All Risk Management articles – Page 30
-
PremiumMore companies enter ‘discovery phase’ of ESG reporting in 2023
Climate-related disclosure efforts are amplifying year over year, despite persistent and persnickety pain points, as more organizations widen the scope of their ESG journeys, our “Inside the Mind of the CCO” survey found.
-
WebcastCPE Webcast: Better risk assessments: Practical, data-driven assessments made simple
Today’s risk assessments require improved quantitative, data-driven analysis, including interpreting inherent risk data in a meaningful way. Organizations are looking for risk assessments to be actionable, easier to execute, and defensible.
-
News BriefAustralia seeks help from businesses under ‘bold and ambitious’ cyber strategy
Australia released an updated cybersecurity strategy that will rely more heavily on public-private partnerships to support the country’s cyber defense efforts.
-
News BriefSingapore banks say money laundering risks up after $2B scandal
Risks posed by money laundering and the financing of terrorism have dramatically increased in Singapore, according to a recent survey of the city-state’s financial institutions conducted by the Monetary Authority of Singapore.
-
PremiumInside the Mind of the CCO: Compliance feeling regulatory heat in 2023
Our fifth annual “Inside the Mind of the CCO” survey saw keeping up with regulatory policies dethrone resource support as the biggest concern among all respondents for the first time.
-
PremiumNo clear path for leniency for U.K. firms navigating Russian sanctions
U.K. companies might be wary of informing regulators they have potentially violated sanctions against Russia over fears they could be publicly criticized for even minor breaches.
-
News BriefFTC eases AI use investigation process
The Federal Trade Commission approved a measure streamlining its ability to issue civil investigative demands in investigations relating to artificial intelligence use.
-
PremiumUsing AI? The SEC wants to know about it
The Securities and Exchange Commission has not yet implemented rules governing use of artificial intelligence but still expects regulated entities to adhere to commonly accepted practices, including disclosure, said an agency enforcement official.
-
News BriefCISA guidance provides cyber risk mitigation strategies for healthcare
New guidance released by the Cybersecurity and Infrastructure Security Agency offers best practices for organizations in the healthcare and public health sector to adopt to combat rising cyber threats.
-
OpinionNo time like present to tackle thorny problem of off-channel comms
The new messaging on use off-channel communications for business should be clear: What was done before is no more. It cannot continue. The stakes are too high.
-
News BriefMorgan Stanley settles with states for $6.5M over mishandled data
Morgan Stanley agreed to pay $6.5 million as part of a settlement with six states requiring the firm to strengthen its data security after actions it took compromised the personal data of millions of customers.
-
News BriefLifecore Biomedical earns FCPA declination for voluntary self-disclosure
Pharmaceuticals company Lifecore Biomedical won’t face prosecution for apparent violations of the Foreign Corrupt Practices Act after satisfying multiple factors of the Department of Justice’s recently updated voluntary self-disclosure policy.
-
News Brief
SEC adopts Dodd-Frank rule on clearing agency conflicts of interest
The Securities and Exchange Commission continued its recent run of pushing through remaining regulations under the Dodd-Frank Act of 2010 by adopting new rules to mitigate conflicts of interest for security-based swap clearing agencies.
-
PremiumHow technology can help track off-channel communications use
Establishing a set of policies and procedures to prevent employee use of nonauthorized electronic communications to conduct business is relatively straightforward. The hard part is monitoring compliance.
-
PremiumExperts: ICO apology to ex-CEO does not absolve NatWest of GDPR liability
Just because Alison Rose received a public apology from the U.K. Information Commissioner’s Office regarding the suggestion she might have violated the General Data Protection Regulation doesn’t mean NatWest could avoid sanction.
-
WebcastCPE Webcast: Elevating third-party safety: The art of TPRM and TPDD integration
This webinar will address the unique competencies of third-party risk and due diligence programs and examine when and how to align them to maximize the effectiveness of each.
-
News BriefN.Y. hospitals face stiff cybersecurity requirements under proposed rules
New York hospitals would be required to have a cybersecurity program that includes regular cyber risk assessments under newly proposed regulations.
-
PremiumA job never done: Tips for TPRM integration
Taking risk mitigation further and understanding your third parties and their risks can create value for your organization, practitioners discussed as part of a panel at CW’s virtual TPRM and Oversight Summit.
-
PremiumSolving the off-channel communications conundrum
Firms monitoring employee use of off-channel communications for business purposes face numerous obstacles. How much is enough, in the opinion of regulators? How much is too much, in the eyes of employees? Determinations must be made as regulators crack down.
-
News BriefSEC lauds cooperators, whistleblowers in FY23 enforcement results
A big year for disgorgement helped the Securities and Exchange Commission to its second highest total of financial remedies ordered in a single year in fiscal year 2023.