First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Business and Legal Issues

Estonian blockchain-based ID card security flaw raises issues about identity

On August 30, 2017, an international team of security researchers notified the Estonian government of a security vulnerability affecting the digital use of Estonian ID cards issued to around half of the Estonian population. Affecting 750,000 ID cards issued to a population of 1.3 million, the Estonian Information System Authority (RIA) has taken measures to restrict some of the ID card’s security features until a permanent solution is found.

 

, , , , ,

Oh those trademark scammers

Never hesitate to enquire as to whether a solicitation received by email or mail regarding your Intellectual Property is legitimate. It is important to read the fine print to a solicitation to determine whether or not it comes from the CIPO.

 

, , , , ,

Should you adopt the updated COSO ERM Framework? My assessment

It has been 13 years since the original COSO ERM Framework and eight years since ISO 31000:2009 was published. The updated COSO ERM Framework was an opportunity for COSO to “leap forward”. But did it?

 

, , , , , , , ,

Indecent proposal? Whether and how to ask existing employees to sign new employment contracts

Asking existing employees to sign new employment contracts can be a sensitive topic. Employees will undoubtedly wonder why they are being asked to do so. Many will quite rightly assume that the employer’s main motive for having new contracts be signed is to protect the employer – not the employee. Some will sign without issue, while others will refuse to do so.

 

, , , , , ,

BCCA eyes enforceability of restrictive covenant in IRIS appeal

Restrictive covenants are often a key component of employment agreements and commercial transactions. Enforceability, however, can be challenging, especially in the employment context

 

, , , , , , , ,

Employee misconduct and social media

As technology continues to blur the line between personal and professional life, employers increasingly find themselves dealing with the impact of social media on the employment relationship.

 

, , ,

How well did COSO address comments on the ERM draft?

My impression is that COSO only tinkered with the draft. But, have they done enough to move practices forward, in the right direction? Will this update change the percentage of executives answering the piercing question by Deloitte, “Does risk management support, at a high level, the ability to develop and execute business strategies”, up from 13% close to 80%?

 

, , , , , ,

When federal insolvency laws and provincial labour laws collide

The intersection between insolvency law and labour law has long created a struggle between balancing the rights of employees and maintaining a mechanism for restructuring or liquidating distressed companies.

 

, , , , ,

Social impact bonds – investing in communities

Social Impact Bonds (SIBs) are an innovative way for organizations to practice Socially Responsible Investing (SRI). Canada joins other jurisdictions like the United Kingdom, the United States and Australia, in investing in SIBs.

 

, , , , , , , , , , , , , , ,

Competition Bureau releases big data white paper for public comment

The white paper provides useful initial guidance on how the Bureau may apply the existing framework under the Act to various competition considerations related to big data and algorithms that have been examined so far.

 

, , , , , ,

No priority for pension claims in Wabush CCAA

Wabush is a welcome decision for third-party lenders to companies with defined benefit pension plans, and employers who sponsor defined benefit pension plans who may have had issues in accessing capital as a result of the SCC decision in Indalex.

 

, , , , ,

Which are the best principles for effective risk management?

I will let you decide which is the best set of principles: which is clearer in setting expectations for the effective management of risk and which is better as a basis for assessing the maturity of risk management.

 

, , , ,

Federal Court releases new guidelines for actions under the amended PMNOC Regulations

On September 21, 2017, the Federal Court released the Guidelines for Actions under the Amended PMNOC Regulations (the “Guidelines”) to coincide with the coming-into-force of the amended PMNOC Regulations (“PMNOC Regulations”).

 

, , , , ,

Conducting an internal investigation? Here are 4 things to consider

search-warrant

Many internal investigations (such as harassment claims, fraud, misuse of company assets, etc) often involve the use of digital devices and may require a forensic analysis of those devices to find evidence of an employee’s actions.

 

, , ,

Three cybersecurity trends driving the Bank of Canada’s call for cybersecurity to be treated as a ‘public good’

As the level and sophistication of cyber-attacks continue to grow, there will be a mounting pressure on regulators to continue to develop coordinated, meaningful, mandatory minimum standards that are enforceable against all financial institutions and FMIs as well as their service providers.

 

, , , , , ,

Previous Posts