To view this notification widget you need to have JavaScript enabled. This notification widget was easily created with NotifySnack.
First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Risk and how we run our business

Risk monopoly

I am going to use a metaphor involving the board game of Monopoly to illustrate how I feel about risk management. The players compete to win by either having more money when the game ends (if there is a time limit) or by being the only one left standing after all the others have gone bankrupt. Let’s imagine our executive team is playing a game against its main competitors.

, , , , , ,

U.S. online payment processor Dwolla fined $100,000 for misrepresenting data security practices: Lessons for Canadian companies

Data security

In March, 2016 the U.S. Consumer Financial Protection Bureau (“CFPB”) issued a Consent Order against Dwolla Inc., an online payment platform, for deceiving consumers about its information security practices. The CFPB levied a $100,000 civil monetary penalty against the company, a first for the CFPB. While Canada has different privacy and consumer protection regimes, the lessons from the Dwolla case point to a new direction in enforcement approaches.

, , , , , , , , , , , , , ,

Even in the face of disaster, charities should not stray from their purposes

Charity

Whether it is assisting Syrian refugees to settle in Canada or helping those fleeing from floods and fires, the goodwill of the people and charities in Canada always make headlines. In times of disaster, it seems many charities want to raise money and get on the bandwagon to help those in need. Although this may be a laudable goal for charities that want to show their benevolence, sometimes it could simply get them into trouble.

, , , , , , , , , , , , ,

Some authoritative guidance on risk management and the three lines of defense

risk

The King Code of Corporate Governance has been a fine source of principles and practice for governance, including risk, assurance, and compliance, ever since its initial release. In this post, I want to talk about two areas I find interesting in the draft Code.

, , , , , , , , , ,

Data breaches: All’s not lost, even if your data is (and if you’ve taken precautions)

Data security

As anyone who’s ever left a USB key in a Kinko’s knows, it’s easy to lose a mobile device containing sensitive user information. As a recent statement from the Newfoundland and Labrador’s Office of the Information and Privacy Commissioner shows, taking preemptive steps to make the user information on a mobile device more secure could protect the information – and your organization – if the device ever falls into the wrong hands.

, , , , , , , , , ,

The pitfalls of unwritten contracts – Part 2

contract

Many employers still do not enter into written contracts with their employees. A recent case from British Columbia illustrates why this is a bad idea. The parties ended up in Court, where a Judge had to piece together testimony and the facts at the time the contract was made, to determine the nature of contract.

, , , , , , , , , , ,

The board of directors’ role in crisis management

Crisis management

Sooner or later, every enterprise will face a crisis. When it hits, the ability to side-step disaster depends on the effectiveness of your company’s response. Preparedness and oversight of crisis management is a key responsibility of the board of directors.

, , , , , , ,

Debate continues as to whether general liability policies ought to provide coverage for cyber losses

Data breach

While well over a dozen class actions have been commenced in Canada with respect to alleged third-party losses stemming from large-scale data breaches, to date there has been no Canadian jurisprudence considering issues of insurance coverage in the context of such breaches. Insurance coverage tailored specifically to damages arising in connection with data breaches and other cyber losses has been available in the Canadian market for a number of years. However, there remain questions as to whether coverage may also be available under other traditional forms of insurance, including general liability policies.

, , , , , , , , , , , , ,

The art of restraint

Agreement

A restrictive covenant is a class of legal “promise” imposing a restriction on one party for the benefit of another. When drafted correctly, restrictive covenants are an invaluable tool to protect your business.

, , , , , , ,

Private right of action under Canada’s Anti-Spam Law (CASL)

Anti-spam

As of July 1, 2017, individuals and organizations will be entitled to institute a “private right of action” before the courts against those that contravene certain provisions of Canada’s Anti-Spam Law (“CASL”). In the event of a contravention of the message rules in CASL, a monetary penalty up to a maximum of $1,000,000 per day may be imposed. This private right of action should be taken seriously right now. From this perspective and building on previous publications, this bulletin discusses this new mechanism.

, , , , , , , , ,

On modernizing the definition of “charity”

Canadian charity law, being largely based on that of the United Kingdom, traces its roots directly back to the preamble of the English Charitable Uses Act of 1601, known as the “Statute of Elizabeth I”. Although the Statute itself was repealed in the 19th century, the preamble was legally preserved and still forms the basis of the line of case law running right to the modern day that defines what is legally charitable.

, , , , , , , ,

Be aware of potential liabilities when buying a business

Law

In a recent decision, Gestion F. Lessard inc. v. Bournival, the Superior Court of Québec observed the potential liabilities involved in share purchase transactions — such as threats of litigation by unsatisfied customers, employee conflicts and software malfunction — and reminded us that not all potential liabilities can be imputed on the seller for fraud.

, , , , , , , , , ,

Anti-money laundering updates

Final amendments to Regulations to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act released.

, , , , , , , , ,

Whistleblowers: The AMF will not offer any reward

whistle-blower

On February 18, 2016, after a thorough and rigorous analysis which included closely monitoring the rewards-based whistleblower programs offered by the U.S. and Ontario, the Autorité des marchés financiers (the AMF) announced that it does not intend to offer financial rewards to whistleblowers. Instead, the AMF wishes to promote a whistleblower program that builds on existing measures.

, , , , , , , , , , ,

The pitfalls of unwritten contracts – Part 1

This is not to suggest that written contracts provide perfect inoculation against lawsuits—litigants often misunderstand the obvious; written information may be open to multiple interpretations; and people sue even when they have no case. Two important considerations when making an agreement that you wish to be legally binding and enforceable in a court of law, are:

, , , , , , , , , , , , , , , ,

Previous Posts