×

Article See All

United States Corporate Transparency Act Publish Date·8/9/2024 7:43:06 PM

United States Corporate Transparency Act

<p><span style="font-size: medium;"><br /></span></p> <p><span style="font-size: medium;">The <strong>Anti-Money Laundering Act of 2020 (AMLA)</strong> was enacted by the U.S. Congress on January 1, 2021 as part of the National Defense Authorization Act (NDAA), for the purpose of strengthening the detection and reporting of suspicious activities related to money laundering and terrorist financing, as well as securities fraud and other market manipulation. The AMLA includes a section called the <strong>Corporate Transparency Act (CTA)</strong>, which became law in 2021, and gives authorization to the Department of the Treasury through the Financial Crimes Enforcement Network (FinCEN), to implement rules directed at fighting money laundering in the United States. As a result of the enactment of the CTA,<strong> effective January 1, 2024</strong>, all existing and new companies in the United States will be required to file FinCEN reports stating and disclosing their beneficial owners.</span></p> <p><span style="font-size: medium;"><br /></span></p> <p><span style="font-size: medium;">Under the CTA, a &ldquo;<strong>Reporting Company</strong>&rdquo; is required to file a FinCEN report with &ldquo;personally identifiable information&rdquo; about its beneficial owners the time of formation and annually thereafter. A &ldquo;Reporting Company&rdquo; is a corporation, LLC or any similar entity, created through the filing of the requisite documents with the Secretary of State of any State in the United States, or a foreign company authorized to do business in the United States. Since a foreign company is not a Reporting Company per se, <strong>the FinCEN report must include the full identity and contact information of the beneficial owner along with a valid official government issued identification document</strong>.</span></p> <p><span style="font-size: medium;"><br /></span></p> <p><span style="font-size: medium;">Before the application of the CTA, shareholders and/or beneficial owners are not part of the information on the public records in the United States, and in some States, not even the managers/directors are publicly disclosed. Shareholders are only listed on the federal tax return if the entity is required to file a federal tax return, which may not necessarily mean that the beneficial owner is ever disclosed, and if no tax return is ever filed, there will be no information about the shareholders or beneficial owners of these entities.</span></p> <p><span style="font-size: medium;"><br /></span></p> <p><span style="font-size: medium;">The CTA defines &ldquo;Beneficial Owner&rdquo; as any individual who- directly or indirectly- or through any contract, arrangement, understanding, relationship or otherwise i) exercises control over the entity; or ii) owns or controls at least 25% of the ownership interest in the entity. For Beneficial Owners, certain exceptions apply i) minor children; ii) nominees, intermediary, custodian or agent on behalf of other; iii) individual acting solely as employee and control arises solely from employment; iv) interest is through right of inheritance; and v) a creditor of the entity, unless meets the beneficial ownership rules.</span></p> <p><span style="font-size: medium;"><br /></span></p> <p><span style="font-size: medium;"><strong>Non-compliance with CTA&rsquo;s reporting obligations</strong>&nbsp;results in penalties for willful reporting violations and unauthorized disclosure violations. For the first, a civil penalty of not more than US$500 per day, a fine of no more than US$10,000 or two (2) years in prison, or both; and for the later, a civil penalty of not more than US$500 per day, a fine of no more than US$250,000 or five (5) years in prison, or both. In the event of inaccurate or involuntary mistake, if corrected within ninety (90) days from submission, no penalties shall be applied.</span></p> <p><span style="font-size: medium;"><br /></span></p> <p><span style="font-size: medium;">There are certain unresolved issues related to lawyers&rsquo; responsibility with respect to the filing of FinCEN reports and the role played by lawyers in the filing of the FinCEN reports, even if they become aware of mistakes made by clients when filing the FinCEN reports, or if lawyers should now include a FinCEN reporting provision on corporate documents, but in any event starting on January 1, 2024 all people involved and/or related to corporate entities in the United States that fulfill the requirements, as stated above, will be required to file the FinCEN report as part of a enhanced campaign by the U.S. Government to obtain additional information about shareholders and beneficial owners of U.S. companies for purposes of having more transparency and avoiding money laundering and illegal activities through the use of legal entities and the banking system in the United States.</span></p> <p><span style="font-size: medium;"><br /></span></p> <p><span style="font-size: medium;">Starting on January 1, 2024, the FinCEN report can be filed at <a href="http://www.fincen.gov/boi">www.fincen.gov/boi</a> For new entities created or registered on or after January 1, 2024, the report must be filed within 30 days of registration, and for entities created or registered before January 1, 2024, will have until January 1, 2025 to file the FinCEN report.<br /><br /><em>Article by Andres Bazo,&nbsp;Foreign Legal Consultant at&nbsp;Rasco Klock Perez &amp; Nieto, P.L.</em></span></p>

