POPI and Human Resources

The bulk of personal information in a particular business is often found in Human Resources (HR) departments. Yet, HR departments are often overlooked in the compliance exercise – partly because employee personal information is seen as less important and risky than customer personal information and because of the enormity of the task.

Read more

POPI is signed into law — what should business know right now?

There are a couple of things that have to happen before the Act will become a reality for business: The President has to publish a commencement date in the Government Gazette; then businesses will have at least a year to comply; then an Information Regulator will have to be appointed and its office established.

Read more

Organisations need to gear up for POPI

The Protection of Personal Information (POPI) Act is currently a hot topic, given the imminent nature of its implementation. Since the penalties for contravention of the Act can be severe, many organisations are beginning to prepare themselves for compliance. Here’s what your organisation should be doing.


Compliance Effectiveness – Wolf Crier, Alarmist, or the Calm in the Eye of the Storm

The author of this article believes there are three kinds of compliance officers – a wolf crier, an alarmist or someone who is the calm in the eye of the storm. Which one do you think you are?



Compliance Benchmark: Quantifying the Fundamentals

In the current environment, the mere existence of a compliance programme no longer suffices. Most competition authorities now require businesses, as a condition of a reduced fine or to having their compliance programme viewed as a mitigating factor in penalty calculations, to show that their compliance programme is ‘effective’.

This article suggests comparing the company’s own compliance programme to those of other companies (the industry standard).




5 Essential Elements of Corporate Compliance – A Global Template

Although enforcement guidelines around the world vary in length, tone and language, virtually all touch upon a set of key issues that Baker & McKenzie has boiled down to five essential elements: leadership, risk assessment, standards and controls, training and communication, and oversight.



Before Disaster Strikes: Planning for the Worst Instead of Hoping for the Best

Before Disaster Strikes: Planning for the Worst Instead of Hoping for the Best

An emergency situation can present itself at any time. It could take the form of a natural disaster, a data breach or even the passing of an employee in a crucial position. If a company is not prepared, it can have devastating effects for companies and employees alike.

Corporate investigations: key issues for boards and in-house lawyers

Corporate investigations: key issues for boards and in-house lawyers

Internal investigations may be necessary in a number of circumstances, such as the discovery of possible wrongdoing within the company; potential or pending civil litigation; or the receipt of a notice from an investigative or prosecutorial authority or regulator, for example, the Financial Conduct Authority, HM Revenue & Customs or the Competition and Markets Authority. Investigations need to be efficient, proportionate, systematic and professional in order to produce reliable and credible results while staying within the company’s legal budget.

Evolving Legal Standards for Compliance Officers

Evolving Legal Standards for Compliance Officers

Corporate compliance officers are used to facing pressure from within their companies to protect them from legal exposure, but increasingly, external pressure from regulators means that compliance officers themselves may face liability if something goes wrong. The recent enforcement cases holding compliance officers liable for failing to implement effective compliance programs and the debate that has ensued indicate that the issue remains unsettled, but the overall trend appears to be toward growing individual accountability.


4 New Truths That Threaten Your Business

The task of a philosopher, Arthur Schopenhauer wrote, “is not so much to see what no one yet has seen, but to think what nobody yet has thought about that which everybody sees.” Some 200 years later, the same can be said of the task of CIOs seeking to help their companies remain relevant. This article highlights four truths that could threaten your business.