AI Today in 5: August 5, 2025, The AI at the SEC Episode
Compliance Tip of the Day: M&A – International Issues
From Forest to Fortune: Navigating Workplace Ethics With Robin Hood — Hiring to Firing Podcast
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Adventures in Compliance: The Novels - The Valley of Fear, Introduction and Compliance Lessons Learned
Episode 381 -- NAVEX's 2025 Annual Hotline Report
12 O’Clock High, a podcast on business leadership: Building Trust and Relationships: The Power of Compliance and Ethics with Jacqui Pruet
Data Driven Compliance: Understanding the ECCTA and Its Impact on Fraud Prevention with Vince Walden
Daily Compliance News: August 1, 2025, The All AI Edition
AI and the False Claims Act
Compliance Tip of the Day: AI, Continuous Monitoring and Compliance
Disparate Impact & Enforcement Rollbacks: What’s the Tea in L&E?
What’s in Your Operating Agreement? Legal Tips for Healthcare Providers
Compliance Tip of the Day: AI and 3rd Party Risk Management
Daily Compliance News: July 31, 2025 the Forgotten Generation Edition
A New Brand of Uncertainty? — PE Pathways Podcast
The Rise of OTAs in Defense Contracting: Opportunities, Risks, and What Contractors Need to Know
Breaking the Cycle: Flooding, Infrastructure, and Climate Law in Practice
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
Business continuity used to live in a binder, often reviewed once a year and quickly forgotten. Today, it has become a critical part of day-to-day risk management and operational strategy....more
The New York State Department of Financial Services (the “Department”) has issued guidance (“Guidance”) to all individuals and entities regulated by the Department (“Regulated Entities”) to underscore the importance of...more
On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more
EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more
On January 28, 2025, FINRA published its Annual Regulatory Oversight Report (the Report). The Report highlights emerging risk areas and recent developments, common compliance deficiencies, and best practices for member firms....more
What has happened: On 21 January 2025, the European Commission sent a letter to the Chair of the Joint Committee of the ESAs with its decision to reject the draft Regulatory Technical Standards (“RTS”) on subcontracting...more
As part of Data Privacy Awareness Week, Ward and Smith is spotlighting the most common types of data breaches that businesses encounter. In Part 1, we explored the industries most vulnerable to cyberattacks, highlighting the...more
The European Union’s Digital Operational Resilience Act (DORA) came into effect on January 17, 2025. DORA aims to harmonise rules concerning the provision of information and communication technology (ICT) services to...more
It is no secret that ransomware dominates headlines, and cybersecurity incidents have become part of our everyday language. However, the criminal “business model” behind ransomware keeps evolving. Originally published in...more
After a two-year implementation period, the EU Digital Operational Resilience Act (DORA) takes effect on 17 January 2025. DORA is part of the EU’s Digital Finance Package and aims to strengthen the financial sector’s...more
The EU Digital Operational Resilience Act (“DORA”) is due to apply from 17 January 2025. It is designed to ensure regulated financial entities can withstand and recover from technology issues such as cyber events and...more
Compliance and Regulations - Ensure adherence to SEC regulations with appropriate privacy and cybersecurity policies tailored to SEC requirements....more
No organization can eliminate data breach risks altogether, regardless of industry, size, or even if the organization has taken significant steps to safeguard their systems and train employees to avoid phishing attacks....more
On October 16, 2024, the New York State Department of Financial Services (NYDFS) released guidance highlighting the cybersecurity risks associated with artificial intelligence (AI) and how covered entities regulated by NYDFS...more
Keypoint: The New York Department of Financial Services (NYDFS) circulated an industry letter offering guidance to NYDFS “Covered Entities” for assessing and managing AI-related cybersecurity risks, including threats...more
On October 16, 2024, the New York State Department of Financial Services (NYDFS or the “Department”) published an industry letter (the “Guidance”) regarding the increased reliance on artificial intelligence (AI) and the...more
BACKGROUND - On October 16, 2024, the New York State Department of Financial Services (DFS) issued an industry letter, Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks,...more
On October 16, 2024, the New York Department of Financial Services (NYDFS) issued an Industry Letter that discusses the cybersecurity risks associated with the use of artificial intelligence (AI) and outlines strategies to...more
The COVID-19 pandemic has significantly reshaped the facilities management (FM) outsourcing landscape. Companies have transitioned from fully office-based work to home-based work, and now to hybrid models, prompting a...more
The Cyber and Analytics Unit within the Member Supervision program of the Financial Industry Regulatory Authority, Inc. (“FINRA”) recently published a cybersecurity advisory regarding increasing cybersecurity risks at...more
In the aftermath of a vendor's hack that crippled an industry, ensure your business is up to date on best practices for mitigating the risks of third-party cyber incidents. Many businesses struggle to adequately consider the...more
Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more
The Australian Prudential Regulation Authority (APRA) released Prudential Standard CPS 230 in March 2017. At a glance, the regulation aims to strengthen the cybersecurity resilience and operational risk management of the...more
On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions. Additionally,...more
On July 26, 2023, the US Securities and Exchange Commission (SEC) released final rules requiring disclosure by public companies of material cybersecurity incidents and policies and procedures related to cybersecurity risk...more