The Most Uncomfortable Vulnerabilities for Boards Today Publish Date·5/16/2024 7:52:44 PM

The Most Uncomfortable Vulnerabilities for Boards Today

<p id="ember970" class="ember-view reader-content-blocks__paragraph"><span style="font-size: medium;"><strong><br /></strong></span></p> <p class="ember-view reader-content-blocks__paragraph"><span style="font-size: medium;"><strong>The Most Uncomfortable Vulnerabilities, the Least (or Incorrectly) Managed Risks &amp; Recommendations for Today's Board of Directors</strong></span></p> <p class="ember-view reader-content-blocks__paragraph"><span style="font-size: medium;"><strong><br /></strong></span></p> <p id="ember971" class="ember-view reader-content-blocks__paragraph"><img src="/images/Pictures/e9a0ffd7-2da3-4d89-af52-f82e2d18d75f.jpg" width="960" height="540" /></p> <p id="ember972" class="ember-view reader-content-blocks__paragraph"><span><br /></span></p> <p class="ember-view reader-content-blocks__paragraph"><span><!-- pagebreak --></span></p> <p class="ember-view reader-content-blocks__paragraph"><strong>Introduction</strong></p> <p id="ember973" class="ember-view reader-content-blocks__paragraph">Vulnerability. Threat. Risk.</p> <p id="ember974" class="ember-view reader-content-blocks__paragraph">In risk management, management and boards of directors talk a lot about, well, the risks &ndash;<span class="white-space-pre"> </span><span>the probability of negative events and the scale of impact</span>. But what about the vulnerabilities &ndash;<span class="white-space-pre"> </span><span>the weaknesses, flaws and deficient designs and processes</span>?[1] Post-mortems and root-cause analysis tend to be the driving forces behind vulnerabilities getting due attention.</p> <p id="ember975" class="ember-view reader-content-blocks__paragraph">That&rsquo;s too late.<span class="white-space-pre"> </span></p> <p id="ember976" class="ember-view reader-content-blocks__paragraph">If boards understood<span class="white-space-pre"> </span><span>better</span><span class="white-space-pre"> </span>and management identified<span class="white-space-pre"> </span><span>earlier</span><span class="white-space-pre"> </span>certain vulnerabilities, companies would notch more "wins" in the<span class="white-space-pre"> </span><span>preventative</span><span class="white-space-pre"> </span>risk management column. They would<span class="white-space-pre"> </span><span>avoid</span><span class="white-space-pre"> </span>the risk altogether, rather than<span class="white-space-pre"> </span><span>reducing</span>,<span class="white-space-pre"> </span><span>sharing</span>,<span class="white-space-pre"> </span><span>accepting</span><span class="white-space-pre"> </span>or, worse,<span class="white-space-pre"> </span><span>responding</span><span class="white-space-pre"> </span>to the risk. That last one bears another name.</p> <p id="ember977" class="ember-view reader-content-blocks__paragraph"><span>Crisis</span><span class="white-space-pre"> </span>management.</p> <p id="ember978" class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <p id="ember979" class="ember-view reader-content-blocks__paragraph"><strong>Overview: The Most Uncomfortable Vulnerabilities</strong></p> <p id="ember980" class="ember-view reader-content-blocks__paragraph">The following explains the most uncomfortable vulnerabilities existing for boards of directors today. It aligns with risks that are not being managed - either they are not getting the attention they deserve, or the efforts are off base.</p> <p id="ember981" class="ember-view reader-content-blocks__paragraph">This assessment is qualitative.</p> <p id="ember982" class="ember-view reader-content-blocks__paragraph">It is<span class="white-space-pre"> </span><span>based</span><span class="white-space-pre"> </span>on years in regulated financial services, risk management and board rooms. This includes enterprise risk, financial crimes, consumer protection and cybersecurity. It<span class="white-space-pre"> </span><span>benefits</span><span class="white-space-pre"> </span>from every shape and size of federal, state and foreign regulatory examination, discussions with peers and a deep appreciation of<span class="white-space-pre"> </span><span>applicable</span><span class="white-space-pre"> </span>and effective risk management versus the<span class="white-space-pre"> </span><span>theoretical</span><span class="white-space-pre"> </span>(think: regulation) and, many times, ineffective counterpart.