Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Compliance Tip of the Day: COSO Governance Framework: Part 4, Culture
Compliance Tip of the Day: COSO Governance Framework: Part 1, Introduction
Compliance Tip of the Day: Internal Control Deficiencies
FCPA Compliance Report: Stay the Course: Ellen Lafferty on Navigating Anti-Corruption Compliance in 2025
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Key Discovery Points: BYOD Case Law Covering Subpoenas and Employee Handbooks
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance Tip of the Day: COSO Objective 3 – Control Activities
Compliance Tip of the Day – COSO Objective 1 – Control Environment
Compliance Tip of the Day: Code of Conduct as an Internal Control
Rethinking Records Retention
Compliance Tip of the Day: Internal Controls for GTE
FCPA Compliance Report: Revolutionizing Speak Up: Ariel D. Weindling on Enhancing Whistleblower Systems
Compliance Tip of the Day: Implementing Internal Controls
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance Amidst a Global Consensus Breakdown
Consider the following real-life scenarios: - An airline’s AI-powered chatbot promises a customer that it could provide a steep discount for a bereavement flight – a promise that goes directly against company policy. A...more
In a remarkable development revealing the increasing integration of Artificial Intelligence into business operations, insurers at Lloyd’s of London have launched focused coverage for losses caused by artificial intelligence...more
Chief Compliance Officers face the challenge of running a comprehensive yet efficient compliance program that nimbly adapts to changing regulatory requirements and business practices. As compliance consultants, we see our...more
The Bottomline: Five Practical Steps for Generative AI Risk Management - As the first line of defense, employees within business operations must own and manage risks related to the business, including risks resulting from...more
The Digital Operational Resilience Act (DORA) establishes a harmonised and comprehensive framework for information and communication technology (ICT) risk management in the financial sector. It is a directly applicable EU...more
Pre-hedging has been the subject of significant debate within the financial industry in recent years, with concerns often raised over potential conduct and market integrity issues. The regulatory landscape remains fragmented,...more
On September 24th and 25th, the National Institute of Standards and Technology (NIST) convened a symposium to generate new insights about the next steps needed to unleash AI innovations that will enable trust in this...more
This week, leading up to Halloween, I will examine lessons for compliance professionals through the lens of the great Universal Movie Monsters: Frankenstein, Wolfman, Dracula, and The Mummy. Today, we consider what compliance...more
Last month, the U.S. Department of Justice’s (“DOJ”) Criminal Division announced its periodical update to its Evaluation of Corporate Compliance Programs (“ECCP”), zeroing in on how companies manage risk related to artificial...more
The use of forced labor, child labor, or modern slavery practices (collectively “forced labor”) in supply chains is not a new problem in the international trade world; however, many companies remain unaware of forced labor...more
Ethics and compliance officers have long had an uneasy relationship with corporate sustainability efforts, mostly because most compliance officers aren’t quite sure they want – or know how to handle – responsibility for it. ...more
The Financial Services Institute in collaboration with Conyers, Grant Thornton and Cayman Finance hosted its fourth comprehensive training seminar on “Preparing for an Onsite Inspection from the Cayman Islands Monetary...more
More than two months after the February 2024 Change Healthcare cyber-ransom attack, the healthcare industry continues to grapple with the fallout, creating significant challenges, disruptions, and outages to the healthcare...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
On November 1, 2023, New York Department of Financial Services (NYDFS or the “Department”) released the finalized revisions (the “Second Amendment”) to 23 NYCRR Part 500 (Part 500) – the most significant modifications to Part...more
The growing concern around cyberthreats for companies across the nation is reflected in the increasingly crowded legislative landscape that provides guidance to organizations, employers, employees, consumers, and investors....more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
Traditionally deployed to protect a corporation from its board’s imprudent investment or financial decision-making, in recent years shareholders have taken to bringing derivative actions on a corporation’s behalf for its...more
Artificial intelligence (AI) is nothing new to the healthcare industry, as many organizations and clinicians have utilized such tools in some capacity for many years. Imaging-related AI to support radiologists is not...more
I recently had the chance to visit with Jonathan Armstrong on a recent data breach case that occurred in the health service provider NHS Lanarkshire (Scotland) during the COVID-19 pandemic. This breach serves as a stark...more
There is a great YouTube video that has been circulating the internet for half a decade that reimagines a heuristically programmed algorithmic computer “HAL-9000” as Amazon Alexa in an iconic scene from “2001: A Space...more
On June 28, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a settlement (resolution agreement and corrective action plan) with iHealth Solutions (also known as Advantum Health)...more
In our last newsletter, we discussed due diligence as it relates to selection of vendors. The second part of that exercise is to negotiate your agreement with the vendor to properly manage any risks you identified. In this...more
Online sports betting has become a booming industry in recent years, with millions of people placing bets and wagers from their phones and computers. Ever since Murphy v. NCAA, the 2018 case in which the United States Supreme...more
The attention on IT Risk and Cybersecurity risk management policies is reaching new heights — again. It doesn’t matter if you’re a large enterprise like Uber or a small / midcap company; there’s one common thread as we start...more