The hottest Compliance Substack posts right now

And their main takeaways
Category
Top Business Topics

Regulatory Leviathans

Law of VC β€’ 111 implied HN points β€’ 21 Aug 23
πŸ’° Finance Regulations SEC Compliance
  1. The SEC is passing new regulations for private fund advisers, including VC firms, which would be the first significant VC regulations since the 2008 financial crisis.
  2. The most crucial law governing venture capital funds is the Advisers Act, granting the SEC the power to create rules, investigate, and enforce regulations.
  3. The SEC's regulatory priorities include conflicts of interest, fees and expenses calculations, and compliance with marketing rules, all under the Advisers Act.

Binance and the Trojan Horse

False Positive β€’ 39 implied HN points β€’ 27 Nov 23
πŸ’° Finance Cryptocurrency Regulation Money Laundering Compliance Financial Institutions
  1. Nested accounts play a crucial role in facilitating financial crime by providing anonymity and allowing funds to move across borders through complex networks.
  2. Financial institutions and regulators face challenges in monitoring nested accounts and ensuring compliance with anti-money laundering regulations, risking involvement in criminal activities.
  3. Intermediaries like nested accounts in the crypto world increase regulatory control but also create complexities that could make it harder to detect and prevent financial crimes.

☎️ E20: The State of Privacy Enhancing Technology and The Era of β€œShift-Up” (Feat. Karim Eldefrawy of Confidencial.io)

Let Us Face the Future β€’ 119 implied HN points β€’ 19 Oct 23
πŸ•Ή Technology Data security Cryptography Compliance Application Security
  1. Application-level security is crucial and there is a trend towards 'shift-up' in data security.
  2. Compliance with NIST standards is a significant factor for adoption in regulated industries.
  3. The NIST PQC standardization process will drive wider adoption of cryptographic tools.

The Ways Microsoft Copilot for Security Can Enhance Security Operations with Microsoft Purview

Rod’s Blog β€’ 19 implied HN points β€’ 08 Feb 24
πŸ•Ή Technology Security AI Data Governance Compliance Incident Management
  1. Microsoft Security Copilot enhances security by seamlessly integrating with Microsoft Purview, simplifying security policies and governance.
  2. The AI capabilities of Microsoft Security Copilot aid in proactive threat detection and response by analyzing data to identify potential risks before they escalate.
  3. Automated compliance and data governance processes are streamlined through the combination of Microsoft Purview's features and Security Copilot's automation, facilitating adherence to regulations.

Concordium and 2021.ai Team Up to Make AI More Trustworthy

Concordium Monthly Updates β€’ 39 implied HN points β€’ 20 Jul 23
πŸ•Ή Technology AI Blockchain Data science Compliance Trust
  1. Partnership between Concordium and 2021.ai enhances trust in AI through data validation and audit trails.
  2. Integration of Concordium's blockchain into 2021.ai's platform enables new use cases like ESG Validation and MiCA compliance.
  3. Collaboration aims to promote responsible and ethical use of AI, driving innovation and building trust in the AI industry.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

Top questions ahead of Eagle Alpha's Unbound New York Conference

The Data Score β€’ 39 implied HN points β€’ 05 Jun 23
πŸ’Ό Business Data-driven Decision Making Data Monetization Compliance Investment Strategies
  1. Data monetization involves creating revenue streams by refining and selling accumulated data.
  2. Large Language Models (LLMs) are advanced AI models trained on vast amounts of text data for generating human-like responses in various applications.
  3. Alpha generation in finance refers to outperforming the market or generating excess returns in an investment strategy.

Securing Data in an AI-First World with Microsoft Purview

Rod’s Blog β€’ 19 implied HN points β€’ 06 Feb 24
πŸ•Ή Technology Data security AI Microsoft Data Management Compliance
  1. Microsoft Purview is a top industry solution for managing data estates, offering governance, protection, and management.
  2. The latest enhancements to Microsoft Purview and Microsoft Defender focus on securing data in the context of generative AI, providing visibility, protection, and compliance controls.
  3. Organizations can leverage Microsoft Purview and Microsoft Defender to securely adopt AI, ensuring data protection while harnessing AI's full potential.

Building a Compliance and AppSec Program for a Federal Platform-as-a-Service (PaaS)

Resilient Cyber β€’ 59 implied HN points β€’ 11 Apr 23
πŸ•Ή Technology Cybersecurity Cloud Computing DevOps Compliance Software Development
  1. Building a compliance and AppSec program for a federal Platform-as-a-Service is challenging. It's important to understand which security controls can be inherited by development teams.
  2. Scaling the compliance program across multiple teams can lead to unique challenges. It's crucial to onboard each team effectively while minimizing their workload.
  3. Developers need support in balancing security and compliance with their work. Educating auditors about cloud practices is also important for smoother collaboration.

