Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
Envisioning a Compliant Workforce
Updating the Research Compliance Handbook
The Election's Impact on the FTC Will Bring Big Changes, But Being Vigilant Must Remain a Priority
Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
The Future of AI Regulation and Legislation: 5 Key Takeaways
Investigations and Cognitive Interviews
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Privacy Issues from Third-Party Website Tags
As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more
When evaluating where artificial intelligence has had the most impact, many think of their personal use of AI or the integration of AI into many consumer applications. The use of AI in the employment context is on the back...more
On May 9, the California Privacy Protection Agency (CPPA) announced it opened the formal public comment period for its proposed regulations concerning updates to the California Consumer Privacy Act. The proposed rules would...more
After a relatively slow start to 2025, the California Privacy Protection Agency (CPPA) is firing on all cylinders now. In recent weeks, the CPPA (i) revised the proposed Delete Request and Opt-out Platform (DROP) regulations...more
On May 1, 2025, the California Privacy Protection Agency (“CPPA”) Board convened to discuss revisions to the California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments, automatic...more
Governance, risk, and compliance (GRC) can feel like thankless work at times. You can’t ship risk mitigation to market. It's not usually reflected on your balance sheet. Only especially canny investors notice the absence of...more
The California Privacy Protection Agency (“CPPA”) Board released newly modified draft regulations addressing automated decision-making technology (“ADMT”), risk assessments, and cybersecurity audits under the California...more
The OECD's AI recommendations encourage Member States to uphold principles of trustworthy AI. Status of the AI Regulations - The Adherents have agreed to promote, implement, and adhere to the Recommendation. The Principles...more
The 1:10:100 rule—coined in 1992 by George Labovitz and Yu Sang Chang, the rule describes how much bad data costs. Preventing the creation of bad data at its source costs $1. Remediating bad data costs $10. Doing nothing...more
Unlock a New Era of Customer Risk Assessment - Legacy customer risk rating (CRR) models—built on static KYC data and subjective judgment—are no longer sufficient in a world of dynamic threats and tightening regulatory...more
Asking the right questions within your organization is key to effectively managing cyber risk. Here are 10 questions that you should ask your team...more
Among the many crucial elements of effective compliance initiatives (internal reporting programs, policies, procedures, training, supply chain management, M&A, and more) are risk assessments – the intended foundational...more
There are many factors to consider when assisting clients with assessing the use of artificial intelligence (AI) tools in an organization and developing and implementing an AI Governance Program. Although adopting an AI...more
In advance of its April 4, 2025, board meeting, the California Privacy Protection Agency (CPPA) released a discussion draft of revisions to its proposed California Consumer Privacy Act (CCPA) regulations. These revisions...more
The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more
On Jan. 6, 2025, the U.S. Department of Health and Human Services (HHS) proposed new regulations to enhance cybersecurity protections for electronic protected health information (ePHI) under the Health Insurance Portability...more
Artificial Intelligence (AI) has been touted as the answer to a multitude of business challenges. However, AI – along with machine learning and large language models (LLMs) – is still fraught with technical and regulatory...more
Learn how automating third-party risk management (TPRM) can enhance efficiency, security, and compliance and help businesses proactively address vendor risks....more
Early in the new year, the US Food and Drug Administration (FDA) released two anticipated draft guidance documents focused on artificial intelligence (AI): Artificial Intelligence-Enabled Device Software Functions: Lifecycle...more
Considering the rapid development and deployment of artificial intelligence (AI) in a wide array of applications and business sectors, it can be a daunting task for a company’s General Counsel (GC) to keep pace in identifying...more
In the last month, Ofcom, the regulator tasked with enforcing the UK’s Online Safety Act (OSA), has published guidance enacting requirements under the OSA to carry out illegal harms risk assessments and children’s access...more
In its most recent effort to keep pace with advancing technology, the US Food and Drug Administration (FDA) recently issued two draft guidances on the use of artificial intelligence (AI) in the context of drugs, biologics,...more
Today’s interconnected world presents significant challenges for managing cross-border e-discovery and data breach investigations. These processes—critical for legal proceedings and cybersecurity—are often complicated by...more
The California Privacy Protection Agency (CPPA) announced the formal public comment period for its latest proposed rulemaking package, which includes updates to existing regulations and introduces new guidelines for automated...more
Welcome to the latest issue of Bracewell’s FINRA Facts and Trends, a monthly newsletter devoted to condensing and digesting recent FINRA developments in the areas of enforcement, regulation and dispute resolution. This month,...more