Earlier this month the New York State Department of Financial Services announced proposed anti-money laundering and terrorist financing regulations. If adopted, the proposed rules will subject investment advisers to Bank Secrecy Act requirements for financial entities. Regulatory and private scrutiny of compliance programs is expanding, as is the cost of compliance...
Data control risk is one of executives' top concerns, especially in light of the fact that the government's growing role in controlling data flows could lead to resistance among foreign partners and investors. The recent passage of the Cybersecurity Information Sharing Act only exacerbates this risk. So what can companies do to manage data control risk amid this rapid increase...
The importance of due diligence on third parties – vendors, suppliers, their vendors and suppliers, and so on – cannot be overstated. When news breaks of a vendor using child labor or doing business in countries well-known for their human rights violations, it won’t matter much to the public exactly how removed the connection is from the corporation itself. The...
Prevention and vigilance are your best defenses against threats to cloud security. Just ask JPMorgan Chase, Bank of America or Target: when your organization experiences a security breach or loss of confidential data, the damage can be immense. Here are some of the most common occurrences in recent years and a few suggestions on how to avoid them.
Companies must be preparing for the eventuality of a data breach; it’s not a matter of if, but when a breach will occur. And, as we’ve seen with the biggest corporate cyber hacking scandals, the damage is immense in scope and the reputational harm that comes as a result isn’t easy to recover from. The old ways of thinking of...
We’ve established that it’s prudent to keep an eye on your top performers for the sake of risk management , but they’re not the only staff you ought to be watching. There are plenty of contributors who fly under the radar yet play highly important roles in the organization. Do you know which are the “trust positions” in your organization?
Reputational harm can do as much damage to a company's bottom line as nearly any other crisis. A proactive plan is essential to protect the organization should it come under fire. Silicon Valley based Theranos has found this out the hard way. The company's recent fall from grace is testament to the importance of a plan in the event of...
The violence perpetrated on innocent civilians in Paris last week stunned the world. Unfortunately, these acts of terrorism have become far more frequent in recent years. Consequently, the conversation around risk management is shifting. How do we -- as professionals charged with minimizing risk -- respond when the unthinkable happens?
The type of due diligence a third party requires varies based upon the level of risk associated with each entity: low risk, medium risk or high risk. While some third parties can be vetted with global database checks or open-source investigations (OSI), the only way to confidently investigate high-risk third parties is with thorough vetting through enhanced due diligence.
The CRO of the Future is almost here. James Bone posits that before long, risk management professionals may be replaced by various “risk intelligent systems knowledgeware,” or RISK, able to process volumes of data in an instant, detect threats and respond to them just as quickly. Technology advances at breakneck speed, and so does our dependence on it to manage...
Directors and officers (D&O) liability insurance covers losses due to many types of lawsuits alleging wrongdoing by directors and officers. But what about government investigations, subpoenas, and demand letters? These events can be extremely costly—sometimes more so than actual lawsuits. Companies would do well to keep these events in mind when purchasing D&O insurance.
Although well aware of the threat posed by hackers and organized cybercriminals, an alarming number of Boards are not actively challenging management’s cybersecurity efforts. Often, Board members simply don’t know how to proceed. However, there are concrete actions that Directors can take immediately to carry out their governance duties and improve cybersecurity.
Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security.
Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls.
© 2024 Corporate Compliance Insights
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |