eDiscovery and Compliance Programs
ERGs: Valuable or Vulnerable?
Managing Whistlelbowers
Data Driven Compliance: The Failure to Prevent Fraud Offense: Insights for US General Counsels with Mike DeBernardis
Compliance Tip of the Day: Using AI to Embed Your Compliance Program
Compliance Tip of the Day: Trust and Verify
Great Woman in Compliance: Building Strategic and Effective Risk Assessments
Compliance into the Weeds: The Dark Side of AI in Employee Training
Compliance Tip of the Day: AI Assistant for Compliance
Innovation in Compliance: Gaurav Kapoor on Risk Management and the Role of AI in GRC
How to Balance Diverse Views in the Office
Compliance Tip of the Day: Costs and Benefits of AI
Adventure in Compliance: The Novels - The Valley of Fear, Whistleblowers and Corporate Compliance
Sunday Book Review: August 17, 2025, The More Books from the Ethicsverse Library Edition
Compliance Tip of the Day: How a CFO Views Compliance and Risk
Data Driven Compliance – James Tillen on the Importance of Cross-Functional Collaboration in Complying with the FTPF Offense
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Great Women in Compliance: The Mind at Work with Lynette Buebird
Compliance Tip of the Day: Finance Models for Compliance
Compliance Tip of the Day - Extending Compliance Value Across Your Organization
On August 22, FINRA accepted a Letter of Acceptance, Waiver, and Consent (AWC) from a broker-dealer member firm regarding its alleged failure to establish and implement policies and procedures designed to detect suspicious...more
Imagine sitting in your living room, enjoying a cup of your favorite morning coffee, and you open your mail to discover that you recently opened a new bank account at XYZ Bank, unbeknownst to you. Or maybe you receive an...more
On January 12, the CFPB released a report that identified an uptick in identity theft reported by servicemembers. The report found that military consumers (defined as active duty servicemembers, veterans, and military family...more
On December 5, 2022, the Division of Examinations (EXAMS) of the Securities and Exchange Commission (SEC) issued a Risk Alert regarding recently observed compliance issues with respect to Regulation S-ID. Under Regulation...more
On February 9, the SEC proposed new cybersecurity risk management regulations for investment advisers, registered investment companies (funds), and business development companies....more
Hope for the best, but plan for the worst. Join us as we address ways to protect family privacy from external threats, and policies and procedures for handling information that individual family members wish to keep private...more
Life under a rock has its benefits - you probably don't get many houseguests, and you're never sunburned. But there are some drawbacks, too. The main one is that you definitely don't know what's been going on out here in the...more
• On May 23, 2019, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert describing its observations in past examinations of weaknesses and best practices...more
On May 23, 2019, the United States Securities and Exchange Commission (“SEC”)’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert entitled “Safeguarding Customer Records and Information in Network...more
Early last year, I posted about tougher, bi-partisan privacy and data security legislation in the works in North Carolina. North Carolina State Representative Jason Saine (R), Senior Appropriations Chair, teamed-up with North...more
An amendment to New Jersey’s data breach notification requirements of the Consumer Fraud Act is currently awaiting signature by State Governor Phil Murphy. The bill, Assembly No. 3245, was recently passed by both the New...more
The Securities and Exchange Commission recently settled with Voya Financial Advisors, Inc. for alleged violation of Regulation S-ID (otherwise known as the Identity Theft Red Flags Rule) and Regulation S-P (otherwise known as...more
Adding insult to injury, the Securities and Exchange Commission (SEC) fined Voya Financial Advisors Inc. (VFA) $1 million and ordered a comprehensive two-year review by a compliance consultant, following a cyber-attack on...more
In an environment where even the largest and most powerful corporations have fallen victim to data breaches, it can be challenging to fathom how to protect against the sophisticated and ever-evolving threat of cyber attacks....more
Highlights Areas of High Risk and Examination Priorities for Financial Industry Firms - On September 15, the U.S. Securities and Exchange Commission’s (SEC’s) Office of Compliance, Inspections and Examinations (OCIE),...more
With no Congressional consensus to adopt a federal data privacy and breach notification statute, states are updating and refining their already-existing laws to enact more stringent requirements for companies. Two states...more
WISP is the acronym for Written Information Security Policy. The information at issue is an individual’s personal information and identifiers, such as a Social Security number, driver’s license number, credit or debit card...more