News & Analysis as of

Compliance Risk Management Incident Response Plans

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Goodwin

NYDFS Publishes Guidance on AI-Related Cybersecurity Risks

Goodwin on

On October 16, 2024, the New York State Department of Financial Services (NYDFS or the “Department”) published an industry letter (the “Guidance”) regarding the increased reliance on artificial intelligence (AI) and the...more

Goodwin

EU Commission Regulations on Digital Operational Resilience: A Reminder That DORA is Less Than Three Months Away and Will Apply to...

Goodwin on

The European Commission’s adoption on 23 October 2024 of the two regulations (Regulations) supplementing the [the Regulation on digital operational resilience for the financial sector Publications Office (europa.eu)] (DORA)...more

Arnall Golden Gregory LLP

Preparing for the Digital Operational Resilience Act (“DORA”): Key Steps for Payments and Fintech Clients

Arnall Golden Gregory LLP on

The Digital Operational Resilience Act (“DORA”), an EU regulation designed to bolster the resilience of financial entities against Information and Communications Technology (“ICT”) risks, entered into force on January 16,...more

Society of Corporate Compliance and Ethics...

[Event] Regional Compliance & Ethics Conference - November 1st, Bellevue, WA

Society of Corporate Compliance and Ethics... on

Looking for compliance education and networking in your area? SCCE’s Regional Compliance & Ethics Conferences offer convenient, local compliance education for practitioners in a variety of locations across the globe, and...more

Mitratech Holdings, Inc

People and Policy: Building Compliance and Ethics into Your Company’s DNA

Mitratech Holdings, Inc on

It’s not enough to have the right policies in place — you have to embed those policies into the fabric of your organization. In today’s fast-paced and interconnected business world, ensuring compliance and building an...more

Burr & Forman

What To Do Before Adopting Generative AI in Your Business

Burr & Forman on

Your business may want to jump on the Generative AI (GAI) bandwagon and discover how your company may become more productive, competitive, reduce costs, and make the most of new technology. There are many intriguing and...more

Mitchell, Williams, Selig, Gates & Woodyard,...

Adopting Generative AI? Key Contract Considerations for Healthy Due Diligence

Mitchell, Williams, Selig, Gates & Woodyard,... on

As generative AI continues to be a hot topic in board rooms and an unavoidable reality on the front lines of business, leaders must make informed decisions when choosing AI vendors. The integration of AI into your operations...more

Jackson Lewis P.C.

Can Your AI Model Collapse?

Jackson Lewis P.C. on

A recent Forbes article summarizes a potentially problematic aspect of AI which highlights the importance of governance and the quality of data when training AI models. It is called “model collapse.” It turns out that over...more

Ankura

Preparing for the Colorado AI Law

Ankura on

Colorado became the first U.S. state to pass a law protecting consumers from harm when using artificial intelligence (AI). Senate Bill 24-205 on Consumer Protections for Artificial Intelligence was passed on May 17, 2024. The...more

Thomas Fox - Compliance Evangelist

Internal Control Lessons from Star Trek: The Doomsday Machine

Thomas Fox - Compliance Evangelist on

Last month, I wrote a blog post on the tone at the top, exemplified in the Star Trek, the Original Series episode, Devil in the Dark. Based on the response, some passionate Star Trek fans are out there. I decided to write a...more

Mintz - Privacy & Cybersecurity Viewpoints

SEC Issues Updated Guidance on Cybersecurity Incident Disclosure Under Item 1.05 of Form 8-K

Mintz - Privacy & Cybersecurity Viewpoints on

On June 24, 2024, the SEC issued five new Compliance & Disclosure Interpretations (C&DIs) relating to the materiality assessment and disclosure requirements of material cybersecurity incidents under Item 1.05 of Form 8-K....more

Mitratech Holdings, Inc

What is DORA, and How Will It Impact You? Demystifying The Digital Operational Resilience Act

