First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

IT, Privacy and Security

What does your risk management activity seek to achieve?

It is essential to understand what an organization needs and how critical the management of risk is before settling on a design, let alone trying to implement or upgrade risk management.

 

, , , , , , ,

Managing company communications with AI

Could AI have helped Google identify the ‘diversity memo’ sooner? This post looks at how AI could help other companies avoid these and many other complications around employee communication.

 

, , , ,

Department of Finance releases consultation paper on new retail payments oversight framework

On July 7, 2017, the Department of Finance issued the consultation paper “A New Retail Payments Oversight Framework” (the “Consultation Paper”) proposing a federal oversight framework for retail payments. Comments on the Consultation Paper are due October 6, 2017.

 

, , , , ,

Court declines to apply fair dealing copyright exemption in news reporting case

In a recent decision, the Small Claims Division of the Court of Québec has found a newspaper liable for infringement of copyright and moral rights in photographs published without reference to the photographer.

 

, ,

What do audit committees think about risk and audit?

I am encouraged by the latest KPMG report, their 2017 Global Audit Committee Pulse Survey. I am encouraged because KPMG appears to be asking the right questions and getting intelligent answers.

 

, , , , , , ,

Searches of electronic devices at the Canada/US border

The possibility of arbitrary searches of the electronic devices of persons crossing into the US continues to raise concerns among Canadians and, in particular, privacy regulators. Recent statements (and subsequent legislative amendments) are attempting to address some of the legal issues.

 

, , , , , , , ,

The global reach of Canadian privacy law: Federal court issues landmark ruling in Globe24h

With the global reach of the internet and ease with which information may now be disseminated, this decision therefore may provide corporations and individuals with an effective avenue to pursue foreign-based entities and enforce their rights with respect to disputes involving illegal, defamatory or malicious online activity originating abroad.

 

, , , , , , , , , , , , , , , , , , , , , , , ,

The future of risk management

The Institute of Risk Management has a great feature where they have asked people around the world, including a number of luminaries, about the future of risk management.

 

, , , ,

The right to be forgotten has a three-piece suit tailor-made in Canada? From Quebec to British Columbia

This article aims to situate the debate on the right to be forgotten in light of three major precedents, which apparently evolved in isolation (in different provinces, distinct jurisdictions) and yet have everything in common. Indeed, the right to be forgotten is perhaps not as bare as we have been told; we might even go so far as to say that, for the moment, it has a three-piece suit tailor-made in Canada.

 

, , , , , , , , , , , , , , , , , , , , , , , ,

Lawyers need to keep up with AI

For decades, novelists, scientists, mathematicians, futurists and science fiction enthusiasts have imagined what an automated society might look like. Artificial intelligence, or AI, is rapidly evolving, and the society we could only once imagine may be on the brink of becoming our new reality.

 

, , , , , , ,

The future of securities regulation of distributed ledger technologies

The following discussion provides a general description of blockchain and distributed ledger technologies (DLT) and the current state of the regulatory landscape in Ontario. To date, the Ontario Securities Commission has not explicitly categorized a blockchain token or coin (which are further discussed below) as an investment contract or other type of security under section […]

 

, , , , , ,

Can marketing and compliance share a playbook?

I recently read an article in the Winter 2017 MIT Sloan Management Review, Mastering the Market Intelligence Challenge (Chari, Luce & Thukral). In this work, the authors address how “many multinationals simply import their domestic models into emerging markets.” And whilst this work is directed towards those who deal with market intelligence in emerging markets, the conclusions drawn are equally applicable to those who face compliance challenges in such frontier regions.

 

, , , , , , , , , ,

“Not there yet”: Bank of Canada experiments with blockchain wholesale payment system

The Bank of Canada embarked on Project Jasper to learn more about the feasibility, benefits and challenges of using DLT as the basis for a wholesale interbank payment system. These systems are crucial mechanisms for the financial industry that allow large financial institutions to process payments to each other as well as to and from central banks.

 

, , , , , , , ,

Cybersecurity in a post-Ashley Madison world

In a recent key finding, PIPEDA Report of Findings #2016-005 – Joint investigation of Ashley Madison, the Office of the Privacy Commissioner of Canada provided crucial guidance to organizations in relation to information protection and cybersecurity.

 

, , , , , , , , , ,

Defending a lawsuit is not a “commercial activity” under privacy legislation

In a case dating back to 2016 but just recently published, the Office of the Privacy Commissioner of Canada has ruled that the collection and use of a plaintiff’s personal information for the purpose of defending against a civil lawsuit is not a “commercial activity” and, as such, the Personal Information Protection and Electronic Documents Act does not apply.

 

, , , ,

Previous Posts