Compliance into the Weeds: Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 2 - Risk Assessment
FCPA Compliance Report: Fraud Risk Management - Insights and Experiences with Peter Schablik
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Compliance Tip of the Day: COSO Framework
#Risk New York Speaker Series: Exploring AI Risks in Compliance with Gwen Hassan
Healthcare Enterprise Risk Management
Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
On July 24, 2025, the California Privacy Protection Agency (CPPA) approved final regulations (the Rule) under the California Consumer Privacy Act (CCPA) governing Automated Decision-Making Technology (ADMT), including...more
On July 24, 2025, the California Privacy Protection Agency (“CPPA”) unanimously voted to adopt a package of Proposed Regulations for the California Consumer Privacy Act (“CCPA”), marking a significant development in...more
“You don’t rise to the level of your goals. You fall to the level of your systems.” — James Clear - Most security programs look good on paper. Policies exist. Controls are mapped. Frameworks are followed. Audits get...more
The legal profession, long associated with tradition and precedent, is undergoing a transformation as profound as any in its history. Technological innovation, shifting business expectations, and the relentless drive for...more
The 2025 Mitratech Third-Party Risk Management (TPRM) Study conveys a clear message: the third-party risk landscape is evolving into a complex, interconnected ecosystem — one where every vendor, supplier, and partner plays a...more
Enterprises don’t have a staffing problem. They have a systems problem. In a recent engagement, we were engaged to help improve a global SOC operation. Despite having over 30 analysts on staff, the team was missing...more
To help you stay on top of the latest news, our AI practice group has compiled a roundup of the developments we are following....more
Artificial intelligence (AI) is widely transforming digital health, including by automating certain patient communications. However, as health care companies consider deploying AI-driven chatbots, texting platforms, and...more
When zero becomes one, possibility leaps out of the void, as Peter Thiel champions in his book, Zero to One. But what happens when the entrepreneur is foolish and pushes his scientists to open a Pandora’s box? What happens...more
More vendors were supposed to mean more protection. The thinking was simple: pick the best in every category—endpoint, identity, SIEM, automation—and assemble a flexible, layered defense. But over time, that flexibility...more
On March 24, 2025, the Federal Risk and Authorization Management Program (“FedRAMP”) announced a major overhaul of the program, which is being called “FedRAMP 20x.” The FedRAMP 20x announcement stated there are no immediate...more
Tool sprawl is paralyzing enterprise security teams. Learn how to shift from fragile, over-engineered stacks to agile security architectures that accelerate progress....more
Even the strongest IT/DR plans can fail if they aren’t proactive about avoiding these common mistakes. When systems go down, business grinds to a halt. Downtime leads to $9,000 in losses per minute on average, damaged...more
Ready to ditch outdated guidelines and adopt a fresh take on your IT Disaster Recovery plans? Spring is the season of renewal, making it the perfect time to refresh not only physical spaces but also strategies and...more
Learn how automating third-party risk management (TPRM) can enhance efficiency, security, and compliance and help businesses proactively address vendor risks....more
The evolution of artificial intelligence (AI) has introduced systems capable of making autonomous decisions, known as agentic AI. While generative AI essentially “creates” – providing content such as text, images, etc. –...more
On November 22, 2024, the California Privacy Protection Agency (CPPA) formally proposed new regulations implementing the California Consumer Privacy Act (CCPA). Although the CCPA itself and previous CCPA regulations largely...more
On Nov. 8, the California Privacy Protection Agency (CPPA) Board voted to advance several significant privacy regulations, including new provisions under the CCPA affecting data brokers, as well as the initiation of the...more
On November 14, 2024, the Department of Homeland Security (“DHS”) announced a set of voluntary recommendations called the “Roles and Responsibilities Framework for Artificial Intelligence in Critical Infrastructure”...more
The California Privacy Protection Agency (CPPA) Board has initiated a formal rulemaking process on a new regulatory package, moving forward with proposals for automated decision-making technology (ADMT) rules, cybersecurity...more
Effective performance management is crucial – but companies are getting it wrong. Your team is your greatest asset, and how you manage their performance can make or break your success. But what happens when the tools you’ve...more
Artificial intelligence (AI) technology is advancing at an unprecedented rate, increasing in complexity while driving significant innovation across sectors. In response to the rapid development of AI, myriad compliance...more
Life science companies will have to grapple with unique questions in complying with the European Artificial Intelligence Act, including the scope of the law’s research exemption and the use of AI in personalized medicine and...more
Now that the European Union’s Artificial Intelligence (AI) Act has entered into force, the real work begins putting its obligations into practice. This article explores five compliance steps to take now to operationalize the...more
We were honored to host a conversation about the future of AI policy last week in Orrick’s San Francisco office -- and would like to share five takeaways with our clients and friends. The conversation featured: Tom Kemp,...more