OMB 22-18 and NIST's SSDF

Resilient Cyber β€’ 79 implied HN points β€’ 11 Dec 22
πŸ•Ή Technology Cybersecurity Software Development Government Policy Compliance Supply Chain
  1. Federal agencies must collect self-attestations from software vendors about their secure development practices, following NIST's guidelines.
  2. The NIST Secure Software Development Framework (SSDF) encourages integrating security early in the software development process, rather than addressing it later on.
  3. Industry groups are raising concerns about the requirements for transparency in the software supply chain, which could lead to delays in implementing necessary security measures.

April Event Round-Up and Public Speaking

Resilient Cyber β€’ 39 implied HN points β€’ 04 Apr 23
πŸ•Ή Technology Cybersecurity Compliance Cloud Computing Public Speaking
  1. There are several public speaking events related to security and compliance happening in April. These focus on topics like Software as a Service (SaaS) security and building secure programs.
  2. One important event will discuss how to create a compliance program for federal services, emphasizing the balance between development speed and security. This is crucial for companies navigating these challenges.
  3. Another key topic is Software Transparency and how to secure the software supply chain. This issue is becoming more important as many businesses rely on software solutions, and it's something experts are starting to address more.

The why and how of SaaS Governance

Resilient Cyber β€’ 39 implied HN points β€’ 06 Feb 23
πŸ•Ή Technology Cloud Security Cybersecurity Risk management Compliance
  1. Organizations need a solid plan to manage the security risks associated with their wide use of Software as a Service (SaaS). This includes knowing what SaaS applications they use and applying security measures.
  2. Many companies focus heavily on securing their infrastructure services like AWS or Azure, but they often overlook the significant risks that come with SaaS applications. This can lead to security breaches.
  3. It's important for businesses to understand the shared responsibility model in cloud security and realize that while SaaS providers handle some security, the ultimate responsibility for data protection still lies with the organization.

Episode 34: Better Built By Burkhard

burkhardstubert β€’ 39 implied HN points β€’ 16 Jan 23
πŸ•Ή Technology Software Licensing Compliance Open Source Embedded Systems
  1. Combining libraries with incompatible licenses can lead to legal issues, meaning you can’t deploy the software without violating at least one license.
  2. If you use any library under GPL, your whole software must also be GPL, meaning you have to share your source code, which may not be ideal for businesses.
  3. Carefully check which licenses apply to the libraries you use, especially with frameworks like Qt, as some combinations can be illegal or unpredictable.

Security Is Not An Encryption Problem

Security Is β€’ 1 HN point β€’ 17 Jul 24
πŸ•Ή Technology Cybersecurity Encryption Cloud Computing Data security Compliance
  1. Encryption is important, but it's often treated as a checkbox in cloud environments. Many people believe that encryption at rest and in transit fully secures their data, but this isn't always the case.
  2. In cloud settings, especially with services like AWS, anyone with the right permissions can access data regardless of whether it's encrypted at rest. This means encrypting data on the storage level may not offer as much protection as people think.
  3. Instead of focusing heavily on encryption, businesses should prioritize their access controls and permissions. Properly managing who can access what data is often a much more critical aspect of security.

Introducing ControlAI's App

Lukasz’s Substack β€’ 3 HN points β€’ 17 Apr 24
πŸ•Ή Technology AI safety Compliance Platform Regulations Cybersecurity
  1. ControlAI's platform offers a solution for AI safety and compliance, simplifying the complex process for users.
  2. Users can use the platform to create an inventory of AI assets, understand regulations like ISO Norms and GDPR, and track progress towards compliance.
  3. The platform also enables users to deploy defenses, showcase AI safety solutions, and collaborate with the AI community to enhance safety measures.

Trust Through Transparency

Resilient Cyber β€’ 19 implied HN points β€’ 23 Jan 23
πŸ•Ή Technology Cybersecurity Software Data Privacy Compliance
  1. People are demanding more transparency in digital systems. This means consumers want to know what software they are using and how it is made.
  2. There's a strong push for companies to adopt Zero Trust, meaning no one gets automatic access. Every access request needs to be verified.
  3. Privacy regulations are changing, with more laws being introduced to protect personal data. Companies need to be clear about how they collect and use consumer information.