</p> <p id="ember983" class="ember-view reader-content-blocks__paragraph">It<span class="white-space-pre"> </span><span>acknowledges</span><span class="white-space-pre"> </span>risks that tend to garner the most attention at the management and board level, be they<span class="white-space-pre"> </span><span>de rigueur<span class="white-space-pre"> </span></span>or just darn sexy (credit, interest rate, liquidity, financial crimes, cyber, data protection and, of late, geopolitical). But, the<span class="white-space-pre"> </span><span>focus</span><span class="white-space-pre"> </span>here is rooted in both the academic and operational desire to improve for boards of directors the full enterprise of risk management.</p> <p class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <p id="ember984" class="ember-view reader-content-blocks__paragraph"><strong>Intended Impact</strong></p> <p id="ember985" class="ember-view reader-content-blocks__paragraph">Overseeing and managing these most<span class="white-space-pre"> </span><span>uncomfortable</span><span class="white-space-pre"> </span>vulnerabilities will materially contribute to an ongoing:<span class="white-space-pre"> </span></p> <p id="ember986" class="ember-view reader-content-blocks__paragraph"></p> <ol> <li>Board of directors, fit for purpose, as well as...</li> <li>Effective board engagement;</li> <li>Dependable key-person succession plans and...</li> <li>Talent risk management;</li> <li>Heightened remote-work &amp; in-office cultures &amp; standards, including&hellip;</li> <li>Post-covid controls commensurate with the increasing conflicts of interests, workplace bullying and extreme climate events;</li> <li>Credible path toward Web 3.0 and self-sovereign identification (and PII protection);</li> <li>Board &amp; Management tech literacy;</li> <li>Back-office budget management literacy; and</li> <li>Global dynamics risk management.</li> </ol> <p></p> <p></p> <p></p> <p id="ember987" class="ember-view reader-content-blocks__paragraph"><em><strong>How to Read It</strong></em></p> <p id="ember988" class="ember-view reader-content-blocks__paragraph"><span>This article breaks down the vulnerabilities across six areas: Board of Directors, Executive (or Senior) Management, Employees, Customers, Technology and Operations. It then details the vulnerabilities before offering recommendations and considerations for the board and management that are practical, in a few instances audacious, but all realistic as to their material ROI. Lastly, it categorizes the vulnerabilities in their proper areas of Enterprise Risk Management.</span></p> <p id="ember989" class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <p id="ember990" class="ember-view reader-content-blocks__paragraph"><strong>I.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Board of Directors</strong></p> <p id="ember991" class="ember-view reader-content-blocks__paragraph"><span>The Uncomfortable Vulnerabilities:</span></p> <p id="ember992" class="ember-view reader-content-blocks__paragraph"></p> <ul> <li>Lack of commensurate subject matter expertise</li> <li>Deficient engagement with management</li> </ul> <p></p> <p id="ember993" class="ember-view reader-content-blocks__paragraph"><span>Details:<span class="white-space-pre"> </span></span>A board of directors is<span class="white-space-pre"> </span><span>not</span><span class="white-space-pre"> </span>the place for founders and chief executives to install friends, personal or even professional. A<span class="white-space-pre"> </span><span>challenge</span><span class="white-space-pre"> </span>corporate boards face is ensuring its makeup, its breadth of expertise, is commensurate with the company&rsquo;s complexities, opportunities and risks. A<span class="white-space-pre"> </span><span>recent example</span><span class="white-space-pre"> </span>is cybersecurity. A<span class="white-space-pre"> </span><span>more pressing example</span><span class="white-space-pre"> </span>is models, AI and LLMs. Another challenge, the<span class="white-space-pre"> </span><span>Achilles Heel</span><span class="white-space-pre"> </span>with boards, is efficient reporting by management that properly harnesses the time, attention and guidance from board members.</p> <p id="ember994" class="ember-view reader-content-blocks__paragraph"><span>How to address it:<span class="white-space-pre"> </span></span>Hiring a proven board Chair is<span class="white-space-pre"> </span><span>priority one</span>. The Chair and chief executive (if they are separate roles) must<span class="white-space-pre"> </span><span>undertake<span class="white-space-pre"> </span></span>an objective assessment of the company&rsquo;s makeup, utilizing its strategic plan and risk assessment, to ensure members are hired for the skills they bring and agnostic of their personal or professional affiliations with the company, founders, executives.<span class="white-space-pre"> </span><span>Two</span>, the Chair, at a minimum, must work with management to ensure reporting is board appropriate, concise, timely and complete as to performance, risks and opportunities.[2]<span class="white-space-pre"> </span><span>Three</span>, the Chair, from time to time, must insist on an independent assessment of board performance and composition as strategic plans and risk assessments evolve.