Ask a Certified Fraud Examiner Q&A - Part 4
Public-Private Partnerships to Stem Corruption
Nonprofit Quick Tip: Corporate Filings in Washington, D.C.
Navigating ESG: Preparing for Future Regulations (Part Two) — Regulatory Oversight Podcast
Implications of the SEC Cybersecurity Disclosure Rule
Why Time Matters: Partners Lindsay Gerdes and Michael J. Bronson on Swift Action in Government Investigations
Nonprofit Quick Tip: State Filings in Colorado and Wyoming
REFRESH Nonprofit Basics: Director Duties and Best Practices for the Typical Nonprofit Public Benefit Corporation
REFRESH Nonprofit Basics: Designators, Members, Directors, Officers - The Who’s Who of Nonprofit Governance
Navigating ESG: The Growing Importance and Compliance Challenges (Part One) — Regulatory Oversight Podcast
“Monsters, Inc.” y el buen gobierno corporativo
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Episode 332 -- Deep Dive into SEC’s Internal Controls and Cybersecurity Settlement with R&R Donnelly
Digital Planning Podcast Episode: Estate Planning and the Corporate Transparency Act
Episode 331- NAVEX State of Risk and Compliance Programs
What the Board Should Be Asking About the Compliance Program
Market Leaders Podcast Episode 94: Exploring the Perils of Optics-Driven DEI Initiatives with Guest Mira Dewji
Managing Social Media Risk
Compliance Lessons from Dating in Your 50s
How Tax Works - Entity Selection
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
Last month, the Director of the Division of Corporation Finance (“Director”) of the Securities and Exchange Commission (“SEC”) issued new guidance regarding disclosures of material cybersecurity incidents via Form 8-K under...more
Last week, Paul Hastings attended the Securities and Exchange Commission (SEC) Speaks 2024 event presented by the Practising Law Institute (PLI) in cooperation with the SEC on April 1 and 2. The SEC Speaks program provides...more
Amidst the relentless waves of pandemic-induced uncertainty, organizations found themselves at a crossroads, compelled to reimagine how their businesses operated. For example, when stay at home orders continued to be extended...more
In 2023, the U.S. Securities and Exchange Commission (“SEC”) issued its now-fully implemented Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule. The Rule reflects the reality that cybersecurity...more
I always enjoy retrospective “year in review” postings to start off the new year. For years, I have sought to identify and capture important compliance trends, typically focused on specific professionals in the compliance...more
On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more
It’s safe to say that there could be a whole series dedicated to Artificial Intelligence (AI) and the various use cases and ramifications of such groundbreaking technology. While there are ethical considerations, security...more
The International Association of Privacy Professionals held its annual Global Privacy Summit on April 4-5 in Washington, D.C. Here are some things we learned. 1. Generative Artificial Intelligence (“AI”) is Ubiquitous in the...more
In January, we presented our annual top risk and compliance predictions that will impact organizations most in 2022. However, things move quickly in today’s risk world, and a mid-year check-in with Kristy Grant-Hart and...more
Integrated Risk Management (IRM) and Governance, Risk Management and Compliance (GRC) are critical areas for business security and success. But all too often these programs aren’t thoroughly tested – or worse, aren’t...more
Where We Stand - This year kicks off against the backdrop of the security flaw found in Log4j, a system-logging code library widely used in applications and services across the Internet. In the aftermath of this crisis, a...more
At the recent Mitratech Interact US 2020 online event, Tony Bethell, VP Alliances at Mitratech, and Jay Chakraborty, a Partner at PWC, explored the practical steps businesses are taking to manage better the challenges of...more
Businesses that decide to invest in an ERM-GRC risk management solution often fail at implementation. Why? There are many reasons, including: - Setup of the software goes over budget...more
It’s a business maxim: Where business goes, risks follow. And in recent years, business has found itself in places that might not have been part of the original plan: Digital processes, global business, outsourcing to third...more
Companies today need to take a holistic view of risk and compliance; it is no longer sufficient to let individual departments or teams be responsible for managing risk and compliance alone. ...more
The Department Of Justice (DOJ) and Securities and Exchange Commission (SEC) have both made it clear that they expect companies to be more robust in their use of data analytics in compliance programs....more
Today, I want to focus on what the compliance practitioner should do to move themselves forward professionally in 2020 and beyond. I drew inspiration from the Financial Times (FT) piece, entitled “Work in the 2020s: 5...more
This week, I am writing a blog post series based upon the MIT Sloan Management Review Special Report: Making Good on the Promise of AI. Today, I want to consider the article People and Machines: Partners in Innovation by...more
In this multi-part blog post series, I am exploring the increased use of technology to continue to drive the performance of corporate compliance programs. I am considering the use of Artificial Intelligence (AI) in a best...more
Over the past few blog posts, I have been considering the use of artificial intelligence (AI) to make compliance more robust in the three prongs of prevent, detect and remediate. ...more
I am exploring the use of artificial intelligence (AI) to make compliance more robust in the three prongs of prevent, detect and remediate. This series is based upon an article in the Harvard Business Review (HBR), entitled...more
Earlier this year, the National Association of Corporate Directors (NACD) released an updated version of its Director’s Handbook on Cyber-Risk Oversight (Handbook). The updates add 16 pages of content to the previously...more
A number of major carriers have suffered high-impact IT events in the past several months. Estimates of losses in these cases have exceeded £100m. This is on top of (no doubt significant) remedial costs, reductions in share...more
The terms “Data Privacy and Security” are being thrown around a lot lately. Just recently, England’s health services and medical facilities were shut-down and the target of a ransom note (demanding, of course, payment in...more