Closing compliance gaps: How can enterprise firms unify surveillance across business lines?
Ensuring complete compliance across business lines can be tricky. Learn how firms can satisfy regulators while keeping data secure and operations seamless.
What can financial services firms learn from the AWS outage?
An outage of Amazon cloud services that impacted thousands of businesses and millions of users has raised serious questions around Big Tech monopolies – and how firms can increase their cyber resilience.
Regulatory Wrap Episode 50: 2024 Wrapped – the Top Compliance Stories
In Regulatory Wrap for the week to December 13, Jennie Clarke and Rob Mason recount the most notable developments over the course of 2024.
Computer Security Day: The role of leadership in protecting data
This Computer Security Day, it is important to recognize that strong leadership drives effective cybersecurity and ensures regulatory compliance.
Regulatory Wrap Episode #47: Learning from the CrowdStrike Outage
In Regulatory Wrap for the week to November 8, Jennie Clarke explores regulatory stances on operational resilience, especially in light of the CrowdStrike incident in July.
What does the CrowdStrike outage teach us about operational resilience?
The historic IT outage that affected 8.5 million Microsoft Windows devices is a cautionary tale about the need for stringent operational resilience testing and planning, especially as regulatory expectations continue to rise.
Getting priorities straight – Key takeaways from the SEC’s 2025 Examination Priorities
The SEC’s 2025 Examination Priorities continue trends seen throughout 2024. However, in line with developing interest areas, there is an increased weight placed on topics like AI and operational resilience.
Non-financial risks
For some compliance officers, risks are like heavy and dark clouds waiting to rain on the business. While some risks may never occur, it’s their responsibility to ensure you pack-a-mac, and put a plan together if the rain comes down.
Stand the resilience test – OSFI adds to the operational resilience conversation
In line with measures other regulators have taken, OSFI released its final Guideline E-21 on operational risk and resilience, which outlines expectations for firms to prepare for and respond to disruptive events that could affect business operations.
Now you see it, now you don’t – How to overcome the compliance risks of ephemeral messages to meet DOJ guidance
The Department of Justice (DOJ) has made it clear that it expects organizations to have plans in place to manage the increased use of disappearing messages. We explore the compliance implications of ephemeral messaging and set out five key steps to both mitigate risk and meet DOJ obligations.
