Insight Search Search Submit Sort by: Relevance Date Search Sort by RelevanceDate Order AscDesc Flash Report February 28, 2025 EU Omnibus Proposals May Substantially Scale Down CSRD Reporting Obligations On 25 February, 2025 the European Commission released a package of proposals (“omnibus package”) aimed at significantly scaling down several sustainability regulations in Europe that are either in effect already or about to take effect. This is a fulfilment of commission President Ursula von der Leyen’s vow last year to reduce reporting burden for businesses by 25% (35% for small and medium… Insights paper October 8, 2024 Best Practices for Building a Sustainable PCI DSS Compliance Programme Creating and maintaining a sustainable PCI DSS compliance programme is a crucial and complex task for organisations to protect payment card transactions and uphold consumer trust. However, despite the PCI DSS standard being around for almost 20 years, many organisations still struggle to achieve and validate compliance with it.In April 2016, the PCI Security Standards Council (SSC) introduced the… Whitepaper May 28, 2024 DORA Compliance: Untangling Key Hurdles to Implementation The Digital Operational Resilience Act (DORA), or more formally known as Regulation (EU) 2022/2554, took effect on 16 January 2023, with final industry compliance required by 17 January 2025. The regulation underscores the importance of digital operational resilience in today’s increasingly interconnected and digitized landscape and seeks to expand the reach of European regulators incorporating… Blogs November 21, 2022 Building a Resilient Legal Department Today’s societal, investor and regulator expectations and the exponential advancement of data and technology are creating significant pressures, demands and opportunities for General Counsel (GC) and their legal departments. Increasingly, they are being called upon to do more, expanding their focus to areas that include environmental, social and governance (ESG); diversity, equity, inclusion and… Newsletter April 20, 2020 Compliance Insights - April 2020 Your monthly compliance news roundupOCC Reinforces Third-Party Risk Management ExpectationsRegulatory expectations related to third-party relationships have evolved considerably since 2013, when the Federal Reserve Board and Office of the Comptroller of the Currency (OCC) issued prescriptive guidances SR 13-19 and OCC 2013-29, respectively. To account for this evolution, the OCC… Podcast April 20, 2023 Risky Women Podcast | Regulator Series: Grovetta Gardineer from OCC Maryann Kennedy speaks with the Senior Deputy Comptroller for Bank Supervision Policy at the Office of the Comptroller of the Currency, Grovetta Gardineer, about the regulatory priorities in current economic environment.Grovetta Gardineer is the Senior Deputy Comptroller for Bank Supervision Policy at the Office of the Comptroller of the Currency (OCC). In this role, Ms. Gardineer directs the… Podcast July 21, 2022 Risky Women Podcast | Compliance & Risk Challenges for Small Asset Management Firms: Amy Aubin Jackie Sanz of Protiviti talks with Amy Aubin, a CCO of two firms in Canada, about compliance and risk challenges faced by compliance professionals of smaller firms in the asset management industry, where innovation and access to compliance networks are of importance in the management of risk. Amy Aubin is the Chief Compliance Officer of Waypoint Investment Partners Inc., an independent wealth… Whitepaper October 6, 2021 Fortified In The Cloud - The Risk Management Strengths of Cloud Service Providers for the Financial Services Industry Cloud is on the rise in financial services and regulators are taking note.The widespread use of cloud service providers (CSPs) in the financial services industry continues to grow. According to a recent study by the Cloud Security Alliance (CSA), 91% of financial services organisations are actively using cloud services today or plan to employ them within six to nine months. That is double the… Whitepaper May 1, 2022 The Russian sanctions: A catalyst for ESG? “To put it bluntly, will companies enact courageous ESG policies only when it does not hurt?…This is a moment of truth. Stakeholders have been increasingly mobilised to question the premises of companies’ professed ESG activities. All too frequently, corporations and their executives engage in marketing or obfuscation of what they’re actually doing — what could more accurately be called ‘ESG-… Blogs December 7, 2023 How Tech Firms Can Prepare for New EU Operational Resilience Rules on ICT Risks This blog post was authored by Karter Klumpyan and Laura Moore, Director Risk and Compliance on The Protiviti View.The big picture: A two-step indicator-based approach proposed by EU supervisory authorities will be used to assess ICT services providers to determine whether they should be designated as critical and subjected to oversight under the Digital Operational Resilience Act (DORA).Why it… Load More
