Experts say DORA compliance not coming easy as more firms pass buck to IT providers
New rules have come into effect across the European Union to promote better cybersecurity and IT resilience across the financial services sector, but experts warn that compliance is likely to be patchy and regulatory enforcement across the bloc perhaps even patchier.
CJEU ruling adds to GDPR liability over unfair competition, AML/CFT
Legal cases and fines for noncompliance with EU’s GDPR could rise sharply after a court found that a breach was a source of unfair competition. The judgment also opens doors to civil cases over companies that ignoring expensive or challenging rules, such as those regarding AML/CFT.
Portuguese bank ousts chief risk officer after ‘suspicious’ transactions uncovered
Portuguese bank Novo Banco, S.A., fired Chief Risk Officer Carlos Jorge Ferreira Brandão “with just cause” after an internal probe discovered “suspicious financial transactions” in his sphere.
Experts unsure of risk appetite as EU beefs up cyber rules for critical infrastructure
New rules on cyber risk management across the EU put execs firmly in the crosshairs for noncompliance and are likely to apply to a wider range of organizations than many business leaders may initially think. However, there are also concerns that the rules may become muddled across the wide bloc.
TPRM critical as DORA, new FCA third-party engagement rules come into effect in 2025
New rules that push IT firms providing “critical” services to the U.K.’s financial sector to share more data about cyberattacks and resiliency measures have been welcomed by industry experts. However, concerns remain over how suppliers will be classified and how key data might be gathered and shared.
Top 5 risks for 2025: U.S. uncertainty, global trade war, digital attacks
A prominent risk management firm has issued its predictions for the top five risks for business in 2025, along with guidance for how organizations should prepare and respond.
Eaton names general counsel
Intelligent power management company Eaton announced that Lucy Clark Dougherty has been named general counsel, effective Jan. 27.
Trane Technologies adds sustainability chief
Trane Technologies, a global climate innovator, announced the appointment of Mauro Atalla as chief technology and sustainability officer, effective Jan. 5.
Orion Corporation announces GC
Pharmaceutical firm Orion Corporation announced that Mikko Kemppainen has been appointed as general counsel and secretary to the board of directors of Orion Corporation, and a member of the executive management board of the Orion Group, effective June 1.
Five more compliance triumphs of 2024
Whether you’re a multinational telecommunications company looking to certify your anti-corruption program post-settlement, or a biochemical company victimized by a “rogue” employee, seeing the light at the end of the enforcement tunnel isn’t always easy.
EU AI Act next GDPR? Proof in the pudding as boardrooms prioritize data governance
Breaches of the EU’s GDPR can cost companies substantial sums and huge reputational damage. Now some are warning that the implementation of the EU’s AI Act will be just as far-reaching, and could potentially lead to similar numbers of cases.
’Future-proofing’ products for safety next level of regulation under EU GPSR
Any product that uses AI needs to be safety assessed for its entire lifespan under new rules that went into effect recently across the EU. Experts warned companies using AI to tailor products could be classed as “manufacturers” and face the same duty of care as developed.
Deutsche Bank names CRO
Deutsche Bank appointed Marcus Chromik as chief risk officer, effective May 20.
Overabundance of U.K. AML regulators stretching enforcement resources thin, experts say
The U.K. will struggle to shed its reputation as one of the world’s biggest conduits for dirty money due to a combination of patchy intelligence-sharing and poorly resourced enforcement agencies, experts told Compliance Week.
Riksbank announces GC
Riksbank has appointed Annica Sandberg as its new general counsel, effective Jan. 7.
U.K., EU enforcement regimes set to escalate, but critics question sanctions’ effectiveness
With a new political regime ready to take over in the U.S., the effectiveness of sanctions against malign foreign actors like Russia, North Korea, and Iran have come into question. While the European Union and U.K. have increased sanctions pressure, critics have publicly asked: Is it enough?