</p> <p id="ember995" class="ember-view reader-content-blocks__paragraph"><span>Risk Management Areas Addressed:<span class="white-space-pre"> </span></span>Governance, Business Continuity</p> <p id="ember996" class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <p id="ember997" class="ember-view reader-content-blocks__paragraph"><strong>II.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Executive Management</strong></p> <p id="ember998" class="ember-view reader-content-blocks__paragraph"><span>The Uncomfortable Vulnerabilities:</span></p> <p id="ember999" class="ember-view reader-content-blocks__paragraph"></p> <ul> <li>Lack of succession planning</li> <li>Deficient talent management</li> </ul> <p></p> <p id="ember1000" class="ember-view reader-content-blocks__paragraph"><span>Details:</span><span class="white-space-pre"> </span>Executives are<span class="white-space-pre"> </span><span>not</span><span class="white-space-pre"> </span>pre-wired to plan for their successors. A<span class="white-space-pre"> </span><span>challenge</span><span class="white-space-pre"> </span>for highly- or even well- functioning management is making time for and following through with key corporate roles succession. While a<span class="white-space-pre"> </span><span>recent example</span><span class="white-space-pre"> </span>is the eponymous HBO Max series,<span class="white-space-pre"> </span><span>more pressing examples</span><span class="white-space-pre"> </span>abound across small businesses. None compares to that at<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.cnbc.com/2023/09/06/disney-succession-mess-iger-chapek.html" data-test-app-aware-link="">Disney</a>, however.<span><span class="white-space-pre"> </span></span>Another challenge, the<span class="white-space-pre"> </span><span>Achilles Heel</span><span class="white-space-pre"> </span>of management, is the presumption that mere elevation of employee to manager begets an innate ability to manage others effectively.</p> <p id="ember1001" class="ember-view reader-content-blocks__paragraph"><span>How to address it:</span><span class="white-space-pre"> </span>Akin to the board Chair&rsquo;s importance, empowering a proven Human Resource Executive is<span class="white-space-pre"> </span><span>priority one</span>. The HR Executive must<span class="white-space-pre"> </span><span>undertake<span class="white-space-pre"> </span></span>the responsibility of guiding the process, working with executives and management to identify the company&rsquo;s key persons in financial and operational impact, starting with the CEO.<span class="white-space-pre"> </span><span>Two</span>, within this process, the HR Executive must ensure talent development plans, cross-training initiatives and contingencies are in place should the departure of the key person materialize.<span class="white-space-pre"> </span><span>Three</span>, the board must hold the CEO and HR Executive to account, for periodic updates as to these key persons, the risks their departures pose and the readiness of their successors and contingencies.</p> <p id="ember1002" class="ember-view reader-content-blocks__paragraph"><span>Risk Management Areas Addressed:<span class="white-space-pre"> </span></span>Business Continuity, Talent Risk</p> <p id="ember1003" class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <p id="ember1004" class="ember-view reader-content-blocks__paragraph"><strong>III.&nbsp;&nbsp;&nbsp; Employees</strong></p> <p id="ember1005" class="ember-view reader-content-blocks__paragraph"><span>The Uncomfortable Vulnerabilities:</span></p> <p id="ember1006" class="ember-view reader-content-blocks__paragraph"></p> <ul> <li>Lack of post-covid remote working standards</li> <li>Deficient deployment of business continuity mechanisms</li> </ul> <p></p> <p id="ember1007" class="ember-view reader-content-blocks__paragraph"><span>Details:</span><span class="white-space-pre"> </span>Boards are fully aware that remote working standards are<span class="white-space-pre"> </span><span>nowhere near</span><span class="white-space-pre"> </span>where they need to be. They may not be aware that working hours and locations are fungible, dress codes inconsistent and meetings poorly attended (in mind and body), over-subscribed and woefully inefficient. This has chipped away from in-office decorum, standards, productivity, and health and safety.</p> <p id="ember1008" class="ember-view reader-content-blocks__paragraph">A<span class="white-space-pre"> </span><span>challenge</span><span class="white-space-pre"> </span>management faces is four-fold:</p> <p id="ember1009" class="ember-view reader-content-blocks__paragraph"></p> <ol> <li>establishing a commensurate remote culture four years after the WFH genie left the bottle,</li> <li>reestablishing in-office standards, particularly on lightly attended days,</li> <li>maintaining credibility when holding employees accountable, wherever they work, and</li> <li>demonstrating greater confidence in deploying long standing tools invaluable to workplace safety.