Financial regulators in the state of New York just served up quite the example of cybersecurity enforcement, with a $5 million fine slapped against Carnival Corp. for failing to report several cybersecurity breaches in a timely manner and failing to implement required technical controls that would’ve reduced the odds of those attacks in the first…
Read MoreThey say that a columnist writes about what people are talking about, so there’s only one thing to write about today: the immense implications of the Supreme Court’s decision to invalidate Roe v. Wade. Even at this early stage, the consequences for corporate ethics and compliance programs are emerging fast and furious. We can begin…
Read MoreThe Compliance Jobs Report this week has a few gossipy items about Rite Aid, a new compliance boss at Tesla (good luck), and other personnel items from Rabobank, Google, Victoria’s Secret, Cooper Standard, and more. All our compliance job leads are for the Atlanta area, and Meme of the Week goes out to pushy compliance…
Read MoreJust in time for Throwback Thursday, cash management company Brinks Co. has agreed to pay $400,000 to settle charges from the Securities and Exchange Commission that its employment contracts included pre-taliation clauses — a whistleblower no-no that had been largely dormant since 2016. As outlined in a settlement order quietly announced this week, the SEC…
Read MoreESG issues seem to be a hot issue this week, with two groups publishing reports meant to help companies understand what a good ESG function should be able to do — including how to police against ESG fraud. Let’s start with the report on ESG reporting, published by Workiva. Workvia polled more than 1,300 corporate…
Read MoreI was working at my desk last week when the phone rang. At the other end of the line was my friend the cybersecurity auditor. “Dude, we have to talk,” he said. “Our team here has discovered an issue.” Ummm, a lot of people in our line of work have issues, I replied. Can you…
Read MoreThis week’s Compliance Jobs Report includes updates on the SEC itself; new hires at Activision Blizzard, Stony Brook Medicine, Palo Alto Networks, and more; and a bundle of compliance personnel updates in Europe as well. We have job leads in banking, medicine, and e-commerce, and Meme of the Week goes out to CEOs! As always,…
Read MoreActivision Blizzard published the results of an internal investigation today that found “no widespread harassment” at the videogame giant from 2016 to 2021, despite a lawsuit from California regulators last year alleging exactly that and massive turmoil among Activision employees since then. The investigation was ordered by Activision’s board last year after the California Department…
Read MoreWell, good riddance to the proposed reform of goodwill accounting. The Financial Accounting Standards Board has shelved a plan that would’ve had companies amortize their goodwill assets over a fixed period, and instead will maintain the longstanding rule that companies must test goodwill at least once a year and then write down the value if…
Read MoreNIST, everyone’s favorite publisher of cybersecurity standards, is asking for public comment on another good idea: how to use business impact analysis to guide your risk prioritization and response efforts. Performing a business impact analysis (BIA) is already an important element of business continuity and disaster recovery planning. True, most cybersecurity and data privacy frameworks…
Read MoreAbout Us
Technically, Radical Compliance is the personal blog of Matt Kelly, long-time writer and observer of the corporate compliance and GRC scene. I was a writer, editor, and publisher at Compliance Week, 2003 through 2015; some of you may know me from my career there. I also speak frequently at compliance conferences and other events, and will pretty much shoot the breeze on any compliance topic with anyone who asks.