Issue #101: Capital One To Buy Discover For $35.3b, Monzo Eyes Β£4b Valuation, And FairMoney In Talks To Buy Umba

Fintech Radar β€’ 6 implied HN points β€’ 28 Feb 24
πŸ’Ό Business Fintech Investments Acquisitions Startups Compliance
  1. Capital One's acquisition of Discover for $35.3 billion aims to boost competitiveness in the payments network but may face regulatory challenges due to concerns about bank consolidation.
  2. Monzo's potential Β£4 billion valuation in a funding round signifies ongoing investor interest in neobanks adapting to profitability and growth in the consumer fintech market.
  3. FairMoney's talks to buy Umba in a $20 million deal show a trend of consolidation in fintech markets like Africa, where companies navigate challenges to serve a growing demand for digital financial services.

Issue #79: Visa Gets In On Stablecoin Summer, Monzo Takes On Scam Callers, And ThetaRay Secures $57M To Fight Money Laundering

Fintech Radar β€’ 4 implied HN points β€’ 11 Sep 23
πŸ’° Finance Fintech AI Compliance Investment Payments
  1. Visa expands stablecoin settlement capabilities by partnering with merchant acquirers, facilitating instant payment authorizations.
  2. Temenos introduces a generative AI tool to automatically classify customer banking transactions, potentially revolutionizing banking processes.
  3. ThetaRay raises $57M for AI tools to fight money laundering, showcasing the increasing importance of compliance-focused startups in fintech.

Breaking: Lineage Hit With FDIC Consent Order

Fintech Business Weekly β€’ 2 HN points β€’ 23 Feb 24
πŸ’° Finance Banking Regulation Fintech Risk management Compliance
  1. Lineage Bank faced regulatory issues with the FDIC due to oversight failures in its banking-as-a-service partnerships.
  2. The consent order from the FDIC requires Lineage Bank to make significant changes in its management, risk assessment, and operational practices.
  3. The impact of Lineage Bank's BaaS wind down and the FDIC order on Synapse, Synctera, and their fintech clients is not yet clear.

When asset management employees spill the beans

Fund Marketer β€’ 1 implied HN point β€’ 21 Feb 24
πŸ’Ό Business Finance Corporate Governance Employee Relations Compliance
  1. More employees in asset management are speaking up about their workplace issues. This change is happening because of struggles within the industry and the willingness to share grievances online.
  2. Companies like Jupiter and Citigroup are facing internal conflicts that are spilling into the public eye. Instead of just keeping things quiet, these issues are being reported, highlighting struggles between management and their internal teams.
  3. There may be some benefits to this openness, as leaks about misconduct could lead to improvements in industry practices. By exposing problems, employees hope to push for better working conditions and accountability.

Everybody Hates Gary

Malt Liquidity β€’ 1 implied HN point β€’ 12 Sep 23
πŸ’° Finance Securities Regulation Market structure Compliance
  1. Defining a fair market is complex and involves intricate operations and risk mitigation strategies.
  2. The SEC's role encompasses protecting investors, maintaining market fairness, and facilitating capital formation.
  3. Increased SEC regulations may unintentionally benefit large players, making it crucial to close loopholes accessible only to wealthy investors.

Compliance and Transparency of Immutable Functions in Diamonds

EIP-2535 Diamonds β€’ 1 implied HN point β€’ 07 Apr 23
πŸ•Ή Technology Blockchain Transparency Compliance Functions Data
  1. The EIP-2535 Diamond standard emphasizes the importance of emitting and returning immutable functions for transparency.
  2. Transparency is crucial to prevent confusion and incorrect data about immutable functions in diamonds.
  3. Ensuring compliance with EIP-2535 Diamond standards avoids situations where functions are unintentionally duplicated or incorrectly referenced.

Alert: Central Bank of Nigeria Circular TED/FEM/PUB/FPC/01/004

RegAlert β€’ 0 implied HN points β€’ 14 Dec 22
πŸ’° Finance Regulatory Banking Fraud Compliance
  1. Central Bank of Nigeria warns against illegal activities by Money Transfer Operators (MTOs) in Nigeria, emphasizing the need to make payments in US Dollars as per regulations.
  2. Banks found supporting unlicensed MTOs in terminating payments in Naira instead of US Dollars will face sanctions, as per the circular TED/FEM/PUB/FPC/01/004.
  3. Reminder for banks and MTOs to pay out diaspora remittance proceeds only in US Dollars and follow the guidelines for International Money Transfer Operations.

