Organisations will need a whole new data compliance arrangement when the GDPR comes in, so here are some practical measures to get you started. By Greg Mason,founding partner and Dianne Drummond, senior director The arrival of the General Data Protection Regulation (GDPR) is imminent. On 25 May the regulation governing data privacy for citizens of the EU’s 28 member countries becomes enforceable as law. For data collection and transfer – e-discovery initiatives related to cross-border litigation and investigation, for example […]
Companies should be committed to knowing all the data that exists in their networks – and understanding how unwanted data can get in By Robert Richard, Kylie Tanner Hackers’ successes in 2017 were a stern warning. Despite efforts to implement system-wide defences, even the largest corporations proved vulnerable. Hackers are now finding their way in through the tiniest of openings. Two of the biggest cyber theft headlines of the year involved Equifax, where an attack netted the personal information of […]
Big companies in the Nordic region are often highly global, but what does complying with international non-financial reporting standards mean for them? By Derek Patterson, Hannah Walsh International standards and regulations are important to companies based in the Nordic region. Access to capital and participation in global markets are two important reasons why – many large Nordic businesses have customers, suppliers and operations all over the world. Regulators outside of the Nordic region can have a long reach, as recently […]
To prove the efficiency of their compliance systems to regulators banks should learn a lesson from industries that address this question daily, such as energy and aviation By Toby Duthie, Frances McLeod Banks have invested significant time and resource in enhancing their compliance and controls environments in recent years. The fines of 2017 are still huge but not as hefty as in the past, and typically relate to issues that go back several years (for example, the Credit Suisse $5.2bn mortgage […]
How fostering joined-up thinking between the finance, compliance and internal audit functions can help organisations identify regulatory risks more efficiently By Emma Hodges There is enormous pressure on finance, compliance and internal audit functions to assist with the management of risk to an organisation. But are these functions truly joined-up? Are they communicating effectively so as to address blind spots that may lead to unacceptable compliance and regulatory risk exposure? From a compliance perspective, fi nance functions have traditionally focused on compliance with accounting and reporting standards, and […]
Learn from last year’s big breaches and get ahead of the game to ensure your firm – or your clients – are not the next to feature in damaging headlines By Greg Mason and Kylie Tanner After years of big data breaches and expensive security plans, cyber criminals still managed to astound us in 2016 with some of the biggest disclosures to date. These included: Yahoo, where more than one billion accounts were compromised; Dyn, a distributed denial of service […]
By Toby Duthie and Rob Mason Risk-based compliance testing can help prevent bankers from getting hit with the ‘failure to prevent’ allegation, but what do ‘adequate procedures’ that are ‘designed to prevent’ – or ‘reasonable steps’ – look like for companies?