NIST’s new Privacy Framework offers much-needed guidance to help companies align their data privacy and cyber-security risk management practices.
A former Biomet Argentina employee—in a bit of FCPA hot water—landed on his company’s restricted persons list, sued for defamation, and lost.
Compliance and procurement leaders see the value in using artificial intelligence, but far too many aren’t confident they have the right skills in place to use it, according to a new report from Dun & Bradstreet.
A new survey published by Deloitte highlights the latest trends—both opportunities and challenges—in companies’ journey toward a more mature extended enterprise risk management program, one in which third-party risk management is integrated across the firm and led from the top.
DoorDash announced an incident of unauthorized third-party access to user data—a reminder companies need to mind the cyber-security of vendors in addition to their own.
Guest columnist Alan Gibson explains how his role as assistant general counsel in Microsoft’s Office of Legal Compliance helped his transition into a world of managing risks through algorithms, machine learning, and digital solutions.
Webcast details: October 24, 2019 – 2 p.m. ET | CPE Credit(s): 1
Webcast details: November 5, 2019 – 2 p.m. ET | CPE Credit(s): 1
Options Clearing Corp. will pay a combined $20 million in penalties to the SEC and CFTC to settle charges that it failed to implement certain risk management policies as required by U.S. laws and regulator rules.
Digitization has ramped up the velocity of risk impact to breakneck speed. Organizations no longer have the luxury to simply check compliance boxes. They need to learn how to keep pace with a constant onslaught of new threats, changing regulations, and higher stakes.
In today’s shifting security and regulatory environment, ongoing third-party monitoring is crucial to compliance success. But how do you keep up with a constantly changing and growing list of vendors? This session will outline the keys to third-party risk management success through a modern approach to monitoring vendors.
Organizations are failing to solve the employee-spend challenge as travel and expense (T&E) transactions continue to suffer from non-compliance and fraud. Companies also have unnecessarily high audit costs and inadequate risk coverage thanks to manual testing of T&E transactions.
Amid pressure from Chinese authorities after initially not penalizing employees for taking part in the Hong Kong pro-democracy protests, two top Cathay Pacific executives have tendered their resignations.
Enterprises are now, more than ever, relying on a higher number of third-party, mission-critical technologies (along with their support and maintenance). As a result, enterprises are unintentionally opening themselves up to the largest source of data breaches.
The Federal Deposit Insurance Corporation this week published its 2019 Risk Review, an annual publication highlighting emerging risks and exposures that could affect the banking system in the months ahead.
Third-party relationships present one of the biggest risks a company can take on, which makes doing all you can to properly vet and monitor these partners of tantamount importance.
Regulations put broker-dealers squarely in the spotlight of various risks and responsibilities. FINRA and the SEC govern marketing communications and advertising practices when communicating with the public. Additionally, the cybersecurity threat landscape is evolving and is one of the primary operational risk’s firms face today.
The Wayfair walkout represents just the latest high-profile example of how social and policy issues continue to spill into the corporate ethics and compliance realm.
Managing third-party risk is vital to every business’ reputation and long-term success. But with growing regulatory requirements, compliance skills shortages and numerous potential sources of information, managing third-party risk as an organization can feel like a very painful process.
Many organizations’ enterprise risk management capabilities aren’t as integrated as they need to be, leaving them vulnerable to legal, financial, regulatory, and reputational risks, according to a new GRC benchmark report.
Digital transformation is no longer optional. It has become mandatory for businesses to remain relevant and to compete in today’s digital economy. Now more than ever, an integrated approach to governance, risk, and compliance (GRC) is required to provide a wider view of changing organizational risk.
Compliance functions of the future need to better use data, measure outcomes, and deal with differing views on what constitutes good ethics, says expert Hui Chen.
Compliance Week chats with Wells Fargo CCO Mike Roemer about the challenge of rebuilding trust at a company that’s been the poster child of compliance and risk management gone wrong.
Compliance Week looks at highlights from Wells Fargo’s plan to transform the future.
As corporate misconduct, such as sexual harassment and discrimination, continue to make headlines, companies are becoming increasingly focused on detecting “bad behaviors” so they can be appropriately managed.
SARs and due diligence are cited as effective tools for avoiding virtual currency malfeasance, says the Financial Crimes Enforcement Network.
Mining company BHP is facing a $5 billion damages action in the United Kingdom for its alleged negligence in its duty to prevent the Fundão dam collapse in Brazil in 2015.
Natural disasters, droughts, port disruptions, cargo theft, and industrial fires are some of the top supply-chain risks that should keep executives and chief risk officers on their toes in 2019, according to a new risk report.
Internal audit is a profession that provides assurance that objectives are being met for the organizations that it serves. However, it is not the only assurance provider performing audits and requesting information and often organizations are fatigued by different departments requesting the same information and reporting the same results. Enterprise ...
The concept of risk management—what it is and consists of—is something that is often misunderstood or misinterpreted.
Company executives may be more likely to take on risk when their compensation is based more on stock options than stock awards, a new study says.
The SEC’s Office of Compliance Inspections and Examinations has issued a risk alert on Regulation S-P describing the most common deficiencies it has uncovered in recent examinations of both registered investment advisers and broker-dealers.
A recent report from NAVEX Global offers a look at how the performance of ethics and compliance officers’ hotline and incident management systems stack up against their peers.