CPSC fines Google-owned Fitbit $12M for failing to report smartwatch burn hazard
The U.S. Consumer Product Safety Commission ordered Google-owned Fitbit to pay more than $12 million and comply with certain undertakings to settle allegations the company knowingly failed to report a serious burning hazard with its Ionic smartwatches.
Experts say DORA compliance not coming easy as more firms pass buck to IT providers
New rules have come into effect across the European Union to promote better cybersecurity and IT resilience across the financial services sector, but experts warn that compliance is likely to be patchy and regulatory enforcement across the bloc perhaps even patchier.
Trump gives TikTok 75-day reprieve after ban goes into effect
President Donald Trump signed an executive order Monday delaying the Department of Justice (DOJ) from enforcing the long-awaited TikTok ban. While the social media platform’s fate is still up in the air, Trump signaled his support for it being sold, with the U.S. as a “partner.”
Cash App owner Block to pay $175M over fraud caused by lax consumer protection practices
Block, the owner of Cash App and Square, will pay $175 million to settle allegations that its lax consumer protection practices put customers at high risk of fraud, the Consumer Financial Protection Bureau said.
FTC orders Mobilewalla, Gravy Analytics to stop collecting geolocation data without permission
Two large data brokers, Mobilewalla and Gravy Analytics, collected billions of records containing sensitive geolocation and personal data of millions of people, and then sold it without their consent, the Federal Trade Commission said.
Musk sued by SEC for failing to disclose Twitter stock purchases quickly enough
Elon Musk, the world’s wealthiest person and the apparent right-hand man of incoming U.S. president Donald Trump, has been taken to court for a third time by the Securities and Exchange Commission for allegedly violating securities law.
White House, BIS attempt to strengthen AI chip export controls in final days of Biden presidency
In tandem with the Commerce Department’s Bureau of Industry and Security, the Biden administration issued a new rule on export controls of domestically produced artificial intelligence chips.
New CFPB payment privacy rule on the way for gaming companies, cryptocurrencies, Big Tech
The Consumer Financial Protection Bureau has issued a proposed rule aimed at protecting the privacy of the public when using novel digital payment systems, such as those offered by large technology platforms and video gaming companies.
Experian failed to correct flawed financial data about consumers, CFPB complaint alleges
Experian, the credit reporting giant, let compliance slide when it came to addressing consumer complaints about incorrect data, the Consumer Financial Protection Bureau said in a lawsuit against the credit agency.
Google’s fate under Trump could be a sign of antitrust battles to come in 2025
As Donald Trump begins his transition to become president, there are questions about the fate of tech companies, as well as regulators from multiple administrations. Google in particular is fighting a high-profile antitrust ruling after an investigation started by Trump in 2020 could be resolved in his next administration.
Data analytics in compliance: Time to get started, or expand, in 2025
Launching or expanding a corporate data analytics program for compliance can seem like a daunting task, but it is one worth adding to your to-do list in 2025.
Top 5 risks for 2025: U.S. uncertainty, global trade war, digital attacks
A prominent risk management firm has issued its predictions for the top five risks for business in 2025, along with guidance for how organizations should prepare and respond.
Rytr agrees to halt fake AI review service in settlement with FTC
Purported “testimonial and review” service Rytr agreed to stop selling its program that used artificial intelligence to create fake content as part of a consent order with the Federal Trade Commission.
CFPB sues big banks behind money transfer app Zelle over lax oversight, fraud
JPMorgan Chase, Wells Fargo Bank, Bank of America, and the company behind online money transfer app Zelle were sued by the Consumer Financial Protection Bureau for allegedly failing to safeguard Zelle’s network and causing customers to lose $870 million, the CFPB alleged.
EU AI Act next GDPR? Proof in the pudding as boardrooms prioritize data governance
Breaches of the EU’s GDPR can cost companies substantial sums and huge reputational damage. Now some are warning that the implementation of the EU’s AI Act will be just as far-reaching, and could potentially lead to similar numbers of cases.
’Future-proofing’ products for safety next level of regulation under EU GPSR
Any product that uses AI needs to be safety assessed for its entire lifespan under new rules that went into effect recently across the EU. Experts warned companies using AI to tailor products could be classed as “manufacturers” and face the same duty of care as developed.
