Experts say DORA compliance not coming easy as more firms pass buck to IT providers
New rules have come into effect across the European Union to promote better cybersecurity and IT resilience across the financial services sector, but experts warn that compliance is likely to be patchy and regulatory enforcement across the bloc perhaps even patchier.
Trump gives TikTok 75-day reprieve after ban goes into effect
President Donald Trump signed an executive order Monday delaying the Department of Justice (DOJ) from enforcing the long-awaited TikTok ban. While the social media platform’s fate is still up in the air, Trump signaled his support for it being sold, with the U.S. as a “partner.”
SEC charge against CCO in penny stock scheme raises more questions about gatekeeper liability
A recent complaint by the Securities and Exchange Commission against the chief compliance officer of a Chicago-based investment firm contains some of the most worrisome examples of how CCOs can be found liable for misconduct at their firm.
The Rise, Fall, and Rise of Crypto: Lessons from FTX amidst a changing regulatory landscape
As President Trump assumes power, the crypto industry is in the spotlight. Trump has tapped popular crypto advocate Paul Atkins to lead the SEC, and crypto proponents feel positive about gaining fast-tracked guidance. Crypto experts and industry leaders share insights into what the industry needs from regulators to drive innovation.
FDA bans Red No. 3 dye after decades of concerns over possible health risks
The U.S. Food and Drug Administration announced Wednesday it has revoked authorization for color additive Red No. 3 from food, beverages, and drugs. Health concerns over dye have existed since it was banned from cosmetics in 1990 after it was found that large doses led to the development of cancer ...
White House, BIS attempt to strengthen AI chip export controls in final days of Biden presidency
In tandem with the Commerce Department’s Bureau of Industry and Security, the Biden administration issued a new rule on export controls of domestically produced artificial intelligence chips.
New CFPB payment privacy rule on the way for gaming companies, cryptocurrencies, Big Tech
The Consumer Financial Protection Bureau has issued a proposed rule aimed at protecting the privacy of the public when using novel digital payment systems, such as those offered by large technology platforms and video gaming companies.
CFPB rule bans lenders from using medical debt in credit report determinations
Banks and other lenders will be prohibited from using medical debt information in credit reports, under a new rule finalized by the Consumer Financial Protection Bureau, the agency said.
Experts unsure of risk appetite as EU beefs up cyber rules for critical infrastructure
New rules on cyber risk management across the EU put execs firmly in the crosshairs for noncompliance and are likely to apply to a wider range of organizations than many business leaders may initially think. However, there are also concerns that the rules may become muddled across the wide bloc.
TPRM critical as DORA, new FCA third-party engagement rules come into effect in 2025
New rules that push IT firms providing “critical” services to the U.K.’s financial sector to share more data about cyberattacks and resiliency measures have been welcomed by industry experts. However, concerns remain over how suppliers will be classified and how key data might be gathered and shared.
Google’s fate under Trump could be a sign of antitrust battles to come in 2025
As Donald Trump begins his transition to become president, there are questions about the fate of tech companies, as well as regulators from multiple administrations. Google in particular is fighting a high-profile antitrust ruling after an investigation started by Trump in 2020 could be resolved in his next administration.
EU AI Act next GDPR? Proof in the pudding as boardrooms prioritize data governance
Breaches of the EU’s GDPR can cost companies substantial sums and huge reputational damage. Now some are warning that the implementation of the EU’s AI Act will be just as far-reaching, and could potentially lead to similar numbers of cases.
’Future-proofing’ products for safety next level of regulation under EU GPSR
Any product that uses AI needs to be safety assessed for its entire lifespan under new rules that went into effect recently across the EU. Experts warned companies using AI to tailor products could be classed as “manufacturers” and face the same duty of care as developed.
Criticism mounts against FCA amid growing calls for regulatory reform
When lawmakers slam the U.K.’s chief financial regulator as “incompetent,” it not only opens the doors for others to pile criticism on it, but it sparks a debate about how the organization can be improved–or removed.
FCA apologizes for mishandling fraud allegations against Collateral
The U.K. Financial Conduct Authority apologized to investors in peer-to-peer investment firm Collateral for not acting swiftly enough to prevent Collateral from defrauding its customers.
Survey: Organizations broadly adopting AI, with varied governance
The majority of businesses are using AI and doing so without governance–a compliance gap that poses extreme risks, a new survey by Compliance Week and GAN Integrity found. A webinar will discuss why it is crucial to have AI governance, how to implement it, and what strategies to strengthen programs.
