Compliance Tip of the Day: Bringing Predictive Analytics into Your Compliance Regime
Compliance into the Weeds: Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 2 - Risk Assessment
FCPA Compliance Report: Fraud Risk Management - Insights and Experiences with Peter Schablik
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Compliance Tip of the Day: COSO Framework
#Risk New York Speaker Series: Exploring AI Risks in Compliance with Gwen Hassan
Healthcare Enterprise Risk Management
Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
During a Board Meeting on July 24, 2025, the California Privacy Protection Agency (CPPA) unanimously approved the long-awaited final text of its second rulemaking package, implementing a broad swath of new requirements...more
With the continued absence of comprehensive federal privacy legislation after nearly 20 years of debate, state attorneys general (AGs) are increasingly asserting their role as primary regulators in the data privacy space....more
On June 2, 2025, the New Jersey Office of Consumer Protection announced proposed rules for New Jersey’s comprehensive consumer privacy law, the New Jersey Data Privacy Act (NJDPA), which went into effect on January 16, 2025....more
Over the past several years, the number of states with comprehensive consumer data privacy laws has increased exponentially from just a handful—California, Colorado, Virginia, Connecticut, and Utah—to up to twenty by some...more
On March 7, 2024, the California Privacy Protection Agency (CPPA) released new materials for review and discussion at the agency’s board meeting on March 8, 2024. Among the materials released were draft risk assessment and...more
To celebrate Data Privacy Day (January 28), we present our top ten data privacy and cybersecurity predictions for 2024. 1. AI regulations to protect data privacy. Automated decision-making tools, smart cameras, wearables,...more
In August, the California Privacy Protection Agency (CPPA) released its initial draft regulations for cybersecurity audits and risk assessments under the California Privacy Rights Act (CPRA). While the CPPA has not yet...more
In this month’s Privacy & Cybersecurity Update, we examine Delaware’s new comprehensive data privacy law, a joint statement by 12 data protection authorities on data scraping and data protection, a district court ruling on a...more
On August 29, 2023, the California Privacy Protection Agency (“CPPA”) released a set of draft regulations on cybersecurity audits and risk assessments. For those who recall the multiple rounds of the CPPA’s draft CCPA...more
Data protection assessments are required for high-risk processing activities in a rapidly growing set of federal, state, and international comprehensive privacy laws. These assessments are triggered by processing activities,...more
The Gramm-Leach-Bliley Act (“GLBA”) was a bi-partisan regulation passed by Congress in 1999 in an attempt to update and modernize the financial industry. One component of the GLBA, its Safeguards Rule, requires financial...more
Throughout 2022, we continue to see regulators placing an emphasis on the importance of protecting and securing information, in particular consumer personal information, at both the federal and state levels. ...more
What is a data protection impact assessment (DPIA)? A data protection impact assessment or data protection assessment (DPIA) is a form of risk assessment that is designed to help organizations identify, analyze and...more