</li> </ol> <p></p> <p id="ember1010" class="ember-view reader-content-blocks__paragraph">A<span class="white-space-pre"> </span><span>recent example</span><span class="white-space-pre"> </span>is the rise of the<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.forbes.com/sites/melissahouston/2023/12/10/unlocking-the-secret-to-a-successful-side-hustle-in-2024/?sh=3d9b67745c95" data-test-app-aware-link="">side-hustle</a>.<span class="white-space-pre"> </span><span>More pressing examples</span><span class="white-space-pre"> </span>are workplace bullying and antiquated business continuity measures. The<span class="white-space-pre"> </span><span>Achilles Heel</span><span class="white-space-pre"> </span>is a post-covid malaise that continues to stymy coordination and resetting this critical dynamic.<span class="white-space-pre"> </span></p> <p id="ember1011" class="ember-view reader-content-blocks__paragraph"><span>How to address it:</span><span class="white-space-pre"> </span>Board of director-level urgency is<span class="white-space-pre"> </span><span>priority one</span>. The Chair and chief executive must<span class="white-space-pre"> </span><span>undertake<span class="white-space-pre"> </span></span>the immediate and absolute reset of office culture, on site and remote.<span class="white-space-pre"> </span><span>Two</span>, they must commission a singularly focused Chief Conduct Risk Czar, named for the temporary but zeitgeist intended, empowered with her own immediate and absolute authority to communicate, educate, embed, champion and enforce heightened behaviors. While dress codes and meeting hygiene rank high, proper conduct involving conflicts of interests, employee trading (where applicable) and workplace harassment deserve primary focus.<span class="white-space-pre"> </span><span>Three</span>, two preexisting tools &ndash; anonymous reporting hotlines and, unironically, remote working &ndash; deserve renewed attention given their tangible values. Hotlines must be destigmatized and made readily accessible, and employee-wide remote-work plans must be activated sooner in the face of increasing extreme weather-related events.</p> <p id="ember1012" class="ember-view reader-content-blocks__paragraph"><span>Risk Management Areas Addressed:<span class="white-space-pre"> </span></span>Conflicts of Interest, Health &amp; Safety</p> <p id="ember1013" class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <p id="ember1014" class="ember-view reader-content-blocks__paragraph"><strong>IV.&nbsp;&nbsp; Customers</strong></p> <p id="ember1015" class="ember-view reader-content-blocks__paragraph"><span>The Uncomfortable Vulnerabilities:</span></p> <p id="ember1016" class="ember-view reader-content-blocks__paragraph"></p> <ul> <li>The lack of credible PII controls &amp; plan</li> </ul> <p></p> <p id="ember1017" class="ember-view reader-content-blocks__paragraph"><span>Details:</span><span class="white-space-pre"> </span>While boards may think that consumer data protection is getting an appropriate level of attention across industries, it is<span class="white-space-pre"> </span><span>not</span><span class="white-space-pre"> </span>receiving the right or bold enough focus. The<span class="white-space-pre"> </span><span>challenge</span><span class="white-space-pre"> </span>and current<span class="white-space-pre"> </span><span>Achilles Heel</span><span class="white-space-pre"> </span>is strategy, given the proliferation of and varied federal, state and foreign regulatory requirements, the sheer size of PII that companies possess and the multitude of locations (i.e., systems) where these variable pieces of data reside.<span class="white-space-pre"> </span><span>Recent examples<span class="white-space-pre"> </span></span>are the billions of dollars in fines levied globally against the likes of<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.linkedin.com/article/edit/7191972792370647040/" data-test-app-aware-link="">Meta</a>,<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.linkedin.com/article/edit/7191972792370647040/" data-test-app-aware-link="">TikTok</a>,<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.linkedin.com/article/edit/7191972792370647040/" data-test-app-aware-link="">WhatsApp</a>,<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.linkedin.com/article/edit/7191972792370647040/" data-test-app-aware-link="">Amazon</a>,<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.linkedin.com/article/edit/7191972792370647040/" data-test-app-aware-link="">Google</a>,<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.linkedin.com/article/edit/7191972792370647040/" data-test-app-aware-link="">DiDi</a>,<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.linkedin.com/article/edit/7191972792370647040/" data-test-app-aware-link="">T-Mobile</a>,<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.linkedin.com/article/edit/7191972792370647040/" data-test-app-aware-link="">Instagram</a>,<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.linkedin.com/article/edit/7191972792370647040/" data-test-app-aware-link="">Capital One</a><span class="white-space-pre"> </span>and<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.linkedin.com/article/edit/7191972792370647040/" data-test-app-aware-link="">Morgan Stanley</a>.