Mobile health apps must follow FTC breach notice rule after update
Mobile health applications and similar technology must notify customers following a data breach or risk violating the Federal Trade Commission’s Health Breach Notification Rule, under a broad update approved by the agency.
TikTok bans mount across globe amid EU, U.S. crackdown
TikTok is suspending new features amid an inquiry by the European Commission into its compliance with the Digital Services Act, all while responding to a U.S. ban just signed into law.
CFTC commissioner calls for AI framework in commodities markets
A commissioner at the Commodity Futures Trading Commission is calling for the agency to launch initiatives addressing the use—and misuse—of artificial intelligence tools in commodities markets.
CW2024 panelists explain why BYOD at center of off-channel comms debate
The Department of Justice’s renewed scrutiny toward a corporation’s approach to the use of personal devices strengthens the case for companies to get away from bring your own device, a panelist at Compliance Week’s 2024 National Conference argued.
CPE Webcast: Unveiling survey results on future-proofing compliance
Uncover the challenges and opportunities that lie ahead and gain crucial insights to navigate the integration of artificial intelligence and advanced data analytics into your programs.
June 4 | Operationalizing Responsible AI: Developing a sustainable process to effectively manage risk
With recent advancements in generative technologies, the integration of AI into business operations has accelerated and thus, the concept of responsible AI has gained critical importance.
FCA exploring how Big Tech data can aid financial services
The U.K. Financial Conduct Authority reemphasized its desire to work with Big Tech firms to examine how their data might be useful to the financial industry.
SFO outlines five-year strategy amid ‘increasing pace of change’
The U.K.’s Serious Fraud Office said in a five-year strategic plan it’s “struggled to keep pace with demand” as ballooning casework shows no signs of slowing down.
Intersection of compliance, IT one of opportunity
With senior-level decisions on technology only increasing in frequency as new tools rapidly evolve, a panel at Compliance Week’s 2024 National Conference agreed compliance must consider the opportunities available to influence those conversations.
Focused on consumer privacy? Don’t forget employees’ rights
The implications of a privacy rights case involving a U.K.-based Uber Eats driver underscore a popular belief that companies prioritize protecting the personal information of their customers over the data rights of their employees.
SEC’s Grewal: General compliance principles for avoiding AI washing
Gurbir Grewal, director of the Securities and Exchange Commission’s Division of Enforcement, laid out general principles for “proactive compliance” to avoid making false or misleading claims about the capabilities of artificial intelligence products and services.
Highlights from Compliance Week 2024
Compliance officers took to the main stage to share their experiences at Compliance Week’s 2024 National Conference, while other highlights included conversations around artificial intelligence and the modern challenges the industry is confronting.
CFTC lauds Australian swap dealer’s cooperation in $500K enforcement
The Commodity Futures Trading Commission ordered an Australian swap dealer to pay $500,000 over admitted supervision failures related to a deficient spoofing surveillance tool.
AI expert at CW2024: Why AI needs compliance
If there was one takeaway Diana Kelley offered during her keynote address at Compliance Week’s 2024 National Conference, it was that artificial intelligence tools—especially generative AI—need compliance.
Need to know: How AI Act sets tone for AI regulation
The European Union’s AI Act follows a risk-based approach: the higher the risk the artificial intelligence poses, the stricter the rules. Understanding each category is key to compliance.
Treasury report identifies AI use ‘capability gap’ between large, small FIs
A Treasury Department report assessing the use of artificial intelligence tools by the financial sector identified a “growing capability gap” in in-house AI use between large and small financial institutions.
Big Tech practices draw early scrutiny under DSA, DMA
TikTok and X are under investigation related to their respective compliance with the European Union’s Digital Services Act, while the first three companies probed under the Digital Markets Act include Apple, Alphabet, and Meta.
OCC’s Hsu: ‘Sense of fairness’ key to bank compliance initiatives
Acting Comptroller of the Currency Michael Hsu argued banks should adopt a “strong sense of fairness” to bolster the effectiveness of their compliance programs, particularly regarding lending decisions guided by AI and machine learning tools.
Equinix probing short seller accusations amid DOJ scrutiny
Data center owner Equinix disclosed it launched an independent investigation to review matters referenced in a recent short seller report that also caught the attention of the Department of Justice.
Chapter 4: Investigations into misconduct: What banks can do
Both JPMorgan Chase and Deutsche Bank retained their respective Jeffrey Epstein relationships for too long. Yet, there is a case to be made for why exiting a high-risk relationship too soon can become an inverse form of recklessness.
Short seller accuses Equinix of ‘selling AI pipe dream,’ accounting manipulation
Data center owner Equinix boasts artificial intelligence as a boon to business when power consumption costs related to implementing AI could be detrimental to its profitability, according to short seller Hindenburg Research.
Delphia, Global Predictions fined by SEC in ‘AI washing’ cases
Delphia USA and Global Predictions agreed to pay a total of $400,000 to settle charges by the Securities and Exchange Commission the firms each engaged in artificial intelligence misrepresentations that misled clients about how they were using the technology.
Policy changes underscore need for enhanced child labor due diligence
Rooting out potential child or forced labor violations in your company’s supply chain can have benefits beyond protecting reputation and being ethically sound. The process can also help your firm comply with pending child labor laws in other jurisdictions.
Privacy by design a silver bullet for stemming AI risks?
The proliferation of artificial intelligence technologies—and their reliance on publicly available data—has reinforced the need for tech developers and the companies using their solutions to ensure privacy by design and by default is at the crux of any offering.