U.S. Appeals Court overturns Nasdaq board diversity rule
A U.S. Appeals Court overturned a Securities and Exchange Commission rule that had required companies listed on the Nasdaq stock exchange to disclose whether their boards had women or minority members–and if not, why not.
Worries DOJ is ‘dumping’ AI responsibilities on compliance departments in ECCP update
When the DOJ released its revised Evaluation of Corporate Compliance Programs, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of AI tools by their firms.
Overabundance of U.K. AML regulators stretching enforcement resources thin, experts say
The U.K. will struggle to shed its reputation as one of the world’s biggest conduits for dirty money due to a combination of patchy intelligence-sharing and poorly resourced enforcement agencies, experts told Compliance Week.
Compliance’s fit in AI governance: Reading between lines of DOJ’s updated ECCP guidance
The Department of Justice’s Evaluation of Corporate Compliance Programs has made the importance of artificial intelligence governance frameworks clear, but it didn’t say what role compliance should play. Here’s the answer.
Check, please! Tipped employee compensation in spotlight amid U.K., U.S. ‘fair’ pay debate
Earlier this year, amid then-Republican presidential candidate Donald Trump’s campaign promise to end taxes on tips in the U.S., the U.K. government introduced a new law to ensure that all tips are paid in full to staff, regardless of whether they were given in cash or by credit card.
Texas court halts FinCEN beneficial ownership reporting requirements
Business owners can stop preparing their 2025 anti-money laundering reports for the Treasury Department’s Financial Crimes Enforcement Network, according to a Texas court, which ruled the Corporate Transparency Act requirement unconstitutional.
KPMG report on regs in 2025: Use data analytics to predict, respond to Trump administration changes
Regulations are sure to be rolled back under President Donald Trump, but the question is which regulations, and how much? Is your organization as prepared to respond when regulations are loosened as it was when they were tightened?
CPE Webcast: Navigating Contact Compliance in 2025: An Overview of Upcoming Legislation and How to Prepare
As we approach 2025, the regulatory landscape for the Telephone Consumer Protection Act (TCPA) and Do Not Call (DNC) regulations is becoming increasingly complex. Not only are there federal laws to take into consideration, but many states also have distinct requirements that differ from federal standards.
Evolving sanctions rules make continuous screening, due diligence essential in 2025
The EU and U.K. have rushed to commit themselves to intensifying action on sanctions evasion after U.S. President-elect Donald Trump’s victory, but any compliance managers who believe Trump will make global sanctions compliance easier in 2025 are likely to be disappointed.
Trump taps crypto enthusiast Paul Atkins to replace Gensler at SEC
President-elect Donald Trump appeared to strengthen his ties to the crypto industry when he nominated a popular crypto advocate, Patomak Global Partners founder Paul Atkins, to be the next chairman of the Securities and Exchange Commission.
U.K., EU enforcement regimes set to escalate, but critics question sanctions’ effectiveness
With a new political regime ready to take over in the U.S., the effectiveness of sanctions against malign foreign actors like Russia, North Korea, and Iran have come into question. While the European Union and U.K. have increased sanctions pressure, critics have publicly asked: Is it enough?
Proposed CFPB rule would attempt to rein in data broker buying, selling
Data brokers have been getting away with selling Americans’ personal and financial data without adequate protections, an illegal practice that a new rule proposed by the Consumer Financial Protection Bureau will intend to stop, CFPB Director Rohit Chopra said.
U.S. Appeals Court ruling in Tornado Cash case opens door for AML regulatory unwind
In striking down penalties against cryptocurrency mixer Tornado Cash for violating U.S. sanctions, a federal appeals court may have started to chip away at anti-money laundering regulations established by Democrats even before President-elect Donald Trump takes office.
DOJ offers antitrust compliance guidance in ECCP update
The Department of Justice has added antitrust compliance guidance in an update to its Evaluation of Corporate Compliance Programs.
SEC enforcement priorities under Trump: Fewer disclosures, less ESG-focused, more crypto
Change is likely coming to the Securities and Exchange Commission’s enforcement priorities with the pending handover of the White House to Republican President-elect Donald Trump. Adjust your compliance priorities accordingly.
Trump picks Dr. Oz to run massive Medicare, Medicaid agencies
Dr. Mehmet Oz, President-elect Donald Trump’s pick to lead the Centers for Medicare and Medicaid Services, has a mandate from Trump to “take on the illness industrial complex” and to cut costs.
SEC Chair Gary Gensler to step down Jan. 20 after busy, controversial tenure
Securities and Exchange Commission Chair Gary Gensler will step down from his position as the top U.S. regulator of Wall Street when Donald Trump is sworn in as president on Jan. 20, ending weeks of speculation about his future.
Final CFPB rule requires Big Tech pay apps to comply with bank rules
Big Tech digital payment apps will be subjected to increased oversight and requirements–similar to that of banks and credit unions–under a finalized rule by the Consumer Financial Protection Bureau.
Good AI governance starts with proactive, continuous risk assessments
Data governance has become a key concern for companies, especially when the EU AI Act and General Data Protection Regulation have put a premium on handling data responsibly and ensuring that artificial intelligence does not cause harm.
President-elect Trump’s Commerce Department pick Howard Lutnick to head tariff, trade agenda
President-elect Donald Trump announced he plans to appoint Cantor Fitzgerald President and CEO Howard Lutnick to lead the U.S. Commerce Department, as the incoming administration is expected to charge import tariffs against friends and foes.
‘200+ tips in 3 months’: DOJ’s corporate whistleblower program so far
The Department of Justice received more than 200 whistleblower tips since it launched its long-awaited Corporate Whistleblower Awards (CWA) Pilot Program on Aug. 1, according to the program’s Acting Director Patrick Gushue in a Compliance Week exclusive.
FinCEN alerts financial institutions to be wary of AI-enabled deepfakes
The U.S. Department of the Treasury’s Financial Crimes Enforcement Network issued an alert to financial institutions about their obligations to report deepfakes, warning artificial intelligence has given bad actors additional tools in their arsenal.
EU Deforestation Directive delayed, experts advise compliance managers to not rest on laurels
If your business uses leather, rubber, wood, beef, palm oil, soy, or paper, then you may need to comply with the EU Deforestation Directive, a new rule intended to ensure that no goods traded in the EU contribute to global deforestation.
Navy Federal Credit Union to pay $95M in fines, redress over ‘surprise’ overdraft fees
Navy Federal Credit Union will pay a $15 million fine and return $80 million in “surprise” overdraft fees to its members to resolve an enforcement action from the Consumer Financial Protection Bureau.
Election rules aimed to curb AI misuse may serve as regulatory warning for all advertisers
With the presidential election this week, one fear has remained on the minds of voters regardless of their political stripe–that artificial intelligence will be misused to change the outcome of the race.
Meta-backed EU appeals body facing conflicts of interest concerns
Ireland’s cozy relationship with big business and Big Tech has once again come under scrutiny after the country’s media regulator allowed a $15 million one-off funding payment from Meta’s Oversight Board Trust to help launch the newly formed Appeal Centre Europe.
Speakers at Compliance Week AI & Compliance Summit talk future rules around technology
While companies are exploring and building artificial intelligence technology, lawmakers and regulators are trying to identify what ground rules they need to set. These guardrails are what companies and governments alike believe are essential parts of ensuring safe and responsible use of the technology.
U.K. Employment Rights Bill triggers debate over flexibility vs. exploitation
Contract workers’ rights are in the spotlight in the U.K. and some EU countries as governments seek to end exploitative practices by eliminating zero-hours contracts, much to the chagrin of some business leaders.
Treasury set to block investment flow on American AI, semiconductor tech to China
The U.S. Treasury Department has issued a final rule–and created a new division to oversee it–that will attempt to limit outbound investments to China related to sensitive technologies with military applications.
FCC teams up with CPPA to enforce privacy rules
In an effort to streamline the enforcement of California’s stringent privacy rules, the Federal Communications Commission has signed a memorandum of understanding (MOU) with the California Privacy Protection Agency.
AI & Compliance Summit: Regs discuss artificial intelligence guardrails for financial services
Artificial intelligence is an exciting, new technology and it is well-regulated by old laws and rules already on the books, financial regulators said at Compliance Week’s AI & Compliance Summit at Boston University.
CFPB will enforce Fair Credit Reporting Act on employee background reports, monitoring
Businesses need to follow the consumer protection rules of the Fair Credit Reporting Act when engaging in employee surveillance, which includes background reports about employees produced by third parties using artificial intelligence, the Consumer Financial Protection Bureau said in new guidance.
New CFPB data rights rule will modernize U.S. banking system, Chopra says
Banks, credit card companies and other financial mainstays will be required to comply with new data privacy and retail account portability regulations under a sweeping rule issued Tuesday by the Consumer Financial Protection Bureau.
DOJ proposes rule that would block sale of Americans’ personal data to Chinese, Russian firms
The Department of Justice (DOJ) has proposed a new rule that would regulate the use of Americans’ personal information by foreign companies and foreign persons in six “countries of concern,” prohibiting and restricting the sale of data to thwart the use of data for cyber-enabled activities, espionage, coercion, influence and ...