Mitratech Holdings, Inc on

Get Ahead of the Curve and Prepare for the January 2025 Digital Operation Resilience Act Compliance Deadline with Confidence. The financial sector is no stranger to regulations aimed at enhancing operational resilience...more

Ankura

Proactive Defense: A Step-by-Step Guide To Assessing Your Organization's Cyber Risk

Ankura on

In the continuously evolving landscape of cyber threats, organizations must be proactive in identifying and mitigating potential risks to their digital assets and operations. A critical step in building cyber resilience is...more

Womble Bond Dickinson

Cybersecurity Crunch: Building Strong Data Security Programs with Limited Resources - Insights from Tech and Financial Services...

Womble Bond Dickinson on

In today’s digital age, cybersecurity has become a paramount concern for executives navigating the complexities of their corporate ecosystems. With resources often limited and the ever-present threat of cyberattacks,...more

SEC Compliance Consultants, Inc. (SEC³)

Regulatory Roundup for May 2024

SEC Compliance Consultants, Inc. (SEC³) on

SEC DROPS NEW REQUIREMENT FOR INCIDENT RESPONSE PROGRAMS, PROPOSAL FOR RIAS TO ADOPT CIP, SEC EXAMS SHARES MARKETING RULE FAILURES, RIA SLAMMED FOR FAILING TO RETAIN TEXTS, AND SEC WINS ON SHADOW TRADING THEORY - Welcome to...more

Pillsbury Winthrop Shaw Pittman LLP

EPA Issues New Rules Regarding Response and Risk Management Plans

Pillsbury Winthrop Shaw Pittman LLP on

The Accidental Chemical Release Rules have an effective date of May 10, 2024, and includes a number of situations requiring compliance, generally by May 10, 2027. The new Clean Water Act facility response plan...more

Alston & Bird

Board Oversight and Cyber Breach Response: What Involvement Strikes the Right Balance?

Alston & Bird on

New regulations continue to push boards in the direction of active engagement in their cyber oversight role, including breach response. But, how can boards strike the right balance in their oversight role during a significant...more

Baker Donelson

Top Privacy and Cybersecurity Issues to Track In 2024

Baker Donelson on

In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more

BCLP

Pressure-Testing Your Privacy Program for 2024

BCLP on

With the onslaught of new privacy legislation and cyber threats coupled with upticks in enforcement, running a well-functioning and flexible privacy program is now, more than ever, a critical component of an organization’s...more

Bradley Arant Boult Cummings LLP

Network Topology and Mapping: Cornerstones of Data Security – Part 1

Bradley Arant Boult Cummings LLP on

Data security is a top concern for organizations in today’s digital landscape. It protects data from unauthorized access, use, modification, or disclosure, and requires implementing technical, administrative, and physical...more

WilmerHale

NYDFS Finalizes Amendments to Cybersecurity Regulations

WilmerHale on

On November 1, 2023, New York Department of Financial Services (NYDFS or the “Department”) released the finalized revisions (the “Second Amendment”) to 23 NYCRR Part 500 (Part 500) – the most significant modifications to Part...more

Eversheds Sutherland (US) LLP

New York Raises the Bar Again: Revised Cybersecurity Requirements for Financial Services Companies Finalized

Eversheds Sutherland (US) LLP on

On November 1, 2023, the New York Department of Financial Services (NY DFS) published its highly anticipated final amendments to its influential cybersecurity requirements for financial services companies (Part 500)....more

Epiq

Moving Information Governance to the Driver’s Seat to Accelerate Cyber Breach Response

Epiq on

Information Governance often takes a back seat to other organizational initiatives. But why is this the case? The list of reasons is long and varied. Not knowing where to start or how to build strategic approaches to...more

Baker Donelson

Show Your Work: The SEC Cyber Rules and Documenting Materiality Analysis Under NIST FIPS 199

Baker Donelson on

The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more

Health Care Compliance Association (HCCA)

Privacy Briefs: October 2023

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more

45 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide