Investigations and Cognitive Interviews
Implications of the SEC Cybersecurity Disclosure Rule
Healthcare Document Retention
Vicky Hanks of Blake Morgan on Building an Effective Employee Brand - Passle's CMO Series Podcast
Behavioral Health Compliance
Conducting Healthcare Compliance Investigations
Navigating the Storm: Crisis Management in the Workplace — Hiring to Firing Podcast
Episode 299 -- Bobby Butler on the Compliance Profession and the Future of Compliance
Compliance Auditing & Monitoring
Web-based Tracking Technology and AI: HIPAA Compliance Issues for Health Care Practices
PODCAST: Williams Mullen's Benefits Companion - SECURE 2.0 Act Relief for Plan Corrections
What Physicians Need to Understand About Balance Billing
What Nonprofit Board Leadership Needs To Know About Internal Investigations
Compliance with the New EU-US Data Privacy Framework
Compliant Business Communications Through Messaging Apps
Interactive Compliance Policies
GILTI Conscience Podcast | Tax Insurance 101
Consumer Finance Monitor Podcast Episode: A Look at the Treasury Department’s April 2023 Report on Decentralized Finance or “DeFi”
Personal Devices and Messaging: Evolving Compliance Concerns and Best Practices
#WorkforceWednesday: What the End of the COVID-19 Public Health Emergency Means for Employers - Employment Law This Week®
Covered institutions will need to review their cybersecurity and incident response policies and procedures ahead of the applicable compliance deadline. ...more
Think of it as the compliance version of The Butterfly Effect – a small, unnoticed, action, or failure to act, somewhere in the organization that balloons over time into a much larger, material issue. Maybe an employee is...more
Earlier this month, the Financial Crimes Enforcement Network (FinCEN) continued its efforts to require registered investment advisers (RIAs) and exempt reporting advisers (ERAs) to take steps to prevent the laundering of...more
On March 13, 2024, Utah enacted the Utah Artificial Intelligence Policy Act (UAIP), which imposes certain disclosure requirements on entities using generative AI tools with their customers, and limits an entity’s ability to...more
Last year, the U.S. Securities and Exchange Commission (SEC) proposed ambitious rules relating to artificial intelligence (AI) that have drawn significant commentary and criticism. While it is unlikely that any changes in the...more
Like many other industries, Registered Investment Advisers ("RIAs") have dealt with significant regulatory, technological, and systemic change in recent years. Compared to FINRA-regulated entities, RIAs often face these...more
FINRA recently published its 90-page 2024 Annual Regulatory Oversight Report (Report) providing member firms with insight into six primary topics: Financial Crimes, Crypto Asset Development, Firm Operations, Communications...more
...SEC Adopts Amendments to Fund Names Rule - On September 20, 2023, the U.S. Securities and Exchange Commission (SEC) adopted amendments to Rule 35d-1 under the Investment Company Act of 1940 (the Fund Names Rule) as well...more
The growing concern around cyberthreats for companies across the nation is reflected in the increasingly crowded legislative landscape that provides guidance to organizations, employers, employees, consumers, and investors....more
Investment Advisers: Assessing Risks, Scoping Examinations, and Requesting Documents* I. Introduction - The SEC-registered investment adviser (“adviser”) population is large and diverse, ranging from global asset managers...more
Key Point: The decision making processes to determine whether a cybersecurity incident is material or not, should include documenting the factors behind each determination and should be practiced before an incident occurs. ...more
The SEC, by a 3-2 vote, has adopted new rules requiring companies to provide: ..current disclosure on Form 8-K within four business days of determining that a material cybersecurity incident has occurred; and ...more
In a narrow 3-2 decision on July 26, the SEC adopted its final rule concerning cybersecurity risk management, strategy, governance, and incident disclosure (the “Final Rule”). Below we highlight some of the principal changes...more
On July 26, 2023, the Securities and Exchange Commission (“SEC”) adopted final rules, rule amendments and form amendments to expand and standardize disclosures regarding cybersecurity risk management, strategy, governance,...more
The SEC’s Cybersecurity Proposals - The SEC has proposed four rules designed to address cybersecurity risk and management, including incident reporting by public companies....more
Last month, Gurbir Grewal, the Director of the SEC’s Division of Enforcement, spoke at the Financial Times Cyber Resilience Summit. During the remarks, he outlined the importance of cybersecurity and signaled that the SEC is...more
Based on updates to its rulemaking agenda that were released last week, the U.S. Securities and Exchange Commission (SEC) has delayed approval of two cybersecurity rules until at least October 2023. Both proposed rules were...more
At an open meeting on March 15, 2023, the U.S. Securities and Exchange Commission voted three to two to propose a new rule, form and amendments (together, “Proposed Rule”) and published an accompanying release (“Release”)...more
Given the increasing SEC scrutiny on disclosure practices in municipal finance, governmental issuers and conduit borrowers [e.g., 501(c)(3) corporations] are taking a fresh look at their disclosure policies and procedures,...more
Late last month the Securities and Exchange Commission (“SEC”) charged JP Morgan, UBS and Trade Station with violations of Regulation S-ID based on a range of inadequacies in their identity theft red flag policies and...more
According to the Cybersecurity & Infrastructure Security Agency, cybersecurity is the process whereby information and communications systems, and the information contained in those systems, are protected from and/or defended...more
On March 9, 2022, the U.S. Securities and Exchange Commission (“SEC”) proposed amendments to its rules to require additional disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by...more
Corporate risk and compliance officers already labor under an influx of concerns related to cybersecurity, so you might have missed this latest news: the U.S. Securities and Exchange Commission has proposed new rules for more...more
Requirements under the proposed rules would include the disclosure of: •Material cybersecurity incidents within four business days of the determination that a material cybersecurity incident has occurred in a Form 8-K- ...more
On March 9, 2022, the Securities and Exchange Commission (SEC) announced proposed rules requiring publicly listed companies to make several specific disclosures related to cybersecurity incidents and the registrant's...more