<span><span class="white-space-pre"> </span></span>The current model is unworkable and, for the largest corporations and their shareholders, it should become an immediate, unacceptable cost of doing business. Boards of any size company should agree.</p> <p id="ember1018" class="ember-view reader-content-blocks__paragraph"><span>How to address it:</span><span class="white-space-pre"> </span>A course correction, industry- and market-wide, is<span class="white-space-pre"> </span><span>priority one</span>. Higher than the importance of the board Chair and HR Executive outlined here, the (Chief) Data Protection Officer or equivalent must<span class="white-space-pre"> </span><span>undertake</span><span class="white-space-pre"> </span>a call to arms and be given the resources to beat a data protection path to the inevitable future of Web 3.0 and<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.1kosmos.com/identity-management/self-sovereign-identity/" data-test-app-aware-link="">self sovereign identity</a><span class="white-space-pre"> </span>(SSI).<span class="white-space-pre"> </span><span>Two</span>, this means a longer game, but one the DPO must bring to the board and chief executive&rsquo;s attention and includes the interplay between blockchain technology,<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://web3illy.medium.com/fully-homomorphic-encryption-and-zero-knowledge-data-security-secrets-70d760c4de3d#:~:text=Comparison%20of%20FHE%20and%20ZK&amp;text=Both%20FHE%20and%20ZK%20are,of%20information%20without%20revealing%20it" data-test-app-aware-link="">homomorphic encryption</a><span class="white-space-pre"> </span>and zero knowledge, current industry players (there are many, but include<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.linkedin.com/article/edit/7191972792370647040/" data-test-app-aware-link="">Microsoft</a>,<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.linkedin.com/article/edit/7191972792370647040/" data-test-app-aware-link="">Wipro</a><span class="white-space-pre"> </span>and<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.linkedin.com/article/edit/7191972792370647040/" data-test-app-aware-link="">1Kosmos</a>), platforms such as<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.linkedin.com/article/edit/7191972792370647040/" data-test-app-aware-link="">Sovrin Foundation</a>, use cases such as India&rsquo;s Aadhaar program and compelling value proposition when it comes to anti- fraud, money laundering and identity theft measures that have long eluded global financial crimes risk management.<span class="white-space-pre"> </span><span>Three</span>, as opened, industries, not companies, and governments need to start banding together as Web 3.0 comes online.</p> <p id="ember1019" class="ember-view reader-content-blocks__paragraph"><span>Risk Management Areas Addressed:<span class="white-space-pre"> </span></span>Privacy, Information Security, Operational Risk</p> <p id="ember1020" class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <p id="ember1021" class="ember-view reader-content-blocks__paragraph"><strong>V.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Technology</strong></p> <p id="ember1022" class="ember-view reader-content-blocks__paragraph"><span>The Uncomfortable Vulnerabilities:</span></p> <p id="ember1023" class="ember-view reader-content-blocks__paragraph"></p> <ul> <li>Deficient baseline understanding of models amongst board and non-IT staff</li> <li>Lack of coordination between technology and risk at model implementation / adoption</li> </ul> <p></p> <p id="ember1024" class="ember-view reader-content-blocks__paragraph"><span>Details:</span><span class="white-space-pre"> </span>It is<span class="white-space-pre"> </span><span>no longer</span><span class="white-space-pre"> </span>acceptable for non-IT staff, especially management and boards of directors, to yield general and even moderate IT literacy to the Help Desk. A significant<span class="white-space-pre"> </span><span>challenge</span><span class="white-space-pre"> </span>these groups face is that stakes have risen: more advanced technologies are coming online, an emerging workforce is quickly adopting them, and not only are the uninitiated falling behind, but these new stalwarts also don&rsquo;t know what they don&rsquo;t know when it comes to model risk.</p> <p id="ember1025" class="ember-view reader-content-blocks__paragraph">A<span class="white-space-pre"> </span><span>recent example</span><span class="white-space-pre"> </span>is AI and hallucinations, though such initial outputs are well-understood by model developers and risk managers. A<span class="white-space-pre"> </span><span>more tangible example</span><span class="white-space-pre"> </span>is an unsuspecting driver, blind faith in a navigation app and a<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.businessinsider.com/tourists-hawaii-gps-drove-car-into-water-2023-5" data-test-app-aware-link="">submerged vehicle.</a><span class="white-space-pre"> </span>The<span class="white-space-pre"> </span><span>Achilles Heel</span><span class="white-space-pre"> </span>for corporate competitiveness is allowing this trend to continue, and should real disaster strike, boards of directors and chief executives will be exposed. Were they demonstrating the proper oversight?