All Risk Management articles – Page 70
-
ArticleESG reporting: A summary of investor needs and wants
An investor-focused panel at a recent event shared views on investors’ perspectives about current and future use of ESG metrics and disclosures and where common ground can be found between the providers and users of the information.
-
ArticleFINRA 2022 exam report highlights Reg BI compliance, AML trends, more
The Financial Industry Regulatory Authority’s annual report on examinations and risk monitoring contains insights on issues the organization uncovered regarding broker-dealers’ compliance with Regulation Best Interest during the rule’s first full year in existence.
-
ArticleMaking the transition to net zero in the United Kingdom
As the United Kingdom aims to become “the world’s first net zero-aligned financial center,” financial institutions are being required to have “a robust firm-level transition plan setting out how they will decarbonize.” Where should they start?
-
ArticleThree lingering questions to arise from KPMG tribunal over Carillion, Regenersis
Details to emerge from the disciplinary tribunal regarding KPMG’s conduct during its work at Carillion and Regenersis could have ramifications for the Big Four firm, the audit profession more widely, and potential future regulation and monitoring.
-
ArticleHow Accor manages global data privacy compliance
Marie-Christine Vittet, vice president of compliance at hospitality chain Accor, shares with Compliance Week the company’s journey toward a global data privacy compliance program.
-
ArticleIndictment: China-based Hytera stole trade secrets from Motorola
Hytera Communications allegedly conducted a scheme to systematically steal trade secrets from Motorola Solutions by hiring away Motorola employees who had developed its “walkie-talkie” product line, according to a federal indictment.
-
ArticleMicrosoft, Activision Blizzard, and importance of cultural due diligence in M&A
Rarely do cultural considerations play a role in M&A transactions, though they are often critical to the ultimate success of a deal. Microsoft’s planned acquisition of embattled video game developer Activision Blizzard offers a timely case study.
-
ArticleKPMG facing $1.8B lawsuit over Carillion audits
KPMG is facing a £1.3 billion (U.S. $1.8 billion) lawsuit for missing “red flags” during its audits at failed construction company Carillion, which creditors say was insolvent more than two years before it collapsed.
-
ArticleWestpac combines risk, compliance leadership; hires Ryan Zanin as chief risk officer
Australian bank Westpac announced it will combine the leadership of its risk and compliance divisions into one position under Ryan Zanin, who joins after most recently serving as executive vice president, chief risk officer at Fannie Mae.
-
PremiumChapter 4: Recovery and lessons learned post-ransomware attack
Whether fictional private utility company Vulnerable Electric pays the ransom or not in the aftermath of its cyber incident, the two pathways quickly splinter off in different directions with varied endings, each with important lessons to be learned.
-
PremiumEpilogue: What happened to Betsy?
The “patient zero” of fictional private utility company Vulnerable Electric’s ransomware crisis learns her fate.
-
PremiumChapter 3: Ransomware eradication prompts tough choice: To pay or not to pay?
No matter what, the deck is stacked against fictional private utility company Vulnerable Electric as it weighs whether to pay the $5 million ransom demanded by a cybercriminal who breached its systems. Which path do you take?
-
PremiumRansomware case study glossary
The field of cybersecurity features a growing list of terminology to describe the many forms, channels, and motivations behind cyberattacks and hacking culture. Learn further definitions for some key terms featured throughout the ransomware case study.
-
ArticleFinCEN readying rule for banks to prove AML/CFT programs ‘reasonably designed’
The Financial Crimes Enforcement Network will likely require banks and other financial institutions to assess their anti-money laundering and countering the financing of terrorism programs to ensure they are “effective and reasonably designed.”
-
PremiumChapter 2, Part 1: Containment key to ransomware defense
With Day 2 of fictional private utility company Vulnerable Electric’s ransomware crisis comes the need to grasp the extent of its situation. The cyber incident response team’s synchronized efforts are pivotal as time is of the essence.
-
PremiumChapter 2, Part 2: Ransomware damage control and when to alert stakeholders
Systems at fictional private utility company Vulnerable Electric remain impacted in the aftermath of a ransomware attack, but the chief executive decides it’s time to be forthright with employees and customers.
-
PremiumChapter 1, Part 1: Betsy’s human error triggers ransomware crisis
When one of fictional private utility company Vulnerable Electric’s most dedicated employees falls victim to a social engineering hack, her actions in the immediate aftermath are crucial to what will soon become a crisis for the C-suite.
-
PremiumChapter 1, Part 2: All hands on deck in C-suite ransomware response
Following the events that triggered a double extortion ransomware attack, the CEO of fictional private utility company Vulnerable Electric mobilizes her cyber incident response team to begin assessing the path forward to dealing with the cybercriminal(s).
-
ArticleCW case study offers 360-degree view of ransomware attack
Learn through the eyes of the C-suite at Vulnerable Electric, a fictional private utility company impacted by a significant ransomware attack, as part of Compliance Week’s third case study.
-
ArticleRemedial actions help HeadSpin avoid fine in SEC fraud settlement
Silicon Valley-based tech company HeadSpin’s significant remedial actions in response to its chief executive’s alleged fraudulent behavior helped it settle charges with the Securities and Exchange Commission without being fined.