EU AI Act next GDPR? Proof in the pudding as boardrooms prioritize data governance
Breaches of the EU’s GDPR can cost companies substantial sums and huge reputational damage. Now some are warning that the implementation of the EU’s AI Act will be just as far-reaching, and could potentially lead to similar numbers of cases.
’Future-proofing’ products for safety next level of regulation under EU GPSR
Any product that uses AI needs to be safety assessed for its entire lifespan under new rules that went into effect recently across the EU. Experts warned companies using AI to tailor products could be classed as “manufacturers” and face the same duty of care as developed.
Criticism mounts against FCA amid growing calls for regulatory reform
When lawmakers slam the U.K.’s chief financial regulator as “incompetent,” it not only opens the doors for others to pile criticism on it, but it sparks a debate about how the organization can be improved–or removed.
FCA apologizes for mishandling fraud allegations against Collateral
The U.K. Financial Conduct Authority apologized to investors in peer-to-peer investment firm Collateral for not acting swiftly enough to prevent Collateral from defrauding its customers.
Survey: Organizations broadly adopting AI, with varied governance
The majority of businesses are using AI and doing so without governance–a compliance gap that poses extreme risks, a new survey by Compliance Week and GAN Integrity found. A webinar will discuss why it is crucial to have AI governance, how to implement it, and what strategies to strengthen programs.
U.S. Appeals Court overturns Nasdaq board diversity rule
A U.S. Appeals Court overturned a Securities and Exchange Commission rule that had required companies listed on the Nasdaq stock exchange to disclose whether their boards had women or minority members–and if not, why not.
Worries DOJ is ‘dumping’ AI responsibilities on compliance departments in ECCP update
When the DOJ released its revised Evaluation of Corporate Compliance Programs, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of AI tools by their firms.
Overabundance of U.K. AML regulators stretching enforcement resources thin, experts say
The U.K. will struggle to shed its reputation as one of the world’s biggest conduits for dirty money due to a combination of patchy intelligence-sharing and poorly resourced enforcement agencies, experts told Compliance Week.
Compliance’s fit in AI governance: Reading between lines of DOJ’s updated ECCP guidance
The Department of Justice’s Evaluation of Corporate Compliance Programs has made the importance of artificial intelligence governance frameworks clear, but it didn’t say what role compliance should play. Here’s the answer.
Check, please! Tipped employee compensation in spotlight amid U.K., U.S. ‘fair’ pay debate
Earlier this year, amid then-Republican presidential candidate Donald Trump’s campaign promise to end taxes on tips in the U.S., the U.K. government introduced a new law to ensure that all tips are paid in full to staff, regardless of whether they were given in cash or by credit card.
Texas court halts FinCEN beneficial ownership reporting requirements
Business owners can stop preparing their 2025 anti-money laundering reports for the Treasury Department’s Financial Crimes Enforcement Network, according to a Texas court, which ruled the Corporate Transparency Act requirement unconstitutional.
KPMG report on regs in 2025: Use data analytics to predict, respond to Trump administration changes
Regulations are sure to be rolled back under President Donald Trump, but the question is which regulations, and how much? Is your organization as prepared to respond when regulations are loosened as it was when they were tightened?
CPE Webcast: Navigating Contact Compliance in 2025: An Overview of Upcoming Legislation and How to Prepare
As we approach 2025, the regulatory landscape for the Telephone Consumer Protection Act (TCPA) and Do Not Call (DNC) regulations is becoming increasingly complex. Not only are there federal laws to take into consideration, but many states also have distinct requirements that differ from federal standards.
Evolving sanctions rules make continuous screening, due diligence essential in 2025
The EU and U.K. have rushed to commit themselves to intensifying action on sanctions evasion after U.S. President-elect Donald Trump’s victory, but any compliance managers who believe Trump will make global sanctions compliance easier in 2025 are likely to be disappointed.
Trump taps crypto enthusiast Paul Atkins to replace Gensler at SEC
President-elect Donald Trump appeared to strengthen his ties to the crypto industry when he nominated a popular crypto advocate, Patomak Global Partners founder Paul Atkins, to be the next chairman of the Securities and Exchange Commission.
U.K., EU enforcement regimes set to escalate, but critics question sanctions’ effectiveness
With a new political regime ready to take over in the U.S., the effectiveness of sanctions against malign foreign actors like Russia, North Korea, and Iran have come into question. While the European Union and U.K. have increased sanctions pressure, critics have publicly asked: Is it enough?