Survey: Organizations broadly adopting AI, with varied governance
The majority of businesses are using AI and doing so without governance–a compliance gap that poses extreme risks, a new survey by Compliance Week and GAN Integrity found. A webinar will discuss why it is crucial to have AI governance, how to implement it, and what strategies to strengthen programs.
Worries DOJ is ‘dumping’ AI responsibilities on compliance departments in ECCP update
When the DOJ released its revised Evaluation of Corporate Compliance Programs, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of AI tools by their firms.
Compliance’s fit in AI governance: Reading between lines of DOJ’s updated ECCP guidance
The Department of Justice’s Evaluation of Corporate Compliance Programs has made the importance of artificial intelligence governance frameworks clear, but it didn’t say what role compliance should play. Here’s the answer.
CPE Webcast: Fostering a learning culture to drive innovation
Discover the vital role company culture plays in not only embracing new technologies and processes but also driving continuous improvement through a commitment to learning and a growth mindset.
Proposed CFPB rule would attempt to rein in data broker buying, selling
Data brokers have been getting away with selling Americans’ personal and financial data without adequate protections, an illegal practice that a new rule proposed by the Consumer Financial Protection Bureau will intend to stop, CFPB Director Rohit Chopra said.
Good AI governance starts with proactive, continuous risk assessments
Data governance has become a key concern for companies, especially when the EU AI Act and General Data Protection Regulation have put a premium on handling data responsibly and ensuring that artificial intelligence does not cause harm.
How compliance monitoring can create a stronger foundation for AI, emerging technologies
The era of artificial intelligence adoption is testing the old ways of doing compliance, underscoring the need for continuous monitoring. Compliance isn’t a one-and-done activity, but sometimes organizational incentives and goals fail to prioritize the importance of this.
European Commission accuses Meta of anticompetive practices, issues $841M fine
Meta, the parent company of Facebook, has been fined nearly 798 million euros (U.S. $841 million) by the European Commission to resolve the agency’s long-running investigation into alleged “abusive practices” by Facebook Marketplace.
FinCEN alerts financial institutions to be wary of AI-enabled deepfakes
The U.S. Department of the Treasury’s Financial Crimes Enforcement Network issued an alert to financial institutions about their obligations to report deepfakes, warning artificial intelligence has given bad actors additional tools in their arsenal.
Annual survey: Help us get ‘Inside the Mind of the CCO’
Compliance Week’s sixth annual “Inside the Mind” survey seeks to discover what makes CCOs and other risk and compliance practitioners tick. Take 10 minutes to share your experiences and be part of our special report.
Meta discloses potential CFPB lawsuit following probe into advertising, disclosure practices
Meta disclosed in a public filing that an investigation by the Consumer Financial Protection Bureau related to financial product advertising on platforms Instagram and WhatsApp may lead to a lawsuit.
Meta-backed EU appeals body facing conflicts of interest concerns
Ireland’s cozy relationship with big business and Big Tech has once again come under scrutiny after the country’s media regulator allowed a $15 million one-off funding payment from Meta’s Oversight Board Trust to help launch the newly formed Appeal Centre Europe.
Speakers at Compliance Week AI & Compliance Summit talk future rules around technology
While companies are exploring and building artificial intelligence technology, lawmakers and regulators are trying to identify what ground rules they need to set. These guardrails are what companies and governments alike believe are essential parts of ensuring safe and responsible use of the technology.
Treasury set to block investment flow on American AI, semiconductor tech to China
The U.S. Treasury Department has issued a final rule–and created a new division to oversee it–that will attempt to limit outbound investments to China related to sensitive technologies with military applications.
AI & Compliance Summit: Regs discuss artificial intelligence guardrails for financial services
Artificial intelligence is an exciting, new technology and it is well-regulated by old laws and rules already on the books, financial regulators said at Compliance Week’s AI & Compliance Summit at Boston University.
How to adopt AI tools the right way at your company, from people who’ve tried
Companies are adopting artificial intelligence tools at a breakneck pace, but it’s increasingly clear that they set guardrails early. AI leaders say that approaching the technology with safety and ethics in mind will help ensure its upside benefits, while avoiding the significant risks it poses as well.
Keys to a successful GenAI use policy: Clear roles, training, vendor management
For all the hype surrounding generative artificial intelligence, the technology has been met with a healthy skepticism in the compliance community. Compliance practitioners want to know: Is it safe? Can it be deployed ethically? Are the risks greater than the rewards? And what should an AI acceptable use policy contain?
