Why Privacy is Your Secret Weapon Against Third-Party Risk
Due Diligence in AI: 3 things you need to survive AI scrutiny
Enhancing Compliance: The Power of Independent Monitorships in Consumer Protection — Regulatory Oversight Podcast
Investigations and Cognitive Interviews
Consumer Finance Monitor Podcast Episode: Regulators Escalate Focus on the Risks of Bank Relationships with Fintechs and Other Third Parties
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
AGG Talks: Women in Tech Law Podcast - Episode 4: Preparing for a Transaction? What Emerging Growth Companies Need to Know
Meeting the Needs of General Counsel: Beyond the Basics of Legal Advice - On Record PR
Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Why Time Matters: Partners Lindsay Gerdes and Michael J. Bronson on Swift Action in Government Investigations
Consumer Finance Monitor Podcast Episode: Why do Fintechs Want to Become Banks?
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
Episode 331- NAVEX State of Risk and Compliance Programs
What the Board Should Be Asking About the Compliance Program
Video: Artificial Intelligence Use in Political Campaigns
Episode 329 -- Bryn Sedlacek from Aravo on TPRM Holistic Risks and Unified Visibility
Compliance Lessons from Dating in Your 50s
The Justice Insiders Podcast - AI-Washing: Everything Old Is New Again
The mining & metals industry stands at a critical juncture, facing unprecedented societal, regulatory and risk management pressures. As global attention on environmental sustainability and social responsibility intensifies,...more
On 14 April 2024, the Stock Exchange of Hong Kong Limited published conclusions to its consultation on the enhancement of climate-related disclosures under its environmental, social, and governance (“ESG”) framework. With...more
The use of forced labor, child labor, or modern slavery practices (collectively “forced labor”) in supply chains is not a new problem in the international trade world; however, many companies remain unaware of forced labor...more
“Net zero” is a topic as hot as the climate these days. With so much regulatory attention being placed on it, companies that do not communicate their net zero efforts appropriately or, worse, intentionally make false and...more
On June 7, 2024, the Federal Communications Commission ("FCC") issued a Notice of Proposed Rulemaking ("NPRM") that would require providers of retail broadband internet access service to create detailed plans to address and...more
A significant shift in cybersecurity compliance is on the horizon, and businesses need to prepare. Starting in 2024, organizations will face new requirements to report cybersecurity incidents and ransomware payments to the...more
This article, updated quarterly, looks ahead to the areas expected to be prioritized by financial services regulators across the globe; we look at the key regulatory trends emerging from the past year which inform our...more
On March 6, 2024, the U.S. Securities and Exchange Commission (the “SEC”) adopted new final rules requiring issuers to include extensive disclosure in registration statements and periodic reports regarding material...more
Most businesses in the United States will have to file incident reports—including for ransomware payments—under the Proposed Rule. The Department of Homeland Security has the authority to issue subpoenas and even penalties...more
Enterprise Risk Management is widely used in many industries and businesses. Risk managers use increasingly sophisticated approaches, methods, analytics, and frameworks to manage complex, interrelated, and interconnected...more
The US Government Is Using AI To Detect Potential Wrongdoing, and Companies Should Too With agencies such as the SEC and DOJ using AI and other data analytics tools extensively to detect wrongdoing, companies need to adopt...more
On October 7, 2023, Governor Gavin Newsom signed into law a trio of climate-related bills that will impact what companies doing business in California must (or can) say about their greenhouse gas (GHG) emissions and the...more
Faced with increased scrutiny by consumers, regulators, shareholders and boards, Environmental, Social and Governance (ESG) considerations have been at the forefront for multinational companies globally. Multinational...more
Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
In 2023, the U.S. Securities and Exchange Commission (“SEC”) issued its now-fully implemented Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule. The Rule reflects the reality that cybersecurity...more
W ith various headwinds resulting in down volume in 2023, buyers and sellers alike find themselves asking whether 2024 will see a rebound in deal activity. As we begin 2024, we have highlighted the issues and trends that...more
Clawback Rules. As previously discussed in last Winter’s Corporate Communicator, the Securities and Exchange Commission (“SEC") adopted final rules in October 2022 directing the NYSE and Nasdaq to adopt listing standards that...more
The Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies (the “Cybersecurity Rules”), which the Securities and Exchange Commission (SEC) had adopted earlier this year,...more
The U.S. Securities and Exchange Commission (SEC) adopted final rules in 2023 that are intended to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incident reporting by...more
In a first for both cybersecurity and securities law, a ransomware company filed a complaint with the U.S. Securities and Exchange Commission (“SEC”) against its own hacking victim for failure to disclose the hack itself. The...more
Summary of What Has Happened and What Is Yet to Come - On 19 October 2023, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) announced a Notice of Proposed Rule Making (NPRM), pursuant to...more
The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more
On July 17, the Innovation, Cybersecurity, and Technology (H) Committee of the National Association of Insurance Commissioners released its exposure draft of the NAIC’s model bulletin on insurers’ use of algorithms,...more
On July 26, 2023, in a 3-2 vote, the Securities and Exchange Commission (the “SEC”) adopted new rules (the “Final Rules”) for public companies that will require disclosures regarding cybersecurity incidents, as well as...more