Policy Patty Toolkit

Making the world a little more compliant one toolkit at a time.


The Policy Patty Toolkit Blog covers emerging issues on governance, risk and compliance controls.

view:  full / summary

Ford Settles Sexual, Racial Harassment Charges for $10.1 Million

Posted on August 18, 2017 at 7:25 AM

Ford Motor Co. agreed to pay up to $10.1 million to settle racial and sexual harassment claims at two Chicago-area plants. The settlement was entered into with the Equal Employment Opportunity Commission (EEOC) after the agency’s investigation found reasonable cause for the harassment of female and black employees at Ford’s Chicago assembly and stamping plants. The agency cited the Civil Rights Act as the basis.

Ford is seeking to bar class action suits as a result of the se...

Read Full Post »

Tiffany Awarded Nearly $20 Million Against Costco

Posted on August 17, 2017 at 7:25 AM

This week a federal judge on Monday ruled that Tiffany & Co. may recover at least $19.4 million in damages from Costco Wholesale Corp over the sale of counterfeit diamond engagement rings bearing the "Tiffany" name. Costco labeled their diamond rings as “Tiffany” they contend not to counterfeit the blue-box luxury jeweler.  Whether or not that was their intention, by dropping the “Setting” part – the word that makes the description universal – made...

Read Full Post »


Posted on August 16, 2017 at 8:10 AM
Check out the new FINRA Investor Alert warning investors to beware of possible stock promotion scams that make it onto investment research websites. Tips offered in the alert if you visit an investment research website:

1. Check the Author's Background - confirm a writer's background on your own. If the writer claims to be an investment professional by looking them up on FINRA's BrokerCheck or the SEC's Investment Adviser Public Disclosure website.

2. Approach Articles Promot...

Read Full Post »

Social Media Site Cannot Block Startup from Public Profile Data

Posted on August 15, 2017 at 8:20 AM

A U.S. federal judge has ruled that LinkedIn cannot prevent a startup from accessing public profile data. The judge granted hiQ Labs a preliminary injunction, and ordered LinkedIn to immediately remove any technology preventing hiQ from accessing public profiles. The company uses the LinkedIn data to build algorithms capable of predicting employee behaviors, such as when they might quit. Back in May, LinkedIn instructed hiQ Labs to stop scraping data from its service. In response, hiQ filed ...

Read Full Post »

FTC Blog Secure Passwords and Authentication

Posted on August 14, 2017 at 8:30 AM

The FTC just posted its fourth installment of its "Stick with Security" series. The blog is part of a weekly series focusing on the 10 principles outlined in its https://www.ftc.gov/tips-advice/business-center/guidance/start-security-guide-business" target="_blank">Start with Security Guide for Businesses.

Here are the tips provided in the blog on using effective authentication procedures to help safeguard your network.

• I...

Read Full Post »

DOL Seeks 18-month Delay for its Fiduciary Rule

Posted on August 11, 2017 at 7:55 AM

The DOL submitted a request to the Office of Management and Budget a proposal to delay the remaining parts of the fiduciary rule. Two provisions of the rule were implemented earlier this year while the remaining parts were expected to become effective as of January 1, 2018. The request for delay, July 1, 2019, would provide firms 18 months to address these parts. Some believe the delay would allow the Securities and Exchange Commission. Others, and frankly the proponents of the rule, believ...

Read Full Post »

2017 Electronic Communications Compliance Survey - Smarsh

Posted on August 10, 2017 at 9:35 AM

Smarsh released its seventh annual Electronic Communications Compliance Survey (to access 2017 report see link below). The survey entails a 31-question survey involving 119 compliance professionals who provided input on current trends and insights on policies and practices on the usage, retention and supervision of electronic business communications. I reviewed this excellent survey and highlighted key and specific results summarized below.

The key takeaways from the survey:

- F...

Read Full Post »

FTC 's Third Data Security Blog Post - Stick With Security

Posted on August 9, 2017 at 3:50 PM

The FTC just posted its third blog post in its "Stick with Security" series. The blog is part of a weekly series focusing on the 10 principles outlined in its Start with Security Guide for Businesses. This week's blog, Stick with security: Control access to data sensibly," outlines the following key security steps companies should take:

Restrict Access to Sensitive Data:

o Employees who don't use personal information should not have access to it.

o Physical confidential d...

Read Full Post »

OCIE Issues Risk Alert on Cybersecurity - Aug 2017

Posted on August 8, 2017 at 4:25 PM
More advice from the SEC on cybersecurity. OCIE just issued a new risk alert on its findings from exams conducted from September 2015 through June 2016. The alert notes an overall improvement in cybersecurity controls but also sets out areas that firms need to improve as well as tips on how to improve controls. Read more: https://www.sec.gov/files/observations-from-cybersecurity-examinations.pdf

Liability and Regulatory Fines

Posted on August 7, 2017 at 5:50 PM
We're getting some interesting albeit potentially conflicting news in terms of regulatory fines and liability. Some folks believe we can expect less regulatory fines by the Trump administration in an effort to allow business more unfettered access to business. Signs of this are already starting to show. The Wall Street Journal reported that while in the first half in 2016, $1.4 billion in fines were levied on Wall Street firms by the three regulators (FINRA, SEC and CFTC), during the same perio... Read Full Post »