Another Look at Cybersecurity Shortcomings

cybersecurity

The other week the Biden Administration issued an executive order to improve cybersecurity across the federal government. Now we have a peek at just how bad numerous government agencies are at the task — and what steps they’re likely to take to improve the situation, which could affect government contractors providing IT services. Said peek…

Read More

More on Cybersecurity, Compliance Risk

cybersecurity

We have another report on cybersecurity threats this week, one that demonstrates just how difficult it is for large organizations to address this risk effectively — because while the vulnerabilities themselves are squarely a CISO’s concern, the damage they can cause is very much a regulatory compliance problem. The report comes from Onapsis, a cybersecurity…

Read More

Lessons Ever Given on Risk, Control 

For several days now I’ve wanted to discuss risk management and compliance lessons we could learn from that cargo container ship trapped in the Suez Canal, but I was stuck on exactly what to say about it.  My thoughts finally dislodged (that’s the last pun, I promise) after reading a superb analysis in the Financial…

Read More

Lessons on Algorithms, Ethics, and Equity

algorithms

Compliance professionals searching for cutting-edge policy management mishaps, turn your gaze toward Stanford University. The mess that the medical school endured last week with its bungled distribution of covid vaccines to employees offers lessons to us all.  What happened? According to press reports and many unhappy people on Twitter, Stanford Medicine started rolling out its…

Read More

More on Goodwill, Internal Controls

goodwill

Today I want to circle back to that lawsuit the SEC filed last week against Sequential Brands for failing to impair its goodwill assets in a timely manner. It’s a glimpse of poor internal control that raises an intriguing question: How many other companies might be in a similarly precarious position?  After all, goodwill has…

Read More

A Tale: Audit vs. Compliance

My phone rang the other day; it was the U.S. compliance officer at a large global business whom I know quite well. “Hey,” he said, “you know the statistic that more than half of internal audit people have felt pressure to cover up awkward findings in their work? I have a complaint about that.” I…

Read More

Goldman Sachs, FCPA, and Internal Controls

internal control

Now that we’ve all had the weekend to contemplate the massive Goldman Sachs FCPA enforcement action from last week (because that’s how we all spend our free time, right?), let’s return to an issue that’s been on my mind since the settlement was announced.  How does a company strengthen an internal control, when that control…

Read More

Goldman Sachs’ Giant FCPA Deal

goldman

All right compliance professionals, it’s here: Goldman Sachs has agreed to pay $4.3 billion to settle corruption charges for its role in the 1MDB scandal — making Wall Street’s premier investment bank responsible for the largest criminal penalty in FCPA history.  U.S. regulators announced the news today, although rumors of a settlement had been swirling…

Read More

SEC Dings Two Firms on Internal Controls

internal control

For years regulators have talked about the importance of data analytics in enforcement actions. Now the SEC has demonstrated that point with two enforcement actions for poor internal control and earnings manipulation, driven by the agency’s in-house analytics team. So we can’t say nobody warned us.  The enforcement actions were announced Monday, against a carpet…

Read More

WAC-o Tale of FCPA Misconduct

fcpa

Some days the WTF-o-meter just doesn’t go high enough, and such is the case with the latest FCPA enforcement action from the Securities and Exchange Commission. Fellow compliance travelers, prepare yourselves.  The SEC dinged World Acceptance Corp., a consumer loan business based in South Carolina, for a bribery operation the company’s Mexico subsidiary ran in…

Read More