</p> <p id="ember1026" class="ember-view reader-content-blocks__paragraph"><span>How to address it:</span><span class="white-space-pre"> </span>Changing the engagement model for the lay employee and board is<span class="white-space-pre"> </span><span>priority one</span>. The company&rsquo;s technology lead, chief or otherwise, must<span class="white-space-pre"> </span><span>undertake<span class="white-space-pre"> </span></span>the responsibility of model evangelization on par with<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.knowbe4.com/" data-test-app-aware-link="">KnowBe4</a><span class="white-space-pre"> </span>and its revolutionization of information security risk training.<span class="white-space-pre"> </span><span>Think:</span><span class="white-space-pre"> </span>gamification, simplification, ubiquity and empowerment, starting with management and the board of directors.<span class="white-space-pre"> </span><span>Two</span>, agile (model) risk management must become the de facto, non-negotiable M.O. when building, adopting and implementing models that bear any material risk to financials or operations.<span class="white-space-pre"> </span><span>Three</span>, today&rsquo;s boards of directors and chief executives must demand a frequent state of the IT union and bring to this elevated culture their own heightened level of understanding and credible challenge.</p> <p id="ember1027" class="ember-view reader-content-blocks__paragraph"><span>Risk Management Areas Addressed:<span class="white-space-pre"> </span></span>Model Risk, Systemic Risk</p> <p id="ember1028" class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <p id="ember1029" class="ember-view reader-content-blocks__paragraph"><strong>VI.&nbsp;&nbsp; Operations</strong></p> <p id="ember1030" class="ember-view reader-content-blocks__paragraph"><span>The Uncomfortable Vulnerabilities:</span></p> <p id="ember1031" class="ember-view reader-content-blocks__paragraph"></p> <ul> <li>Deficient supply chain &amp; operational contingencies</li> <li>Lack of back-office budget literacy / coordination<span class="white-space-pre"> </span></li> </ul> <p></p> <p id="ember1032" class="ember-view reader-content-blocks__paragraph"><span>Details:</span><span class="white-space-pre"> </span>The front office is<span class="white-space-pre"> </span><span>not</span><span class="white-space-pre"> </span>the only place for budget focus and fluency when before the board. A<span class="white-space-pre"> </span><span>challenge</span><span class="white-space-pre"> </span>companies face is ensuring budgets within the back office account for the corporate rather than their individual functional objectives. A<span class="white-space-pre"> </span><span>common example<span class="white-space-pre"> </span></span>is technology procurement and unintended redundancies, inefficiencies and failed adoption. Another challenge and post-covid<span class="white-space-pre"> </span><span>Achilles Heel</span><span class="white-space-pre"> </span>is fluency with global dynamics, which has, of late, led to companies scrambling to de-risk exposure to China and Ukraine, be it supply chains or business operations.</p> <p id="ember1033" class="ember-view reader-content-blocks__paragraph"><span>How to address it:</span><span class="white-space-pre"> </span>Annual work plans is<span class="white-space-pre"> </span><span>priority one</span>. The Chief Financial and Operating Officers must<span class="white-space-pre"> </span><span>establish<span class="white-space-pre"> </span></span>a back office template and process for these individual functions to demonstrate how each will support the company&rsquo;s strategic plan and mitigate its material risks.<span class="white-space-pre"> </span><span>Two</span>, a designated CFO or COO office must work with back office executives to ensure resource, technology, risk management and operational expenses are refined and then articulated up, holistically, to the board.<span class="white-space-pre"> </span><span>Three</span>, Risk Management must elevate geopolitical risk to its Enterprise Risk Management program, incorporate business continuity alternatives to higher risk locations and, as with<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://open.spotify.com/episode/3oRGrtGO144IQV3h1enjOu?si=XHPOnZbNRRm816bn01sgpg" data-test-app-aware-link="">Executive Management Cyber Resilience</a>, practice incident agnostic resiliency.<span class="white-space-pre"> </span></p> <p id="ember1034" class="ember-view reader-content-blocks__paragraph"><span>Risk Management Areas Addressed:<span class="white-space-pre"> </span></span>Geopolitical Risk, 3rd &amp; 4th Party Risk, Financial Risk.