Compliance Tip of the Day: Why Engage in Pre-acquisition Due Diligence
Compliance Tip of the Day: Bringing Predictive Analytics into Your Compliance Regime
Compliance into the Weeds: Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 2 - Risk Assessment
FCPA Compliance Report: Fraud Risk Management - Insights and Experiences with Peter Schablik
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Compliance Tip of the Day: COSO Framework
#Risk New York Speaker Series: Exploring AI Risks in Compliance with Gwen Hassan
Healthcare Enterprise Risk Management
Compliance Tip of the Day: Assessing Internal Controls in International Operations
Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
On June 2, 2025, the New Jersey Office of Consumer Protection announced proposed rules for New Jersey’s comprehensive consumer privacy law, the New Jersey Data Privacy Act (NJDPA), which went into effect on January 16, 2025....more
Artificial intelligence (AI) is widely transforming digital health, including by automating certain patient communications. However, as health care companies consider deploying AI-driven chatbots, texting platforms, and...more
Governance, risk, and compliance (GRC) can feel like thankless work at times. You can’t ship risk mitigation to market. It's not usually reflected on your balance sheet. Only especially canny investors notice the absence of...more
The 1:10:100 rule—coined in 1992 by George Labovitz and Yu Sang Chang, the rule describes how much bad data costs. Preventing the creation of bad data at its source costs $1. Remediating bad data costs $10. Doing nothing...more
Wearable technologies are becoming increasingly common in the workplace, but a new guidance document from the Equal Employment Opportunity Commission (EEOC) has made it clear that employers need to tread carefully. From smart...more
Join our enlightening webinar to explore the critical role of data discovery in constructing a comprehensive and accurate data inventory, essential for streamlining privacy compliance and enhancing data governance. In this...more
Are you responsible for privacy compliance at your company? This alert summarizes key takeaways from Paul Rothermel's recent presentation 10 Things You Should Know About Privacy, Consent, and HIPAA...more
Editor's Note: In a significant study from MIT's CSAIL, researchers have unveiled vulnerabilities in smartphone ambient light sensors, highlighting them as potential channels for privacy breaches. This discovery underscores...more
Keypoint: The Agency proposed more revisions to the CCPA regulations for consideration at the December 8 board meeting. On December 1, 2023, the California Privacy Protection Agency (Agency) published proposed revisions to...more
The Federal Deposit Insurance Corporation (FDIC) recently published a consent order issued against Cross River Bank that alleged the bank’s fair lending program’s noncompliance and weaknesses in its oversight of fintech...more
Keypoint: The changes are mostly controller-friendly with modifications to the privacy notice, consent, and data protection assessment provisions likely to facilitate compliance; however, the draft rules retain many of the...more
Datatilsynet Denmark has issued serious criticism — and an injunction — to bring dating app Dating.dk’s data processing into compliance before November 16, 2021. The group says the app failed to acquire user consent in a...more
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
On 28 May 2019, the Cyberspace Administration of China (CAC) released the draft Measures on the Administration of Data Security (Data Security Measures, see our in-house English translation here) for public consultation. ...more
Artificial Intelligence (AI) systems, including the use of algorithms and computer software to analyze complex data and perform certain decision making functions without direct human involvement, are rapidly developing in...more
On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) took effect. Although EU laws typically don’t have a worldwide impact, the GDPR will impact business across the globe. The GDPR has an extremely...more