General
An Update on the Job Market
Today we circle back to the state of the compliance job market now that the disruption of the Covid-19 pandemic is receding in the United States. Our post today includes an interview with one of more notable compliance recruiters out there, who says that hiring these days has never been higher. That recruiter is Steve…
Read MoreRobinhood, Part II: Due Diligence Fails
Today I want to return to FINRA’s enforcement action against Robinhood, that online stock trading app with the terrible track record at customer due diligence and risk profiling. Even though the case involves the somewhat rarified compliance rules for broker-dealer firms, there’s a lot here that speaks to technology and due diligence challenges overall. Robinhood,…
Read MoreRandom Thoughts on Compliance
Radical Compliance is taking a few days of vacation this week. So until we return, it’s time for another edition of random thoughts on all things compliance-, audit-, and risk management-related, and whatever else comes to mind. So, wait — the Trump Organization and CFO Allen Weisselberg actually kept a spreadsheet of improperly recorded compensation?…
Read MoreThe Shifting Calculus on Cybersecurity
So there I was the other day, talking to one of the many tech vendors in this field, when our conversation turned to a perpetually puzzling question: Why is the relationship between compliance and cybersecurity so difficult to get right? After all, my acquaintance and I lamented, cybersecurity has been one of the top corporate…
Read MoreResources to Assess ESG Materiality
Last month I had the good fortune to host a webinar on the rising importance of corporate ESG programs. One guest mentioned that a particularly challenging issue is setting an ESG materiality standard for your business, so you’ll know what items you want to track and report. Today, then, let’s take a deep dive into…
Read MoreDigging Into the State Street Settlement
I haven’t had time to write about this until now, but last week State Street Corp. agreed to pay a $115 million criminal penalty and accept a compliance monitor for two years, to settle charges that the bank deliberately overcharged its clients for years. If you want an example of how invasive compliance monitorships can…
Read MoreParsing Biden’s Cybersecurity Order
Earlier this week the Biden Administration issued an executive order to strengthen the federal government’s cybersecurity and oversight of the larger “software supply chain” that involves government contractors. IT auditors, risk managers, privacy officers, and related compliance professionals should prepare now for what’s coming soon. The order is most immediately a response to that ransomware…
Read MoreSAP, Part II: The Gritty Compliance Details
Today we return to that enforcement action imposed on business software giant SAP, which last week settled charges that it had violated U.S. export control law in the 2010s by offering software patches, upgrades and cloud-based services to users in Iran. Our first post on the case was more a summary of the overall facts,…
Read MoreCulture and the Cuban Missile Crisis
I am a bit of a history buff, so lately I’ve been reading Nuclear Folly, a new chronicle of the Cuban Missile Crisis written by Ukrainian history professor Serhii Plokhy. Little did I know when I began reading it, that a central lesson of good corporate governance would be a major theme of this book. …
Read MoreA Thought on Whistleblower Programs
Last week the Securities and Exchange Commission doled out a $50 million whistleblower award, the second-largest award given in the award program’s 10-year history. The money, however, isn’t the telling detail in this case. The telling detail is that the award went to two whistleblowers, who worked together to bring a misconduct case to the…
Read More