A data risk and compliance specialist with more than 20 years of global experience, Andy specializes in providing clients innovative data solutions throughout the compliance, investigation, and litigation lifecycle. Andy leverages his expertise around the convergence of unstructured and structured data analytic technologies to reduce risk and provide rapid, efficient and meaningful insight for Kroll’s clients.
Before joining Kroll, Andy was a managing director with Alvarez & Marsal’s Disputes & Investigations practice for 10 years.
Andy regularly advises clients on compliance and regulatory-driven controls around data governance (security and privacy), quality, independent validation (unstructured and structured data validation for financials due to regulatory requirements), digital currency regulatory systems and electronically stored information (ESI) governance. He also has significant experience advising clients on incident and investigative data risk including executing large-scale and complex global forensic investigations, fiduciary lookbacks and responses (e.g. rule 204 or 503(b)9 claims), discovery, data analytics and incident response.
Andy also supports corporations on behalf of corporate legal, compliance and chief data officers/chief information security officers in clarifying and responding to data compliance and governance requests relating to GDPR, DOJ, NYDFS and other related regulatory inquiries involving transactional data, information security controls, computer forensics (e.g. IP controls/theft), data governance and investigations.
He also has significant experience supporting clients in various global jurisdictions, leveraging his knowledge of complex data to assist corporations worldwide, providing rapid data insight into corporate and individual activity on inter/intra-country data governance maturity (lineage/mapping/controls), compliance technology (jurisdictional money laundering, regulatory and privacy rules) and investigations.
Andy’s client engagements include leading a sanctions-based inquiry into trading activity, mapping geo IP location data with blockchain and web API logs to replicate a historic view into financial transactions and advising clients on secure PHI/PII data analysis, entity resolution, sampling methodologies and discovery production protocols. He’s also served as interim security lead in response to a breach during a corporate Fortune 500 M&A transaction of a pharmaceutical company, providing cyber forensic and investigative services to identify any theft of intellectual property and the assurance that the breach cause was remediated prior to the acquisition.
Andy frequently contributes data risk insights to publications including Compliance Weekly, Law360 and the New York Law Journal. He also speaks at conferences about emerging data risks in areas including global privacy and cross-border regulations, blockchain and transaction monitoring.