All Risk Management articles – Page 52
-
Article
SolarWinds under SEC probe for handling of 2020 cyberattack
SolarWinds revealed the Securities and Exchange Commission is examining cybersecurity disclosures and public statements the company and its executives made after its massive 2020 data breach caused by hackers backed by the Russian government.
-
Article
As new SEC marketing rule takes effect, many questions remain
The 18-month probationary period for the new Securities and Exchange Commission marketing rule for investment advisers has expired and compliance with the rule is now mandatory.
-
Article
Wells Fargo names diversity head as probes mount
Wells Fargo announced the appointment of Kristy Fercho as head of diverse segments, representation, and inclusion. She takes up the role as the Department of Justice and Securities and Exchange Commission investigate the bank’s diversity hiring practices.
-
Article
FinCEN: U.S. banks paid $1.2B to ransomware criminals last year
Banks reported paying a record $1.2 billion to ransomware criminals in 2021, the Financial Crimes Enforcement Network announced.
-
Article
SEC joins DOJ in probe of Wells Fargo diversity hiring practices
The news for Wells Fargo related to alleged sham interviews of minority job candidates continues to worsen, with the bank disclosing the Securities and Exchange Commission has joined federal prosecutors in examining the issue.
-
Article
KPMG finds large companies ‘on the precipice of a new era’ of ESG reporting
Sustainability reporting has seen steady growth over the past three decades while overall perspectives about environmental, social, and governance reporting have seen dramatic shifts, according to the latest findings of KPMG’s Global Sustainability Report.
-
Article
Chegg avoids fine in deal with FTC over cybersecurity lapses
The Federal Trade Commission ordered education technology provider Chegg to fix problems and weaknesses with its cybersecurity program that led to the exposure of personal and financial data of 40 million customers and employees in four data breaches since 2017.
-
Article
Automation can improve AML compliance but won’t replace human touch
While automation has the potential to transform anti-money laundering compliance, it will not replace the human practitioners relied upon to get investigations to the finish line, experts discussed at the ACAMS annual conference in Las Vegas.
-
Article
Credit Suisse names new CCO, plans strategic overhaul
Credit Suisse announced sweeping changes to its strategy that includes selling off parts of its investment banking portfolio and shrinking its global headcount—an attempt to pivot from risky investment ventures and back toward its historic specialty of wealth management.
-
Article
Survey: How businesses are confronting governmental licenses in M&As
The results of a recent survey conducted by Compliance Week and Avalara found most businesses consider governmental licenses as part of due diligence efforts during mergers and acquisitions, yet the opportunity for risk management improvements remains.
-
Resource
Survey Report: How businesses are confronting governmental licenses in M&As
With all the moving parts of mergers and acquisitions, governmental licenses often get lost in the shuffle. But part of an M&A subject to the whims of thousands of licensing jurisdictions should not go ignored.
-
Article
ICICI Bank cited by OCC for BSA/AML compliance failures
The Office of the Comptroller of the Currency ordered the New York branch of ICICI Bank to implement sweeping changes to its anti-money laundering and Bank Secrecy Act compliance programs but will not fine the bank if the improvements are completed.
-
Article
FATF classifies Myanmar as high risk for money laundering, terrorist financing
The Financial Action Task Force designated Myanmar as a high-risk jurisdiction with “significant strategic deficiencies” regarding its anti-money laundering, countering the financing of terrorism, and financing of proliferation prevention efforts.
-
Article
CFTC FY2022 enforcement results: Record penalties, digital asset crackdown
The Commodity Futures Trading Commission highlighted its enforcement accomplishments from the 2022 fiscal year, including more than $2.5 billion ordered through restitution and penalties across 82 actions.
-
Article
MS Amlin Underwriting fined $11M over risk, governance lapses
The U.K.’s Prudential Regulation Authority fined specialty insurer MS Amlin Underwriting nearly £9.7 million (U.S. $10.9 million) for risk management and governance failings over a five-year period.
-
Article
CFIUS issues first-ever enforcement and penalty guidelines
The Committee on Foreign Investment in the United States issued its first-ever enforcement and penalty guidelines for entities that violate mitigation agreements with CFIUS or otherwise run afoul of the Defense Production Act of 1950.
-
Article
Uber CSO ruling fallout: Individual liability extends to data breach response
The case of the Uber chief security officer found guilty by a jury on two felonies for covering up a data breach and misleading federal regulators opens up another potential individual liability issue executives handling cyber incidents face, according to legal experts.
-
Article
ICO guidance stresses importance of reasoning in employee monitoring
The U.K. Information Commissioner’s Office issued draft guidance to help ensure employers’ monitoring of staff performance does not turn into surveillance or harassment.
-
Article
Lafarge to pay $778M for supporting terrorist groups ISIS, ANF in Syria
French multinational building products company Lafarge pleaded guilty to providing material support and resources to two U.S.-designated foreign terrorist groups in Syria, representing the Department of Justice’s first corporate material support for terrorism prosecution.
-
Article
Fashion retailer Zoetop to pay $1.9M over data breach response
Zoetop, parent company to online clothing retailers SHEIN and ROMWE, agreed to pay $1.9 million as part of a settlement with the New York Attorney General’s Office for failing to properly protect customer information compromised during a 2018 data breach.