Search results for: "accounting controls"
Last Week’s Cybersecurity Disasters
There are decades when nothing happens, and weeks when decades happen. Last week was definitely one of those latter periods for CISOs, internal auditors, compliance officers, and anyone else charged with worrying about cybersecurity. Just consider what happened last week: On Tuesday, UnitedHealth reported spending nearly $1 billion on recovery costs from a ransomware attack…
Read MoreSEC Lawsuit Against SolarWinds Gutted
A federal judge has dismissed a high-profile lawsuit that the Securities and Exchange Commission filed last year against software firm SolarWinds and its chief information security officer, finding that SEC rules requiring companies to have strong internal accounting controls cannot be interpreted to include cybersecurity measures. The SEC filed its lawsuit against SolarWinds and the…
Read MoreUnitedHealth’s Big Cyber Compliance Mess
UnitedHealth filed its latest quarterly earnings report today, complete with an update on the staggering costs of a ransomware attack the healthcare giant suffered earlier this year — and if anyone needs a fresh example of how cyber attacks can tie your company into compliance knots, pull up a chair. The attack itself happened in…
Read MoreIs Regulation By Enforcement Coming Next?
Here’s a hypothetical: What if the Supreme Court’s recent curbs on regulatory power turn out to be a mess for Corporate America? What if those limits lead to more regulation by enforcement? What would the implications be for corporate compliance programs and legal teams? Those questions are on my mind today thanks to an intriguing…
Read MoreExample of Cyber Disclosure Challenges
Radical Compliance is back from vacation, and what better way to catch up on current compliance issues than an enforcement action over poor cybersecurity? Lucky for us, the Securities and Exchange Commission served up a fresh case just last week on exactly that headache. The case involves R.R. Donnelley, provider of business marketing services to…
Read MoreArchives, 2022: CCO Certifications
Radical Compliance is taking an off-the-grid vacation for the next few days, so we are reprinting some of readers’ favorite posts from the archives. The following ran in August 2022. Today I want to revisit the Justice Department’s plans to have chief compliance officers certify the effectiveness of their compliance programs, to unpack a question…
Read MoreArchives, 2019: A Good FCPA Settlement
Radical Compliance is taking an off-the-grid vacation for the next 10 days, so we are reprinting some of readers’ favorite posts from the archives. The following ran in February 2019. Now that we’ve had a long weekend to digest the FCPA enforcement action imposed against Cognizant Technologies last week, compliance officers have a lot more…
Read MoreAnother FCPA Action With No Monitor
Another week, another FCPA enforcement action against a Swiss commodities trader — and one that again might leave compliance officers puzzled, since it involves a repeat corporate offender that didn’t self-disclose, yet still managed to walk away without a compliance monitor. The company in question is Trafigura, which last week pleaded guilty to charges that…
Read MoreSAP, Part II: Remediation Work
Today, let’s return to the FCPA enforcement action announced last week against German software giant SAP, which resulted in $220 million in penalties and disgorgement, plus a long list of compliance remediation measures. Those measures are worth going through in detail. For those who missed last week’s news, the recap is as follows. SAP agreed…
Read MoreSAP Pays $220M on FCPA Violations
German software giant SAP is paying $220 million and implementing a raft of reforms to settle FCPA violations in seven countries, in a case with lessons about the importance of internal audits to root out misconduct and about structural reforms regulators want to see to prevent repeat offenses. The Justice Department and Securities and Exchange…
Read More