Category Archives: Uncategorized

Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

Survey Finds Alliance with Organizations and Risk Reporting Structures

Posted on by

NEW ORLEANS—Seventy-nine percent of companies are aligned with their risk management reporting structure, however, only 27% of risk professionals believe that emerging risks will be a company priority in the coming year, according to the 12th annual “Excellence in Risk Management Survey” released here by Marsh and RIMS.

In the last five or six years, “We have seen significant narrowing of the gap, where there is better alignment of what risk managers and risk executives are providing their organization and what their C-suite and management is looking for and needing in this riskier world that we all live in,” said Brian Elowe, a managing director at Marsh and co-author of the report. Findings are based on more than 300 responses to an online survey and a series of focus groups with leading risk executives.

Elowe explained that the study focused on organizational alignment, risk management effectiveness, data analytics and technology and cyberrisk.

In their study of organizational dynamics, he said, “We looked at priority setting, organizational structure and performance measurement standards to understand effective execution of a risk management strategy.”

The first insight was in respect to structures risk management reports to inside an organization. “We also asked whether the people responding to the survey felt risk management was reporting to the correct area inside the organization. We found that 79% of the respondents said they felt risk management was reporting into the appropriate area inside their organization,” Elowe said.

Looking deeper, he said the survey found that 50% of executives report into the finance area. The other half reports into a wide number of areas inside the company–12% report to general counsel, 8% to other C-suite members, 5% to internal audit, 5% to operations, 2% to human resources and 11% to “other” functions.

“We found that while they are all in the risk management function, those that report to areas outside of finance tend to be involved in areas deemed to be more strategic in nature. So they are more likely to be involved with things like ERM strategies, IT, privacy and security.”

Elowe said, “We think that finance executives might be well-served to help facilitate greater connections inside their companies to help broaden the perspective that risk executives reporting into finance might be able to have inside their own companies.”

In addition, only 27% of risk professionals reporting to the CFO or treasurer said they expected an increase in spending for training risk management staff. This is compared to 46% in increases expected by those reporting to other areas.

The top-five programs reporting to risk management were insurance management (92%), claims management (88%), enterprise risk management (67%), captive operations (65%) and emergency response (63%).

Looking at functions that report into risk management, he said that while the traditional functions of insurance and claims were well aligned, there is a significant alignment with IT. This is compared to several years ago when IT “operated in and of itself in an organization. That is an outcome of the growing cyberrrisk and the need for organizations to have a multi-disciplinary approach to how cyber is affecting their organization.”

Discussion groups agreed that the “here and now” is most important to their companies and that more needs to be done to develop understanding of emerging risks. “Risk managers are concerned they are not looking far enough ahead,” Elowe said, adding that company focus is largely directed to regulations and compliance. Carol Fox, director of the strategic and enterprise risk practice at RIMS and co-author of the report observed that organizations focused on operations are generally not as involved in strategy. She said management understands risks, but fell off in actually planning for emerging risks.

Findings include:

  • Risk management departments that do not report into finance are generally better aligned with other strategic functions within their organizations — most notably in the areas of enterprise risk management, compliance, information technology (IT) risk management, privacy, and security.
  • Despite the importance placed on emerging risks by many board members, senior leaders, and risk executives, only 27% of survey respondents said that identifying emerging risks would be a priority in the coming year.
  • Over the next two years, 42% of organizations expect to increase the level of investment in risk analytics, according to our survey, with 57% saying it would remain flat.
  • Nearly 60% of respondents said their organization has no formal communications plan in anticipation of a cyber event.
  • Risk professionals who report into the CFO or treasurer are much less likely to expect an increase in spending for training risk management staff in the coming year compared to those reporting elsewhere.

 

EEOC Settles its First Transgender Suit Filed Under Title VII

Posted on by

As we previously reported, the EEOC has decided to pursue protections for transgender workers under Title VII’s prohibition against sex discrimination and harassment as part of its strategic mission, even though no federal statute, including Title VII, explicitly prohibits employment discrimination based on gender identity or expression.

To this end, the EEOC filed two lawsuits on Sept. 25, 2014 on behalf of transgender workers –EEOC v. Lakeland Eye Clinic, P.A. (Middle District of Florida, Tampa Division) and EEOC v. R.G. & G.R. Harris Funeral Homes Inc. (Eastern District of Michigan, Southern Division) — on behalf of transgender workers.

On April 9, Judge Mary S. Scriven of the U.S. District Court for the Middle District of Florida approved a consent decree entered into between the EEOC and Lakeland Eye Clinic, P.A. settling one of the two lawsuits. The terms of the Consent Decree, including the nature of the programmatic relief required by the EEOC make it crystal clear that this is an area that the EEOC will continue to pursue in 2015 and beyond.

