All Third Party Risk articles
-
PremiumExperts unsure of risk appetite as EU beefs up cyber rules for critical infrastructure
New rules on cyber risk management across the EU put execs firmly in the crosshairs for noncompliance and are likely to apply to a wider range of organizations than many business leaders may initially think. However, there are also concerns that the rules may become muddled across the wide bloc. ...
-
PremiumTPRM critical as DORA, new FCA third-party engagement rules come into effect in 2025
New rules that push IT firms providing “critical” services to the U.K.’s financial sector to share more data about cyberattacks and resiliency measures have been welcomed by industry experts. However, concerns remain over how suppliers will be classified and how key data might be gathered and shared.
-
PremiumData analytics in compliance: Time to get started, or expand, in 2025
Launching or expanding a corporate data analytics program for compliance can seem like a daunting task, but it is one worth adding to your to-do list in 2025.
-
PremiumSurvey: Organizations broadly adopting AI, with varied governance
The majority of businesses are using AI and doing so without governance–a compliance gap that poses extreme risks, a new survey by Compliance Week and GAN Integrity found. A webinar will discuss why it is crucial to have AI governance, how to implement it, and what strategies to strengthen programs. ...
-
OpinionGerman firm Aiotec to pay $14.5M to settle Iran sanctions violation
German petrochemical parts supplier Aiotec agreed to pay $14.5 million to settle allegations that it engaged in a four-year conspiracy to dismantle and ship a plastics manufacturing plant owned by a U.S. company to Iran, in violation of U.S. sanctions.
-
PremiumTop E&C fails of 2024: Boeing, TD Bank, RTX/Raytheon on compliance naughty list
The biggest Compliance Fails of 2024 show the real-world consequences of noncompliance for the companies that faltered, but also for their customers and their employees.
-
News BriefFINRA fines Morgan Stanley $1M for alleged documentation failures
The Financial Industry Regulatory Authority fined broker-dealer Morgan Stanley $1 million over alleged documentation failures related to risk management controls and supervisory procedures involving violations of the Market Access Rule.
-
News BriefMeta discloses potential CFPB lawsuit following probe into advertising, disclosure practices
Meta disclosed in a public filing that an investigation by the Consumer Financial Protection Bureau related to financial product advertising on platforms Instagram and WhatsApp may lead to a lawsuit.
-
News BriefWisdomTree pays $4M SEC fine for including fossil fuel, tobacco securities in ESG funds
Fund management company WisdomTree will pay $4 million to settle allegations by the Securities and Exchange Commission that it improperly invested in fossil fuel and tobacco companies in environmental, social and governance (ESG) funds despite promising to avoid them.
-
PremiumKeys to a successful GenAI use policy: Clear roles, training, vendor management
For all the hype surrounding generative artificial intelligence, the technology has been met with a healthy skepticism in the compliance community. Compliance practitioners want to know: Is it safe? Can it be deployed ethically? Are the risks greater than the rewards? And what should an AI acceptable use policy contain?
-
PremiumRaytheon parent RTX settles false claims, defective pricing, Qatar FCPA violations for $950M
The other shoe finally dropped for Raytheon and parent company RTX, as two U.S. regulators announced nearly $1 billion in penalties to settle defective pricing in defense contracts, false claims related to inflated prices on government contracts, and bribes paid to government officials in Qatar that violated the FCPA.
-
News BriefDOJ orders Wynn Las Vegas to forfeit $130M over BSA/AML violations
Wynn Las Vegas agreed to forfeit $130 million to settle a range of criminal allegations, including allegedly helping foreign customers hide money transfers and shielding patrons from Bank Secrecy Act and anti-money laundering rules, the Department of Justice said.
-
News BriefBank of America unit reaches $3M settlement with FINRA over surveillance lapses
A subsidiary of Bank of America agreed to pay $3 million and take remedial measures to resolve allegations that its surveillance system didn’t detect manipulative trading, the Financial Industry Regulatory Authority said.
-
News BriefNordea Bank to pay $35M to resolve NYDFS probe into AML shortcomings
Finland-based Nordea Bank will pay $35 million to resolve an investigation by the New York Department of Financial Services into “significant compliance failures” in its anti-money laundering and Bank Secrecy Act program.
-
WebcastCPE Webcast: Third party due diligence: A practical deep dive
A corporate code of conduct can be internally enforced, but how do you ensure third parties measure up to your values and requirements?
-
PremiumHow are you keeping up? The adoption of AI in compliance
Artificial intelligence is rapidly transforming the business landscape, and this is especially true for anyone working in compliance. But while AI offers immense potential to streamline processes, enhance decision-making, and mitigate risks, it also introduces a new set of challenges that compliance professionals must navigate.
-
PremiumU.K. forced labor ruling raises bar for supply chain monitoring
Companies will need to tighten up how they monitor their supply chains after a recent U.K. ruling determined that corporates could be open to money laundering charges if they fail to act in cases where they believe there is a risk of forced labor.
-
PremiumICO proposes $7.8M fine against NHS contractor in warning to IT providers
The U.K. Information Commissioner’s Office proposed a 6.1 million pound (U.S. $7.8 million) fine against Advanced Computer Software Group, an IT contractor for the National Health Service that allegedly failed to secure the data of 83,000 people after a cyberattack.
-
PremiumLexisNexis survey: Compliance costs soared for U.K. banks in 2023
Nearly all but a tiny minority of financial institutions saw their costs of financial crime compliance rise in 2023, a survey by LexisNexis and Oxford Economics found.
-
PremiumDORA set to enhance cyber resilience requirements for EU financial firms
The European Union’s Digital Operational Resilience Act, which is set to take effect next year, will require financial services firms to implement stronger measures to protect not only themselves from disruption caused by cyberattacks but also the sector as a whole.