CW accepting nominations for 2025 ‘Excellence in Compliance Awards’
Nominations are open for Compliance Week’s sixth annual “Excellence in Compliance Awards,” with a deadline of Feb. 14
GM sued by FTC for selling location and behavioral data without drivers' consent
General Motors failed to disclose to customers that it tracked their precise locations and driving behavior and sold the data to third parties, the Federal Trade Commission alleged in a proposed order.
SEC issues $63M in fines to dozen firms in ongoing off-channel comms sweep
Twelve more firms have been dinged with fines by the Securities and Exchange Commission for failing to properly supervise employees who used off-channel communications to conduct company business. In this latest round of enforcement actions, nine investment advisers and three broker-dealers will pay a total of $63 million.
Experian failed to correct flawed financial data about consumers, CFPB complaint alleges
Experian, the credit reporting giant, let compliance slide when it came to addressing consumer complaints about incorrect data, the Consumer Financial Protection Bureau said in a lawsuit against the credit agency.
Portuguese bank ousts chief risk officer after ‘suspicious’ transactions uncovered
Portuguese bank Novo Banco, S.A., fired Chief Risk Officer Carlos Jorge Ferreira Brandão “with just cause” after an internal probe discovered “suspicious financial transactions” in his sphere.
Experts unsure of risk appetite as EU beefs up cyber rules for critical infrastructure
New rules on cyber risk management across the EU put execs firmly in the crosshairs for noncompliance and are likely to apply to a wider range of organizations than many business leaders may initially think. However, there are also concerns that the rules may become muddled across the wide bloc.
TPRM critical as DORA, new FCA third-party engagement rules come into effect in 2025
New rules that push IT firms providing “critical” services to the U.K.’s financial sector to share more data about cyberattacks and resiliency measures have been welcomed by industry experts. However, concerns remain over how suppliers will be classified and how key data might be gathered and shared.
Google’s fate under Trump could be a sign of antitrust battles to come in 2025
As Donald Trump begins his transition to become president, there are questions about the fate of tech companies, as well as regulators from multiple administrations. Google in particular is fighting a high-profile antitrust ruling after an investigation started by Trump in 2020 could be resolved in his next administration.
Top 5 risks for 2025: U.S. uncertainty, global trade war, digital attacks
A prominent risk management firm has issued its predictions for the top five risks for business in 2025, along with guidance for how organizations should prepare and respond.
Five more compliance triumphs of 2024
Whether you’re a multinational telecommunications company looking to certify your anti-corruption program post-settlement, or a biochemical company victimized by a “rogue” employee, seeing the light at the end of the enforcement tunnel isn’t always easy.
OCC orders Bank of America to shore up BSA/AML, sanctions compliance programs
Bank of America avoided a monetary penalty in agreeing to settle charges with the Treasury Department’s Office of the Comptroller of the Currency but was ordered to shore up previously disclosed deficiencies in its Bank Secrecy Act/anti-money laundering (BSA/AML) and sanctions compliance programs.
CFPB sues big banks behind money transfer app Zelle over lax oversight, fraud
JPMorgan Chase, Wells Fargo Bank, Bank of America, and the company behind online money transfer app Zelle were sued by the Consumer Financial Protection Bureau for allegedly failing to safeguard Zelle’s network and causing customers to lose $870 million, the CFPB alleged.
OCC hits USAA with third order in five years; places limits on new services, products, membership
USAA Federal Savings Bank has been hit with its third cease and desist order from the Treasury Department’s Office of the Comptroller of the Currency in the past five years for failing to correct unsafe and unsound banking practices.
Criticism mounts against FCA amid growing calls for regulatory reform
When lawmakers slam the U.K.’s chief financial regulator as “incompetent,” it not only opens the doors for others to pile criticism on it, but it sparks a debate about how the organization can be improved–or removed.
FCA apologizes for mishandling fraud allegations against Collateral
The U.K. Financial Conduct Authority apologized to investors in peer-to-peer investment firm Collateral for not acting swiftly enough to prevent Collateral from defrauding its customers.
Becton Dickinson pays $175M for misleading investors about flawed IV pump system
Becton Dickinson medical device company will pay $175 million for “repeatedly” misleading investors about its Alaris infusion pump, a product the company knew was flawed and was sold without the required patient-safety approvals, the Securities and Exchange Commission said.
Bankrupt retailer Express avoids fine in SEC understated CEO perks case
The Securities and Exchange Commission charged bankrupt fashion retailer Express with failing to disclose nearly $1 million in perks to a former chief executive, but did not levy a financial penalty thanks to its cooperation, the SEC said.
