Compliance into the Weeds: Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 2 - Risk Assessment
FCPA Compliance Report: Fraud Risk Management - Insights and Experiences with Peter Schablik
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Compliance Tip of the Day: COSO Framework
#Risk New York Speaker Series: Exploring AI Risks in Compliance with Gwen Hassan
Healthcare Enterprise Risk Management
Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more
On November 12, 2024, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the National Security Agency, along with its security partners in Australia, Canada, New Zealand, and the...more
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
The oversight obligations of boards continue to expand. Recent enforcement actions and new laws in areas such as cybersecurity, artificial intelligence and supply chains create new challenges for boards, as we explain in this...more
After the Department of Justice (“DOJ”) announced its Civil Cyber-Fraud Initiative in October 2021, many in the False Claims Act (“FCA”) bar expected an onslaught of enforcement actions and qui tam cases. The initiative...more
In this Client Alert, we highlight key considerations public companies should keep in mind when preparing their upcoming annual reports on Form 10-K and proxy statements, including rule changes, recent guidance and reporting...more
In the December Public Company Watch, we cover key issues impacting public companies, including a preview of the SEC’s latest regulatory agenda, an update regarding the Fifth Circuit vacating the SEC’s share repurchase rules,...more
Key Takeaways - With the SolarWinds enforcement action, the SEC continues to ratchet up its enforcement against companies that fail to properly disclose their cybersecurity incidents and risks. By naming the SolarWinds CISO...more
On 30 October 2023, President Biden issued a long-awaited executive order (EO) on artificial intelligence (AI). The EO itself is available here, and a one-page fact sheet issued by the White House is available here. The...more
SEC Adopts Final Rules on Cybersecurity Disclosures - The SEC has adopted rules requiring companies to provide disclosure within four business days of determining that a material cybersecurity incident has occurred, and...more
Report on Patient Privacy 23, no. 10 (October, 2023) By 2016, it should have been clear to HIPAA covered entities that a security risk analysis—and corresponding risk management plan—were compliance basics. Yet, a new...more
On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The final rules require...more
On July 26, 2023, the U.S. Securities and Exchange Commission adopted enhanced disclosure requirements regarding cybersecurity risk management, strategy, governance and incident reporting for public companies. The final rules...more
On July 26, 2023, the Securities and Exchange Commission (“SEC”) voted to approve final rules governing cybersecurity disclosures of public companies (“Final Rules”). The Final Rules make meaningful changes to the current and...more
The SEC’s Cybersecurity Proposals - The SEC has proposed four rules designed to address cybersecurity risk and management, including incident reporting by public companies....more
The PCAOB recently released a new Audit Committee Resource, which sets forth an updated set of questions that audit committee members may want to consider incorporating into their ongoing engagement with auditors....more
Cybersecurity risk applies to businesses of all sizes and across all industries – it is a risk that cannot be ignored. In particular, cybersecurity risk can no longer be ignored in the deal lifecycle...more
For most large companies, a frictionless flow of information and the ability to transfer customer data, employee files, financial records and other information around the world quickly and cost-effectively is a critical...more
The SEC has nearly doubled the size of its Crypto Assets and Cyber Unit and has aggressively pursued cyber-related enforcement actions against public companies and regulated entities. In a few months the SEC will finalize...more
As public companies prepare their 2022 annual reports and 2023 proxy statements, they will need to contend with a host of new requirements and disclosure updates stemming from the current geopolitical and economic...more
Headlines: ..OCC Publishes Security Standards for Video Teleconferencing With Agency Staff ..CFPB Imposes Civil Penalty and Customer Refunds for Authorized-Positive Overdraft Fees ..Treasury Department Recommends...more
According to the Cybersecurity & Infrastructure Security Agency, cybersecurity is the process whereby information and communications systems, and the information contained in those systems, are protected from and/or defended...more
On March 9, 2022, the U.S. Securities Exchange Commission (the Commission) announced proposed amendments to its rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies...more
Hear about the latest in research compliance - Do you want to learn… - How to prepare for upcoming changes in Medicaid? - Ways to build and maintain a better research compliance work plan for your program? - How...more
This is Part I of a two-part series outlining key considerations from White & Case's Public Company Advisory Group for US public companies during the 2022 annual reporting and proxy season. Part I of this memo describes...more