German firm Aiotec to pay $14.5M to settle Iran sanctions violation
German petrochemical parts supplier Aiotec agreed to pay $14.5 million to settle allegations that it engaged in a four-year conspiracy to dismantle and ship a plastics manufacturing plant owned by a U.S. company to Iran, in violation of U.S. sanctions.
Banco BPM appoints CRO
Banco BPM appointed Edoardo Faletti as the new head of the risk management function (risk manager) as well as chief risk officer.
French defense contractor Thales Group under investigation for bribery in Asia
French defense and aviation contractor Thales Group is under investigation by authorities in the U.K. and France for allegedly participating in bribery and corruption.
Good AI governance starts with proactive, continuous risk assessments
Data governance has become a key concern for companies, especially when the EU AI Act and General Data Protection Regulation have put a premium on handling data responsibly and ensuring that artificial intelligence does not cause harm.
European Commission accuses Meta of anticompetive practices, issues $841M fine
Meta, the parent company of Facebook, has been fined nearly 798 million euros (U.S. $841 million) by the European Commission to resolve the agency’s long-running investigation into alleged “abusive practices” by Facebook Marketplace.
EU Deforestation Directive delayed, experts advise compliance managers to not rest on laurels
If your business uses leather, rubber, wood, beef, palm oil, soy, or paper, then you may need to comply with the EU Deforestation Directive, a new rule intended to ensure that no goods traded in the EU contribute to global deforestation.
Allegion names general counsel
Global security products and solutions provider Allegion reappointed Jeff Braun as senior vice president, general counsel and corporate secretary.
Meta discloses potential CFPB lawsuit following probe into advertising, disclosure practices
Meta disclosed in a public filing that an investigation by the Consumer Financial Protection Bureau related to financial product advertising on platforms Instagram and WhatsApp may lead to a lawsuit.
Meta-backed EU appeals body facing conflicts of interest concerns
Ireland’s cozy relationship with big business and Big Tech has once again come under scrutiny after the country’s media regulator allowed a $15 million one-off funding payment from Meta’s Oversight Board Trust to help launch the newly formed Appeal Centre Europe.
U.K. Employment Rights Bill triggers debate over flexibility vs. exploitation
Contract workers’ rights are in the spotlight in the U.K. and some EU countries as governments seek to end exploitative practices by eliminating zero-hours contracts, much to the chagrin of some business leaders.
Irish DPC fines LinkedIn $335M over GDPR violations related to targeted advertising
The Irish Data Protection Commission fined Microsoft-owned LinkedIn 310 million euros (U.S. $335 million) over violations of the European Union’s General Data Protection Regulation related to the social media company’s data processing and targeted advertising.
AI & Compliance Summit: Regs discuss artificial intelligence guardrails for financial services
Artificial intelligence is an exciting, new technology and it is well-regulated by old laws and rules already on the books, financial regulators said at Compliance Week’s AI & Compliance Summit at Boston University.
EU businesses will soon have to report on supply chains and sustainability. Not all are ready
Supply chains are about to become the next big thing in sustainability compliance. However, many organizations still lack the data and assurance capabilities to track sustainability and human rights activities across their extended supply chains – which is required by the EU’s CS3D. Many others that fall out of scope ...
Pace of innovation will make EU AI Act hard to enforce, experts say
Concerns about how robustly European member states may enforce the EU AI Act, which took effect on Aug. 1, are divided between if regulators will take a “light touch” approach or a sledgehammer for noncompliance. One thing’s for sure, the pace of AI innovation will make enforcement very difficult.
Photo gallery: Compliance Week Europe 2024
Compliance Week Europe, held Oct. 15-16 in Amsterdam in partnership with our sister organization the Internation Compliance Association, gathered more than 200 GRC professionals across industries. Check out some of the sights from the event.
Control and delete: How regulators can shutdown companies’ AI investments
Companies are increasingly putting their faith in AI to realize the kind of business benefits that the technology seems to promise, but they are also opening themselves up to new and potentially crippling sanctions if they are unable to answer questions that surround how AI operates.
