management - it’s about guiding the organization through the...more
Cyberattacks are affecting every company and sector. Meanwhile, the regulatory landscape is intensifying as the SEC continues to enforce the cyber-risk management disclosure rules. Every day presents a new compliance and...more
Welcome to our eighth 2024 issue of Decoded - our technology law insights e-newsletter. Thank you for reading. EU AI Act Tightens Grip on High-Risk AI Systems: Five Critical Questions for U.S. Companies - Why this is...more
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more
The Securities and Exchange Commission (“SEC”) adopted new rules requiring the disclosure of cybersecurity risk management, strategy, governance and material incidents (the “Rules”), effective September 5, 2023. The Rules...more
Clearly defined roles and responsibilities are an essential component of an effective compliance program. Failure to adequately assign responsibility can lead to gaps in compliance coverage and a lack of accountability. ...more
As cyber threats have evolved and expanded, cybersecurity has emerged as a threat to organizations across sectors, and there is more urgency than ever for companies to remain vigilant and prepared. Cybersecurity incidents can...more
On Monday the Federal Trade Commission issued a press release stating it is settling a case against Drizly and its CEO for a data breach that exposed the information of 2.5 million consumers in July 2020. The proposed...more
The crucial question that a company and its board will face if it suffers a cyber security breach is: "Had you taken reasonable steps to try to prevent a breach, and to prepare to handle any breach that occurred?" If the...more
Ken Mendelson welcomes back Andy Cottrell, the founder and CEO of cybersecurity consulting firm Truvantis to talk more about cybersecurity frameworks. They discuss the difference between a cyber audit and cyber assessment and...more
Cyber attacks continue to be one of the most concerning risks to businesses. COVID-19 is only exacerbating those risks. Add to that the D&O litigation that happens after a cyber event, and you have a recipe for disaster for...more
Takeaways - Boards need to take an active role overseeing cybersecurity measures. - Directors may be held personally responsible for lapses that result in attacks. - U.S. money laundering and sanctions rules may prohibit...more
Cybersecurity and Privacy - Despite cries from corporations and privacy advocates across America for a unified federal privacy law, the nation’s toughest privacy law—the California Consumer Privacy Act (CCPA)—went into...more
At the end of January, the U.S. Securities and Exchange’s Office of Compliance Inspections and Examinations (OCIE) released its “Observations on Cybersecurity and Resiliency Practices” (Observations)....more
This guide has been compiled to give an overview of the rudimentary legal aspects that should be considered by anyone thinking of establishing a business in the UK. It is aimed at businesses that may already be established in...more
IMPACT OF EQUIFAX, FACEBOOK SETTLEMENTS - Health care industry boards should give close attention to the governance implications of recent privacy settlements entered into by Equifax and Facebook. Their unique facts...more
Every company should expect that at some point it will experience a data breach. Whether as a result of hackers, disgruntled employees, or careless acts such as losing an unencrypted phone or laptop, data breaches may subject...more
In this episode, the third of three building on Akin Gump’s annual Top 10 Topics for Directors report, partner Michelle Reed discusses the critical question of cybersecurity and the corporate world. Among the topics covered: ...more
In this episode, I visit with Jonathan Armstrong on the recent UK court of appeals decision in the Morrisons’ case. This decision stretched the limits of vicarious liability for a corporation to the absolute breaking point...more
In a recent speech, SEC Commissioner Kara Stein commented on the importance of cybersecurity. The Commissioner noted that encouraging adoption of written policies and procedures, voluntary frameworks and non-binding guidance...more
EXECUTIVE SUMMARY - 1. Cybersecurity threats. Cybersecurity preparedness is essential in 2018 as the risk of, and associated adverse impact of, breaches continue to rise. The past year redefined the upward bounds of the...more