NYDFS expects banks, firms to cut risks posed by AI, according to new guidance
New York financial institutions are expected to address cybersecurity risks posed by artificial intelligence, and new guidance from the New York Department of Financial Services is aimed at helping firms do just that.
Pace of innovation will make EU AI Act hard to enforce, experts say
Concerns about how robustly European member states may enforce the EU AI Act, which took effect on Aug. 1, are divided between if regulators will take a “light touch” approach or a sledgehammer for noncompliance. One thing’s for sure, the pace of AI innovation will make enforcement very difficult.
Government contractor fined $307K after third-party hack compromised personal data
It was a double whammy of cybersecurity no-nos for a federal contractor hit with a data breach: The personal data of Medicare beneficiaries contained in unencrypted screenshots were allegedly compromised when their third-party vendor’s server was hacked.
Control and delete: How regulators can shutdown companies’ AI investments
Companies are increasingly putting their faith in AI to realize the kind of business benefits that the technology seems to promise, but they are also opening themselves up to new and potentially crippling sanctions if they are unable to answer questions that surround how AI operates.
SEC penalizes Rimar CEO, holding company board member $524K total for ‘AI washing’
The Securities and Exchange Commission ordered the owner of Rimar Capital and a board member of its holding company to pay nearly $524,000 in penalties for defrauding investors with false and misleading statements about its use of artificial intelligence.
Photo gallery: Compliance Week AI & Compliance Summit
Compliance Week’s AI & Compliance Summit, held Oct. 8-9 at Boston University, gathered business leaders, academics, and government officials to discuss some of the biggest questions around AI, including business adoption standards, ethical guardrails, and its application in decision making. Check out some of the sights from the summit.
AI & Compliance Summit notebook: ‘Think big. Start small. Scale fast.’
When starting artificial intelligence efforts for companies large or small, one approach compliance practitioners said they’ve found works best is to start with a specific use case.
Companies are slowing AI launches in Europe, some say European Union regulations are why
The European Union’s Digital Markets Act is forcing many Big Tech companies to postpone the launch of artificial intelligence-powered features, like Apple Intelligence, over user privacy and data security concerns.
DOJ steps up enforcement approach against AI-powered cybercrime
The Criminal Division of the Department of Justice plans to heighten its focus on cybercrime, according to division head Nicole Argentieri.
AI Governance Benchmarking Survey
This is a Compliance Week Survey, sponsored by GAN Integrity. It is completely anonymous and designed to help benchmark the approaches compliance is taking to AI Governance. Results will be shared by Compliance Week and GAN Integrity in the form of a benchmark report.
AI misuse could lead to sanctions from multiple regulators, experts warn
The proliferation of AI, as well as the promised business cases promoting its use, has led companies around the world to quickly invest in the technology. Executives hope these AI tools will improve efficiencies, reduce costs, and help them stay competitive. But it could lead to just the opposite.
DOJ updates ECCP to include AI risks, whistleblower protections
Companies under criminal prosecution by the Department of Justice for any reason must show they have robust compliance for any artificial intelligence in use–or risk heightened prosecution–under a DOJ policy update.
AI and government: How Trump or Harris presidency will differ on policy, regulation
AI may be one of the hottest things in the business world but former President Donald Trump and Vice President Kamala Harris haven’t devoted much time to discussing the technology. Still, each candidate has offered a few clues as to how they would govern over this next wave of innovation.
Deloitte survey: AI adoption raising concerns about trust, reputational damage, ethics
As the artificial intelligence boom sweeps into the business world, employees are increasingly concerned about ethics questions and data privacy, a new Deloitte survey found, leading them to increasingly lose trust in their organizations.
FTC sounds alarm on business practices turning into ‘vast surveillance’
The Federal Trade Commission took aim at the business models of some of the world’s largest companies, publishing a years-long study that decried technologies that have created “vast surveillance” networks that expose people to “a host of harms” and violate children’s privacy laws.
SEC charges Kubient 'gatekeepers' with failing to stop CEO's AI fraud
Gatekeepers including chief financial officers and the chair of the audit committee have a responsibility to shareholders to report fraud wherever they find it–especially when that fraud involves an artificial intelligence tool meant to combat fraud.
SEC nets $1.3M in off-channel comms sweep against municipal advisory firms
Fines for off-channel communications use by employees just keep on coming, with 12 municipal advisory firms fined a total of $1.3 million in the latest Securities and Exchange Commission sweep.