Tag:

compliance program

Agency Officials Trade Stock in Companies their Agencies Oversee

More than 2,500 government officials ranging from the Commerce Department to the Treasury Department reported owning stock in companies whose share prices correspond to decisions made by their respective agencies. With obvious conflicts of interest arising, what has happened, and what are some major takeaways from this investigative report?

Google Becomes the First to Agree to Compliance Monitoring by the DOJ

In an action to keep company executives in check, the Justice Department (DOJ), created a policy where executives and compliance chiefs sign and personally attest to the effectiveness of their compliance programs. The individuals would therefore be held personally liable for their roles in the company’s wrongdoing. The DOJ and Google had a pending dispute, which was due to Google’s non-compliance with assisting authorities in an investigation. The DOJ and Google reached an agreement, with a stipulation attached, resolving the dispute over Google’s loss of data responsive to a 2016 search warrant. In the stipulation, Google has said that it has spent over 90 million dollars on additional systems and resources to improve its compliance programs, including an agreement to allow an Independent Compliance Professional to serve as a third party to monitor that Google is fulfilling its compliance legal obligations. This policy, as already seen in the settlement with Google, is forcing compliance to become a top-tier concern for big companies or face serious consequences.

Could Anna Delvey Have Gotten Away with It? Bank Vetting for a $22 million Loan

Anna Delvey, the alleged scammer who attempted to obtain financial backing of anywhere from $22 million to $40 million in loans, is once again the subject of much debate due to the new Netflix series chronicling her alleged crimes and other actions. The question this article attempts to answer is whether she ever had a chance of realizing her goal of creating an exclusive, members-only, art club much like Soho House. This question hinges on whether she ever had a real chance to secure the funding to make it possible.

Concert Venues Crowd Control Regulations

On November 5, 2021, Travis Scott performed a concert at the Astroworld Festival in Austin to a crowd of fifty thousand people. In the hour that he performed, eight people were killed in a deadly crowd crush (another concert goer losing their life days after), and hundreds were injured. Multiple lawsuits have been filed against Travis Scott himself, as well as the production companies that organized the show in response to the tragedy. In the wake of the devastating event, regulations concerning crowd control and management must also be considered, as well as whether these regulations were complied with by the organizers of Astroworld.

Security Awareness — Not Just an IT and Compliance Responsibility

Since the start of 2021, cyber-attacks have dominated headlines across every industry. From governments and government organizations, healthcare companies, and banks, to gaming companies and oil pipelines, ransomware has impacted organizations of all types and sizes. The scale and scope of these attacks have continued to grow and have far reaching consequences. Despite current agency attempts to strengthen cybersecurity through regulation, individual users continue to pose a serious threat due to insufficient security education.  

Updates to Autorenewal Regulations and Enforcement

In the age of online consumerism, many companies utilize automatic renewal programs to deliver their products and services to customers on a recurring basis for a monthly or annual charge. Recently, autorenewal programs have seen an increase in consumer protection through legislation at both the state and federal level along with enforcement actions brought by private plaintiffs, state attorney generals, and the Federal Trade Commission (“FTC”). Organizations that utilize automatic renewal should be aware of the uptick in autorenewal program enforcement and look to strengthen and update their policies where appropriate.

A Practical Approach to Post-Schrems II Remediation of Cross-Border Data Transfers to the U.S. and Other “High Risk” Third Countries

On July 16, 2020, the Court of Justice of the European Union (“CJEU”) issued its deafening decision that summarily and immediately invalidated the EU-US Privacy Shield. The regulatory program established between the European Council and the U.S. Dept. of Commerce allowed for the transfer of personal data of EU residents to be sent from the EU to the US without violating the data transfer restrictions of the General Data Protection Regulation (“GDPR”). The decision went on to cast serious doubt on the sufficiency of standard contractual clauses to adequately protect data transferred to any third country, not just the US. Several months later, data exporters in the EU are still sorting through the wreckage of their privacy programs and waiting for practical advice on the way forward.

Nursing Home Staff Turnover Rates Partially Explains Disproportionate Number of Deaths during COVID-19 Public Health Emergency

The COVID-19 pandemic has impacted residents and staff of nursing homes and long-term care facilities more than any other demographic, accounting for nearly 40 percent of the total mortality rate from the virus in the United States.  According to Centers for Medicare & Medicaid Services (“CMS”), at least 132,000 residents and employees have died from complications of the COVID-19 across 31,000 facilities, although some estimates place the death count closer to 200,000.  One factor aggravating the number of deaths in nursing homes is the extraordinarily high rate of staff turnover each year. 

Relax, After GDPR’s Schrems II, Some Companies Transferring Personal Data from the EU to the US May Actually Have Less Challenges Than You Thought

On December 12, 2020, the European Commission (the “EC”) issued a highly anticipated draft of newly revised standard contractual clauses (“new SCCs”) that may be used by European Union-based companies to safeguard data transfers of personal data to third countries, such as the US, in compliance with GDPR Art. 46(1). The release comes at a decidedly inopportune time as it follows on the heels of the Court of Justice of the European Union’s (CJEU) Data Protection Commissioner v. Facebook Ireland Limited and Maximillian Schrems (“Schrems II”) decision which casts serious doubt on the adequacy of SCCs alone to safeguard against the “high-risks” involved in EU to US data transfers. And for many data protection experts, the language of the revised SCCs only adds to the confusion, raising even more questions. But one question in particular seems to be prominent among others—for transfers to importers, directly subject to GDPR, are SCCs really necessary?

Market Regulation Issues Raised by the Gamestop Buying Frenzy

The regulation of hedge funds has largely been unchecked allowing big Wall Street players to manipulate the market for the benefit and at the detriment of other investors. But forced by an unprecedented movement of retail investors, Wall Street is being forced to reckon with the hypocrisy of their practices.