First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Privacy Compliance and Management

Time (again and still) for the IIA Standards to be correct

Internal audit can assist management by facilitating a fraud risk assessment. Management should make the decision both on the level of risk and whether it is acceptable. Internal audit can provide their opinion and advice on both.

 

, , , , , , , , ,

Québec Commission d’accès à l’information releases guidance on video surveillance

In February 2019, the Québec Commission d’accès à l’information released an updated guide on video surveillance titled, La Vidéosurveillance: Conseils pratiques à l’intention des organismes publics et des entreprises.

 

, , ,

5 key FAQs about Canadian cannabis company “key investor” disclosure requirements

It’s key that all stakeholders clearly understand the Cannabis Regulations’ key investor disclosure obligations to avoid surprises and to ensure compliance. Here are the answers to five key frequently asked questions about cannabis companies’ “key investor” disclosure requirements.

 

, , , , , , ,

Canadian government announces new Digital Charter

On May 21, 2019, the Honourable Navdeep Bains, Minister of Innovation, Science and Economic Development, announced the introduction of Canada’s new Digital Charter. This blog post summarizes the highlights of Minister Bains’ announcement and the principles of the Digital Charter.

 

, , , , , , ,

IIROC’s welcome clarification to member firms: e-signatures are permitted

On March 26, 2019, the Investment Industry Regulatory Organization of Canada issued Guidance Note 19-0051 – E-Signature.

 

, , ,

Pot & privacy: BC Privacy Commissioner issues guidance for protection of personal information in cannabis transactions

The Office of the Information and Privacy Commissioner for British Columbia has released a guidance document to help cannabis retailers and purchasers understand their rights and obligations under the Personal Information Protection Act (British Columbia).

 

, , , ,

Test for patent obviousness not so obvious – Federal Court of Appeal affirms obviousness is a “flexible, contextual, expansive, and fact-driven inquiry”

In late January, in two decisions released simultaneously, the Federal Court of Appeal affirmed the broad and factually-suffused nature of the obviousness inquiry.

 

, , , , , , ,

Whistleblower, hacker, or both? How the Rui Pinto Case can be applied to corporate compliance officers

Rui Pinto was arrested in January by authorities in Budapest on suspicions of illegally hacking emails about European soccer clubs and providing them to the Football Leaks website.

 

, , , ,

Quebec Court of Appeal finds the Genetic Non-Discrimination Act ultra vires

In a recent decision, the Quebec Court of Appeal declared the Genetic Non-Discrimination Act (the “Act”), adopted by the federal Parliament and which came into force on May 4, 2017, to be ultra vires because of its encroachment on the jurisdiction of provincial legislatures.

 

, , , ,

Department of Finance Canada issues consultation paper on open banking

On January 11, 2019, the Department of Finance Canada released a consultation paper seeking the views of Canadians on the potential benefits and risks of an open banking system.

 

, , ,

Transparency & trust: The underlying themes of top 10 ethics & compliance trends

As we prepare for the publication of our 2019 Top 10 Ethics & Compliance Trends Report, a common thread has become evident: transparency.

 

, , , , ,

Standing Committee on Finance releases recommendations on Canada’s anti-money laundering and anti-terrorist financing regime

anti-money laundering

Recently, the House of Common’s Standing Committee on Finance released its report titled, “Confronting Money Laundering and Terrorist Financing: Moving Canada Forward” (the “Report”). The Report was released pursuant to the Standing Committee’s mandate under Standing Order 108(2), which directed the Committee to study the Proceeds of Crime (Money Laundering) and Terrorist Financing Act1 (“PCMLTFA”) and was […]

 

, ,

Five tips for compliance with new privacy consent guidelines

Privacy compliance is top of mind, not the least of all because of GDRP and Canada’s new mandatory breach notification rules. While you are updating your practices and procedures, do not forget that the Guidelines for obtaining meaningful consent (the “Guidelines”) will apply starting on January 1, 2019.

 

, ,

Mistakes to avoid in conducting effective workplace investigations

Experience has shown us time and again that, of all the elements contributing to effective investigations, investigators consistently dedicate insufficient time and effort in a few critical areas; four to be exact.

 

, ,

Security breach notification and reporting requirements are now in force under Canada’s PIPEDA

Canada’s long-awaited federal private-sector data breach notification and reporting requirements came into force on November 1, 2018.

 

, , , , ,

Previous Posts