e-Book: Tackling Third Party Risk In A Global World
TPRM has always been a tough subject, requiring regular monitoring and audits to be done right. But until recently, it was something companies chose to do.
Photo gallery: Ethics & Compliance Summit
Compliance Week’s Ethics and Compliance Summit, held March 19-20 in Boston, Mass., gathered legal, compliance, and risk professionals to share best practices and engage in discussions on timely topics, regulatory developments, and effective strategies to foster an ethical culture.
CCO who was ‘sole person controlling’ investment firm charged with recidivist concentration violations
An investment company and its founder, president, and chief compliance officer flagrantly kept violating mutual fund rules for multiple years after settling with the Securities and Exchange Commission, the SEC said in a complaint against the company.
Expert: Treasury’s move to ‘narrow’ BOI requirements would gut AML law
The U.S. Treasury’s effort to dramatically narrow the focus of the Corporate Transparency Act through “emergency” rulemaking would gut the law’s anti-money laundering efforts, a transparency expert said.
FRC launches probe into MacIntyre Hudson’s 2022 audit of collapsed LSG
The U.K. Financial Reporting Council has launched an investigation into MacIntyre Hudson’s audit of collapsed construction company ISG Limited, which abruptly entered administration in September, laying off 2,200 workers.
Experts: Companies ‘underestimate risk’ as first provisions of EU AI Act come into force
A European Union-wide ban on AI systems with “unacceptable” risk came into force on Feb. 2 as the first provisions of the EU’s AI Act took effect. Problems persist, however, over what the legislation requires and what corporate practices or uses of data may risk flouting the rules.
SEC postpones compliance date for amendments to investment company names rule
Investment companies will have six additional months to comply with an update to the Securities and Exchange Commission rule aimed at making investment fund names more accurate.
‘Abject failure’: U.K. lawmakers sound off on FCA’s failed 'naming and shaming' enforcement
U.K. lawmakers slammed the country’s chief financial regulator’s hopes of “naming and shaming” firms as part of its efforts to beef up enforcement, denting its credibility in the process and questioning the leadership of its chief executive.
Apr. 17 | Taking a data-first, questionnaire-second approach to TPRM
Join us for a live webcast to learn how the newest risk exchange models are eliminating 80 percent of questionnaire requests with data.
PCAOB fines KPMG units $3.4M, PwC Singapore $1.5M for audit, independence violations
Nine affiliates of KPMG agreed to pay a total of nearly $3.4 million for alleged violations of audit and quality control standards, while PwC Singapore will pay $1.5 million to settle separate allegation that the firm manipulated independence compliance reporting.
EU drives ‘omnibus’ of simplifications through landmark sustainability reporting directives
The European Commission has adopted proposals for radical simplifications to the EU’s trailblazing environmental regulations. The commissioners argue that this is a pragmatic response to changing global economics and indicates that they have listened to the concerns of smaller businesses that are struggling to comply with onerous and conflicting rules.
Survey: The State of Third-Party Due Diligence
This is a Compliance Week Survey, sponsored by GAN Integrity. It is completely anonymous and designed to help benchmark the state of third-party due diligence. Results will be shared by Compliance Week and GAN Integrity in the form of a benchmark report.
Why are CFOs struggling to stay compliant?
CFOs are tasked with overseeing an organization’s entire financial processes, not least ensuring that financial operations remain compliant with the multitude of global regulations. It’s a heavy burden to carry that might be alleviated slightly with the help of artificial intelligence, writes Markus Hornburg, head of compliance at Basware.
Investment scammers, other fraudsters scored billions from consumers in 2024, FTC reports
The public reported a 25 percent increase in losses–totaling more than $12.5 billion in 2024–to investment scams, tech rip-offs, and general fraud, according to an analysis by the Federal Trade Commission.
CPE Webcast: Adapting to new FCC rules: Revocation of consent and beyond
Prior consent is a key component of telecommunications compliance frameworks like the FCC’s TCPA. Big changes are coming April 11 that will impact how consumers can revoke consent or “opt out” of communications under the law.
As DOJ pivots away from white-collar enforcement, is FCPA still relevant?
While executives and boards will never conclude that bribery is a legitimate way of doing business, understandably many have questions about how to direct their FCPA compliance program efforts and resources, write Iris Bennett and Claire Rajan, partners at law firm Steptoe.
