Featured Articles:

Regulatory Implications from 2019 Capital One Hack and Recent Conviction of Former AWS Engineer

Paige Thompson, a former Amazon Web Services employee, was recently convicted of seven counts of fraud in U.S. District Court for stealing personal data from more than 100 million customers from unsecured accounts stored on Amazon’s Web Service in the cloud.  The data breach cost US bank Capital One more than $270 million in compensation and regulatory fines for the breach.  Thompson orchestrated the theft...

Tracking Ethics and Compliance Program Performance (Part II of II)

Chief compliance officers rely on several important sources for feedback — internal data and communications (reviews with board, senior managers, employees); and benchmarking against comparable organizations.  An internal compliance dashboard is an important part of this feedback loop and brings consistency to measurement and trend analysis. Policies and Procedures: Assuming that the organization has adopted a policy management program (often using an automated program), for...

Building a Compliance Dashboard (Part I of II)

This is a topic that every compliance professional has to address in one form or another.  Chief compliance officers are so busy that they often cannot even take the time to tackle this difficult issue.  This is a real practical issue of importance.  Just to define terms and the focus of this blog posting — we have to define the issues and purposes of the...

New York’s Department of Financial Services Proposes New Cyber Compliance Requirements

The New York Department of Financial Services (“DFS”) has proposed rule changes to increase cyber compliance requirements. DFS has been the leading regulatory force in the cybersecurity industry.  DFS first issued comprehensive cybersecurity rules in March 2017.  Many other regulators and international organizations have adopted many of these regulations as best practices for cybersecurity requirements. The proposed rules would impose some significant requirements, including: Expansion...

Episode 244 — Building a Compliance Program Dashboard

Chief compliance officers have access to a vast amount of data generated by their compliance programs. CCOs have to establish effective monitoring processes. A critical part of this process is to build a compliance program dashboard. This is a practical issue of real importance.  In this Episode, Michael Volkov reviews this important issue.

LRN and Tapestry Networks Issue Important Guidance for Corporate Boards and CEOs to Build and Manage Ethical Cultures

You can always count on LRN.  No ifs, ands or buts, LRN continues to issue the highest-quality and most meaningful research and guidance on ethics and compliance programs.  LRN digs in to ask the hard questions, measures important trends and consistently provides importance support and guidance for corporate governance.  LRN is a must read in these areas. Now that I finished by promotional rant, let’s...

Department of Commerce Bureau of Industry and Security Brings Enforcement Actions Reflecting New Policies

The Commerce Department has adjusted its export control enforcement program.  The Bureau of Industry and Security (“BIS”) announced the new administrative policies and gave notice to the industry and public.  BIS is now bringing enforcement actions under this new regime. Luis Fernando Garcia BIS entered into a settlement agreement with Luis Fernando Garcia, the owner of GE Equipos de Seguridad, who sought to illegally export...

Second Circuit Affirms District Judge Dismissal of Alstom Official’s FCPA Convictions

The Second Circuit Court of Appeals affirmed the district judge’s post-conviction dismissal of FCPA counts against Lawrence Hoskins, a former Alston executive, for his involvement in bribery scheme to secure a $118 million energy contract in Indonesia.  The Hoskins FCPA case has had a long and tortious path through the court system, and the Second Circuit’s decision, which was decided by a 2 to 1...

DOJ Targeting Crypto Industry for Enforcement

A basic truism — you do not want to become the subject of a Justice Department investigation.  The wheels of justice — prosecutors and law enforcement — can cause real harm to organizations and individuals that violate the law. DOJ is aligning resources to investigate and prosecute cryptocurrency criminal activity.  This should not come as a surprise to anyone. The Justice Department announced with much...