FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
FCPA Compliance Report: Kristy Grant-Hart on A 360° Review of the Future of Compliance
Great Women in Compliance: Creating Space to Speak Up: The Story Behind Psst.org
Compliance Tip of the Day: Embedded Compliance
Innovation in Compliance: Strategic Compliance in Regulated Industries with Kerri Reuter
Daily Compliance News: April 22, 2025, The Upping Your Game Edition
Episode 365 -- Four Sanctions Cases Everyone Should Know
Innovation in Compliance: The Strength Trap: When Being the Strong One Starts Breaking You – Part 3: Mastering Stress Communication with the C.A.R.E.S. Framework
Daily Compliance News: April 17, 2025, The Musk Fights BEE's Edition
Compliance into the Weeds: The Uncertain Future of Compliance Monitors under the Trump Administration
REFRESH Nonprofit Basics: Insider Transactions and Nonprofits
Compliance Tip of the Day: Role of Compliance in Upcoming Trade Wars
Essentials for Balancing Taxes and Legal Risk
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Compliance Tip of the Day: AI Playbook for Compliance Professionals
Compliance into the Weeds: Unsexy Keys to Data Analytics for Compliance Programs
2 Gurus Talk Compliance: Episode 49 - The Depression Episode
Sunday Book Review: April 6, 2025, The Books on Culture Edition
10 For 10: Top Compliance Stories For The Week Ending April 5, 2025
On April 14, 2025, the National Institute of Standards and Technology (NIST) released a draft update to the NIST Privacy Framework 1.1. The updates are meant to enhance organizations’ data governance and risk management and...more
Welcome to the award-winning FCPA Compliance Report, the longest-running podcast on compliance. In this episode, Tom welcomes Andrew Hopkins, President of PrivacyChain, to discuss the critical intersection of AI, data...more
On April 8, 2025, the UK government published the Cyber Code of Practice (the “Code”) to support board directors in governing cybersecurity risks. The Code is available online. The UK’s data protection regulator is actively...more
On March 23, 2025, 23andMe, a pioneer in the field of genetic testing and consumer healthcare, announced it had filed for Chapter 11 bankruptcy in the U.S. Bankruptcy Court for the Eastern District of Missouri. The objective...more
Q1: How can proactive risk management strategies help businesses navigate regulatory and economic uncertainties? The last few years have offered some, often difficult, lessons to many businesses who found themselves...more
If you hang out with CISOs like I do, shadow IT has always been a difficult problem. Shadow IT refers to refers to “information technology (IT) systems deployed by departments other than the central IT department, to bypass...more
According to a new LayerX report, most users are logging into GenAI tools through personal accounts that are not supported or tracked by an organization’s single sign on policy. These logins to AI SaaS applications are...more
During the course of 2024, interest in generative and other types of artificial intelligence, machine learning and predictive applications and services (collectively, AI) accelerated across industries. Some sectors, such as...more
On February 5 2025, the UK Information Commissioner's Office (ICO) released new guidance designed to help employers understand and comply with their obligations under the UK GDPR and the Data Protection Act 2018 in relation...more
The rise of AI agents—autonomous decision-making systems—is set to revolutionize business operations by significantly expanding the role of AI beyond generative models like ChatGPT. Unlike traditional AI tools, agentic AI can...more
As AI technologies like ChatGPT and other generative AI tools have gained prominence, our clients have started raising questions about their insurance coverage. Among the most frequently asked are: These questions highlight...more
Cyber security and data protection issues continue to occupy an important place within corporate governance. At the same time, there is an increasing trend towards individual culpability for senior managers and C-suite...more
The Financial Markets Standards Board has published the final version of its standard for sharing standard settlement instructions. The standard establishes core principles which set out expected practices for the sharing of...more
The tightening of privacy and data protection compliance obligations in Canada and the United States, has led to increasingly comprehensive “data security and privacy” representations and warranties in purchase agreements, as...more
Glass Lewis, one of the leading proxy advisory firms, recently updated its policy guidelines for 2025 to include recommendations regarding board oversight of AI. In the new guidelines, Glass Lewis emphasizes the importance of...more
On September 23, 2024, the U.S. Department of Justice (DOJ) released updates to its Evaluation of Corporate Compliance Programs (ECCP) guidance — the framework prosecutors use to evaluate corporate compliance programs during...more
Introduction and Background - On 5 December 2024, as part of the Monetary Authority of Singapore’s (MAS) incremental efforts to ensure responsible use of artificial intelligence (AI) in Singapore’s financial sector, MAS...more
The momentum for change in US state privacy laws accelerated in 2024, driven by several significant developments, including efforts for a federal privacy law, state-level enforcement actions and the activation of four new...more
On January 20, 2025, President Donald Trump signed an executive order rescinding the 2023 directive issued by former President Joe Biden on artificial intelligence (AI). Biden’s order outlined extensive measures aimed at...more
In today’s hyperconnected world, cyberattacks are no longer a question of if but when. For general counsels (GCs), the responsibility extends far beyond legal risk management - it’s about guiding the organization through the...more
On January 29, NAVEX is hosting the Top 10 Trends in Risk and Compliance webinar. This post is a preview of two of the topics covered in the eBook and webinar: the rise of AI and the continued focus on cybersecurity and...more
Cyberattacks are affecting every company and sector. Meanwhile, the regulatory landscape is intensifying as the SEC continues to enforce the cyber-risk management disclosure rules. Every day presents a new compliance and...more
Bermuda, the British Virgin Islands (“BVI”) and the Cayman Islands have each introduced data protection regimes in recent years which align with global data protection standards. It is therefore increasingly important for...more
On March 23 2018, the Information Commissioner’s Office (ICO) executed a warrant to enter and search the offices of Cambridge Analytica. The purpose of the search was to access records concerning its alleged use of personal...more
When the substantive provisions of Bermuda’s Personal Information Protection Act 2016 (PIPA) become operational on 1 January 2025, it is vital that all in scope organisations ensure their compliance with PIPA....more