eDiscovery and Compliance Programs
ERGs: Valuable or Vulnerable?
Managing Whistlelbowers
Data Driven Compliance: The Failure to Prevent Fraud Offense: Insights for US General Counsels with Mike DeBernardis
Compliance Tip of the Day: Using AI to Embed Your Compliance Program
Compliance Tip of the Day: Trust and Verify
Great Woman in Compliance: Building Strategic and Effective Risk Assessments
Compliance into the Weeds: The Dark Side of AI in Employee Training
Compliance Tip of the Day: AI Assistant for Compliance
Innovation in Compliance: Gaurav Kapoor on Risk Management and the Role of AI in GRC
How to Balance Diverse Views in the Office
Compliance Tip of the Day: Costs and Benefits of AI
Adventure in Compliance: The Novels - The Valley of Fear, Whistleblowers and Corporate Compliance
Sunday Book Review: August 17, 2025, The More Books from the Ethicsverse Library Edition
Compliance Tip of the Day: How a CFO Views Compliance and Risk
Data Driven Compliance – James Tillen on the Importance of Cross-Functional Collaboration in Complying with the FTPF Offense
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Great Women in Compliance: The Mind at Work with Lynette Buebird
Compliance Tip of the Day: Finance Models for Compliance
Compliance Tip of the Day - Extending Compliance Value Across Your Organization
While corporate leaders often view cybersecurity as a technical challenge, contributing author Phil Favro illustrates the legal and organizational dimensions of cybersecurity in this recent article. Favro emphasizes that...more
Let’s talk about something that doesn’t get enough attention: protecting your employees’ sensitive personal information. In today’s digital world, keeping your team’s data safe isn’t just a nice-to-have—it’s absolutely...more
In April, we posted about the U.S. Department of Labor’s (DOL) Employee Benefits Security Administration (EBSA) issuing cybersecurity guidance for employee retirement plans. That is, April 14, 2021. Shortly thereafter, the...more
The current COVID-19 pandemic has forced many businesses online in order to survive. In many cases, businesses had no plans to be online. Others were forced to move online more quickly than planned. In order to assist these...more
In a set of recent settlements, the Federal Trade Commission (the FTC or Commission) resolved charges against two companies, ClixSense and D-Link, for failing to provide reasonable security and to live up to their data...more
I am hardly saying that SEC Regulation S-P is the sexiest of regulations. I mean, has any customer is history actually read one of those exciting statement stuffers that discloses in some dense font a BD’s privacy policy?...more
This client alert will briefly outline key upcoming deadlines under the New York State Department of Financial Services (DFS) Cybersecurity Regulation (the “Regulation”). These include annual filing deadlines coming up in...more
On September 1, 2018, five new requirements included in the New York State Department of Financial Services’ (DFS) Cybersecurity Regulation go into effect – (1) audit trails, (2) application security, (3) data disposal...more
Due to some last-minute bargaining between state lawmakers and proponents of a controversial data privacy initiative, California businesses will soon need to prepare to comply with a new state measure designed to protect...more
When was the last time your organization did an assessment of its cybersecurity preparedness? October was designated as Cybersecurity Awareness Month. Even though October is coming to a close, it is important to continue your...more
On September 13, 2016, the New York State Department of Financial Services (DFS) proposed new rules that would require certain “Covered Entities” to establish and implement cybersecurity programs designed to protect nonpublic...more
On September 22, the U.S. Securities and Exchange Commission (“SEC”) and R.T. Jones Capital Equities Management, Inc. (“R.T. Jones”), a St. Louis-based investment adviser, settled charges that R.T. Jones failed to adopt...more
Highlights Areas of High Risk and Examination Priorities for Financial Industry Firms - On September 15, the U.S. Securities and Exchange Commission’s (SEC’s) Office of Compliance, Inspections and Examinations (OCIE),...more
A registered investment adviser agreed to settle SEC charges that it failed to adopt adequate cybersecurity policies and procedures reasonably designed to protect customer records and information as required by Rule 30(a) of...more
On September 22, 2015, the Securities and Exchange Commission (SEC) announced the settlement of an enforcement action against a St. Louis-based registered investment adviser (Adviser) brought under Rule 30(a) of Regulation...more