Experts discuss whether EU data protection authorities would be better served using corrective actions other than eye-watering fines to encourage companies to commit to best (and legal) GDPR practices.
Both the CFTC and CFPB “Nailed It” this week while corporate heavyweight General Electric found itself in more trouble.
Brian Miller, national partner of audit transformation and innovation at BDO USA, talked with Compliance Week about how the pandemic has driven adoption of technologies by BDO’s auditors.
We asked nine prominent chief compliance officers to look into their crystal balls, and all of them saw data and advanced technology playing a larger role in the future of the profession.
It’s a good thing you’re all experts in partnering for change, as more than 3 in 4 of you think COVID-19 will have a permanent impact on some compliance functions.
In the past month three of the world’s largest tech firms have been hit with legal actions that could lead to billion-dollar damages suits for alleged violations of the GDPR. Neil Hodge explores the trend and what to expect moving forward.
A first-of-its-kind lawsuit in the U.K. alleges YouTube unlawfully collects personal information from children without parental consent and harvests their data for advertising purposes, in violation of British and European data privacy laws.
As artificial intelligence evolves and takes on new tasks, whether it can develop the instinct of an experienced compliance professional will be key to its prevalence in the AML world, writes Martin Woods.
The Irish DPC’s order to Facebook to halt the transfer of European citizens’ personal data to the United States could pose operational and legal challenges that set a precedent for not only other tech giants, but companies generally.
This webinar debunks the myths of AI and ML in third-party risk technology and drills into reality with a pragmatic application of how your data can be harnessed to support various risk management use cases.
Your company may be spending less on travel and entertainment expenses, but the risk of fraud and regulatory non-compliance is spiking. Without proper safeguards in place to manage T&E spend – a major operating expense – companies face costly consequences.
Silicon Valley’s social media heavyweights deserve a nod for “war-gaming” potential misinformation scenarios in advance of November’s elections, while McDonald’s again finds itself on our “Not Lovin’ It” list.
The company that runs ABCmouse Early Learning Academy found itself in the FTC’s crosshairs for what the Commission alleges are unfair billing practices that are part of a wider problem across the internet.
Today’s employees and customers generate a lot of communications data, in a lot of formats and in a lot of locations, from computers and on prem servers to mobile devices and the cloud.
A new study from Compliance Week and Diligent finds that many companies are still using unsecure and inefficient entity management processes, leaving them vulnerable to compliance risk.
A new training offered by renown expert Paul C. Dwyer helps non-technical practitioners gain confidence in dealing with all aspects of cyber-security or cyber-risk.
As Ireland’s first GDPR decision against Big Tech hangs in limbo, experts are scratching their heads as to why a seemingly straightforward case is headed to the EU’s data governing body to rule on.
Embroiled in a federal antitrust investigation, tech giant Google announced the appointment of Halimah DeLaine Prado as its new general counsel.
The U.K. Information Commissioner’s Office is investigating allegations that Barclays Bank had effectively been spying on employees by using an intrusive software system that monitored workers’ activity.
There’s no questioning the need to protect the data of U.S. citizens from China, but it’s naïve to think pressuring TikTok to take up a U.S. owner is anything more than a hollow victory given our lack of federal oversight in the area of privacy.
Artificial Intelligence (AI) tools are being deployed in numerous areas by financial institutions and broker-dealer firms.
A European privacy group is pursuing multiple class-action lawsuits against Oracle and Salesforce for alleged violations of the EU’s General Data Protection Regulation, estimating damages sought could exceed €10 billion (U.S. $11.9 billion).
The COVID-19 pandemic has certainly changed the landscape of global risk, and many organizations are quickly adapting their third-party risk management processes as a result.
Despite a recent court ruling to scrap the EU-U.S. Privacy Shield, the program is apparently still alive and well in the United States. It’s time to move on, writes Aaron Nicodemus.
Twitter disclosed in a regulatory filing that it could face fines of up to $250 million by the Federal Trade Commission for misusing people’s personal information for advertising purposes.
