Corporate Compliance Archives

One Stock for the Coming Marijuana Boom, Says The Motley Fool

April 12th, 2019|Categories: Complex Business Litigation, Corporate Compliance, HB Risk Notes|Tags: Banking & Finance, Cannabis, Compliance, Emerging Litigation & Risk, Fintech|

"This legal pot stock could be like buying Amazon for $3.19." "Cannabis legalization is sweeping over North America – 10 states plus Washington, D.C., have all legalized recreational marijuana over the last few years, and full legalization arrived in Canada in October 2018. Legal marijuana is worth an estimated $50 billion for the U.S. today. And since experts have projected the U.S. industry to skyrocket to $80 billion by 2030, it’s time for investors to start paying attention. Because whether or not you’re planning on ingesting any THC, you can’t deny the monumental investing opportunity that a potentially $80 billion industry represents." --Grace Phillips, in an article for The Motley Fool

South Korea, EU Having ‘Adequacy’ Discussions

January 30th, 2019|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: Cybersecurity, Data Breach, Data Privacy, Information Technology Law, Legal Tech|

Because of its robust network connectedness, its advanced use of mobile devices and its rich collection of intellectual property, South Korea is a leading target for hackers. Discussions are under way between the EU and South Korea to determine, as a non-EU country, whether its data protections are adequate. Also, South Korea has joined the APEC Cross-Border Privacy Rules system. Significant caselaw is developing regarding this country’s 2011 data protection statute as well as its sector-specific laws. Daniel Solove and Paul Schwartz have selected Professor Haksoo Ko from the Law School at Seoul National University to speak at the International #PrivacySecurity Forum April 3-5, 2019. Ko will co-present to provide an up-to-date account of developments in South Korea and analyze the most important compliance hurdles. Learn more: http://bit.ly/IPSF-2019

Financial Institutions Struggle to Keep Up with ‘Changing Business Needs’ Such as Social Mobile Apps, and Getting Risk Data Quickly, Deloitte Report Suggests

January 27th, 2019|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: Compliance, Cybersecurity, Data Analytics, Data Breach, Data Privacy|

Deloitte's report is based on a survey of 94 financial institutions around the world that operate in a range of financial sectors and with aggregate assets of $29.1 trillion. Deloitte's Edward Hida -- financial risk community of practice global leader and a partner in Deloitte Risk and Financial Advisory -- posted his executive summary the latest Global Risk Management Survey which is the organization's eleventh. The report is a detailed one and Deloitte draws quite a few conclusions around the continued focus on cyber security, engagement of boards of directors, increase attention to non-financial risks, the potential of digital risk management, enterprise risk management, the proliferation of Chief Risk Officers, an increased reliance on stress testing and more. A couple figures jumped out at me which show at least two challenges to financial institutions. Hear this Deloitte professional at ICRMC in Toronto April 15-16! Respondents are finding "extremely challenging" the need to keep up with changing business operational needs, such as deployment of social mobile applications, data analytics and cloud-based risks. Also in the "extremely challenging" category, not surprisingly, are threats from "sophisticated actors," like foreign governments and crackerjack hacktivists. Other issues categorized as "extremely high priority "revolve around getting quality risk data quickly. Given the average length of time other studies show that a hacker can poke around in your network before [...]

Two Judges Find Florida Medical Marijuana Law Unconstitutional

January 4th, 2019|Categories: Complex Business Litigation, Corporate Compliance, HB Risk Notes, HB Tort Notes|Tags: Cannabis, Compliance, Corporate & Securities, Emerging Litigation & Risk, Regulations|

The Program is 'Absolutely Broken' -- Now What? Edited by Tom Hagy Florida Circuit Judge Karen Gievers just held that the Florida medical marijuana law is unconstitutional. Reporting on the judge's Trulieve decision for the Florida Politics news service, journalist Jim Rosica called it "a rebuke to lawmakers and the Rick Scott Administration" that was "stunning even for" Judge Gievers. "In the spirit of boxing legend Muhammad Ali, known for his pre-fight rhymes, Gievers opined that in Florida 'the medical marijuana system was broken. Now, in the Constitution, the people have spoken.'" Rosica reported that while Gov. Scott is appealing the major marijuana decisions against the state Department of Health, the transition team of Republican Governor-elect Ron DeSantis, including Lt. Gov.-elect Jeanette Nuñez, has suggested that he will not continue to defend the law in court. Rosica continued: "Gievers, who retires in April, said her decision striking down the law 'includ(ed), but (is) not limited to, replacement of the voter-selected registry plan with an arbitrary, inconsistent licensing scheme … throttling access of qualifying patients to … safe use of medical marijuana from (providers that) the Department has a clear, undisputed duty to register.' In fact, just passing the law was itself unconstitutional, Gievers suggested: 'Voters made clear in 2016 that the Legislature was to have no role in implementing access to and [...]

Mitigating Operational Cyber Risk: As Business Technology Changes, So Does Your Risk Profile

December 6th, 2018|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: Artificial Intelligence (AI), Cybersecurity, Data Analytics, Data Breach, Data Privacy|

By Tom Hagy The various risks of doing business in our digitally connected world continue to evolve. So must the approach organizations take in confronting those risks, for failing to do so in the current risk landscape can be far more dangerous than in prior years. I spoke with Nick Galletto, Global Cyber Risk Leader at Deloitte, who traced the evolution of the dangers of doing business in a digitally connected world. Early on, our focus in the cyber risk management space was on how to protect websites from being defaced, he explained. Organizations had to make sure websites were functioning properly, that data was secure, and the integrity was maintained. Galletto went on to say that we’ve moved from an era of compliance and risk management to an era of complexity. From an organization’s perspective, their focus was on making sure the company was compliant with new and evolving regulations, and risk management meant having policies, procedures and effective controls in place. “While compliance is a necessity, it is not the silver bullet that’s going to protect us from any potential breaches," Galletto said. "So organizations must look at conducting their business in this connected world not merely from a compliance perspective but from a risk perspective. A clear example of this is the number of PCI-compliant companies that were still getting breached." “Now as organizations move into an era of complexity, they need to be proactive in detecting anomalies and suspicious behavior and be prepared so their teams have [...]

Kenneth Jones of Tanenbaum Keale on Law Firm Tech Development Capabilities

October 16th, 2018|Categories: Corporate Compliance, HB Risk Notes, HB Tort Notes, Technology Law|Tags: Compliance, Cybersecurity, Law Practice Technology, Legal Tech|

Should Law Firms Should be Able to Develop Custom Technologies? Here is #10 of Jones' Top-10 List. #10. Security. The cloud is great, and generally speaking, companies in this space operate systems in a highly professional manner. However, occasionally one encounters special business needs which call for extensive “above and beyond” levels of security. This could be times a firm is storing financial information, medical records, or other data they wish to absolutely, positively protect. In these situations — under the theory that “no one does things better than I do” —it’s nice to have the option to build super-secure systems with features such as encrypted data within database tables, and to manage the systems with a very small number of highly trusted professionals specifically known by the law firm. Read more of the article posted by Thomson Reuters. Kenneth Jones oversees various aspects of technology at Tanenbaum Keale LLP in the role of Chief Technologist. He leads efforts to support TK’s computing environment and infrastructure, one that features a strategy of professionally protecting and processing client data in the cloud with highly skilled and respected leading-edge business partners in the technology space. Ken also helps lead and support various TK programs in the areas of security, compliance, business continuity and firm administration. Learn more.

Blockchain: Power to the People

August 28th, 2018|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: Cybersecurity, Privacy|

Dan Solove, co-founder of the Privacy+Security Forum and professor at GW Law School, just posted an interview with Steve Shillingford, Founder and CEO of Anonyome Labs, a consumer privacy software company. Below is part of just one exchange in the interview. SOLOVE: The Internet has made so many things possible that we couldn’t do in an analog world. Yet, in some ways, the online world seems to lack the capabilities of the offline world. In the offline world, it is much easier to have anonymous transactions. This becomes much more challenging online. How can the online world be made more like the offline world in this regard? SHILLINGFORD: Blockchain technology shifts the balance of power back to people—to individuals—and away from tech giants, governments and data miners. It allows you to transact on your terms, just as you do offline. And it’s not just limited to financial transactions. Put anything on the blockchain you want. The blockchain gives a person the ability to publish only the information THEY decide to divulge. Nothing more, nothing less. And no more hidden agendas, no selling personal data without your consent, no worries about privacy. Just like the analogue world, you decide the context, the content, and duration of the information you provide…not the big guys. It can really be that easy. Read the complete interview. See the latest faculty and agenda updates for the Privacy+Security [...]