Alert: Central Bank of Nigeria Circular OFI/DOA/CON/ACT/004/155

RegAlert β€’ 0 implied HN points β€’ 29 Jun 22
πŸ’° Finance Regulation Cybersecurity Compliance Banking Nigeria
  1. The Central Bank of Nigeria issued a circular requiring other financial institutions in Nigeria to enhance their cybersecurity defenses and adhere to the provided Risk-Based Cybersecurity Framework and Guidelines by January 1, 2023.
  2. This circular emphasizes the importance of strengthening cyber defenses in financial institutions to mitigate risks and ensure a more secure environment against cyber threats.
  3. Compliance with the Risk-Based Cybersecurity Framework and Guidelines is crucial for OFIs in Nigeria to safeguard their systems and data from cyber vulnerabilities.

Alert: Central Bank of Nigeria Circular BSD/DIR/GEN/LAB/09/048

RegAlert β€’ 0 implied HN points β€’ 14 Jun 23
πŸ’° Finance Regulations Banking Compliance
  1. Financial institutions in Nigeria must follow liquidity coverage ratio guidelines to ensure they have enough liquid assets for a 30-day stress scenario.
  2. These institutions need to maintain a level of high-quality liquid assets and report their liquidity coverage ratio to the regulatory body quarterly.
  3. The Circular BSD/DIR/GEN/LAB/09/048 outlines the Exposure Draft of Guidelines on Liquidity Coverage Ratio for Non-Interest Banks in Nigeria.

Alert: Central Bank of Nigeria Circular FPR/DIR/PUB/CIR/007/075

RegAlert β€’ 0 implied HN points β€’ 23 Jun 23
πŸ’° Finance Regulations Risk management Compliance
  1. Financial institutions must establish measures to mitigate risks from high-risk customers, including Politically Exposed Persons (PEPs)
  2. The Central Bank of Nigeria has issued a guidance note to help with assessing and mitigating these risks
  3. Immediate compliance is expected from all financial institutions regarding the guidance note on Politically Exposed Persons (PEPs)

Alert: Central Bank of Nigeria Circular TED/FEM/PUB/FPC/001/007

RegAlert β€’ 0 implied HN points β€’ 17 Aug 23
πŸ’° Finance Regulation Foreign Exchange Compliance
  1. The Central Bank of Nigeria has introduced new operational mechanisms for Bureau de Change (BDC) operations to enhance the efficiency of the foreign exchange market.
  2. BDC operators are mandated to maintain a spread on buying and selling within a specific range of -2.5% to +2.5% of the previous day's weighted average rate.
  3. Operators are required to submit periodic reports on the upgraded Financial Institution Forex Rendition System (FIFX); failure to comply may lead to sanctions or license withdrawal.

Alert: Central Bank of Nigeria Circular BKS/DIR/CIR/GEN/001/003

RegAlert β€’ 0 implied HN points β€’ 17 Oct 23
πŸ’° Finance Regulations Banking Compliance
  1. Financial institutions in Nigeria must validate MICR codeline details based on Nigerian Cheque Standards and ensure proper calibration of in-house cheque processing equipment.
  2. Supervision of cheque processing equipment is essential to prevent image and data distortion during the cheque truncation process.
  3. Non-compliance with the circular may lead to penalties for financial institutions.

Alert: Central Bank of Nigeria Circular FPR/PRD/CIR/INT/001/003

RegAlert β€’ 0 implied HN points β€’ 07 Dec 23
πŸ’° Finance Regulation Banking Compliance
  1. Financial institutions in Nigeria must display their corporate names prominently on their websites and online platforms, along with the statement 'Licensed by the Central Bank of Nigeria'.
  2. Compliance with the requirement to display corporate names must be met by January 31, 2024.
  3. The circular FPR/PRD/CIR/INT/001/003 issued by the Central Bank of Nigeria outlines the specific requirements for displaying corporate names online.

Alert: Central Bank of Nigeria Circular BKS/DIR/CIR/GEN/001/001

RegAlert β€’ 0 implied HN points β€’ 09 Jun 23
πŸ’° Finance Banking Regulations Compliance Transactions
  1. Financial institutions in Nigeria must stop using old cheques and follow the new Nigeria Cheque Standards 2.0 by December 31, 2023, or face penalties.
  2. The change is due to the Revised Nigeria Cheque Standard (NCS) and Nigeria Cheque Printers Accreditation Scheme (NICPAS) 2.0 to ensure compliance and uniformity.
  3. Instructions are provided for financial institutions to download and implement Circular BKS/DIR/CIR/GEN/001/001 from the Central Bank of Nigeria website.