AI & Compliance Summit notebook: ‘Think big. Start small. Scale fast.’
When starting artificial intelligence efforts for companies large or small, one approach compliance practitioners said they’ve found works best is to start with a specific use case.
Companies are slowing AI launches in Europe, some say European Union regulations are why
The European Union’s Digital Markets Act is forcing many Big Tech companies to postpone the launch of artificial intelligence-powered features, like Apple Intelligence, over user privacy and data security concerns.
Oculis announces chief legal officer
Biopharmaceutical company Oculis Holding AG announced the appointment of Daniel Char to the role of chief legal officer.
New U.K. enforcement body piles pressure on sanctions evaders
Global sanctions rules are increasing rapidly, as are tools to detect and punish those who break them. In response, the U.K. government is creating a new Office of Trade Sanctions Implementation to investigate and penalize those who break sanctions rules.
Irish DPC fines Meta $102M over GDPR violation linked to improper storage of passwords
The Irish Data Protection Commission fined Meta Ireland 91 million euros (U.S. $102 million) for multiple violations of the European Union’s General Data Protection Regulation related to the inadvertent storage of user passwords without encryption.
AI misuse could lead to sanctions from multiple regulators, experts warn
The proliferation of AI, as well as the promised business cases promoting its use, has led companies around the world to quickly invest in the technology. Executives hope these AI tools will improve efficiencies, reduce costs, and help them stay competitive. But it could lead to just the opposite.
Technip Energies announces sustainability chief
Engineering and technology company Technip Energies announced the appointment of Benjamin Lechuga as chief strategy & sustainability officer and member of the group executive committee.
Prilenia appoints chief legal officer
Biotechnology company Prilenia Therapeutics B.V. announced the appointment of Jason Marks, J.D. as chief legal officer.
ABN AMRO names risk chief
ABN AMRO Bank announced that Serena Fioravanti was appointed as a member of the executive board of ABN AMRO Bank N.V. and chief risk officer, effective Oct. 1.
Louvre Hotels Group adds GC
Louvre Hotels Group announced that Grégoire Bouffard will join the executive committee as general counsel, effective Oct. 1.
AAR Corp. discloses former exec implicated in Nepal, South Africa FCPA violations
Aviation maintenance services provider AAR Corp. disclosed that several former employees may have bribed officials in Nepal and South Africa to win contracts, and chose to self-report violations of the Foreign Corrupt Practices Act to authorities in the U.S. and U.K.
Barclays is axing its bonus caps. Is it also ditching good governance?
Four years post-Brexit, London-based Barclays became the first British bank to scrap bonus caps for its traders that were meant to curb excessive risk-taking with client cash, improve corporate governance, and restore faith in an industry most working people still hold responsible for 15 years of economic misery.
FTC sounds alarm on business practices turning into ‘vast surveillance’
The Federal Trade Commission took aim at the business models of some of the world’s largest companies, publishing a years-long study that decried technologies that have created “vast surveillance” networks that expose people to “a host of harms” and violate children’s privacy laws.
WS Audiology announces legal chief, GC
WS Audiology announced that Hea Vinskov has been appointed chief legal officer and general counsel, effective Oct. 21.
ALFI appoints general counsel
The Association of the Luxembourg Fund Industry announced the appointment of Corinne Lamesch as deputy CEO and general counsel.
Amcor announces first sustainability chief
Packaging solutions firm Amcor announced that David Clark, previously its vice president, sustainability, has been appointed to the new chief sustainability officer role.
Budweiser Budvar registration failures show ESG impacts of U.K. noncompliance
Most businesses think more about their products than what they come wrapped in, but a recent U.K. penalty against Czech brewery Budweiser Budvar indicates packaging is an increasingly important element in sustainability regulations.
Holcim announces group general counsel
Holcim, which manufactures building materials, announced that Lukas Studer, general counsel corporate and M&A, is appointed group general counsel, effective Nov. 1.