Courtney Klein on Social Media & Security

August 1st, 2018|Categories: Corporate Compliance, HB Risk Notes, Law Firm Operations|Tags: Compliance, Cybersecurity, Law Practice Management, Risk Management, Social Media|

A Restructured Paradigm for Corporate Teamwork By Courtney Klein of Soteria Risk Consultants Social media has become an integral part of everyday life. It’s how some of us get our news, research our opinions, learn about local events, and connect with friends. For the modern western business, it is also immensely important for staying in touch with customers, advertising, and overall visibility. For this reason, many companies employ veritable armies of “Social Media Specialists” that do everything from designing graphics to writing tweets to replying to customer questions and complaints. Some companies interact with each other (such as the hilarious and long-standing Twitter Battle between Wendy’s and McDonald's), and some use it as their primary form of communication. Customers, too, know that social media is a way to get in touch with a company - for good reasons and for bad - and while many companies are aware that they will and do receive threats on social media, very few of them have any kind of protocol in place for how to deal with them – and even fewer still encourage their social media teams to pass this information on to or (better yet) work together with their security team. This sort of blasé attitude to threats – either because “it’s not my job” or “they can’t be serious” – leads to [...]

Francoise Gilbert on Colorado’s New Privacy Law: Are You Ready?

August 1st, 2018|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: Compliance, Cybersecurity, Data Breach, Data Privacy, Privacy|

Effective Sept. 1, 2018, Colorado will require all entities that process or store certain personal information of Colorado residents, regardless of whether the entity is located within or outside of Colorado, to have formal data security and data disposal programs. This is the result of the adoption of Bill 18-1128 “Concerning Strengthening Provisions for Consumer Data Privacy,” signed into law at the end of May 2018, to amend and supplement existing law .... Previously, the definition of “personal identifying information” under the Colorado law was limited to a resident’s first name or initial and last name in combination with the individual’s Social Security, driver’s license, or identification card number, or a credit or debit card or bank account number, combined with a password or access code. The new definition includes additional forms of identification, such as student, military, passport, and health insurance identification number, as well as other types of information, such as medical information or biometric data. It also includes username or e-email address in combination with a password or security question answers that would permit access to an online account .... Organizations that collect personal identifying information of Colorado residents and that do not yet have the written programs necessary to formalize their data protection practices urgently need to focus on compliance. -- Francoise Gilbert, Greenberg Traurig Francoise Gilbert, a partner [...]

McLoughlin on Artificial Intelligence in Banking

July 25th, 2018|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: Artificial Intelligence (AI), Banking & Finance, Compliance, Fraud, Risk Management|

"Capital adequacy requirements are not the only kind of regulation that AI is helping banks to meet. An even bigger area is monitoring of trading activities for misconduct and abuse. The Bank of England estimates that misconduct by traders has cost banks a global cumulative of $320 billion to date. For this very large reason, banks are aggressively deploying machine learning to monitor the behavior of their traders and detect unusual behavior." Read Michael McLoughlin's post on LinkedIn. Michael McLoughlin is Global Digital Transformation Partner & Advocate with Microsoft.

Halligan, Weyland on Cybersecurity, Trade Secret Asset Management and the Defend Trade Secret Act of 2016

July 23rd, 2018|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: Artificial Intelligence (AI), Compliance, Corporate & Securities, Cybersecurity, Data Analytics|

"Cybersecurity protection against outsider theft has largely succeeded, if competently crafted business methods are strictly followed. The more intractable problem of insider theft is now the major concern, and traditional cybersecurity methods are unavailing. The ever-higher digital barriers placed around the corporation and its sensitive data are no defense against data theft by people allowed inside the digital walls in the normal course of business." Read their complete post on LinkedIn. R. Mark Halligan is a Partner and Trial Lawyer at FisherBroyles, LLP. Mr. Halligan has taught Advanced Trade Secrets Law in the John Marshall Law School LLM program for 24 years. Richard F. Weyand is the President of the Trade Secret Office, Inc. www.thetso.com See R. Mark Halligan and Richard F. Weyand Trade Secret Asset Management 2018: A Guide to Information and Asset Management Including RICO and Blockchainavailable on Amazon. https://www.amazon.com/dp/0997070986

Willis Towers Watson: Cyber Risk Top D&O Concern

July 22nd, 2018|Categories: Corporate Compliance, HB Risk Notes, Insurance|Tags: Cybersecurity, Data Breach, Data Privacy, Directors & Officers, Insurance Companies|

Based on their survey, Willis Towers Watson says cyber risk continues to top the list of concerns for directors and officers (right up there with employee claims). As for coverage, while they care about price, things like their relationship with the carriers and how well they handle claims are critical elements. And, maybe one key reason cyber events keep happening: "Only 13% of board members feel that their organizations learn from past cyber mistakes." Read the results of the Willis Towers Watson survey.