Monaco: ECCP update coming for management of AI risks
The Department of Justice is working on an update to its Evaluation of Corporate Compliance Programs guidance to spell out the responsibilities of compliance staff for managing artificial intelligence-related risks.
CW National 2024 preview: Former Albemarle CCO on FCPA case lessons
Andrew McBride, former chief risk and compliance officer at chemical company Albemarle Corp., joins the Compliance Week podcast with Aaron Nicodemus to preview his session at CW’s National Conference in Washington, D.C.
Green Dot estimates up to $50M in liabilities over proposed Fed order
Financial technology firm Green Dot Corp. estimated a pending consent order with the Federal Reserve Board will require a payment of between $20 million to $50 million.
‘AI washing’: What is it and why regulators are on watch
Federal agencies, including the Securities and Exchange Commission, Department of Justice, and Federal Trade Commission, are taking every opportunity to warn firms that how they use—and represent their use of—artificial intelligence could result in violations.
Treasury touts AI-enabled fraud recoveries totaling $375M
The Treasury Department announced its success using artificial intelligence to track down instances of check fraud—a potential preview of the results that might come if the agency applies AI in other enforcement-related circumstances.
CPE Webcast: Orchestrating operational resilience in financial services
Join us for an in-depth discussion on proven strategies, advanced technologies, and industry best practices that form the bedrock of operational resilience.
Compliance’s role in managing challenges related to employee side hustles
Employees engaging in side businesses—part-time jobs or new company creations—can introduce a myriad of risks for a company.
CW National 2024 preview: Diana Kelley on AI implications for compliance
Artificial intelligence expert Diana Kelley will discuss what AI means for organizations and explore the technology’s implications for compliance and enterprise risk as part of a keynote address at Compliance Week’s National Conference in Washington, D.C.
DOJ appoints first chief AI officer
On the heels of a warning by the deputy attorney general that the agency will seek stiffer penalties in cases involving the misuse of artificial intelligence, the Department of Justice announced Jonathan Mayer as its first chief AI officer.
Ten things I’m excited for at CW National 2024
A new month and a new venue but a lot of the same you love about Compliance Week’s National Conference. CW Editor in Chief Kyle Brasseur shares what he’s looking forward to most at the 2024 edition of the annual event.
e-Book: Solving the off-channel communications conundrum
Firms attempting to meet regulatory requirements for monitoring employee use of off-channel communications for business purposes face a bedeviling number of obstacles.
LRN survey: Compliance programs shifting focus from bribery, corruption
Many ethics and compliance programs have refocused their efforts away from bribery and corruption and onto data security and privacy, complex government regulations, artificial intelligence security, and other contemporary challenges, a survey from LRN found.
DAG Monaco: AI to be top DOJ enforcement priority
The Department of Justice will seek stiffer penalties in cases where the threat of misconduct was greater because of misuse of artificial intelligence, according to Deputy Attorney General Lisa Monaco.
Toeing the ‘fine line’ of cloud security compliance
When organizations move their data or operations to the cloud, the compliance team has their work cut out and then some, experts discussed at CW’s Cyber Risk & Data Privacy Summit.
CPE Webcast: Beyond the hype: How to use AI in GRC
Learn more about how and when artificial intelligence tools can be used to increase value in your governance, risk, and compliance program.
The blurred lines of employee monitoring under GDPR
The French data regulator’s fine against an Amazon warehouse manager for violating employees’ rights to privacy in the workplace once again raises questions about what constitutes an overzealous approach to employee monitoring and why companies fail to recognize the signs.
CPE Webcast: TPRM: Time to change how you approach vendor assessments
Forward-thinking third-party risk management teams are changing the way they approach vendor assessments.
Examining precedent set by French DPA’s Amazon employee monitoring fine
The decision by France’s data regulator to fine an Amazon warehouse manager for breaches of the General Data Protection Regulation over the way it monitored employee productivity raises questions about the reach data protection authorities have over corporate conduct.
Compliance with growing number of U.S. privacy laws ‘a matter of culture change’
Different deadlines associated with the 13 U.S. state privacy laws currently on the books, including grace periods and enforcement dates, have proven challenging for compliance, experts discussed at CW’s Cyber Risk & Data Privacy Summit.
Jury out on viability of AI in ESG reporting
Tech vendors believe ESG reporting is a ripe market for artificial intelligence to help companies sift through data and ensure compliance with both mandatory and voluntary reporting standards. Compliance officers appear less sure.
Deloitte survey: Companies unprepared for AI governance, risk challenges
Just 25 percent of corporate leaders felt their organizations were highly prepared to handle the governance and risk issues posed by generative artificial intelligence, a Deloitte survey found.
The pros and cons of generative AI in AML compliance
Generative artificial intelligence providers often promote their technologies as revolutionary tools that can enhance anti-money laundering processes. But the issues and shortcomings associated with the technologies must also be acknowledged.
CFTC seeking comment on applications of AI in compliance
The Commodity Futures Trading Commission would like to learn more about how regulated entities might be using artificial intelligence in their compliance efforts, along with other applications.
U.K. Post Office scandal sparks contractor accountability debate
The recent furor in the United Kingdom over the Post Office’s wrongful prosecutions of sub-postmasters for alleged fraud has put the government’s relationship with private contractors under the spotlight and raised questions about how companies could be held more accountable in future.
ICO seeking input on generative AI to inform guidance
The U.K. Information Commissioner’s Office is seeking input from developers, users, and those interested in generative artificial intelligence to help inform policy and guidance regarding the technology.
FCA sets out data ambitions, challenges firms to keep pace
Experts expect improvements in the U.K. Financial Conduct Authority’s use of data and reporting means a heightened obligation for timely compliance by companies subject to its remit.