OCC orders Bank of America to shore up BSA/AML, sanctions compliance programs
Bank of America avoided a monetary penalty in agreeing to settle charges with the Treasury Department’s Office of the Comptroller of the Currency but was ordered to shore up previously disclosed deficiencies in its Bank Secrecy Act/anti-money laundering (BSA/AML) and sanctions compliance programs.
CFPB sues big banks behind money transfer app Zelle over lax oversight, fraud
JPMorgan Chase, Wells Fargo Bank, Bank of America, and the company behind online money transfer app Zelle were sued by the Consumer Financial Protection Bureau for allegedly failing to safeguard Zelle’s network and causing customers to lose $870 million, the CFPB alleged.
OCC hits USAA with third order in five years; places limits on new services, products, membership
USAA Federal Savings Bank has been hit with its third cease and desist order from the Treasury Department’s Office of the Comptroller of the Currency in the past five years for failing to correct unsafe and unsound banking practices.
Criticism mounts against FCA amid growing calls for regulatory reform
When lawmakers slam the U.K.’s chief financial regulator as “incompetent,” it not only opens the doors for others to pile criticism on it, but it sparks a debate about how the organization can be improved–or removed.
FCA apologizes for mishandling fraud allegations against Collateral
The U.K. Financial Conduct Authority apologized to investors in peer-to-peer investment firm Collateral for not acting swiftly enough to prevent Collateral from defrauding its customers.
Becton Dickinson pays $175M for misleading investors about flawed IV pump system
Becton Dickinson medical device company will pay $175 million for “repeatedly” misleading investors about its Alaris infusion pump, a product the company knew was flawed and was sold without the required patient-safety approvals, the Securities and Exchange Commission said.
Bankrupt retailer Express avoids fine in SEC understated CEO perks case
The Securities and Exchange Commission charged bankrupt fashion retailer Express with failing to disclose nearly $1 million in perks to a former chief executive, but did not levy a financial penalty thanks to its cooperation, the SEC said.
Survey: Organizations broadly adopting AI, with varied governance
The majority of businesses are using AI and doing so without governance–a compliance gap that poses extreme risks, a new survey by Compliance Week and GAN Integrity found. A webinar will discuss why it is crucial to have AI governance, how to implement it, and what strategies to strengthen programs.
Minnesota transport company hit with sanctions violations for Cuba, Iran trade
A Minnesota transportation company agreed to pay nearly $258,000 to settle allegations that a subsidiaries violated sanctions against Cuba and Iran more than 80 times, the U.S. Treasury Department’s Office of Foreign Assets Control said.
McKinsey & Co. to pay $650M, improve compliance over opioid advice to Purdue Pharma
McKinsey & Co. will pay $650 million in penalties to the U.S. Department of Justice (DOJ) to settle charges that it advised Purdue Pharma on how to “turbocharge” the sale of Oxycontin in the middle of the U.S. opioid crisis.
SeaCrest to pay $375K to settle charges that it failed to supervise rogue adviser
New York-based SeaCrest Wealth Management will pay a $375,000 fine for failing to properly prevent a cherry-picking scheme perpetrated by one of its investment advisers.
Worries DOJ is ‘dumping’ AI responsibilities on compliance departments in ECCP update
When the DOJ released its revised Evaluation of Corporate Compliance Programs, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of AI tools by their firms.
U.K. can’t shake reputation of being a conduit to individual, institutional money laundering
London has long had the dubious reputation of being the world’s money laundering capital and it looks like it’s a title it is likely to retain for some time yet.
Compliance’s fit in AI governance: Reading between lines of DOJ’s updated ECCP guidance
The Department of Justice’s Evaluation of Corporate Compliance Programs has made the importance of artificial intelligence governance frameworks clear, but it didn’t say what role compliance should play. Here’s the answer.
SEC fines Morgan Stanley $15M to settle allegations of theft of client funds
A lack of supervision and internal controls at Morgan Stanley Smith Barney allowed four of its investment advisers to steal millions from customers before the behavior was detected, the SEC said in charging the firm.
Whistleblower’s defamation case reveals scope of USAA ‘coverup’
A defamation lawsuit filed by a whistleblower against USAA, which a Florida judge recently dismissed on a technicality, revealed in public court records an estimated 400,000 violations of the Military Lending Act by USAA Federal Savings Bank (USAA Bank), an indirect wholly owned subsidiary of USAA.
