All Risk Management articles – Page 68
-
ArticleBest practices to achieve a continuous assurance cybersecurity model
A panel of cybersecurity experts shared tips for achieving continuous assurance and getting necessary buy-in at CW’s virtual Cyber Risk & Data Privacy Summit.
-
ArticleEricsson admits ‘corruption-related misconduct’ in Iraq
Ericsson announced an internal investigation uncovered evidence of “corruption-related misconduct” that occurred in the Swedish telecommunications company’s Iraq operations between 2011 and 2019.
-
ArticleTransparency key to navigating modern employee monitoring risk landscape
The opening session of Compliance Week’s virtual Cyber Risk & Data Privacy Summit addressed the challenges of using technology to monitor employees while considering regulatory and ethical risks.
-
ArticleESG reporting: A summary of investor needs and wants
An investor-focused panel at a recent event shared views on investors’ perspectives about current and future use of ESG metrics and disclosures and where common ground can be found between the providers and users of the information.
-
ArticleFINRA 2022 exam report highlights Reg BI compliance, AML trends, more
The Financial Industry Regulatory Authority’s annual report on examinations and risk monitoring contains insights on issues the organization uncovered regarding broker-dealers’ compliance with Regulation Best Interest during the rule’s first full year in existence.
-
ArticleMaking the transition to net zero in the United Kingdom
As the United Kingdom aims to become “the world’s first net zero-aligned financial center,” financial institutions are being required to have “a robust firm-level transition plan setting out how they will decarbonize.” Where should they start?
-
ArticleThree lingering questions to arise from KPMG tribunal over Carillion, Regenersis
Details to emerge from the disciplinary tribunal regarding KPMG’s conduct during its work at Carillion and Regenersis could have ramifications for the Big Four firm, the audit profession more widely, and potential future regulation and monitoring.
-
ArticleHow Accor manages global data privacy compliance
Marie-Christine Vittet, vice president of compliance at hospitality chain Accor, shares with Compliance Week the company’s journey toward a global data privacy compliance program.
-
ArticleIndictment: China-based Hytera stole trade secrets from Motorola
Hytera Communications allegedly conducted a scheme to systematically steal trade secrets from Motorola Solutions by hiring away Motorola employees who had developed its “walkie-talkie” product line, according to a federal indictment.
-
ArticleMicrosoft, Activision Blizzard, and importance of cultural due diligence in M&A
Rarely do cultural considerations play a role in M&A transactions, though they are often critical to the ultimate success of a deal. Microsoft’s planned acquisition of embattled video game developer Activision Blizzard offers a timely case study.
-
ArticleKPMG facing $1.8B lawsuit over Carillion audits
KPMG is facing a £1.3 billion (U.S. $1.8 billion) lawsuit for missing “red flags” during its audits at failed construction company Carillion, which creditors say was insolvent more than two years before it collapsed.
-
ArticleWestpac combines risk, compliance leadership; hires Ryan Zanin as chief risk officer
Australian bank Westpac announced it will combine the leadership of its risk and compliance divisions into one position under Ryan Zanin, who joins after most recently serving as executive vice president, chief risk officer at Fannie Mae.
-
PremiumEpilogue: What happened to Betsy?
The “patient zero” of fictional private utility company Vulnerable Electric’s ransomware crisis learns her fate.
-
PremiumChapter 4: Recovery and lessons learned post-ransomware attack
Whether fictional private utility company Vulnerable Electric pays the ransom or not in the aftermath of its cyber incident, the two pathways quickly splinter off in different directions with varied endings, each with important lessons to be learned.
-
PremiumRansomware case study glossary
The field of cybersecurity features a growing list of terminology to describe the many forms, channels, and motivations behind cyberattacks and hacking culture. Learn further definitions for some key terms featured throughout the ransomware case study.
-
PremiumChapter 3: Ransomware eradication prompts tough choice: To pay or not to pay?
No matter what, the deck is stacked against fictional private utility company Vulnerable Electric as it weighs whether to pay the $5 million ransom demanded by a cybercriminal who breached its systems. Which path do you take?
-
ArticleFinCEN readying rule for banks to prove AML/CFT programs ‘reasonably designed’
The Financial Crimes Enforcement Network will likely require banks and other financial institutions to assess their anti-money laundering and countering the financing of terrorism programs to ensure they are “effective and reasonably designed.”
-
PremiumChapter 2, Part 2: Ransomware damage control and when to alert stakeholders
Systems at fictional private utility company Vulnerable Electric remain impacted in the aftermath of a ransomware attack, but the chief executive decides it’s time to be forthright with employees and customers.
-
PremiumChapter 2, Part 1: Containment key to ransomware defense
With Day 2 of fictional private utility company Vulnerable Electric’s ransomware crisis comes the need to grasp the extent of its situation. The cyber incident response team’s synchronized efforts are pivotal as time is of the essence.
-
ArticleCW case study offers 360-degree view of ransomware attack
Learn through the eyes of the C-suite at Vulnerable Electric, a fictional private utility company impacted by a significant ransomware attack, as part of Compliance Week’s third case study.