U.K. competition and markets regulator wields new power to combat fake online reviews
Fake reviews of products and services are a global phenomenon, but regulators in the U.K. are beginning to use newly expanded powers to protect buyers and honest competitors following a recent crackdown by U.S. authorities.
Apple bucks trend in Big Tech, defies anti-DEI headwinds
Apple, one of the most valuable tech giants on the planet, is pushing back against pressure to stop diversity, equity, and inclusion efforts, saying that “a culture of belonging” remains a core value of the organization.
Lawsuits filed to save CFPB amid Trump push to shutter financial watchdog
Enforcement and all other operations at the Consumer Financial Protection Bureau have come to a screeching halt under Trump administration directives but a pair of lawsuits aimed at keeping the agency open mean the stoppage could be short-lived.
March 4 | Aligning compliance and IT teams to meet DORA requirements
In this webinar, industry experts will provide actionable strategies for aligning compliance and IT teams to strengthen cyber resilience while staying ahead in an increasingly complex and dynamic regulatory environment.
Financial crime in the shadows of the dark web
The dark web has been depicted as a long-standing hub for crimes, where illegal activities such as drug dealing, financial fraud, weapon sales, murder for hire, stolen credit cards, and ransomware gags are easily accessible to the public.
What’s keeping compliance leaders up at night? Struggles and strategies for 2025
Managing the unrelenting pace and increasing complexity of regulations is the top concern among compliance professionals, according to a recent survey by Compliance Week and Resolver.
Experts: U.K. digital market reforms a ‘watershed moment,’ could speed up enforcement
The U.K.’s competition regulator has outlined new plans to regulate Big Tech firms that will enable it to take a much more flexible and proactive approach towards investigations.
FBI, Europol shut down hacking sites selling personal info, tools for cybercriminals
Two massive hacking websites–where criminals sold everything from stolen social security numbers to tools for cybercriminals to gain access to computers–have finally been shut down by an international law enforcement team, the Department of Justice announced.
EDPB shift forces AI firms to embed procurement, risk management in GDPR considerations
Efforts to clarify the circumstances in which artificial intelligence models may or may not be violating the General Data Protection Regulation could result in yet more confusion for tech firms, companies deploying the technology, and even data protection authorities, according to experts.
DOJ indicts five in remote IT work scheme to circumvent North Korean sanctions
Five people, including two Americans, allegedly duped U.S. companies into hiring North Koreans for contract IT work, and funneled millions in U.S. dollars to the sanctioned regime, the Department of Justice said.
CPSC fines Google-owned Fitbit $12M for failing to report smartwatch burn hazard
The U.S. Consumer Product Safety Commission ordered Google-owned Fitbit to pay more than $12 million and comply with certain undertakings to settle allegations the company knowingly failed to report a serious burning hazard with its Ionic smartwatches.
Experts say DORA compliance not coming easy as more firms pass buck to IT providers
New rules have come into effect across the European Union to promote better cybersecurity and IT resilience across the financial services sector, but experts warn that compliance is likely to be patchy and regulatory enforcement across the bloc perhaps even patchier.
Trump gives TikTok 75-day reprieve after ban goes into effect
President Donald Trump signed an executive order Monday delaying the Department of Justice (DOJ) from enforcing the long-awaited TikTok ban. While the social media platform’s fate is still up in the air, Trump signaled his support for it being sold, with the U.S. as a “partner.”
Cash App owner Block to pay $175M over fraud caused by lax consumer protection practices
Block, the owner of Cash App and Square, will pay $175 million to settle allegations that its lax consumer protection practices put customers at high risk of fraud, the Consumer Financial Protection Bureau said.
FTC orders Mobilewalla, Gravy Analytics to stop collecting geolocation data without permission
Two large data brokers, Mobilewalla and Gravy Analytics, collected billions of records containing sensitive geolocation and personal data of millions of people, and then sold it without their consent, the Federal Trade Commission said.
Musk sued by SEC for failing to disclose Twitter stock purchases quickly enough
Elon Musk, the world’s wealthiest person and the apparent right-hand man of incoming U.S. president Donald Trump, has been taken to court for a third time by the Securities and Exchange Commission for allegedly violating securities law.
White House, BIS attempt to strengthen AI chip export controls in final days of Biden presidency
In tandem with the Commerce Department’s Bureau of Industry and Security, the Biden administration issued a new rule on export controls of domestically produced artificial intelligence chips.
New CFPB payment privacy rule on the way for gaming companies, cryptocurrencies, Big Tech
The Consumer Financial Protection Bureau has issued a proposed rule aimed at protecting the privacy of the public when using novel digital payment systems, such as those offered by large technology platforms and video gaming companies.
Experian failed to correct flawed financial data about consumers, CFPB complaint alleges
Experian, the credit reporting giant, let compliance slide when it came to addressing consumer complaints about incorrect data, the Consumer Financial Protection Bureau said in a lawsuit against the credit agency.
Google’s fate under Trump could be a sign of antitrust battles to come in 2025
As Donald Trump begins his transition to become president, there are questions about the fate of tech companies, as well as regulators from multiple administrations. Google in particular is fighting a high-profile antitrust ruling after an investigation started by Trump in 2020 could be resolved in his next administration.
Data analytics in compliance: Time to get started, or expand, in 2025
Launching or expanding a corporate data analytics program for compliance can seem like a daunting task, but it is one worth adding to your to-do list in 2025.
Top 5 risks for 2025: U.S. uncertainty, global trade war, digital attacks
A prominent risk management firm has issued its predictions for the top five risks for business in 2025, along with guidance for how organizations should prepare and respond.
