REUTERS |
March 18, 2019

Whistleblowing: value in the voice

Services of all types are increasingly moving to digital focused offerings. It is a trend that has reached the world of whistleblowing across many companies, with employees now being offered the opportunity to speak-up via digital platforms such as email, a website or using apps on their mobile phones.

Having a variety of whistleblowing routes available is a good thing; however, with the offering of these digital platforms it is important to remember that there is still ‘value in the voice’. Telephone reporting still has its place and a shift to digital-only reporting could have a negative impact not only on the quality of reports but also on the willingness of employees to speak-up.

Continue reading

REUTERS | Vasily Fedosenko
March 1, 2019

Privacy and cybersecurity: Spring agenda 2019

We have had a blockbuster twelve months in privacy and cybersecurity which saw the arrivals of the General Data Protection Regulation (GDPR), Data Protection Act 2018 (DPA 2018) and the Network and Information Security Directive (NIS Directive).

As we approach the first anniversaries of those transformative pieces of regulation, the horizon is now dominated by the confusion and complexity of Brexit. Continue reading

REUTERS | Phil Noble
February 25, 2019

What’s on the agenda for in-house lawyers in March 2019?

With the UK scheduled to leave the EU on 29 March 2019, Brexit planning remains paramount for in-house lawyers this month. Nevertheless, they should also be keeping abreast of developments in corporate governance, environmental reporting and gender pay gap reporting.

Continue reading

REUTERS | Kai Pfaffenbach
February 13, 2019

Using privacy by design to build GDPR resilience in existing business systems

PLC Magazine recently published a thought-provoking article, Data protection: privacy by (re)design, by Sylvain Magdinier and Claire Walsh of Marshall Denning. The piece provides a thorough analysis of one of the most challenging concepts of the EU General Data Protection Regulation (GDPR), privacy by design (PbD) under Article 25. Continue reading

REUTERS | Global Creative Services (no copyright)
February 11, 2019

5 critical questions to ask about your third-party management system

When was the last time you thought through your third-party management and due diligence process? Perhaps you inherited a system that was in place when you arrived, and you’ve never changed it. Perhaps you’re trying to manage it on an Excel sheet. Perhaps you know it’s a problem, but you’ve never actually done anything about it…

Considering that the vast majority of bribery cases involve a third-party intermediary, and one-in-two global enforcement actions involved a third-party, your third-party risk management programme is a crucial part of your compliance programme.

Is your current third-party risk management and due diligence system up-to-scratch? Here are five questions you should be asking yourself to find out.

Continue reading

REUTERS | Corbis
February 7, 2019

A mouse’s tale of a whistleblower

A long time ago there was a mouse living comfortably in the land of cheese. He was employed by a big multinational. The mouse was hard working and valued integrity, loyalty and respect most. The mouse was a real stand-up mouse, a mouse prepared to go the extra mile.

The mouse was consistently trying to maintain the integrity of his company, an important aspect of his job and his character. To his shock, he became aware of a serious wrong doing. This wrong doing was so far reaching, it was sure to lead to imprisonment and/or severe monetary penalties. This was a key part of the mouse’s obligatory compliance training, which included fraud, bribery, corruption and money laundering.

What should the mouse do?  Continue reading

REUTERS | Mike Blake
February 6, 2019

Collapse of Patisserie Valerie offers some key lessons for non-executive directors and board members

On 22 January 2019, Patisserie Valerie announced that it had failed to secure an extension to its lending facilities and that it was to enter administration. Patisserie Valerie is the latest high-profile company to collapse because of fraud and inaccurate data. The case raises some of the same issues as the failure of Carillion, namely:

  • Quality of the audit work performed by the external auditors.
  • Lack of strong internal controls.
  • Poor governance.

Continue reading

REUTERS |
February 1, 2019

Cybersecurity: from technology afterthought to critical business issue

The days of throwing money at cybersecurity with no management oversight or engagement are long over. Cybersecurity is now 100% a business issue. It has evolved into a strategic corporate activity as opposed to purely a technology afterthought managed by the IT function. The ever increasing and changing nature of cyber risk means organisations need to develop new and innovative ways to manage it. Continue reading