First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Lawful access: The Privacy Commissioner reiterates its position

Patricia Kosseim, Senior General Counsel and Director General, Legal Services, Policy, Research and Technology Analysis for the Office of the Privacy Commissioner of Canada, was asked, at the request of Commission’s counsel, to provide an overview of the legislation for protecting privacy in Canada and to answer questions about lawful access issues from a federal perspective.

, , , , , , , , ,

CCOs say policies are getting stronger; adoption of technology – not so much

KPMG recently published its latest survey of chief compliance officers. The report highlights the increasing value of effective Compliance. It also reveals growing pains of our industry, specifically in maximizing efficiencies.

, , ,

How to mess up your risk management program

Does your risk management activity ‘check the box’, or does it help the organization succeed by making more intelligent and informed decisions?

, , , , ,

Section 99 of the Environmental Protection Act: Ontario Courts continue to clarify its scope and power

In Huang v Fraser Hillary’s Limited, the Ontario Superior Court of Justice confirmed that plaintiffs can rely on section 99 of the Environmental Protection Act—a section enacted in 1985—to claim damages for spills which occurred before section 99 was enacted. The Court’s discussion in this case provides helpful guidance on the possible reach and limitations of the so-called “spill action” legislation.

, , , , , , , , , , , , , ,

Document discovery and native documents: Document production must be “usable”

The recent Alberta case of Bard v. Canadian Natural Resources provides a road map for compelling the production of native electronic documents in “usable” form.

, , , ,

The current state of risk management

But here is the key question. If the leaders of the organization are not persuaded that risk management is adding value by enabling success, and believe that there are better ways to invest scarce resources, why should we surprised that the risk management activity is under–funded?

, , , , ,

Ontario Superior Court comments on director and officer duties

A recent decision of the Ontario Superior Court of Justice addresses directors’ duties towards the corporation and its employees. Specifically, the court addressed whether a director or officer’s fiduciary duties extend to protecting an employee from the consequences of that employee’s own fraudulent acts.

, , , , , , , , ,

Church and religious organizations: Maybe Adam and Eve could have appealed their sentence

We are often contacted by charities seeking to insulate themselves from potential legal action by disgruntled former members of their organization. This typically results from situations where the individual has been kicked out of the organization for specific misconduct. Although, for the most part, these disputes result in acrimonious name calling from time to time, these matters are litigated. A recent decision of the Alberta Court of Appeal is one circumstance where an irate former member of the Jehovah’s Witnesses took the matter to Court.

, ,

Protecting trade secrets using non-disclosure agreements

In Canada, the issue of whether an NDA may be an unenforceable restraint of trade has been explored in the employment law context, however, there has been very little discussion as to whether an NDA could be considered a restraint of trade in transactions between two or more businesses. There has also been little discussion in Canada as to the distinction between trade secrets and ordinary confidential information. As such, US case law may provide some guidance.

, , , , , , , , , , , , , ,

Is there a duty of device security? U.S. regulator fires warning shot over obligations of IoT manufacturers

A complaint filed by the U.S. Federal Trade Commission against D-Link Corporation, a Taiwanese computer networking equipment manufacturer, and its U.S. subsidiary, is raising questions about the extent of responsibility that networking equipment manufacturers may have for the security of their products, and how much of that responsibility rests with consumers and end users.

, , , , , , , , , , , , ,

The value of a risk register

A risk register makes you feel good. It makes you feel you have accomplished something, a list of risks that might cause harm to the organization. It makes the executive team and the board feel that they can check the box: “do you have a risk management program? Yes.” But, does that risk register help people formulate and then execute the right strategies for the organization to deliver optimal value?

, , , ,

Missing comma means millions in overtime pay

The case involved an ambiguity in a Maine statute dealing with overtime pay. Under the statute, employees involved in certain activities were exempt from the overtime provisions, so they were not entitled to overtime pay. A group of drivers in Oakhurst argued that they were entitled to overtime pay.

, , , , , , , , , ,

Risk in the fourth dimension

The word, a magic word with amazing power, is “why”. Let’s think of the power of this word when it comes to risk and risk management.

, ,

Privacy law: The Supreme Court of Canada’s Royal Bank of Canada v. Trang

The Supreme Court of Canada released a landmark decision giving important guidance on when personal financial information may be disclosed under Canada’s federal privacy law, the Personal Information Protection and Electronic Documents Act.

, , , , , ,

Saskatchewan court upholds electronic waiver as enforceable

The decision in Quilichini v Wilson provides affirmation to business owners (especially those in the recreational industry) that a well–drafted electronic waiver and release that is properly presented in an understandable format will likely be held to be enforceable.

, , , , , , , , , , ,

Previous Posts