Compliance with state, national and international regulations is a vital part of succeeding in business today.
- Conducted an internal investigation for an international construction company in connection with environmental compliance, quality control and billing issues, and negotiated favorable resolution on behalf of the company with the DOJ.
- Prepared code of business ethics and key risk compliance policies covering anti-corruption, insider trading, anti-money laundering, data privacy, government contracts, and whistleblower procedures for domestic and international financial institutions, technology companies and global manufacturing firms.
- Conducted compliance risk assessment and management training regarding antitrust, export controls, anti-corruption and anti-money laundering for a Germany-based manufacturing company with operations in the United States.
- Developed anti-corruption internal assessment protocols and plans for a global energy company to assess compliance in high-risk jurisdictions.
- Assessed and optimized a major bank’s global compliance on data privacy, government contracts, FCPA and other regulatory compliance matters in connection with the firm’s appointment as monitor of a non-prosecution agreement between the DOJ and Mellon Bank, N.A.
- Advised a global credit card brand on export control gap analysis and inventory in preparation for its establishment and implementation of a comprehensive export control compliance program.
- Appointed by the DOJ to serve as independent examiner of the Bank of New York to monitor the bank’s procedures regarding suspicious activity, reporting practices and anti-money laundering, as well as its compliance with related laws and regulations, reporting directly to the Offices of the U.S. Attorneys for the Southern and Eastern Districts of New York, the Federal Reserve Bank of New York, and the New York State Banking Department.
- Conducted FCPA related internal investigation and enhanced internal anti-corruption and compliance protocols on behalf of large U.S. defense contractor in connection with Russian resellers distributing its products to foreign government end users.
- Developed and implemented EU General Data Protection Regulation (GDPR) compliance programs for numerous US and international organizations, including GDPR applicability analysis, data mapping, data transfer mechanisms, consent mechanisms, “right to be forgotten,” data security assessments, breach response programs, selection of Data Protection Officers, and employee training.
- Provided a consortium of more than 40 companies with organizational advice centered on AI and related third-party consulting regarding data collection and use, algorithm development, IP ownership and licensing, data privacy and security impact, data lake development, data flows and use of limited data sets and de-identified data, and algorithm application, as well as monetization considerations and related contracting.
- Counseled various clients regarding use of AI for information governance/record remediation work.
- Advised on strategic company planning and contracting guidance related to AI and advanced analytic dashboard development for an organization’s spinoff operations intersecting with cloud storage, data privacy and third-party responsibilities.
- Developed internal AI policy and practice materials for contractor and staffing agency with significant privacy policy development intersections.
- Developed Data Protection Impact Assessment (“DPIA”) tools designed to support U.S. and EU requirements to identify and mitigate risks associated with the use of automated decision-making.
- Advised clients on requirements and strategies to comply with new U.S. state privacy laws requiring the right to optout of automated decision-making affecting consumer and employee data processing activities.
- Advised clients on the liability implications of providing generative AI tools to users, including DMCA platform safe harbor protections and contractual limitations.