Shareholders back Apple sticking to DEI goals as Trump blasts move
Tech giant Apple solidified its commitment to diversity, equity, and inclusion at its annual shareholder meeting on Tuesday, with 97 percent of shareholders rejecting an anti-DEI proposal, according to a public filing.
Summit will offer framework for ethical AI use
Artificial intelligence tools are being adopted at a rapid clip in many organizations, in some cases without proper guardrails and without taking ethical considerations into account.
Experts explain why IIA's new global audit rules will be 'central' to securing high-quality assurance
Compliance teams should expect more support from their organization’s internal audit functions. That is the clear message from the Institute of Internal Auditors, the global body of national affiliated internal audit institutes, which has just put into action its new Global Internal Audit Standards.
FinCEN announces FATF watchlist update: Laos, Nepal added, Philippines removed
The Treasury Department’s Financial Crimes Enforcement Network (FinCEN) announced two countries have been added to the Financial Action Task Force (FATF) watchlist, while another has been removed.
CPE Webcast: The 2025 Compliance Playbook: Addressing top risks and priorities
In this webinar, Resolver will present exclusive insights from our latest Compliance Week survey, exploring the strategic priorities for 2025 and how organizations can adapt to emerging challenges.
CFTC first agency to describe self-reporting credit under Trump
The CFTC issued new guidance for firms seeking to self-report misconduct, accompanied by a “mitigation credit index” that details how “exemplary” cooperation and remediation can knock up to 55 percent off the final penalty. The agency is the first enforcement agency to issue self-reporting guidance under President Donald Trump.
Former Deloitte partner dinged by PCAOB for failures in Bancolombia audit
A former Deloitte partner will pay $75,000 and be barred from working as a public company registered accountant for two years by the Public Company Accounting Oversight Board after violating audit standards during a 2016 audit.
Trump has called for a six-month ban on FCPA enforcement. How should compliance respond?
With a six-month ban on enforcement of the Foreign Corrupt Practices Act, compliance should retreat from fear-based messaging and instead focus on why ethical practices make good business sense, experts say.
Photo gallery: Cyber Risk & Data Privacy Summit
Compliance Week’s Cyber Risk & Data Privacy Summit, held Feb. 10-11 in Alexandria, Va., gathered legal, compliance, and risk professionals in person for the first time since before the pandemic to benchmark best practices on managing cyber risks.
What’s keeping compliance leaders up at night? Struggles and strategies for 2025
Managing the unrelenting pace and increasing complexity of regulations is the top concern among compliance professionals, according to a recent survey by Compliance Week and Resolver.
Experts: Prepare now with U.K. failure to prevent fraud offense on horizon
Fraud prevention is about to get more complicated with penalties rising sharply for U.K. organizations. Starting Sept. 1, larger businesses will be liable to criminal prosecution if any of their employees–or an agent, subsidiary, or other “associated person”–commits fraud that is intended to benefit the company.
CW nomination deadline for 2025 ‘Excellence in Compliance Awards’ closed
The nomination deadline has closed for Compliance Week’s sixth annual “Excellence in Compliance Awards.”
GM sued by FTC for selling location and behavioral data without drivers' consent
General Motors failed to disclose to customers that it tracked their precise locations and driving behavior and sold the data to third parties, the Federal Trade Commission alleged in a proposed order.
SEC issues $63M in fines to dozen firms in ongoing off-channel comms sweep
Twelve more firms have been dinged with fines by the Securities and Exchange Commission for failing to properly supervise employees who used off-channel communications to conduct company business. In this latest round of enforcement actions, nine investment advisers and three broker-dealers will pay a total of $63 million.
Experian failed to correct flawed financial data about consumers, CFPB complaint alleges
Experian, the credit reporting giant, let compliance slide when it came to addressing consumer complaints about incorrect data, the Consumer Financial Protection Bureau said in a lawsuit against the credit agency.
Portuguese bank ousts chief risk officer after ‘suspicious’ transactions uncovered
Portuguese bank Novo Banco, S.A., fired Chief Risk Officer Carlos Jorge Ferreira Brandão “with just cause” after an internal probe discovered “suspicious financial transactions” in his sphere.
Experts unsure of risk appetite as EU beefs up cyber rules for critical infrastructure
New rules on cyber risk management across the EU put execs firmly in the crosshairs for noncompliance and are likely to apply to a wider range of organizations than many business leaders may initially think. However, there are also concerns that the rules may become muddled across the wide bloc.
