Compliance Tip of the Day: Why Engage in Pre-acquisition Due Diligence
Compliance Tip of the Day: Bringing Predictive Analytics into Your Compliance Regime
Compliance into the Weeds: Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 2 - Risk Assessment
FCPA Compliance Report: Fraud Risk Management - Insights and Experiences with Peter Schablik
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Compliance Tip of the Day: COSO Framework
#Risk New York Speaker Series: Exploring AI Risks in Compliance with Gwen Hassan
Healthcare Enterprise Risk Management
Compliance Tip of the Day: Assessing Internal Controls in International Operations
Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
On July 24, 2025, the California Privacy Protection Agency (CPPA) Board unanimously approved amendments to the California Consumer Privacy Act (CCPA). These substantial changes include new compliance obligations for...more
During a Board Meeting on July 24, 2025, the California Privacy Protection Agency (CPPA) unanimously approved the long-awaited final text of its second rulemaking package, implementing a broad swath of new requirements...more
Join Thora Johnson and Jeremy Sherer to learn about: Evaluating compliance through privacy notices Key questions to address, from leadership accountability to employee training...more
On July 24, 2025, during its scheduled Board Meeting, the California Privacy Protection Agency (CPPA) Board voted unanimously to finalize rules governing the use of automated decision-making technology, risk assessments,...more
California appears to be changing its approach to how it regulates artificial intelligence, likely reflecting its reaction to challenges seen recently in other states. Namely, the California Privacy Protection Agency recently...more
On May 1, the California Privacy Protection Agency ("CPPA") board (the "Board") met to discuss revisions to proposed regulations relating to cybersecurity audits, risk assessments, and automated decision-making technologies...more
In the third in our series of new CCPA regulations from California, we look at obligations for conducting risk assessments under CCPA. CCPA had called on the California agency to promulgate rules to address such assessments,...more
In the second in our series of new CCPA regulations from California, we look at proposed rules for use of automated decisionmaking technology. As a reminder, CCPA discusses these technologies in relation to profiling, namely...more
What Issues Did the California Privacy Protection Agency Raise? On July 16, 2024, the California Privacy Protection Agency (Agency) discussed proposed updates to the California Consumer Privacy Act (CCPA) regulations....more
For businesses subject to California Consumer Privacy Act (CCPA), privacy compliance just became urgent. A California appellate court agreed on February 9, 2024, with the California Privacy Protection Agency (CPPA) that there...more
Keypoint: The California Privacy Protection Agency continued its rulemaking efforts by releasing draft automated decisionmaking technology regulations although the Agency has yet to initiate the formal rulemaking process....more
On August 29, 2023, the California Privacy Protection Agency (“CPPA”) released a set of draft regulations on cybersecurity audits and risk assessments. For those who recall the multiple rounds of the CPPA’s draft CCPA...more
A California court recently issued a ruling delaying the CPPA’s ability to enforce the most recent CCPA regulations until March 29, 2024. This does not delay enforcement of the CCPA statute or existing regulations....more
On June 30, the Sacramento County Superior Court issued a ruling that will delay enforcement of regulations issued pursuant to the California Privacy Rights Act (CPRA) to March 29, 2024. These regulations were originally...more
On Friday, the Sacramento Superior Court issued a ruling delaying the enforcement of recently enacted California Privacy Rights Act regulations until March 2024. The CPRA, which amended the California Consumer Privacy Act,...more
Data protection assessments are required for high-risk processing activities in a rapidly growing set of federal, state, and international comprehensive privacy laws. These assessments are triggered by processing activities,...more
More than two years after California voters passed a law amending the state’s landmark privacy rights statute, new regulations implementing the law finally took effect last week – but unfortunately leave four key questions...more
Over the last two years, many states have taken cues from California and the EU by adopting sweeping privacy laws. These laws, passed in Virginia, Colorado, Connecticut and Utah, as well as updates to the already enacted...more
When the California Consumer Privacy Act of 2018 (CCPA) became law, it was only a matter of time before other states adopted their own statutes intending to enhance privacy rights and consumer protection for their residents. ...more