Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
Preparing for a Government Healthcare Audit
Tackling Credit Push Fraud: Understanding Nacha's Risk Management Package (Part Two) — Payments Pros: The Payments Law Podcast
Compliance into The Weeds: The Complexity of Risk Assessments
Behavioral Health Compliance
The Importance of Assessment Areas
RegFi Episode 8: The Technological Path to Outcomes-Based Regulation with Matt Van Buskirk
What Physicians Need to Understand About Balance Billing
What Nonprofit Board Leadership Needs To Know About Internal Investigations
Taking a Behavioral Approach to Compliance
Episode 291 -- Interview of Mary Shirley on Her New Compliance Book
ChatGPT Risks for Compliance Programs
Season 2 Episode 3 - The Role of Ethics and Compliance Programs in International Business
In the Boardroom With Resnick and Fuller - Episode 4
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
"Board-er" Patrol in Privacy and Cyberattacks - Unauthorized Access Podcast
The oversight obligations of boards continue to expand. Recent enforcement actions and new laws in areas such as cybersecurity, artificial intelligence and supply chains create new challenges for boards, as we explain in this...more
After the Department of Justice (“DOJ”) announced its Civil Cyber-Fraud Initiative in October 2021, many in the False Claims Act (“FCA”) bar expected an onslaught of enforcement actions and qui tam cases. The initiative...more
In this Client Alert, we highlight key considerations public companies should keep in mind when preparing their upcoming annual reports on Form 10-K and proxy statements, including rule changes, recent guidance and reporting...more
In the December Public Company Watch, we cover key issues impacting public companies, including a preview of the SEC’s latest regulatory agenda, an update regarding the Fifth Circuit vacating the SEC’s share repurchase rules,...more
Key Takeaways - With the SolarWinds enforcement action, the SEC continues to ratchet up its enforcement against companies that fail to properly disclose their cybersecurity incidents and risks. By naming the SolarWinds CISO...more
On 30 October 2023, President Biden issued a long-awaited executive order (EO) on artificial intelligence (AI). The EO itself is available here, and a one-page fact sheet issued by the White House is available here. The...more
SEC Adopts Final Rules on Cybersecurity Disclosures - The SEC has adopted rules requiring companies to provide disclosure within four business days of determining that a material cybersecurity incident has occurred, and...more
Report on Patient Privacy 23, no. 10 (October, 2023) By 2016, it should have been clear to HIPAA covered entities that a security risk analysis—and corresponding risk management plan—were compliance basics. Yet, a new...more
On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The final rules require...more
On July 26, 2023, the U.S. Securities and Exchange Commission adopted enhanced disclosure requirements regarding cybersecurity risk management, strategy, governance and incident reporting for public companies. The final rules...more
On July 26, 2023, the Securities and Exchange Commission (“SEC”) voted to approve final rules governing cybersecurity disclosures of public companies (“Final Rules”). The Final Rules make meaningful changes to the current and...more
The SEC’s Cybersecurity Proposals - The SEC has proposed four rules designed to address cybersecurity risk and management, including incident reporting by public companies....more
The PCAOB recently released a new Audit Committee Resource, which sets forth an updated set of questions that audit committee members may want to consider incorporating into their ongoing engagement with auditors....more
At an open meeting on March 15, 2023, the U.S. Securities and Exchange Commission voted three to two to propose a new rule, form and amendments (together, “Proposed Rule”) and published an accompanying release (“Release”)...more
Cybersecurity risk applies to businesses of all sizes and across all industries – it is a risk that cannot be ignored. In particular, cybersecurity risk can no longer be ignored in the deal lifecycle...more
For most large companies, a frictionless flow of information and the ability to transfer customer data, employee files, financial records and other information around the world quickly and cost-effectively is a critical...more
The SEC has nearly doubled the size of its Crypto Assets and Cyber Unit and has aggressively pursued cyber-related enforcement actions against public companies and regulated entities. In a few months the SEC will finalize...more
As public companies prepare their 2022 annual reports and 2023 proxy statements, they will need to contend with a host of new requirements and disclosure updates stemming from the current geopolitical and economic...more
Headlines: ..OCC Publishes Security Standards for Video Teleconferencing With Agency Staff ..CFPB Imposes Civil Penalty and Customer Refunds for Authorized-Positive Overdraft Fees ..Treasury Department Recommends...more
According to the Cybersecurity & Infrastructure Security Agency, cybersecurity is the process whereby information and communications systems, and the information contained in those systems, are protected from and/or defended...more
On March 9, 2022, the U.S. Securities Exchange Commission (the Commission) announced proposed amendments to its rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies...more
Hear about the latest in research compliance - Do you want to learn… - How to prepare for upcoming changes in Medicaid? - Ways to build and maintain a better research compliance work plan for your program? - How...more
This is Part I of a two-part series outlining key considerations from White & Case's Public Company Advisory Group for US public companies during the 2022 annual reporting and proxy season. Part I of this memo describes...more
The Apache Log4j vulnerability continues to command significant attention throughout the public and private sectors. In a recent interview, the director of the US Cybersecurity and Infrastructure Security Agency (CISA)...more
Are you looking to better… - Support, enhance, and manage a compliance and ethics program? - Mitigate risk within your organization? - Understand the components of effective program infrastructure? SCCE’s Basic...more