Tagged: CCO

SEC Sues SolarWinds and its CISO for Fraud Over Botched Data Breach Response, Marking New Era in Cyber Enforcement

SEC Sues SolarWinds and its CISO for Fraud Over Botched Data Breach Response, Marking New Era in Cyber Enforcement

The U.S. Securities and Exchange Commission has a message for publicly-traded companies that suffer a data breach: own up. On Monday, the SEC sued Texas-based SolarWinds––and its Chief Information Security Officer (“CISO”)––for defrauding investors by allegedly failing to disclose known security risks in public filings. This marks the SEC’s first ever enforcement action against an individual corporate officer over their mishandling of a data breach––but...

Episode 291 — Interview of Mary Shirley on Her New Compliance Book

Episode 291 — Interview of Mary Shirley on Her New Compliance Book

Mary Shirley, a leading voice in the legal and compliance field, has just released her new book — Living Your Best Compliance Life: 65 Hacks & Cheat Codes to Level Up Your Ethics & Compliance Program. Order Mary’s New Book Here. Mary is a well-known advocate, speaker and compliance professional. She regularly speaks at Compliance events. She is mentor to the Compliance Profession. In this Episode,...

Episode 282 — The Evolving Partnership: Compliance and Cybersecurity

Episode 282 — The Evolving Partnership: Compliance and Cybersecurity

If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy.  The rapid elevation of this risk is reflected in weekly headlines announcing ransomware, cyber-attacks and data breaches. Companies that have experienced a cyber-attack are forever changed.  The board and senior executive team quickly...

The Evolving Partnership: Compliance and Cybersecurity (Part I of IV)

The Evolving Partnership: Compliance and Cybersecurity (Part I of IV)

If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy.  The rapid elevation of this risk is reflected in weekly headlines announcing ransomware, cyber-attacks and data breaches.  In NAVEX’s recent State of Compliance Survey, one in three respondents indicated their company had experienced...

CCOs and Execution of Compliance Certification: A Significant Risk? (Part III of III)

CCOs and Execution of Compliance Certification: A Significant Risk? (Part III of III)

CCOs, by definition, are careful and deliberate.  It comes with the profession.  As risk managers, CCOs are skilled in identifying, assessing and acting in a risk environment. The impact of the new CCO certification requirement, however, presents serious risks that cannot be brushed off or ignored in the face of assurances that prosecutorial discretion will protect CCOs from misguided prosecutions.  Frankly, CCOs recognize that there...

DOJ CCO Certification Requirements and DOJ Compliance Mandates (Part II of III)

DOJ CCO Certification Requirements and DOJ Compliance Mandates (Part II of III)

The new DOJ Certification requirements certainly raise a number of new issues and risks for senior management and chief compliance officers.  In Part I of this series, I outlined the specific language and the Plea Agreement standards imposed on companies that enter into a Plea Agreement with DOJ for FCPA violations. DOJ has reiterated its support for this new Certification requirement.  Indeed, a DOJ official...

The State of the Chief Compliance Officer: Looking Back and to the Future  (Part I of III)

The State of the Chief Compliance Officer: Looking Back and to the Future (Part I of III)

To start the New Year, it is a good idea to review the trends in the role and status of Chief Compliance Officers.  As we witness the continuing growth in stature of the CCO, we need to exercise caution.  Some troubling concerns are becoming apparent.  With a new Attorney General and Biden Administration, CCOs have to be mindful of their ever increasing responsibilities and concomitant...

DOJ’s Pilot Program – The Five Factors Designed to Nurture the Compliance Function

DOJ’s Pilot Program – The Five Factors Designed to Nurture the Compliance Function

Perhaps the most positive and important aspect of the FCPA Pilot Program was the announcement of forward-looking and innovative remediation requirements for corporate compliance programs. As an aside, DOJ’s FCPA Pilot Program was a disappointment and failed to deliver meaningful incentives for companies to self-disclose FCPA violations to the Justice Department. The difference between 25, 50 and 75 percent from the bottom of the sentencing...

Addressing AML Risks in the Era of Aggressive Enforcement

Addressing AML Risks in the Era of Aggressive Enforcement

The resurgence in anti-money laundering enforcement in the last few years reflects the overall improvement in the banking industry and recovery from the financial collapse. Federal prosecutors and regulators have renewed their interest in AML compliance lapses, particularly in the area of sanctions/OFAC violations. FinCEN, the primary regulatory agency responsible for enforcement, has both diversified its targets and increased its enforcement efforts. For years, FinCEN...

Do Former Prosecutors Make Good CCOs?

Do Former Prosecutors Make Good CCOs?

A number of companies have adopted the requirement that a new Chief Compliance Office come from the ranks of former federal prosecutors. I am not sure exactly why companies have adopted this requirement. Perhaps company leaders think this will give the company an advantage when dealing with the Justice Department or the SEC. With full disclosure here, I admit my bias in favor of federal...