Case Background

In EEOC v. Lakeland Eye Clinic P.A., the EEOC claimed that an organization of healthcare professionals fired an employee because she is transgender, because she was transitioning from male to female, and/or because she did not conform to the employer’s gender-based expectations, preferences, or stereotypes. The complaint alleged that even though the claimant had been performing her duties satisfactorily, she was terminated soon after she began presenting as a woman and informed her employer that she was transgender.

Terms of the Consent Decree

The EEOC and Lakeland Eye Clinic, P.A. reached a settlement during the course of discovery. In full and complete settlement of the claims raised by the EEOC, the parties entered into a Consent Decree which Judge Scriven approved on April 9. The following are highlights of the terms of the Consent Decree:

  • Total payment of $150,000 to the aggrieved employee as well as a neutral letter of reference
  • Revised employer discrimination and harassment policies stating that no employee will be terminated (or harassed) “based on an employee’s status as transgender, because of an employee’s transition from one gender to another, and/or because the employee does not conform to the Defendant’s sex or gender-based preferences, expectations or stereotypes”
  • Managerial and employee training including “an explanation of the prohibition against transgender/gender stereotype discrimination under Title VII” and “guidance on handling transgender/gender-stereotype complaints made by applicants, employees and customers.”
  • Monthly reports to the EEOC every six months certifying compliance with the terms of the Consent Decree
  • Two years of monitoring by the EEOC, including the right to conduct workplace inspections with 24 hours’ notice

Implications for Employers

The theories of liability articulated by the EEOC in this case closely follow the EEOC’s prior landmark administrative ruling titled Macy v. Bureau of Alcohol, Tobacco, Firearms and Explosives, EEOC Appeal No. 0120120821 (April 23, 2012) (previously discussed here) in which it held that transgender individuals may state a claim for sex discrimination under Title VII.

We expect that EEOC-initiated ligation on behalf of transgendered individuals will continue to increase given the Commission’s enforcement strategy and desire to “push the envelope” in this area. As we previously advised, employers must be mindful of issues related to gender identity and/or expression that might arise during interviewing, hiring, discipline, promotion and termination decisions. Employers should be particularly vigilant when an employee identifies as transgender, or announces a plan to undergo a gender transition. Stay tuned!

This blog was previously posted on the Seyfarth Shaw website here.

D.C. Improves its Captive Law

Posted on by

Since the passage of the first captive law in the District of Columbia in 2000, D.C. has become one of the premier captive domiciles in the United States. In 2006, the captive law was significantly enhanced by the enactment of protected cell legislation. D.C. was the first domicile in the nation to have an incorporated cell capability, which has proven to be very popular. The D.C. Council recently passed the Captive Insurance Company Amendment Act of 2014 (2014 Amendments), which was designed to streamline the chartering, licensing and operation of D.C. captives.

One of the most attractive aspects of the D.C. law is its protected cell regime. However, the minimum capitalization requirements have proven to be an unnecessary burden. The 2014 Amendments grant the commissioner the authority to reduce or eliminate the minimum capital requirement for both the cells and the “core” (the cell representing the protected cell company), as long as the capital is adequate for the “type, volume and nature of insurance that is transacted.…” This decision is placed entirely within the discretion of the commissioner and means that, going forward, no cell will be required to have excess capital.

A second problem addressed by the 2014 Amendments is the concern about the accessibility of captive information to the public under the D.C. Freedom of Information Act (D.C. FOIA).  The new law provides an express exception from D.C. FOIA for business information, financial pro formas, contracts and other captive documents. This information will not be subject to discovery or subpoena in a civil suit. However, it can be shared with other regulators and the National Association of Insurance Commissioners (NAIC) as long as those authorities are willing to maintain the confidentiality of the information.

The third significant improvement to the law is that the commissioner will have the discretionary authority to waive the requirement that a captive be examined at least once every five years under the following conditions:

• The captive has filed unqualified audited financial statements since its last examination.

• The commissioner finds that the audited statements demonstrate that the captive has sufficient surplus to satisfy all obligations to its policyholders and creditors.

• The captive is in compliance with all applicable D.C. laws and regulations.

• The captive is not a risk retention group (RRG). This latter requirement is due to the multi-state nature of RRGs.

The value of an examination for a single parent captive, or really any captive that only covers first party risk, has long been subject to question when qualified auditors have already examined the captive each year and signed off on the bona fides of its financial activity. The cost of the examination of a single parent captive seemed unreasonable in this context.