Survey: Organizations broadly adopting AI, with varied governance
The majority of businesses are using AI and doing so without governance–a compliance gap that poses extreme risks, a new survey by Compliance Week and GAN Integrity found. A webinar will discuss why it is crucial to have AI governance, how to implement it, and what strategies to strengthen programs.
Minnesota transport company hit with sanctions violations for Cuba, Iran trade
A Minnesota transportation company agreed to pay nearly $258,000 to settle allegations that a subsidiaries violated sanctions against Cuba and Iran more than 80 times, the U.S. Treasury Department’s Office of Foreign Assets Control said.
McKinsey & Co. to pay $650M, improve compliance over opioid advice to Purdue Pharma
McKinsey & Co. will pay $650 million in penalties to the U.S. Department of Justice (DOJ) to settle charges that it advised Purdue Pharma on how to “turbocharge” the sale of Oxycontin in the middle of the U.S. opioid crisis.
SeaCrest to pay $375K to settle charges that it failed to supervise rogue adviser
New York-based SeaCrest Wealth Management will pay a $375,000 fine for failing to properly prevent a cherry-picking scheme perpetrated by one of its investment advisers.
Worries DOJ is ‘dumping’ AI responsibilities on compliance departments in ECCP update
When the DOJ released its revised Evaluation of Corporate Compliance Programs, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of AI tools by their firms.
U.K. can’t shake reputation of being a conduit to individual, institutional money laundering
London has long had the dubious reputation of being the world’s money laundering capital and it looks like it’s a title it is likely to retain for some time yet.
Compliance’s fit in AI governance: Reading between lines of DOJ’s updated ECCP guidance
The Department of Justice’s Evaluation of Corporate Compliance Programs has made the importance of artificial intelligence governance frameworks clear, but it didn’t say what role compliance should play. Here’s the answer.
SEC fines Morgan Stanley $15M to settle allegations of theft of client funds
A lack of supervision and internal controls at Morgan Stanley Smith Barney allowed four of its investment advisers to steal millions from customers before the behavior was detected, the SEC said in charging the firm.
Whistleblower’s defamation case reveals scope of USAA ‘coverup’
A defamation lawsuit filed by a whistleblower against USAA, which a Florida judge recently dismissed on a technicality, revealed in public court records an estimated 400,000 violations of the Military Lending Act by USAA Federal Savings Bank (USAA Bank), an indirect wholly owned subsidiary of USAA.
U.K., EU enforcement regimes set to escalate, but critics question sanctions’ effectiveness
With a new political regime ready to take over in the U.S., the effectiveness of sanctions against malign foreign actors like Russia, North Korea, and Iran have come into question. While the European Union and U.K. have increased sanctions pressure, critics have publicly asked: Is it enough?
Could your firm potentially be the subject of a DOJ whistleblower action? Time to get ready
Now that the U.S. Department of Justice launched a new pilot whistleblower program, many questions remain. What types of companies might find themselves to be the subject of a criminal investigation stemming from a whistleblower tip? And what should they do to prepare for a whistleblower tip?
Top ethics and compliance failures of 2024
The biggest Compliance Fails of 2024 show the real-world consequences of noncompliance for the companies that faltered, but also for their customers and their employees.
Trump names Scott Bessent to be Treasury secretary, with a clear deregulation agenda
Hedge fund manager Scott Bessent, named by Donald Trump on Friday as his nominee for Treasury Secretary, has a clear mandate to deregulate the financial markets should he take the helm.
DOJ offers antitrust compliance guidance in ECCP update
The Department of Justice has added antitrust compliance guidance in an update to its Evaluation of Corporate Compliance Programs.
Book review: Larry D. Thompson’s memoir revisits lessons from VW, Enron, and PepsiCo.
Former U.S. Deputy Attorney General Larry D. Thompson participated in landmark legal cases, such as the Justice Department’s Enron investigation and the Volkswagen Independent Compliance Monitorship. Now his memoir looks back on his extensive career in compliance, offering profound insights into corporate culture, diversity, ethics, and integrity.
Good AI governance starts with proactive, continuous risk assessments
Data governance has become a key concern for companies, especially when the EU AI Act and General Data Protection Regulation have put a premium on handling data responsibly and ensuring that artificial intelligence does not cause harm.