U.K., EU enforcement regimes set to escalate, but critics question sanctions’ effectiveness
With a new political regime ready to take over in the U.S., the effectiveness of sanctions against malign foreign actors like Russia, North Korea, and Iran have come into question. While the European Union and U.K. have increased sanctions pressure, critics have publicly asked: Is it enough?
Could your firm potentially be the subject of a DOJ whistleblower action? Time to get ready
Now that the U.S. Department of Justice launched a new pilot whistleblower program, many questions remain. What types of companies might find themselves to be the subject of a criminal investigation stemming from a whistleblower tip? And what should they do to prepare for a whistleblower tip?
Top E&C fails of 2024: Boeing, TD Bank, RTX/Raytheon on compliance naughty list
The biggest Compliance Fails of 2024 show the real-world consequences of noncompliance for the companies that faltered, but also for their customers and their employees.
Trump names Scott Bessent to be Treasury secretary, with a clear deregulation agenda
Hedge fund manager Scott Bessent, named by Donald Trump on Friday as his nominee for Treasury Secretary, has a clear mandate to deregulate the financial markets should he take the helm.
DOJ offers antitrust compliance guidance in ECCP update
The Department of Justice has added antitrust compliance guidance in an update to its Evaluation of Corporate Compliance Programs.
Book review: Larry D. Thompson’s memoir revisits lessons from VW, Enron, and PepsiCo.
Former U.S. Deputy Attorney General Larry D. Thompson participated in landmark legal cases, such as the Justice Department’s Enron investigation and the Volkswagen Independent Compliance Monitorship. Now his memoir looks back on his extensive career in compliance, offering profound insights into corporate culture, diversity, ethics, and integrity.
Good AI governance starts with proactive, continuous risk assessments
Data governance has become a key concern for companies, especially when the EU AI Act and General Data Protection Regulation have put a premium on handling data responsibly and ensuring that artificial intelligence does not cause harm.
Drexel Hamilton to pay $1.1M, four employees fined for ‘flipping’ municipal bonds
New York-based investment firm Drexel Hamilton will pay more than $1.1 million in penalties, with four current and former employees paying fines as well over committing hundreds of violations of rules regarding the sale of municipal bonds.
MetLife subsidiary fined $178K by OFAC for issuing premiums to Iran-controlled entities
A subsidiary of MetLife will pay more than $178,000 for violating U.S. sanctions on Iran when it provided insurance policies to entities in the United Arab Emirates owned or controlled by Iran.
How compliance monitoring can create a stronger foundation for AI, emerging technologies
The era of artificial intelligence adoption is testing the old ways of doing compliance, underscoring the need for continuous monitoring. Compliance isn’t a one-and-done activity, but sometimes organizational incentives and goals fail to prioritize the importance of this.
European Commission accuses Meta of anticompetive practices, issues $841M fine
Meta, the parent company of Facebook, has been fined nearly 798 million euros (U.S. $841 million) by the European Commission to resolve the agency’s long-running investigation into alleged “abusive practices” by Facebook Marketplace.
EU Deforestation Directive delayed, experts advise compliance managers to not rest on laurels
If your business uses leather, rubber, wood, beef, palm oil, soy, or paper, then you may need to comply with the EU Deforestation Directive, a new rule intended to ensure that no goods traded in the EU contribute to global deforestation.
DOJ orders Paragon Systems, subsidiary to pay $54M over front company contracts scheme
Paragon Systems, a Virginia-based security contractor, and a subsidiary will pay nearly $54 million to resolve allegations that its corporate executives–including its compliance manager–conspired to win Department of Homeland Security contracts by creating fraudulent small business front companies.
SEC orders Invesco to pay $17.5M over misleading investors about ESG assets
Invesco Advisors agreed to pay $17.5 million to the Securities and Exchange Commission to settle allegations that the company misled investors about the extent of its assets that included environmental, social, and governance factors.
Annual survey: Help us get ‘Inside the Mind of the CCO’
Compliance Week’s sixth annual “Inside the Mind” survey seeks to discover what makes CCOs and other risk and compliance practitioners tick. Take 10 minutes to share your experiences and be part of our special report.
U.K. sanctions 56 entities connected to Russia’s 'war machine'
The U.K. has issued 56 new sanctions against entities and individuals involved with Russia’s war effort, including several private mercenary groups operating in Africa that are connected to the Kremlin.
FINRA fines Morgan Stanley $1M for alleged documentation failures
The Financial Industry Regulatory Authority fined broker-dealer Morgan Stanley $1 million over alleged documentation failures related to risk management controls and supervisory procedures involving violations of the Market Access Rule.