Proposed CFPB rule would attempt to rein in data broker buying, selling
Data brokers have been getting away with selling Americans’ personal and financial data without adequate protections, an illegal practice that a new rule proposed by the Consumer Financial Protection Bureau will intend to stop, CFPB Director Rohit Chopra said.
U.S. Appeals Court ruling in Tornado Cash case opens door for AML regulatory unwind
In striking down penalties against cryptocurrency mixer Tornado Cash for violating U.S. sanctions, a federal appeals court may have started to chip away at anti-money laundering regulations established by Democrats even before President-elect Donald Trump takes office.
DOJ offers antitrust compliance guidance in ECCP update
The Department of Justice has added antitrust compliance guidance in an update to its Evaluation of Corporate Compliance Programs.
SEC enforcement priorities under Trump: Fewer disclosures, less ESG-focused, more crypto
Change is likely coming to the Securities and Exchange Commission’s enforcement priorities with the pending handover of the White House to Republican President-elect Donald Trump. Adjust your compliance priorities accordingly.
Trump picks Dr. Oz to run massive Medicare, Medicaid agencies
Dr. Mehmet Oz, President-elect Donald Trump’s pick to lead the Centers for Medicare and Medicaid Services, has a mandate from Trump to “take on the illness industrial complex” and to cut costs.
SEC Chair Gary Gensler to step down Jan. 20 after busy, controversial tenure
Securities and Exchange Commission Chair Gary Gensler will step down from his position as the top U.S. regulator of Wall Street when Donald Trump is sworn in as president on Jan. 20, ending weeks of speculation about his future.
Final CFPB rule requires Big Tech pay apps to comply with bank rules
Big Tech digital payment apps will be subjected to increased oversight and requirements–similar to that of banks and credit unions–under a finalized rule by the Consumer Financial Protection Bureau.
Good AI governance starts with proactive, continuous risk assessments
Data governance has become a key concern for companies, especially when the EU AI Act and General Data Protection Regulation have put a premium on handling data responsibly and ensuring that artificial intelligence does not cause harm.
President-elect Trump’s Commerce Department pick Howard Lutnick to head tariff, trade agenda
President-elect Donald Trump announced he plans to appoint Cantor Fitzgerald President and CEO Howard Lutnick to lead the U.S. Commerce Department, as the incoming administration is expected to charge import tariffs against friends and foes.
‘200+ tips in 3 months’: DOJ’s corporate whistleblower program so far
The Department of Justice received more than 200 whistleblower tips since it launched its long-awaited Corporate Whistleblower Awards (CWA) Pilot Program on Aug. 1, according to the program’s Acting Director Patrick Gushue in a Compliance Week exclusive.
FinCEN alerts financial institutions to be wary of AI-enabled deepfakes
The U.S. Department of the Treasury’s Financial Crimes Enforcement Network issued an alert to financial institutions about their obligations to report deepfakes, warning artificial intelligence has given bad actors additional tools in their arsenal.
EU Deforestation Directive delayed, experts advise compliance managers to not rest on laurels
If your business uses leather, rubber, wood, beef, palm oil, soy, or paper, then you may need to comply with the EU Deforestation Directive, a new rule intended to ensure that no goods traded in the EU contribute to global deforestation.
Navy Federal Credit Union to pay $95M in fines, redress over ‘surprise’ overdraft fees
Navy Federal Credit Union will pay a $15 million fine and return $80 million in “surprise” overdraft fees to its members to resolve an enforcement action from the Consumer Financial Protection Bureau.
Election rules aimed to curb AI misuse may serve as regulatory warning for all advertisers
With the presidential election this week, one fear has remained on the minds of voters regardless of their political stripe–that artificial intelligence will be misused to change the outcome of the race.
Meta-backed EU appeals body facing conflicts of interest concerns
Ireland’s cozy relationship with big business and Big Tech has once again come under scrutiny after the country’s media regulator allowed a $15 million one-off funding payment from Meta’s Oversight Board Trust to help launch the newly formed Appeal Centre Europe.
Speakers at Compliance Week AI & Compliance Summit talk future rules around technology
While companies are exploring and building artificial intelligence technology, lawmakers and regulators are trying to identify what ground rules they need to set. These guardrails are what companies and governments alike believe are essential parts of ensuring safe and responsible use of the technology.
U.K. Employment Rights Bill triggers debate over flexibility vs. exploitation
Contract workers’ rights are in the spotlight in the U.K. and some EU countries as governments seek to end exploitative practices by eliminating zero-hours contracts, much to the chagrin of some business leaders.
