Compliance Tip of the Day: Why Engage in Pre-acquisition Due Diligence
Compliance Tip of the Day: Bringing Predictive Analytics into Your Compliance Regime
Compliance into the Weeds: Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 2 - Risk Assessment
FCPA Compliance Report: Fraud Risk Management - Insights and Experiences with Peter Schablik
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Compliance Tip of the Day: COSO Framework
#Risk New York Speaker Series: Exploring AI Risks in Compliance with Gwen Hassan
Healthcare Enterprise Risk Management
Compliance Tip of the Day: Assessing Internal Controls in International Operations
Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
On 11 February 2024, the European Data Protection Board (EDPB) adopted a new statement on age assurance. This statement, while not legally binding, will guide the enforcement of age-gating methods across the EU. Age assurance...more
One of the key aspects of the EU AI Act (“AI Act”)[1] is linked to the qualification of providers and deployers and the nuances which help distinguish between the two categories of stakeholders. What would this mean in...more
As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risk from developing and deploying AI systems that do not function as intended or that yield problematic outcomes. The...more
Highlight of the week - On 21 May 2024, the Council of the European Union (the Council) issued a press release announcing it had approved the Proposal for a Regulation of the European Parliament and of the Council Laying Down...more
Safety risk assessments are becoming a preferred regulatory tool around the world. Online safety laws in Australia, Ireland, the United Kingdom, and the United States will require a range of providers to evaluate the safety...more
2022 was yet another eventful year in terms of GDPR compliance. The continued evolution of the enforcement landscape, with increasing number of sanctions and individuals exercising their rights required time and attention...more
In this month’s Privacy & Cybersecurity Update, we examine the European Commission’s draft adequacy decision on the EU-U.S. Data Privacy Framework, as well as guidance from the U.K. Information Commissioner’s Office on...more
The last few years have witnessed remarkable changes in the privacy world. The GDPR, the CCPA, the invalidation of the EU-US Privacy Shield framework and the related obligations resulting from the Schrems II decision - to...more
Last week started and ended with big announcements in the privacy world. At the end of the week, on August 14th, the regulations implementing the California Consumer Privacy Act of 2018 (CCPA) were finally declared final -...more
In the wake of the Schrems II decision invalidating the the EU-US Privacy Shield, the US Department of Commerce has decided it should make lemonade out of the Schrems lemons. The Department recently issued a set of FAQs,...more
Still grappling with the aftershocks of the Schrems II decision from the CJEU on July 16 (we previously discussed the Schrems II decision here), the European Data Protection Board (“EDPB”) has issued a Frequently Asked...more
The EDPB has provided input about consent in its recent FAQs responding to the Schrems II invalidation of Privacy Shield. As we wrote about previously in this series, Schrems II impacted how companies transfer data from the...more
In our Schrems II Practical Guidance special reports, members of McDermott’s internationally recognized Global Privacy & Cybersecurity group have outlined practical guidance and next steps to ensure your business is prepared...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the European Parliament's report on whether and how the use of blockchain technology can comply with the General Data Protection Regulation, as well as...more
July 2019 brought an escalation in the enforcement of privacy infringements by companies around the world. The trend began with a press release published on July 8, 2019, of a fine in the approximate amount of GBP 183 million...more
In this edition of our Privacy & Cybersecurity Update, we take a look at the FCC's new rules for broadband privacy, the FTC's new playbook for data breach response and notification, the NHTSA's voluntary guidance for...more
Entering 2016, the relentless stream of cyberattacks continues unabated, having become a "business as usual" reality to which companies must adapt. All companies, regardless of size or industry, are potential targets, and the...more
In this issue: - Navigating Public Company Cybersecurity Obligations: Advising Boards and Disclosing to Investors - FTC Updates School-Related COPPA Guidance - Status Update on the EU Data Protection...more