TPRM critical as DORA, new FCA third-party engagement rules come into effect in 2025
New rules that push IT firms providing “critical” services to the U.K.’s financial sector to share more data about cyberattacks and resiliency measures have been welcomed by industry experts. However, concerns remain over how suppliers will be classified and how key data might be gathered and shared.
Google’s fate under Trump could be a sign of antitrust battles to come in 2025
As Donald Trump begins his transition to become president, there are questions about the fate of tech companies, as well as regulators from multiple administrations. Google in particular is fighting a high-profile antitrust ruling after an investigation started by Trump in 2020 could be resolved in his next administration.
Top 5 risks for 2025: U.S. uncertainty, global trade war, digital attacks
A prominent risk management firm has issued its predictions for the top five risks for business in 2025, along with guidance for how organizations should prepare and respond.
Five more compliance triumphs of 2024
Whether you’re a multinational telecommunications company looking to certify your anti-corruption program post-settlement, or a biochemical company victimized by a “rogue” employee, seeing the light at the end of the enforcement tunnel isn’t always easy.
OCC orders Bank of America to shore up BSA/AML, sanctions compliance programs
Bank of America avoided a monetary penalty in agreeing to settle charges with the Treasury Department’s Office of the Comptroller of the Currency but was ordered to shore up previously disclosed deficiencies in its Bank Secrecy Act/anti-money laundering (BSA/AML) and sanctions compliance programs.
CFPB sues big banks behind money transfer app Zelle over lax oversight, fraud
JPMorgan Chase, Wells Fargo Bank, Bank of America, and the company behind online money transfer app Zelle were sued by the Consumer Financial Protection Bureau for allegedly failing to safeguard Zelle’s network and causing customers to lose $870 million, the CFPB alleged.
OCC hits USAA with third order in five years; places limits on new services, products, membership
USAA Federal Savings Bank has been hit with its third cease and desist order from the Treasury Department’s Office of the Comptroller of the Currency in the past five years for failing to correct unsafe and unsound banking practices.
Criticism mounts against FCA amid growing calls for regulatory reform
When lawmakers slam the U.K.’s chief financial regulator as “incompetent,” it not only opens the doors for others to pile criticism on it, but it sparks a debate about how the organization can be improved–or removed.
FCA apologizes for mishandling fraud allegations against Collateral
The U.K. Financial Conduct Authority apologized to investors in peer-to-peer investment firm Collateral for not acting swiftly enough to prevent Collateral from defrauding its customers.
Becton Dickinson pays $175M for misleading investors about flawed IV pump system
Becton Dickinson medical device company will pay $175 million for “repeatedly” misleading investors about its Alaris infusion pump, a product the company knew was flawed and was sold without the required patient-safety approvals, the Securities and Exchange Commission said.
Bankrupt retailer Express avoids fine in SEC understated CEO perks case
The Securities and Exchange Commission charged bankrupt fashion retailer Express with failing to disclose nearly $1 million in perks to a former chief executive, but did not levy a financial penalty thanks to its cooperation, the SEC said.
Survey: Organizations broadly adopting AI, with varied governance
The majority of businesses are using AI and doing so without governance–a compliance gap that poses extreme risks, a new survey by Compliance Week and GAN Integrity found. A webinar will discuss why it is crucial to have AI governance, how to implement it, and what strategies to strengthen programs.
Minnesota transport company hit with sanctions violations for Cuba, Iran trade
A Minnesota transportation company agreed to pay nearly $258,000 to settle allegations that a subsidiaries violated sanctions against Cuba and Iran more than 80 times, the U.S. Treasury Department’s Office of Foreign Assets Control said.
McKinsey & Co. to pay $650M, improve compliance over opioid advice to Purdue Pharma
McKinsey & Co. will pay $650 million in penalties to the U.S. Department of Justice (DOJ) to settle charges that it advised Purdue Pharma on how to “turbocharge” the sale of Oxycontin in the middle of the U.S. opioid crisis.
SeaCrest to pay $375K to settle charges that it failed to supervise rogue adviser
New York-based SeaCrest Wealth Management will pay a $375,000 fine for failing to properly prevent a cherry-picking scheme perpetrated by one of its investment advisers.
Worries DOJ is ‘dumping’ AI responsibilities on compliance departments in ECCP update
When the DOJ released its revised Evaluation of Corporate Compliance Programs, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of AI tools by their firms.
U.K. can’t shake reputation of being a conduit to individual, institutional money laundering
London has long had the dubious reputation of being the world’s money laundering capital and it looks like it’s a title it is likely to retain for some time yet.