Alert: Central Bank of Nigeria Circular TED/FEM/FPC/GEN/001/002

RegAlert β€’ 0 implied HN points β€’ 01 Feb 24
πŸ’° Finance Regulations Compliance
  1. Central Bank of Nigeria has issued revised guidelines for International Money Transfer Services, aiming to enhance transparency, promote diaspora remittances, and improve the ease of doing business for IMTOs and money transfer recipients.
  2. Authorized dealers, IMTOs, and the general public are expected to adhere to the updated guidelines provided by the Central Bank of Nigeria.
  3. The revised guidelines are crucial for boosting the foreign exchange market and ensuring compliance among stakeholders in the money transfer sector.

Alert: Central Bank of Nigeria Circular CPD/MCD/INT/CCD/020/140

RegAlert β€’ 0 implied HN points β€’ 08 Feb 24
πŸ’° Finance Regulations Compliance Consumer Protection
  1. The circular from the Central Bank of Nigeria highlights the importance of compliance with consumer protection regulations for financial institutions.
  2. Financial institutions are required to establish effective internal complaint handling procedures and provide timely resolutions to consumer complaints.
  3. Regular reviews should be conducted by institutions to identify and rectify any deficiencies in their consumer protection practices.

Daily AI Snapshot: US AI Regulations: A Patchwork Emerges

The AI Observer β€’ 0 implied HN points β€’ 12 Feb 24
πŸ•Ή Technology AI Regulations Innovation Compliance Policy
  1. In 2023, AI encountered significant innovation alongside heightened legislative scrutiny in the US, leading to a complex landscape of 190 state bills and 14 laws along with federal actions.
  2. The increasing regulation indicates a shift towards more controlled AI development at both state and federal levels that may impact how organizations utilize AI technologies.
  3. US AI regulations pose challenges but also present opportunities for safer and more responsible AI development, pushing companies to innovate within a legal framework.

Flexures and Compliant Mechanisms

Barn Lab β€’ 0 implied HN points β€’ 05 Mar 23
πŸ”¬ Science Compliance Robotics
  1. Flexures and compliant mechanisms are designed to provide flexibility and compliance in systems.
  2. Compliant mechanisms can transmit forces without introducing errors if kept under control.
  3. Flexures are used in various applications like robotics, MEMS, and optical systems for improved precision and durability.

Your licence to operate personal data

Privacy by Design: The Practitioner's Handbook β€’ 0 implied HN points β€’ 23 Mar 23
πŸ•Ή Technology Privacy Data Protection Ethics Trust Compliance
  1. Privacy is essential for protecting personal information, ensuring autonomy, and upholding fundamental rights and freedoms.
  2. Safeguarding privacy is the responsibility of every organization, involving legal obligations, ethical considerations, and the need to maintain trust with customers and partners.
  3. Implementing privacy by design principles, starting with a clear and comprehensive privacy policy, is crucial for organizations to maintain trust, accountability, and long-term success.

Alert: Central Bank of Nigeria Circular FPR/DIR/PUB/CIR/002/002

RegAlert β€’ 0 implied HN points β€’ 08 Dec 23
πŸ’° Finance Banking Regulations Compliance Money Laundering
  1. Financial institutions in Nigeria need to collect evidence of registration with SCUML from Non-Profit Organizations before starting a business relationship.
  2. Banks and financial institutions must update their customer account information according to the new requirement.
  3. The Circular FPR/DIR/PUB/CIR/002/002 outlines the additional Know Your Customer requirement for NPOs in Nigeria.

Alert: Central Bank of Nigeria Circular FPR/DIR/PUB/CIR/001/069

RegAlert β€’ 0 implied HN points β€’ 07 Feb 23
πŸ’° Finance Regulations Compliance Banking
  1. Financial institutions must screen their customer database for any association with individuals linked to ISIL or Al-Qaida.
  2. Financial institutions need to update their sanctions screening lists according to recent changes in the United Nations Security Council Consolidated Lists.
  3. Immediate compliance is required from all financial institutions with the new regulations.

Alert: Central Bank of Nigeria Circular FPR/DIR/PUB/CIR/01/064

RegAlert β€’ 0 implied HN points β€’ 13 Jan 23
πŸ’° Finance Regulation Compliance Banking
  1. Financial institutions must identify and disclose beneficial owners of legal persons and arrangements to comply with anti-money laundering and counter-terrorism financing laws.
  2. The Central Bank of Nigeria has issued guidance on ultimate beneficial ownership to help financial institutions implement these measures.
  3. All financial institutions supervised by the Central Bank are required to adhere to the guidance on ultimate beneficial ownership.