I am going to use a metaphor involving the board game of Monopoly to illustrate how I feel about risk management. The players compete to win by either having more money when the game ends (if there is a time limit) or by being the only one left standing after all the others have gone bankrupt. Let’s imagine our executive team is playing a game against its main competitors.
U.S. online payment processor Dwolla fined $100,000 for misrepresenting data security practices: Lessons for Canadian companies
In March, 2016 the U.S. Consumer Financial Protection Bureau (“CFPB”) issued a Consent Order against Dwolla Inc., an online payment platform, for deceiving consumers about its information security practices. The CFPB levied a $100,000 civil monetary penalty against the company, a first for the CFPB. While Canada has different privacy and consumer protection regimes, the lessons from the Dwolla case point to a new direction in enforcement approaches.
Whether it is assisting Syrian refugees to settle in Canada or helping those fleeing from floods and fires, the goodwill of the people and charities in Canada always make headlines. In times of disaster, it seems many charities want to raise money and get on the bandwagon to help those in need. Although this may be a laudable goal for charities that want to show their benevolence, sometimes it could simply get them into trouble.
The King Code of Corporate Governance has been a fine source of principles and practice for governance, including risk, assurance, and compliance, ever since its initial release. In this post, I want to talk about two areas I find interesting in the draft Code.
As anyone who’s ever left a USB key in a Kinko’s knows, it’s easy to lose a mobile device containing sensitive user information. As a recent statement from the Newfoundland and Labrador’s Office of the Information and Privacy Commissioner shows, taking preemptive steps to make the user information on a mobile device more secure could protect the information – and your organization – if the device ever falls into the wrong hands.
Many employers still do not enter into written contracts with their employees. A recent case from British Columbia illustrates why this is a bad idea. The parties ended up in Court, where a Judge had to piece together testimony and the facts at the time the contract was made, to determine the nature of contract.
Sooner or later, every enterprise will face a crisis. When it hits, the ability to side-step disaster depends on the effectiveness of your company’s response. Preparedness and oversight of crisis management is a key responsibility of the board of directors.
Canadian charity law, being largely based on that of the United Kingdom, traces its roots directly back to the preamble of the English Charitable Uses Act of 1601, known as the “Statute of Elizabeth I”. Although the Statute itself was repealed in the 19th century, the preamble was legally preserved and still forms the basis of the line of case law running right to the modern day that defines what is legally charitable.
Final amendments to Regulations to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act released.
On February 18, 2016, after a thorough and rigorous analysis which included closely monitoring the rewards-based whistleblower programs offered by the U.S. and Ontario, the Autorité des marchés financiers (the AMF) announced that it does not intend to offer financial rewards to whistleblowers. Instead, the AMF wishes to promote a whistleblower program that builds on existing measures.
This is not to suggest that written contracts provide perfect inoculation against lawsuits—litigants often misunderstand the obvious; written information may be open to multiple interpretations; and people sue even when they have no case. Two important considerations when making an agreement that you wish to be legally binding and enforceable in a court of law, are: