Tips for Compliance and Data Analytics

data analytics

The other day I had the great fortune to moderate a webinar on data analytics in compliance programs with Kirsten Liston, founder and CEO of Rethink Compliance. We had a great time and Liston certainly knows her stuff on data analytics, so I took lots of notes. Let’s review the major themes that arose from…

Read More

Lessons on Policies & Procedures


A subsidiary of Deutsche Bank is serving up a double feature of compliance gone wrong this week, paying $25 million to settle charges with the Securities and Exchange Commission that the firm both made misleading disclosures about ESG investments and allowed an ineffective anti-money laundering program to linger for years.  The SEC announced the settlement…

Read More

Planning Your ESG Reporting Structure


I spent last week attending the annual user conference for Workiva, maker of software for audit and compliance reporting. Challenges around ESG reporting were all over the agenda, which lets us review some of the more nettlesome issues involved — and just in time, too, since both Europe and the United States are stepping up…

Read More

Compliance Jobs Report: Sept. 22

compliance jobs

The Compliance Jobs Report this week has new hires at Comerica Bank, Prime Therapeutics, Balfour Beatty, and lots more personnel gossip. We also have some folks leaving corporate for consulting land; job leads in hot dogs, zoos, and personal autonomous aircraft; and Meme of the  Week goes out to ESG reporting! Always remember that we…

Read More

3M Nailed Again, on Sanctions


Manufacturing giant 3M Corp. is paying $9.6 million to settle charges that its overseas business units and resellers improperly sold goods into Iran in the 2010s, in a fascinating glimpse of how overseas employees might try to circumvent trade controls.  The settlement was announced by the Office of Foreign Assets Control (OFAC) on Thursday. This…

Read More

CBRE Busted on Pre-taliation Clauses


The Securities and Exchange Commission has sanctioned real estate giant CBRE for including pre-taliation clauses in employee severance agreements. This is the second pre-taliation enforcement action we’ve seen from the SEC in recent weeks, so apparently we have to review this nonsense yet again because it’s still a thing.  Pre-taliation, as all compliance professionals should…

Read More

Fresh Stats on Cyber & Privacy Risks

key controls

We have a fascinating new snapshot of cybersecurity risks these days — including companies racing to embrace cloud computing without fully understanding the security fundamentals, insecure mobile applications, and persistent bad habits with software patching and encryption. Said snapshot comes from Coalfire, one of the more notable cybersecurity and compliance software firms, which just released…

Read More

Compliance Jobs Report: Sept. 15

compliance jobs

This week the Compliance Jobs Report has a departure from Home Depot; new hires at Regions Bank, AmeriLife, Vesuvius, and elsewhere; plus a flock of people getting promoted. Job leads in mass transit, public health, and higher education; and Meme of the Week goes out to GRC automation efforts. Always remember that we need your…

Read More

Notes on the MGM Cyber Attack


As you may have already heard, earlier this week MGM Resorts suffered a ransomware attack that disabled multiple MGM properties, including its flagship MGM Grand and Bellagio casinos in Las Vegas. This raises an interesting question for compliance and audit professionals: How would the SEC’s new rules for disclosure of cybersecurity attacks apply to something…

Read More

SOX Costs Drop; Struggles Don’t


Sarbanes-Oxley compliance costs fell for many companies last year, according to an analysis released this week — although time spent on SOX compliance work actually rose, suggesting that many companies are struggling to implement automation technologies even as demands from their audit firms keep rising.  In other words, as usual, SOX compliance is a bit…

Read More