Risk & Regulatory Compliance

Compliance Week is a business intelligence service on corporate governance, risk, compliance, and audit. We support a community of professionals through award-winning journalism, live and live-streamed events, sponsored Webcasts, continuing education and training, industry surveys, case studies, and downloadable resources.

gm_web

GM sued by FTC for selling location and behavioral data without drivers' consent

2025-01-17T19:15:00+00:00By

General Motors failed to disclose to customers that it tracked their precise locations and driving behavior and sold the data to third parties, the Federal Trade Commission alleged in a proposed order.

off_channel_comm_web

SEC issues $63M in fines to dozen firms in ongoing off-channel comms sweep

2025-01-15T16:24:00+00:00By

Twelve more firms have been dinged with fines by the Securities and Exchange Commission for failing to properly supervise employees who used off-channel communications to conduct company business. In this latest round of enforcement actions, nine investment advisers and three broker-dealers will pay a total of $63 million.

Experian sign

Experian failed to correct flawed financial data about consumers, CFPB complaint alleges

2025-01-09T15:18:00+00:00By

Experian, the credit reporting giant, let compliance slide when it came to addressing consumer complaints about incorrect data, the Consumer Financial Protection Bureau said in a lawsuit against the credit agency.

novo_banco_web

Portuguese bank ousts chief risk officer after ‘suspicious’ transactions uncovered

2025-01-08T17:13:00+00:00By

Portuguese bank Novo Banco, S.A., fired Chief Risk Officer Carlos Jorge Ferreira Brandão “with just cause” after an internal probe discovered “suspicious financial transactions” in his sphere.

GDPR EU flag

Experts unsure of risk appetite as EU beefs up cyber rules for critical infrastructure

2025-01-02T18:37:00+00:00By

New rules on cyber risk management across the EU put execs firmly in the crosshairs for noncompliance and are likely to apply to a wider range of organizations than many business leaders may initially think. However, there are also concerns that the rules may become muddled across the wide bloc.

AdobeStock_254332546

TPRM critical as DORA, new FCA third-party engagement rules come into effect in 2025

2025-01-02T13:00:00+00:00By

New rules that push IT firms providing “critical” services to the U.K.’s financial sector to share more data about cyberattacks and resiliency measures have been welcomed by industry experts. However, concerns remain over how suppliers will be classified and how key data might be gathered and shared.

Google building

Google’s fate under Trump could be a sign of antitrust battles to come in 2025

2024-12-31T15:32:00+00:00By

As Donald Trump begins his transition to become president, there are questions about the fate of tech companies, as well as regulators from multiple administrations. Google in particular is fighting a high-profile antitrust ruling after an investigation started by Trump in 2020 could be resolved in his next administration.

Risk

Top 5 risks for 2025: U.S. uncertainty, global trade war, digital attacks

2024-12-30T14:57:00+00:00By

A prominent risk management firm has issued its predictions for the top five risks for business in 2025, along with guidance for how organizations should prepare and respond.