Compliance, Enforcement, and Risk Management Posts
A Better Approach to Fighting Fraud in West Virginia: Bring in the Whistleblowers
Gordon Schnell and Max VoldmanAs the saying goes, Mountaineers are always free in West Virginia. Unfortunately, the cost of fraud is not. And as evidenced by the eye-popping $50 million fraud settlement the federal government just secured from Wheeling Hospital, there is a lot of fraud going around these days.
October 2020 Council Meeting Updates
Pauline ToboulidisAt its meetings on October 13 and October 22-23, 2020, the Council reviewed and discussed Council Drafts of seven projects and approved drafts and portions of drafts.
Nonprofit Governance in an Age of Compliance
Peter Molk and D. Daniel SokolThis Article contributes to the corporate governance literature by identifying aspects of nonprofit governance that create unnecessary risk to nonprofit entities and to society overall.
WSJ on Justice Department’s Need for a Compliance Expert
Lauren KlosinskiAn article published in The Wall Street Journal reflects on the potential need for the Department of Justice to employ a full-time compliance expert, particularly in light of complications arising from the COVID-19 crisis.
Strategies for Complying With Privacy Laws While Collecting Employee Information Regarding the Coronavirus
Lori E. Lesser, Nicholas S. Goldin, Vanessa K. Burrows and Andrew M. KofskyMost companies must collect and use information about their employees’ travel plans and health conditions to protect their workforce from the spread of coronavirus disease 2019 (“COVID-19”). This memorandum addresses strategies for U.S. companies to comply with various privacy laws in connection with these activities.
What the Last Year of Cyber Enforcement Tells Us About the FTC’s Compliance Expectations
Avi Gesser and Molly O'Malley ClarkeWith 2019 coming to a close, we wanted to take a look at what can be learned from the FTC’s cybersecurity enforcement actions this year. As we have previously noted, the FTC came under criticism last year in the LabMD decision for not providing companies with sufficient clarity as to what it expects in terms of their cybersecurity measures.
DOJ Announces Revised Export Control and Sanctions Enforcement Policy for Companies, Including Financial Institutions
H. Christopher Boehning, Jessica S. Carey, Christopher D. Frey, Michael E. Gertzman, Roberto J. Gonzalez, Brad S. Karp, Mark F. Mendelsohn, Richard S. Elliott, Karen R. King and Anand SithianOn December 13, the U.S. Department of Justice’s National Security Division announced a new policy designed to encourage business organizations to make voluntary self-disclosures to the DOJ in connection with potentially willful export control and economic sanctions violations.
Headwinds and Shifting Priorities: Beyond the Numbers in the SEC Enforcement Division’s 2019 Annual Report
Robin M. Bergen, Matthew C. Solomon, Alex Janghorbani, Jenny Paul and Samuel H. ChangOn November 6, 2019, the SEC’s Division of Enforcement released its annual report (the “Report”) describing its enforcement actions from fiscal year 2019.
Another Look at Third-Party Management: Why We’re Missing 31% of Material Risks
Adam HillPrivacy regulators increasingly are prescribing rules around third-party vendor and data processing management. As of March 1, 2019, for instance, New York’s Department of Financial Services (NYDFS) requires that Covered Entities establish policies and procedures for assessing the risks posed by vendors, determining minimum cybersecurity and privacy practices, conducting due diligence, and following up with periodic assessments.
DOJ Announces Procurement Collusion Strike Force
Lauren KlosinskiOn Nov. 5, the U.S. Department of Justice issued a press release announcing the formation of the new Procurement Collusion Strike Force (PCSF) focusing on deterring, detecting, investigating and prosecuting antitrust crimes.