Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Compliance Tip of the Day: COSO Governance Framework: Part 4, Culture
Compliance Tip of the Day: COSO Governance Framework: Part 1, Introduction
Compliance Tip of the Day: Internal Control Deficiencies
FCPA Compliance Report: Stay the Course: Ellen Lafferty on Navigating Anti-Corruption Compliance in 2025
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Key Discovery Points: BYOD Case Law Covering Subpoenas and Employee Handbooks
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance Tip of the Day: COSO Objective 3 – Control Activities
Compliance Tip of the Day – COSO Objective 1 – Control Environment
Compliance Tip of the Day: Code of Conduct as an Internal Control
Rethinking Records Retention
Compliance Tip of the Day: Internal Controls for GTE
FCPA Compliance Report: Revolutionizing Speak Up: Ariel D. Weindling on Enhancing Whistleblower Systems
Compliance Tip of the Day: Implementing Internal Controls
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance Amidst a Global Consensus Breakdown
For many years, corporate compliance officers have followed a certain natural process. First, regulators adopt a new rule, then you decipher how the arrival of that new rule might require changes to your policies, procedures...more
The Digital Operational Resilience Act (DORA) establishes a harmonised and comprehensive framework for information and communication technology (ICT) risk management in the financial sector. It is a directly applicable EU...more
The Digital Operational Resilience Act EU 2022/2554 (DORA) constitutes a groundbreaking EU regulation designed to establish a unified framework for bolstering cybersecurity and operational resilience within the financial...more
On August 1, 2024, the regulation of artificial intelligence (AI) took a major leap forward as the EU AI Act officially entered into force. While the Act is enforced within the EU, its extraterritorial scope has important...more
The Personal Information Protection Act ("PIPA") comes into full force on 1 January 2025. All organisations in Bermuda are expected to be in compliance with it by that date – time is running out! The Privacy Commissioner...more
“In assessing a generative AI product, it is critical to understand issues of data ownership and privacy. This cumbersome task is necessary to learn how the AI platform will use data, if the data shared is entering an open or...more
What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more
We asked our global white collar crime team for their views on the key challenges in 2024 for in‑house investigations teams and white collar crime lawyers, and how to manage the associated risks. Here is what they said. ...more
On October 4, 2023, United States Deputy Attorney General (DAG) Lisa Monaco announced a new Department of Justice (DOJ) Mergers & Acquisitions Safe Harbor policy that encourages companies to self-disclose criminal misconduct...more
On July 31, the European Commission adopted the first set of rules under the European Sustainability Reporting Standards (ESRS). The ESRS is an important follow-up to the adoption of the Corporate Sustainability Reporting...more
So far, in this three-part series, we discussed the various kinds of whistleblowing hotlines and the key components that comprise of a whistleblower hotline. In part three, we’ll discuss the four characteristics of a...more
In-person is back! Join us in Amsterdam for the 2023 European Compliance & Ethics Institute! Strengthen your compliance and ethics program by attending our 11th annual European Compliance and Ethics Institute, 20-22 March...more
Given the challenges of conducting clinical trials during the COVID-19 pandemic, many countries — including France — have allowed for some use of remote quality controls. In response to guidelines issued recently by European...more
Register for NAVEX Next, our annual risk and compliance virtual conference. Formerly the Ethics & Compliance Virtual Conference (ECVC), the new name recognizes that we must be forward-looking as we face an increasingly...more
Whether you are ready or not, the European Union (EU) General Data Protection Regulation (GDPR) goes live today, May 25, 2018. It will impact companies doing business in the United Kingdom (UK) and the EU as much as any other...more
Today we are going to take a look at some of the basic policies and procedures that you need to have in place to comply with the new General Data Protection Regulation (GDPR) effective May 2018. I am joined in the exploration...more
Four Things Compliance Practitioner Should Know About the Eurasian Economic Union - An effective Compliance risk management at emerging markets for any business significantly depends on timeous observation of changes in...more