Cybersecurity and Data Privacy
January 19, 2021
The unprecedented events of last year amplify the need for organizations to stay alert to shifting risks and be prepared to address issues that may arise — both anticipated and unanticipated. This includes staying up to date with a variety of laws affecting the workplace, minimizing the risks posed by a remote workforce and ensuring that compliance training is part of a cohesive strategy to tackle the complex challenges of 2021.
5 topics to keep on HR and compliance leaders’ radar in 2021 and beyond include:
1. Preventing discrimination and harassment
Preventing all forms of workplace discrimination and sexual harassment is at the top of the list of perennial compliance challenges. In 2021, organizations must tackle these issues in new ways, adapting policies, processes, procedures and training to a hybrid work environment. The growing number of states that require sexual harassment prevention training, coupled with the spotlight on diversity, equity and inclusion, further underscores the importance of taking actions to ensure a discrimination and harassment-free workplace culture, in which employees, at every level, are held accountable for their behavior.
2. Protecting data privacy
One of the primary impacts of the COVID-19 pandemic on organizations is a surge in the adoption and implementation of technology. Along with this expansion, however, is the challenge of enabling remote workers to collaborate securely while protecting data privacy.
The threat of misuse is very real. A recent cyber risk survey found that by the end of the third quarter in 2020, over 36 billion records had been exposed, representing twice the number of breaches in all of 2019.
According to the survey, malicious actors were the driving force behind the number of breaches, with 77.5% of events originating outside organizations. A significant number of breaches involved ransomware (21%), while there continues to be a considerable increase in phishing incidents as thieves impersonate leadership, IT personnel and others in an attempt to steal information from unsuspecting users. And the majority of breaches occurring inside an organization were the result of human errors, such as sending sensitive data to the wrong recipient or accidentally publishing confidential information.
3. Reducing bribery and corruption risks
COVID-19 has also increased the risk for bribery and corruption around the world, as supply chains move more slowly due to ill workers, increased demand and additional delays along the supply chain, making employees more likely to bribe officials/parties to unlawfully advance their goods over others. In addition, anti-money laundering, counter-terrorism financing and sanctions compliance have been the subject of increased enforcement efforts by regulators around the world, including the US Department of Justice (DOJ), Department of the Treasury and other federal financial regulators. This trend is expected to accelerate in 2021 with the recent enactment of the Anti-Money Laundering Act of 2020 which, among other things, provides law enforcement with several new tools to investigate and prosecute illicit financial activities.
4. Mitigating third-party risks
The growth of digital banking and remote work arrangements may see organizations entering into even more third-party relationships. A new survey on third-party risk management reported that a large organization may have more than 10,000 third-party relationships. Further, the pandemic has led many organizations to look for alternative supply sources due to delays in the supply line, which brings organizations into relationships with new and unknown partners. As highlighted in the DOJ’s June 2020 updated guidance on the “Evaluation of Corporate Compliance Programs,” it remains important for organizations to understand the risks posed by third-party partners, conduct thorough due diligence and manage and monitor those risks throughout the lifetime of the relationship.
5. Adapting code of conduct to a hybrid workplace
With the shift to remote working, ensuring that employees understand the organization’s code of conduct and expectations to act with honesty and integrity is critical. Employees becoming more casual in not only their dress, but in their behavior, can increase the potential risk of discriminatory, harassing or other inappropriate words or actions. A strong code of conduct should clearly communicate goals and values, explain key policies and encourage employees to raise concerns and report incidents of misconduct, whether they occur in-person, online or on the phone.
Data privacy, bribery and corruption, third-party risks, discrimination, harassment and code of conduct are some of the compliance challenges organizations should proactively address in 2021 and beyond. As part of a comprehensive ethics and compliance program, ongoing compliance training that is tailored to the organization and its workforce can help leaders anticipate, adapt to and minimize risks and foster a respectful, inclusive workplace.
Sign up for a free trial of our courses:
Error: Contact form not found.