The 2014 Amendments made a few other changes to improve efficiency, as well. The Unfair Claims Practices and Claims Settlements Act were made applicable to D.C. for domiciled RRGs. These RRGs will also be required to file quarterly statements (which had previously been required by the Department of Insurance Securities and Banking), and all references to “segregated accounts” were removed from the law to avoid confusion.

In sum, the D.C. captive law has been improved by addressing three problematic areas: minimum capitalization for cells, the protection of confidential information, and the burden of unnecessary and sometimes excessively expensive financial examinations. These are significant changes and should help D.C. maintain its position as one of the most efficient and responsive captive domiciles in the United States.

This article previously ran on the Morris, Manning & Martin, LLP website.

Data Protection in the Cloud: Planning for Data Loss and Downtime

Posted on by

As we brace for another season of tornadoes, hurricanes, forest fires, earthquakes and floods, all businesses should be asking, “Is our data protected should disaster strike?” Or more simply, “What happens if we lose our data?”

Sadly, despite the fact that significant portions of the country are at risk for severe weather and other natural disasters, not all businesses are thinking pragmatically about catastrophic data loss and downtime, which can lead to staggering financial losses and impact productivity, reputation, regulatory compliance, and ultimately the bottom line.

According to a global data protection study released in December, enterprises are losing as much as .

buy ivermectin online cphia2023.com/wp-content/uploads/2023/08/jpg/ivermectin.html no prescription pharmacy

7 trillion annually through data loss and unplanned downtime. Data loss is up 400% since 2012, and two-thirds of the 3,300 organizations surveyed had experienced data loss in the last 12 months. Researchers found that although a high percentage of organizations had disaster recovery plans in place, surprisingly few had implemented data protection practices and fewer than half employed remote, cloud-based data protection. Seventy-one percent of organizations were not fully confident in their ability to recover after a disruption.

If your business is unprepared for a disaster, then act now to improve your resilience and mitigate risk. Plan for natural catastrophes and man-made disasters alike (such as theft, hardware failure, human error, system failure, computer viruses, power failure and accidental deletion).

Disaster preparedness begins with a business continuity plan. This serves as your playbook for staying in business following a disaster and it enables you to restore operations and communications systematically while helping minimize risk. Ask your IT department to incorporate the steps needed to safeguard your IT infrastructure from disaster, including backup and recovery measures.  In today’s highly-regulated environment, having a secure backup and recovery solution that meets the stringent requirements defined by Sarbanes-Oxley, Gramm-Leach-Bliley, HIPAA, FISMA, PCI, ISO and other regulatory standards is expected.

During this process, develop a clear understanding of where the cloud fits in and how it can help save time, money and resources.

Businesses are increasingly backing up their data and apps in a secure, off-site cloud environment (not in the physical office), because the cloud is faster than other options and typically offers the most protection at the lowest cost.

buy doxycycline online cphia2023.com/wp-content/uploads/2023/08/jpg/doxycycline.html no prescription pharmacy

Recovery in the cloud requires no travel and no extra hardware, and it offers extreme levels of reliability.

buy glucophage online cphia2023.com/wp-content/uploads/2023/08/jpg/glucophage.html no prescription pharmacy

Should disaster occur, a cloud solution allows the continuously backed up systems to be restored as virtual machines. All of the cloud’s benefits speak to why highly regulated businesses protecting sensitive data are finding that virtualization technologies make it simpler to comply with stringent security and compliance regulations governing electronic storage and access to data.

Here are seven steps to help businesses plan for data loss and downtime:

  1. Identify the risks. List and categorize all natural and man-made threats and their impact on various systems. Ask what would it take to knock out our entire network and how much unplanned downtime can our business sustain?
  2. Inventory IT assets. Which are most critical to maintaining business continuity? What’s our tolerance for loss of those assets? The cost of the response should be balanced against your tolerance for system downtime.
  3. Define goals. In a worst case scenario, how long can our business shut down? Does it need to recover off-site? Define goals in terms of RPO (Recovery Point Objective, “How much data can we lose?”) and RTO (Recovery Time Objective, “How long can we be down?”).
  4. Develop a plan. Include “IT Assets Inventory,” data protection procedures and contingency plans, notification/activation schedules, a list of roles and responsibilities, a list of resource requirements, and details about training provisions. Good plans include maintenance and backup/recovery testing schedules.
  5. Understand the cloud’s benefits. Virtualization technologies make backup and disaster recovery vastly faster, cheaper and easier. The combination of the cloud and the right backup and disaster recovery solution allows for continuous data protection (so the backups always run 24/7/365) as well as consistent compliance and security.
  6. Implement the plan. If executives understand clearly the consequences of system disruptions, you will win their support and funding for contingency policies.
  7. Test the plan. Continuous testing and plan updating helps ensure business survival.