Security pros know that compliance does not equal security, yet compliance continues to be a top driver for security investment. Given that compliance and audit mandates are more tangible measures for non-security executives, requesting support for tools and processes that help meet these requirements is an excellent lever to pull Read More
Facebook will pay a record-breaking $5 billion penalty, and submit to major new privacy restrictions and a modified corporate structure, to settle Federal Trade Commission charges that the company violated a 2012 FTC order by deceiving users about their ability to control the privacy of their personal information. The whopping Read More
Equifax has agreed to pay at least $575 million, and potentially up to $700 million, as part of a global settlement with the Federal Trade Commission, the Consumer Financial Protection Bureau (CFPB), and 50 U.S. states and territories, which alleged that the credit reporting company’s failure to take reasonable steps Read More
Ever since the Sarbanes-Oxley Act passed in 2002, compliance with the law, known as “SOX,” has been a bit of a thorn in the side of many companies. In earlier years, companies spent millions of dollars and hundreds of employee-hours each to ensure the sophisticated controls over financial reporting that Read More
Ten things that internal audit can do when working with compliance to leverage the qualities of both functions There has been plenty written about the relationship between internal audit and compliance—from analyzing functional differences to advocating integration between the two. This continued discussion is mainly because the two functions have Read More
Like companies in many industries, banks are having a difficult time finding and retaining qualified compliance staffers. In fact, recruiting good compliance professionals has gotten so hard that the U.S. Office of the Comptroller of Currency (OCC) says that it has become a top risk for financial firms, especially regional Read More
Blowing the whistle can be a thankless job. More than one-third of respondents who reported wrongdoing and were identified as the source were either threatened with or received a reprisal as a result, according to a 2010 survey by the U.S. Merit Systems Protection Board, an independent “quasi-judicial” agency that Read More
The Securities and Exchange Commission awarded a total $50 million to two whistleblowers who assisted the agency in bringing a successful enforcement action. One whistleblower received an award of $37 million and the other received an award of $13 million. While the SEC did not disclose the identities of the Read More
Starting in April, a new regulation will require public companies and certain government owned business in Vietnam to conduct internal audits. Under a government decree (Decree 05/2019/NĐ-CP), which was issued last month, companies that are listed on a public stock exchange and those that are owned at least 50 percent Read More
French data protection regulator CNIL has imposed a €50 million ($57 million) fine on tech giant Google for failing to comply with the EU’s General Data Protection Regulation (GDPR). The EU privacy law, which took effect last May, is among the most strict set of data privacy regulations in the Read More