As the fallout from the demise of the Privacy Shield continues to play out, here are a handful of steps companies can take to protect themselves from potential GDPR violations when transferring data between the European Union and the United States.
The lesson in this week’s edition of “Nailed It or Failed It?” is the more things change, the more they stay the same.
An IBM report that examined more than 500 cyber-security breaches occurring between August 2019 and April 2020 found the average breach costs companies $3.86 million and requires nearly 300 days to identify and contain.
Join Larry Ponemon, founder of Ponemon Institute, and Dave Stapleton, CISO of CyberGRX, as they discuss the impact digital transformation is having on cyber-security and some best practices you can implement to better protect your organization.
Now more than ever, companies need strong data governance that can be applied across multiple repositories, apps, and devices, no matter where work gets done.
The legal and financial burden for companies to comply with the recent ruling to invalidate the EU-U.S. Privacy Shield might actually be worse than first thought, if an FAQ from the European Data Protection Board is any indication.
The recent cyber-attack directed at Twitter was the online equivalent of an explosive device being detonated. The ICA breaks down lessons learned from the hack and what firms can do to enhance their cyber-security controls.
Twitter just suffered the biggest cyber-attack in its history. But is it being set up for something bigger? We explore that possibility and much more.
In a surprise decision that will have a major impact on trans-Atlantic data transfers, Europe’s top court ruled Thursday that a mechanism used by thousands of companies to send data to the United States is unlawful.
In this week’s “Nailed It or Failed It?”, we reflect on the most troubling aspect of Wednesday’s giant Twitter hack while giving Wells Fargo a rare kudos for being good corporate citizens.
Perhaps the biggest Twitter hack of all time was perpetrated Wednesday against such notable figures as Joe Biden, Bill Gates, Elon Musk, former President Barack Obama, and Jeff Bezos, among others.
The United States has been on the receiving end of more significant cyber-attacks over the last 14 years than triple any other country, according to new research.
So, your company has decided to embark on an update of its legacy Know Your Customer system. Hear from experts on how to begin the process of onboarding that tech to the regulators.
Executive coach Amii-Barnard Bahn offers some tips for when your compliance title morphs into “Chief Public Health Officer,” plus ways to highlight the compliance function at your company and more.
Data privacy is about to become a more tangible concept to Americans not due to regulation like the CCPA, but because the most influential brand in the nation is making it a pillar of how it does business.
The Irish Data Protection Commission review of its GDPR investigations has come under fire for ignoring Big Tech and lacking information pertinent to inquiries into firms like Apple, Facebook, Google, and more.
What will enforcement of the California Consumer Privacy Act look like at first? Experts offer their take, in addition to providing guidance for companies still not in compliance with the landmark legislation.
Throughout the pandemic, technology will play a critical role as businesses adapt to this “new normal.” One strategy industries will rely on to provide employees and consumers with peace of mind is the use of temperature screening technology.
The FTC says it would consider creating three new units to pursue privacy enforcement investigations if Congress would increase its full-time employee headcount.
The top administrative court in France shot down Google’s appeal of a €50 million (U.S. $57 million) fine the tech giant received last year for violations of the EU’s General Data Protection Regulation.
The Department of Justice has proposed a series of rollbacks of protections for online platforms that would encourage them to police their content.
Cyber-security protections deployed for some of the nation’s most secret data was “woefully lax,” according to a 2017 intelligence brief that detailed shortcomings at the CIA following the agency’s 2016 data breach.
As federal officials dicker over details in a federal data privacy law, the coronavirus continues to spread. Development of a key technological tool in the fight is being kneecapped by their inaction.
A study on the use of artificial intelligence in the securities industry by FINRA found a number of challenges with the technology—data bias, customer privacy, and cyber-security among them—but noted it can offer “significant benefits.”
As the July 1 enforcement deadline of the California Consumer Privacy Act inches closer, a recently filed lawsuit between two data marketing firms may shed light on the efforts companies must take to comply with the new law.