An Update on the Job Market

job market

Today we circle back to the state of the compliance job market now that the disruption of the Covid-19 pandemic is receding in the United States. Our post today includes an interview with one of more notable compliance recruiters out there, who says that hiring these days has never been higher.  That recruiter is Steve…

Read More

Robinhood, Part II: Due Diligence Fails

robinhood

Today I want to return to FINRA’s enforcement action against Robinhood, that online stock trading app with the terrible track record at customer due diligence and risk profiling. Even though the case involves the somewhat rarified compliance rules for broker-dealer firms, there’s a lot here that speaks to technology and due diligence challenges overall. Robinhood,…

Read More

Random Thoughts on Compliance

random

Radical Compliance is taking a few days of vacation this week. So until we return, it’s time for another edition of random thoughts on all things compliance-, audit-, and risk management-related, and whatever else comes to mind.  So, wait — the Trump Organization and CFO Allen Weisselberg actually kept a spreadsheet of improperly recorded compensation?…

Read More

The Shifting Calculus on Cybersecurity

cybersecurity

So there I was the other day, talking to one of the many tech vendors in this field, when our conversation turned to a perpetually puzzling question: Why is the relationship between compliance and cybersecurity so difficult to get right?  After all, my acquaintance and I lamented, cybersecurity has been one of the top corporate…

Read More

Resources to Assess ESG Materiality

esg

Last month I had the good fortune to host a webinar on the rising importance of corporate ESG programs. One guest mentioned that a particularly challenging issue is setting an ESG materiality standard for your business, so you’ll know what items you want to track and report.  Today, then, let’s take a deep dive into…

Read More

Digging Into the State Street Settlement

I haven’t had time to write about this until now, but last week State Street Corp. agreed to pay a $115 million criminal penalty and accept a compliance monitor for two years, to settle charges that the bank deliberately overcharged its clients for years. If you want an example of how invasive compliance monitorships can…

Read More

Parsing Biden’s Cybersecurity Order

cybersecurity

Earlier this week the Biden Administration issued an executive order to strengthen the federal government’s cybersecurity and oversight of the larger “software supply chain” that involves government contractors. IT auditors, risk managers, privacy officers, and related compliance professionals should prepare now for what’s coming soon. The order is most immediately a response to that ransomware…

Read More

SAP, Part II: The Gritty Compliance Details

compliance

Today we return to that enforcement action imposed on business software giant SAP, which last week settled charges that it had violated U.S. export control law in the 2010s by offering software patches, upgrades and cloud-based services to users in Iran. Our first post on the case was more a summary of the overall facts,…

Read More

Culture and the Cuban Missile Crisis

culture

I am a bit of a history buff, so lately I’ve been reading Nuclear Folly, a new chronicle of the Cuban Missile Crisis written by Ukrainian history professor Serhii Plokhy. Little did I know when I began reading it, that a central lesson of good corporate governance would be a major theme of this book. …

Read More

A Thought on Whistleblower Programs

whistleblower

Last week the Securities and Exchange Commission doled out a $50 million whistleblower award, the second-largest award given in the award program’s 10-year history. The money, however, isn’t the telling detail in this case. The telling detail is that the award went to two whistleblowers, who worked together to bring a misconduct case to the…

Read More