No Password Required: From Heavy Metal to the Front Lines of Cyber Innovation
Data Driven Compliance: The Failure to Prevent Fraud Offense: Insights for US General Counsels with Mike DeBernardis
Operationalizing Trust at Scale: Evolving Compliance: Neta Meidav on the Diligent Acquisition and AI Integration
Great Woman in Compliance: Building Strategic and Effective Risk Assessments
Innovation in Compliance: Gaurav Kapoor on Risk Management and the Role of AI in GRC
Compliance Tip of the Day: Finance Models for Compliance
Compliance Tip of the Day: Design - Centric Internal Controls
Compliance Tip of the Day: Why Engage in Pre-acquisition Due Diligence
Compliance Tip of the Day: Bringing Predictive Analytics into Your Compliance Regime
Compliance into the Weeds: Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 2 - Risk Assessment
FCPA Compliance Report: Fraud Risk Management - Insights and Experiences with Peter Schablik
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Compliance Tip of the Day: COSO Framework
#Risk New York Speaker Series: Exploring AI Risks in Compliance with Gwen Hassan
Healthcare Enterprise Risk Management
Compliance Tip of the Day: What is a Gap Analysis
Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more
Citing “escalating global conflict,” the New York Department of Financial Services issued an alert on Monday, June 22, 2025, to its regulated covered entities, urging them to be vigilant against potential security threats,...more
North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more
On April 3, 2025, the New York State Department of Financial Services (“DFS”) issued reminders about upcoming implementation and reporting deadlines related to its cybersecurity regulations. Upcoming deadlines require...more
The European Commission (EC) has adopted a Commission Delegated Regulation supplementing the Digital Operational Resilience Act (DORA) with regard to RTS specifying the criteria used for identifying financial entities...more
A recent cyberattack on a Michigan township has exposed weaknesses in the bond-closing process. In this incident, hackers stole over $25 million in bond proceeds by using spoofed email addresses to provide fraudulent wire...more
Today’s interconnected world presents significant challenges for managing cross-border e-discovery and data breach investigations. These processes—critical for legal proceedings and cybersecurity—are often complicated by...more
Welcome to the latest issue of Bracewell’s FINRA Facts and Trends, a monthly newsletter devoted to condensing and digesting recent FINRA developments in the areas of enforcement, regulation and dispute resolution. This month,...more
As of November 1, 2024, financial services companies regulated by the New York Department of Financial Services Cybersecurity Regulation face new requirements relating to cybersecurity governance, encryption, and incident...more
On Friday, October 27, the Federal Trade Commission ("FTC") announced new amendments to the Safeguards Rule, requiring covered financial institutions to report certain data breaches to the FTC and reflecting its continuing...more
By press release on May 25, 2023, The New York Department of Financial Services (“DFS”) announced a Consent Order with OneMain Financial Group LLC (“OneMain”) for failing to comply with the DFS’s Cybersecurity Regulation (23...more
The Federal Trade Commission updated its “Standards for Safeguarding Customer Information” (“Safeguards Rule”) and extended the compliance deadline to June 9, 2023. Some entities still may be wondering – “Do these regulations...more
The Gramm-Leach-Bliley Act (“GLBA”) was a bi-partisan regulation passed by Congress in 1999 in an attempt to update and modernize the financial industry. One component of the GLBA, its Safeguards Rule, requires financial...more
Following the SolarWinds and the Colonial Pipeline cyberattacks, the Biden Administration emphasized a shift toward mandatory cybersecurity requirements. Throughout 2021, government agencies issued new cybersecurity guidance,...more
Purpose and Background of the GLBA - The Gramm-Leach-Bliley Act (“GLBA”), also known as the Financial Services Modernization Act of 1999, is a federal statute enacted by Congress in 1999 that requires financial...more
• The NFA has determined that registered CPOs must implement an internal controls system and highlighted best practices for such a framework. • In response to certain frequently asked questions, the NFA has also updated its...more
On August 7, 2017, the Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission (SEC) released a summary of its observations (the report) from cybersecurity examinations of 75...more
With corporate data security breaches on the rise, the New York State Department of Financial Services (NYDFS) has adopted rules requiring financial institutions to take certain measures to safeguard their data and inform...more
Pactera Technologies N.A., Inc. [www.Pactera.com] has released the report “Cybersecurity Threats for Treasury & Payment Management Systems: Six Things you Should Know to Manage Them.” It is easy to understand and pertinent,...more
On February 1, 2016, the Federal Deposit Insurance Corporation (“FDIC”) published the Winter 2015 issue of Supervisory Insights. Not surprisingly, the first article dealt with the most important issue facing the financial...more