</p> <p class="ember-view reader-content-blocks__paragraph"></p> <p class="ember-view reader-content-blocks__paragraph"></p> <hr /> <p class="ember-view reader-content-blocks__paragraph"><strong>Conclusion</strong></p> <p id="ember1037" class="ember-view reader-content-blocks__paragraph">Managing risk effectively at the board, executive and functional levels requires a myriad of skills beyond the technical. Should any of the above vulnerabilities be exploited - by an action or inaction - any root-cause analysis will zero in on<span class="white-space-pre"> </span><span>design</span><span class="white-space-pre"> </span>and<span class="white-space-pre"> </span><span>process</span>. But make no mistake,<span class="white-space-pre"> </span><span>performance</span>, too, will receive its fair scrutiny. Accordingly:</p> <p id="ember1038" class="ember-view reader-content-blocks__paragraph"></p> <ul> <li><span>Practice the soft skills or EQ:</span><span class="white-space-pre"> </span>humility, objectivity and empathy.</li> <li><span>Demonstrate baseline technical skills:</span><span class="white-space-pre"> </span>Lay persons and the executive entrusted with leading them: pull your weight when it comes to basic financial literacies and emerging technologies.</li> <li><span><span>Embrace entrepreneurial skills:<span class="white-space-pre"> </span></span></span>champion urgency &amp; demand, trust &amp; empowerment, collaboration &amp; agility, adaptation &amp; re-focus as the company travels along its strategic plan.</li> </ul> <p></p> <p id="ember1039" class="ember-view reader-content-blocks__paragraph">Boards and chief executives that open their apertures and call for more attention to these vulnerabilities will yield tangible benefits:</p> <p id="ember1040" class="ember-view reader-content-blocks__paragraph"></p> <ol> <li><span>A well-suited and engaged board of directors;</span></li> <li><span>Supercharged executives in Human Resources, Data Protection, Conduct Risk and Technology;</span></li> <li><span>Reliable key-person succession plans;</span></li> <li><span>Improved line management;</span></li> <li><span>Better remote-work and in-office cultures;</span></li> <li><span>Decreased risk of employee self-dealing;</span></li> <li><span>Resiliency in the face of health &amp; safety events;</span></li> <li><span>Early transition to the inevitable Web 3.0 and SSI / PII protection;</span></li> <li><span>Increased tech literacy among leadership &amp; budget stewardship across non-revenue generating offices; and</span></li> <li><span>Strengthened global operations and third party management.</span></li> </ol> <p></p> <p id="ember1041" class="ember-view reader-content-blocks__paragraph">Don't wait. Manage the uncomfortable.</p> <p id="ember1042" class="ember-view reader-content-blocks__paragraph"></p> <hr class="reader-content-blocks__horizontal-rule" /> <p id="ember1043" class="ember-view reader-content-blocks__paragraph">[1] This is a nice<span class="white-space-pre"> </span><a class="app-aware-link " target="_self" href="https://www.splunk.com/en_us/blog/learn/vulnerability-vs-threat-vs-risk.html" data-test-app-aware-link="">explanation</a><span class="white-space-pre"> </span>by Splunk of vulnerabilities, threats and risks in cybersecurity.</p> <p id="ember1044" class="ember-view reader-content-blocks__paragraph">[2] A designated PMO to achieve this milestone might be worth his or her salt.</p>

Mastering Conference Networking in Some Easy Steps Publish Date·4/10/2024 4:05:54 PM

Mastering Conference Networking in Some Easy Steps

<p></p> <p>In the legal realm, conferences are invaluable for broadening your professional network. This is precisely why ABL convenes twice a year, providing this enriching experience to its members. Let's delve into the reasons behind their significance and how you can maximize their potential:</p> <p><b>Benefits:</b></p> <ul> <li>Expertise Hub: Conferences gather specialists from various legal niches, offering unique insights and opportunities for collaboration.</li> <li>Connections: They're ideal for firms seeking new international clients or strengthening existing relationships through trust-building and feedback.</li> <li>Learning Opportunities: Workshops and panels keep you updated on legal trends and best practices, boosting your expertise.</li> <li>Boost Brand Visibility: Active participation and speaking gigs help elevate your firm's reputation.</li> <li>Peer Learning: Conferences facilitate knowledge exchange.</li> </ul> <p>&nbsp;</p> <p><b>Strategies:</b></p> <ul> <li>Prepare: Research speakers and attendees, set clear networking goals.</li> <li>Engage: Actively participate, ask questions, and exchange contacts.</li> <li>Use Social Media: Amplify your presence with event hashtags and engage with peers online.</li> <li>Offer Value: Share insights and solutions, showcasing your expertise.</li> <li>Follow Up: Personalize follow-ups, referencing conference discussions, and schedule further interactions.</li> </ul> <p></p> <p>In summary, conferences are powerful tools for legal professionals. With strategic planning and active engagement, you can leverage these events to expand your network and propel your career forward.</p> <p>Prepare to do so in Malta &mdash; our 46<sup>th</sup> is coming, gather for some memorable event from 22<sup>nd</sup> to 25<sup>th</sup> of May. See you there.</p>

Events See All

News See All

© 2023 Alliance of Business Lawyers. All rights reserved.

Terms of Use | Privacy Policy