Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Compliance Tip of the Day: COSO Governance Framework: Part 4, Culture
Compliance Tip of the Day: COSO Governance Framework: Part 1, Introduction
Compliance Tip of the Day: Internal Control Deficiencies
FCPA Compliance Report: Stay the Course: Ellen Lafferty on Navigating Anti-Corruption Compliance in 2025
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Key Discovery Points: BYOD Case Law Covering Subpoenas and Employee Handbooks
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance Tip of the Day: COSO Objective 3 – Control Activities
Compliance Tip of the Day – COSO Objective 1 – Control Environment
Compliance Tip of the Day: Code of Conduct as an Internal Control
Rethinking Records Retention
Compliance Tip of the Day: Internal Controls for GTE
FCPA Compliance Report: Revolutionizing Speak Up: Ariel D. Weindling on Enhancing Whistleblower Systems
Compliance Tip of the Day: Implementing Internal Controls
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance Amidst a Global Consensus Breakdown
In an era of stringent regulations and increasing legal risks, it has become essential for organizations to implement internal enforcement programs. However, in order for such programs to provide legal protection, they must...more
For many years, corporate compliance officers have followed a certain natural process. First, regulators adopt a new rule, then you decipher how the arrival of that new rule might require changes to your policies, procedures...more
The EU’s Digital Operational Resilience Act (DORA) becomes binding on 17 January 2025. As the compliance deadline approaches, EU financial regulators (ESAs) have issued a flurry of statements on the act, including: - An...more
The Digital Operational Resilience Act (DORA) establishes a harmonised and comprehensive framework for information and communication technology (ICT) risk management in the financial sector. It is a directly applicable EU...more
On 15 April 2024, Directive 2024/927/EU ("AIFMD II") entered into force, which marked a significant milestone for the European asset management industry. AIFMD II will introduce a harmonised framework for loan-originating...more
The following three regulatory technical standards supplementing the Digital Operational Resilience Act have been published in the Official Journal of the European Union: - RTS on the criteria for the classification of...more
The National Institute of Standards and Technology (NIST) Artificial Intelligence Risk Management Framework, published in January 2023, was designed to equip organizations with an approach that increases the trustworthiness...more
In-person is back! Join us in Amsterdam for the 2023 European Compliance & Ethics Institute! Strengthen your compliance and ethics program by attending our 11th annual European Compliance and Ethics Institute, 20-22 March...more
Register for NAVEX Next, our annual risk and compliance virtual conference. Formerly the Ethics & Compliance Virtual Conference (ECVC), the new name recognizes that we must be forward-looking as we face an increasingly...more
While COVID-19 dramatically spreads across Europe, all companies are being forced to implement new large scale remote working arrangements. During these times of crisis, it’s easy for proprietary and confidential information...more
The EU General Data Protection Regulation allows the temporary suspension of some data-protection rights in times of crisis, such as the outbreak of the 2019 Novel Coronavirus. This installment of The eData Guide to GDPR...more
HOW SHOULD MULTI-NATIONAL EMPLOYERS APPROACH THE CORONAVIRUS? Those that employ a global workforce are facing unique challenges with the evolving coronavirus outbreak. The number-one priority of every global employer is...more
We recently discussed the topic of risk management as it relates to artificial intelligence (AI) in financial services, and suggested certain tips for the financial services sector. This article is the first of a series that...more
Why does this topic matter to organisations? Whereas the remedies and sanctions available to DPAs under the Directive were comparatively low (generally subject to a maximum of less than €1 million per infringement, with...more
When the European Union’s General Data Protection Regulation (GDPR) became effective on May 25, 2018, many US-based hospitals struggled to determine whether they were subject to the GDPR and, if so, what they must do to...more
Whether you are ready or not, the European Union (EU) General Data Protection Regulation (GDPR) goes live today, May 25, 2018. It will impact companies doing business in the United Kingdom (UK) and the EU as much as any other...more
Although the GDPR comes into effect on May 25, 2018, the breadth of its reach will continue to develop long after its effective date. Domestic companies should be aware that the rules will likely change over time. While this...more
Today we are going to take a look at some of the basic policies and procedures that you need to have in place to comply with the new General Data Protection Regulation (GDPR) effective May 2018. I am joined in the exploration...more
Payment service providers operating in the EU must take note of new risk management requirements from the European Banking Authority. The European Banking Authority’s operational and risk management guidelines apply to all...more