Treasury set to block investment flow on American AI, semiconductor tech to China
The U.S. Treasury Department has issued a final rule–and created a new division to oversee it–that will attempt to limit outbound investments to China related to sensitive technologies with military applications.
FCC teams up with CPPA to enforce privacy rules
In an effort to streamline the enforcement of California’s stringent privacy rules, the Federal Communications Commission has signed a memorandum of understanding (MOU) with the California Privacy Protection Agency.
AI & Compliance Summit: Regs discuss artificial intelligence guardrails for financial services
Artificial intelligence is an exciting, new technology and it is well-regulated by old laws and rules already on the books, financial regulators said at Compliance Week’s AI & Compliance Summit at Boston University.
CFPB will enforce Fair Credit Reporting Act on employee background reports, monitoring
Businesses need to follow the consumer protection rules of the Fair Credit Reporting Act when engaging in employee surveillance, which includes background reports about employees produced by third parties using artificial intelligence, the Consumer Financial Protection Bureau said in new guidance.
New CFPB data rights rule will modernize U.S. banking system, Chopra says
Banks, credit card companies and other financial mainstays will be required to comply with new data privacy and retail account portability regulations under a sweeping rule issued Tuesday by the Consumer Financial Protection Bureau.
DOJ proposes rule that would block sale of Americans’ personal data to Chinese, Russian firms
The Department of Justice (DOJ) has proposed a new rule that would regulate the use of Americans’ personal information by foreign companies and foreign persons in six “countries of concern,” prohibiting and restricting the sale of data to thwart the use of data for cyber-enabled activities, espionage, coercion, influence and ...
Keys to a successful GenAI use policy: Clear roles, training, vendor management
For all the hype surrounding generative artificial intelligence, the technology has been met with a healthy skepticism in the compliance community. Compliance practitioners want to know: Is it safe? Can it be deployed ethically? Are the risks greater than the rewards? And what should an AI acceptable use policy contain?
NYDFS expects banks, firms to cut risks posed by AI, according to new guidance
New York financial institutions are expected to address cybersecurity risks posed by artificial intelligence, and new guidance from the New York Department of Financial Services is aimed at helping firms do just that.
Pace of innovation will make EU AI Act hard to enforce, experts say
Concerns about how robustly European member states may enforce the EU AI Act, which took effect on Aug. 1, are divided between if regulators will take a “light touch” approach or a sledgehammer for noncompliance. One thing’s for sure, the pace of AI innovation will make enforcement very difficult.
FTC final ‘Click to Cancel’ Rule requires disclosure of material facts before enrollments
Tthe Federal Trade Commission, after years of public comments and changes, released a final “Click to Cancel” Rule, which requires a customer’s express consent before they can be charged and prohibits practices that make it difficult for a customer–whether a family or another business–to cancel.
DOJ steps up enforcement approach against AI-powered cybercrime
The Criminal Division of the Department of Justice plans to heighten its focus on cybercrime, according to division head Nicole Argentieri.
Chinese steel, artificial sweetener from Xinjiang now banned under UFLPA
Steel and an artificial sweetener made by two Chinese companies using forced labor have been banned from entering the U.S. under the Uyghur Forced Labor Prevention Act.
Are the qui tam provisions of the False Claims Act constitutional? A Florida judge just said no
A federal court in Florida has lashed out at federal whistleblower programs by dismissing a mundane False Claims Act case against a medical practice on the grounds that the qui tam provisions of the FCA are unconstitutional.
CPE Webcast: IT controls: Navigating the path to a secure digital future
A comprehensive IT controls program is crucial to safeguard your organization’s assets, ensure data integrity, and maintain regulatory compliance.
AI misuse could lead to sanctions from multiple regulators, experts warn
The proliferation of AI, as well as the promised business cases promoting its use, has led companies around the world to quickly invest in the technology. Executives hope these AI tools will improve efficiencies, reduce costs, and help them stay competitive. But it could lead to just the opposite.
DOJ updates ECCP to include AI risks, whistleblower protections
Companies under criminal prosecution by the Department of Justice for any reason must show they have robust compliance for any artificial intelligence in use–or risk heightened prosecution–under a DOJ policy update.
CPE Webcast: AI strategy and regulatory risk: A financial services perspective
In our coming webinar, experts will discuss the fundamental rethinking of how risk is understood and managed in the financial services industry and how firms can be proactive to stay ahead of these big technological changes.