Featured Articles:

Criminal Enforcement Against Senior Executives: The Fish Rots from the Head

The compliance community is well aware of the risks in the C-Suite.  As you move up the corporate ladder, the level of risk from executive misconduct increases.  A rotten executive can quickly bring down a company, destroy its reputation, and raise a host of legal and reputational problems.  I have written numerous times on the importance of assessing C-Suite risks and building compliance and financial...

Cybersecurity Compliance for Financial Institutions

The New York Department of Financial Services has adopted detailed cybersecurity regulations for financial institutions.  (Here).  The NYDFS has filled a vacuum created by the failure of the federal government to act in this important area.  Congress has failed to enact any specific requirements; the federal government continues to rely on voluntary efforts and recommended standards.  As long as this vacuum continues, state regulators and...

The KPMG Debacle – Five Former KPMG Employees and Former PCAOB Employees Indicted for Fraud and Conspiracy

KPMG has been taking it on the chin lately – and apparently for good reason.  KPMG is enmeshed in an unfolding corruption scandal in South Africa.  Add to that the indictment last week of five individuals (four KPMG employees and a Public Company Accounting Oversight Board (“PCAOB”)) and the unsealing of a guilty plea by another individual from KPMG and a former PCAOB employee.  (See...

Episode 23 — Tom Fox and 2017 FCPA Year in Review

Tom Fox rejoins Corruption, Crime & Compliance for a 2017 FCPA Review.  Tom discusses important trends and events from 2017 in FCPA enforcement and compliance. Tom is the thought-leader on FCPA and compliance issues.  He maintains the popular blog, FCPA Compliance & Ethics, the Podcast Network and is a prolific author of numerous books, articles, and e-books.

Cybersecurity: The Law and Regulatory Framework

Cybersecurity law is a patchwork of global statutes and regulations.  Unfortunately, Congress has failed to act in this area, leaving the EU and US States to “lead.”  As a result, companies are often required to follow the lowest (or highest) common denominator, depending on your perspective. At the US federal level, we have specific industries that have requirements for protecting sensitive personal information.  The Health...

Welcome to New Sponsor Trulioo: A Leading Global Identity and Business Verification Provider

Welcome to New Sponsor Trulioo: A Leading Global Identity and Business Verification Provider I am proud to announce a new sponsor, Trulioo, a cutting-edge identity and business verification solutions provider.  Trulioo’s products assist global companies with identity verification for Know Your Customer (KYC) requirements and business verification for Know Your Business (KYB) due diligence around the world. Trulioo offers cutting edge solutions that take a new...

Cybersecurity and Third-Party Risks

Global companies are getting compliance overload, especially when it comes to third party risks.  As we have seen over the years, third-party risk management involves significant risks on anti-corruption, AML, fraud, sanctions, human trafficking and a host of other threats to a company’s reputational standing. But that is not all – you have to add cybersecurity to the list of third-party risk management issues.  Why?...

The Convergence of Cybersecurity, Compliance, and Enterprise Risk Management

When you survey business leaders on significant risks, they invariably cite cybersecurity as number one and anti-corruption as number two.  For global businesses, this makes total sense.  Cyber-crime damage is estimated to hit $6 trillion annually by 2021, according to a study by Cybersecurity Ventures (here).  Information security and prevention are now required to protect a company from serious financial and operational harm. We are...

Cybersecurity Threats and Risks

Companies are correctly focused on cybersecurity risks.  Notwithstanding this focus, companies are struggling with how to respond to threats and risks.  Cybersecurity threats are quickly evolving – akin to the time when countries engaged in military arms races.  As they evolve, companies have to embrace proactive strategies and cannot rely on a compliance strategy that reacts to events and threats. Cyber criminals are quickly embracing...

Renewing Corporate Vows to the Chief Compliance Officer

Our goals can only be reached through a vehicle of a plan, in which we must fervently believe, and upon which we must vigorously act. There is no other route to success — Pablo Picasso The chief compliance officer is at an important professional juncture – 2018 is an important year for the profession.  In this era of growth, and after corporate tax relief, companies...