Drexel Hamilton to pay $1.1M, four employees fined for ‘flipping’ municipal bonds
New York-based investment firm Drexel Hamilton will pay more than $1.1 million in penalties, with four current and former employees paying fines as well over committing hundreds of violations of rules regarding the sale of municipal bonds.
MetLife subsidiary fined $178K by OFAC for issuing premiums to Iran-controlled entities
A subsidiary of MetLife will pay more than $178,000 for violating U.S. sanctions on Iran when it provided insurance policies to entities in the United Arab Emirates owned or controlled by Iran.
How compliance monitoring can create a stronger foundation for AI, emerging technologies
The era of artificial intelligence adoption is testing the old ways of doing compliance, underscoring the need for continuous monitoring. Compliance isn’t a one-and-done activity, but sometimes organizational incentives and goals fail to prioritize the importance of this.
European Commission accuses Meta of anticompetive practices, issues $841M fine
Meta, the parent company of Facebook, has been fined nearly 798 million euros (U.S. $841 million) by the European Commission to resolve the agency’s long-running investigation into alleged “abusive practices” by Facebook Marketplace.
EU Deforestation Directive delayed, experts advise compliance managers to not rest on laurels
If your business uses leather, rubber, wood, beef, palm oil, soy, or paper, then you may need to comply with the EU Deforestation Directive, a new rule intended to ensure that no goods traded in the EU contribute to global deforestation.
DOJ orders Paragon Systems, subsidiary to pay $54M over front company contracts scheme
Paragon Systems, a Virginia-based security contractor, and a subsidiary will pay nearly $54 million to resolve allegations that its corporate executives–including its compliance manager–conspired to win Department of Homeland Security contracts by creating fraudulent small business front companies.
SEC orders Invesco to pay $17.5M over misleading investors about ESG assets
Invesco Advisors agreed to pay $17.5 million to the Securities and Exchange Commission to settle allegations that the company misled investors about the extent of its assets that included environmental, social, and governance factors.
Annual survey: Help us get ‘Inside the Mind of the CCO’
Compliance Week’s sixth annual “Inside the Mind” survey seeks to discover what makes CCOs and other risk and compliance practitioners tick. Take 10 minutes to share your experiences and be part of our special report.
U.K. sanctions 56 entities connected to Russia’s 'war machine'
The U.K. has issued 56 new sanctions against entities and individuals involved with Russia’s war effort, including several private mercenary groups operating in Africa that are connected to the Kremlin.
FINRA fines Morgan Stanley $1M for alleged documentation failures
The Financial Industry Regulatory Authority fined broker-dealer Morgan Stanley $1 million over alleged documentation failures related to risk management controls and supervisory procedures involving violations of the Market Access Rule.
White paper: Constructing a Cohesive Cybersecurity Foundation
The individual requirements for your security and risk operations are increasingly complex—and interconnected. Yet despite this increased interconnectivity, many organizations still manage their security operations (SecOps) and integrated risk management (IRM) functions in silos.
CPE Webcast: Compliant First AI: Risk Management Best Practices for Financial Institutions in 2025
Attend this Compliance Week webinar to synthesize the current ”state-of-play” for current and proposed rules for the ethical and responsible use of AI in financial services settings.
Meta discloses potential CFPB lawsuit following probe into advertising, disclosure practices
Meta disclosed in a public filing that an investigation by the Consumer Financial Protection Bureau related to financial product advertising on platforms Instagram and WhatsApp may lead to a lawsuit.
Election rules aimed to curb AI misuse may serve as regulatory warning for all advertisers
With the presidential election this week, one fear has remained on the minds of voters regardless of their political stripe–that artificial intelligence will be misused to change the outcome of the race.
Meta-backed EU appeals body facing conflicts of interest concerns
Ireland’s cozy relationship with big business and Big Tech has once again come under scrutiny after the country’s media regulator allowed a $15 million one-off funding payment from Meta’s Oversight Board Trust to help launch the newly formed Appeal Centre Europe.
JPMorgan Chase to pay $151M in penalties, restitution to settle disclosure lapses
Two affiliates of JPMorgan Chase have agreed to pay $151 million to settle five separate enforcement actions for making misleading disclosures, breaching fiduciary duties, and other failures related to investors.
Keys to a successful GenAI use policy: Clear roles, training, vendor management
For all the hype surrounding generative artificial intelligence, the technology has been met with a healthy skepticism in the compliance community. Compliance practitioners want to know: Is it safe? Can it be deployed ethically? Are the risks greater than the rewards? And what should an AI acceptable use policy contain?