Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Compliance Tip of the Day: COSO Governance Framework: Part 4, Culture
Compliance Tip of the Day: COSO Governance Framework: Part 1, Introduction
Compliance Tip of the Day: Internal Control Deficiencies
FCPA Compliance Report: Stay the Course: Ellen Lafferty on Navigating Anti-Corruption Compliance in 2025
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Key Discovery Points: BYOD Case Law Covering Subpoenas and Employee Handbooks
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance Tip of the Day: COSO Objective 3 – Control Activities
Compliance Tip of the Day – COSO Objective 1 – Control Environment
Compliance Tip of the Day: Code of Conduct as an Internal Control
Rethinking Records Retention
Compliance Tip of the Day: Internal Controls for GTE
FCPA Compliance Report: Revolutionizing Speak Up: Ariel D. Weindling on Enhancing Whistleblower Systems
Compliance Tip of the Day: Implementing Internal Controls
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance Amidst a Global Consensus Breakdown
When conducting the dry run for your annual meeting, be sure to cover – to the extent you can – the unexpected by conducting scenario planning. Things might go according to plan, but they might not. Better to be safe than...more
Una reforma reciente en México introduce cambios regulatorios significativos, que incluyen requisitos de reporte anual para emisoras de valores y otros participantes del mercado de valores, incluidas las emisoras extranjeras....more
A recent reform in Mexico creates significant regulatory changes, including annual reporting requirements for securities issuers and other securities market participants – including foreign issuers. Under the resolution,...more
As we bid farewell to 2024, we welcome not only another year but also several new disclosure requirements. In this Snapshot, we summarize several developments and best practices for public companies to consider as the 2024...more
Key Point: The decision making processes to determine whether a cybersecurity incident is material or not, should include documenting the factors behind each determination and should be practiced before an incident occurs. ...more
In a narrow 3-2 decision on July 26, the SEC adopted its final rule concerning cybersecurity risk management, strategy, governance, and incident disclosure (the “Final Rule”). Below we highlight some of the principal changes...more
On July 26, 2023, the Securities and Exchange Commission (“SEC”) adopted final rules, rule amendments and form amendments to expand and standardize disclosures regarding cybersecurity risk management, strategy, governance,...more
The SEC’s Cybersecurity Proposals - The SEC has proposed four rules designed to address cybersecurity risk and management, including incident reporting by public companies....more
Last month, Gurbir Grewal, the Director of the SEC’s Division of Enforcement, spoke at the Financial Times Cyber Resilience Summit. During the remarks, he outlined the importance of cybersecurity and signaled that the SEC is...more
Based on updates to its rulemaking agenda that were released last week, the U.S. Securities and Exchange Commission (SEC) has delayed approval of two cybersecurity rules until at least October 2023. Both proposed rules were...more
Agencies Issue Final Guidance on Third-Party Risk Management - On June 6, the Federal Reserve, FDIC, and OCC issued final joint guidance (the Guidance) pertaining to banking organizations’ risk management of third-party...more
The U.S. Department of Justice (DOJ) recently released new guidance announcing several policy changes to further strengthen and clarify its approach to prosecuting corporate crime. The guidance, released through a memorandum...more
What are the new rules? Earlier this year, the Securities and Exchange Commission (“SEC”) published a new set of proposed cybersecurity disclosure rules for public companies. The proposed rules would significantly increase...more
Corporate risk and compliance officers already labor under an influx of concerns related to cybersecurity, so you might have missed this latest news: the U.S. Securities and Exchange Commission has proposed new rules for more...more
On March 9, 2022, the U.S. Securities and Exchange Commission (SEC) proposed a number of new rules to enhance public companies’ reporting of (i) cybersecurity incidents, (ii) their policies and procedures for identifying and...more
On March 9, 2022, the SEC released proposed rules intended to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and cyber incident reporting by companies that are subject to the...more
Continuing its active regulatory agenda, the Securities and Exchange Commission on March 9, 2022, proposed new cybersecurity regulations for reporting public companies. Although couched as a series of “disclosure”...more
Discover how to set and accomplish your ESG goals - Environment, Social, and Governance (ESG) is no longer an isolated function within a company, nor is it an issue only for publicly traded companies. It’s front and...more
On March 23, the SEC Division of Enforcement (Enforcement) issued a public statement bluntly warning issuers and insiders connected to them, along with broker-dealers and investment advisers, about the unique risks of insider...more
The novel coronavirus (COVID-19) outbreak, first identified in Wuhan, China, has spread beyond China's borders to dozens of countries, infecting tens of thousands of people and causing a mounting number of fatalities. In...more
A recent report by a pro-transparency group and The Wharton School found a clear trend among S&P 500 companies toward increased disclosures and oversight regarding their political spending. Per the report, more than half of...more
The #MeToo movement has had an enormous impact on corporate America. Workplace harassment and sexual misconduct are not new concepts and have been the focus of litigation for many years. However, the power of the #MeToo has...more
On October 16, 2018, the SEC released an Investigative Report detailing recent email spoofing schemes that caused nine public companies to lose a total of nearly $100 million. Building on its February 2018 guidance about the...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
On Feb. 22, 2018, the Securities and Exchange Commission (SEC) issued its first interpretive guidance since October 2011 on public companies’ cybersecurity risk and incident disclosure obligations. ...more