White paper: Constructing a Cohesive Cybersecurity Foundation
The individual requirements for your security and risk operations are increasingly complex—and interconnected. Yet despite this increased interconnectivity, many organizations still manage their security operations (SecOps) and integrated risk management (IRM) functions in silos.
CPE Webcast: Compliant First AI: Risk Management Best Practices for Financial Institutions in 2025
Attend this Compliance Week webinar to synthesize the current ”state-of-play” for current and proposed rules for the ethical and responsible use of AI in financial services settings.
Meta discloses potential CFPB lawsuit following probe into advertising, disclosure practices
Meta disclosed in a public filing that an investigation by the Consumer Financial Protection Bureau related to financial product advertising on platforms Instagram and WhatsApp may lead to a lawsuit.
Election rules aimed to curb AI misuse may serve as regulatory warning for all advertisers
With the presidential election this week, one fear has remained on the minds of voters regardless of their political stripe–that artificial intelligence will be misused to change the outcome of the race.
Meta-backed EU appeals body facing conflicts of interest concerns
Ireland’s cozy relationship with big business and Big Tech has once again come under scrutiny after the country’s media regulator allowed a $15 million one-off funding payment from Meta’s Oversight Board Trust to help launch the newly formed Appeal Centre Europe.
JPMorgan Chase to pay $151M in penalties, restitution to settle disclosure lapses
Two affiliates of JPMorgan Chase have agreed to pay $151 million to settle five separate enforcement actions for making misleading disclosures, breaching fiduciary duties, and other failures related to investors.
Keys to a successful GenAI use policy: Clear roles, training, vendor management
For all the hype surrounding generative artificial intelligence, the technology has been met with a healthy skepticism in the compliance community. Compliance practitioners want to know: Is it safe? Can it be deployed ethically? Are the risks greater than the rewards? And what should an AI acceptable use policy contain?
Raytheon parent RTX settles false claims, defective pricing, Qatar FCPA violations for $950M
The other shoe finally dropped for Raytheon and parent company RTX, as two U.S. regulators announced nearly $1 billion in penalties to settle defective pricing in defense contracts, false claims related to inflated prices on government contracts, and bribes paid to government officials in Qatar that violated the FCPA.
Pace of innovation will make EU AI Act hard to enforce, experts say
Concerns about how robustly European member states may enforce the EU AI Act, which took effect on Aug. 1, are divided between if regulators will take a “light touch” approach or a sledgehammer for noncompliance. One thing’s for sure, the pace of AI innovation will make enforcement very difficult.
Photo gallery: Compliance Week Europe 2024
Compliance Week Europe, held Oct. 15-16 in Amsterdam in partnership with our sister organization the Internation Compliance Association, gathered more than 200 GRC professionals across industries. Check out some of the sights from the event.
Control and delete: How regulators can shutdown companies’ AI investments
Companies are increasingly putting their faith in AI to realize the kind of business benefits that the technology seems to promise, but they are also opening themselves up to new and potentially crippling sanctions if they are unable to answer questions that surround how AI operates.
SEC penalizes Rimar CEO, holding company board member $524K total for ‘AI washing’
The Securities and Exchange Commission ordered the owner of Rimar Capital and a board member of its holding company to pay nearly $524,000 in penalties for defrauding investors with false and misleading statements about its use of artificial intelligence.
TD Bank fined nearly $3.1B by U.S. regulators for AML compliance failures
TD Bank will pay nearly $3.1 billion in penalties to four U.S. regulators to settle charges that it “chose profits over compliance” when it allowed three money laundering networks to filter more than $670 million in dirty money through the company.
Photo gallery: Compliance Week AI & Compliance Summit
Compliance Week’s AI & Compliance Summit, held Oct. 8-9 at Boston University, gathered business leaders, academics, and government officials to discuss some of the biggest questions around AI, including business adoption standards, ethical guardrails, and its application in decision making. Check out some of the sights from the summit.
American Water Works discloses probe into cybersecurity breach
American Water Works Company, which supplies drinking water and wastewater to 14 million customers, disclosed a breach of its computer networks and system due to a cybersecurity incident.
Companies are slowing AI launches in Europe, some say European Union regulations are why
The European Union’s Digital Markets Act is forcing many Big Tech companies to postpone the launch of artificial intelligence-powered features, like Apple Intelligence, over user privacy and data security concerns.
New U.K. enforcement body piles pressure on sanctions evaders
Global sanctions rules are increasing rapidly, as are tools to detect and punish those who break them. In response, the U.K. government is creating a new Office of Trade Sanctions Implementation to investigate and penalize those who break sanctions rules.