Rytr agrees to halt fake AI review service in settlement with FTC
Purported “testimonial and review” service Rytr agreed to stop selling its program that used artificial intelligence to create fake content as part of a consent order with the Federal Trade Commission.
CFPB sues big banks behind money transfer app Zelle over lax oversight, fraud
JPMorgan Chase, Wells Fargo Bank, Bank of America, and the company behind online money transfer app Zelle were sued by the Consumer Financial Protection Bureau for allegedly failing to safeguard Zelle’s network and causing customers to lose $870 million, the CFPB alleged.
EU AI Act next GDPR? Proof in the pudding as boardrooms prioritize data governance
Breaches of the EU’s GDPR can cost companies substantial sums and huge reputational damage. Now some are warning that the implementation of the EU’s AI Act will be just as far-reaching, and could potentially lead to similar numbers of cases.
’Future-proofing’ products for safety next level of regulation under EU GPSR
Any product that uses AI needs to be safety assessed for its entire lifespan under new rules that went into effect recently across the EU. Experts warned companies using AI to tailor products could be classed as “manufacturers” and face the same duty of care as developed.
Survey: Organizations broadly adopting AI, with varied governance
The majority of businesses are using AI and doing so without governance–a compliance gap that poses extreme risks, a new survey by Compliance Week and GAN Integrity found. A webinar will discuss why it is crucial to have AI governance, how to implement it, and what strategies to strengthen programs.
Worries DOJ is ‘dumping’ AI responsibilities on compliance departments in ECCP update
When the DOJ released its revised Evaluation of Corporate Compliance Programs, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of AI tools by their firms.
Compliance’s fit in AI governance: Reading between lines of DOJ’s updated ECCP guidance
The Department of Justice’s Evaluation of Corporate Compliance Programs has made the importance of artificial intelligence governance frameworks clear, but it didn’t say what role compliance should play. Here’s the answer.
CPE Webcast: Fostering a learning culture to drive innovation
Discover the vital role company culture plays in not only embracing new technologies and processes but also driving continuous improvement through a commitment to learning and a growth mindset.
Proposed CFPB rule would attempt to rein in data broker buying, selling
Data brokers have been getting away with selling Americans’ personal and financial data without adequate protections, an illegal practice that a new rule proposed by the Consumer Financial Protection Bureau will intend to stop, CFPB Director Rohit Chopra said.
Good AI governance starts with proactive, continuous risk assessments
Data governance has become a key concern for companies, especially when the EU AI Act and General Data Protection Regulation have put a premium on handling data responsibly and ensuring that artificial intelligence does not cause harm.
How compliance monitoring can create a stronger foundation for AI, emerging technologies
The era of artificial intelligence adoption is testing the old ways of doing compliance, underscoring the need for continuous monitoring. Compliance isn’t a one-and-done activity, but sometimes organizational incentives and goals fail to prioritize the importance of this.
European Commission accuses Meta of anticompetive practices, issues $841M fine
Meta, the parent company of Facebook, has been fined nearly 798 million euros (U.S. $841 million) by the European Commission to resolve the agency’s long-running investigation into alleged “abusive practices” by Facebook Marketplace.
FinCEN alerts financial institutions to be wary of AI-enabled deepfakes
The U.S. Department of the Treasury’s Financial Crimes Enforcement Network issued an alert to financial institutions about their obligations to report deepfakes, warning artificial intelligence has given bad actors additional tools in their arsenal.
Annual survey: Help us get ‘Inside the Mind of the CCO’
Compliance Week’s sixth annual “Inside the Mind” survey seeks to discover what makes CCOs and other risk and compliance practitioners tick. Take 10 minutes to share your experiences and be part of our special report.
Meta discloses potential CFPB lawsuit following probe into advertising, disclosure practices
Meta disclosed in a public filing that an investigation by the Consumer Financial Protection Bureau related to financial product advertising on platforms Instagram and WhatsApp may lead to a lawsuit.
Meta-backed EU appeals body facing conflicts of interest concerns
Ireland’s cozy relationship with big business and Big Tech has once again come under scrutiny after the country’s media regulator allowed a $15 million one-off funding payment from Meta’s Oversight Board Trust to help launch the newly formed Appeal Centre Europe.
Speakers at Compliance Week AI & Compliance Summit talk future rules around technology
While companies are exploring and building artificial intelligence technology, lawmakers and regulators are trying to identify what ground rules they need to set. These guardrails are what companies and governments alike believe are essential parts of ensuring safe and responsible use of the technology.
Treasury set to block investment flow on American AI, semiconductor tech to China
The U.S. Treasury Department has issued a final rule–and created a new division to oversee it–that will attempt to limit outbound investments to China related to sensitive technologies with military applications.
AI & Compliance Summit: Regs discuss artificial intelligence guardrails for financial services
Artificial intelligence is an exciting, new technology and it is well-regulated by old laws and rules already on the books, financial regulators said at Compliance Week’s AI & Compliance Summit at Boston University.
How to adopt AI tools the right way at your company, from people who’ve tried
Companies are adopting artificial intelligence tools at a breakneck pace, but it’s increasingly clear that they set guardrails early. AI leaders say that approaching the technology with safety and ethics in mind will help ensure its upside benefits, while avoiding the significant risks it poses as well.
Keys to a successful GenAI use policy: Clear roles, training, vendor management
For all the hype surrounding generative artificial intelligence, the technology has been met with a healthy skepticism in the compliance community. Compliance practitioners want to know: Is it safe? Can it be deployed ethically? Are the risks greater than the rewards? And what should an AI acceptable use policy contain?
NYDFS expects banks, firms to cut risks posed by AI, according to new guidance
New York financial institutions are expected to address cybersecurity risks posed by artificial intelligence, and new guidance from the New York Department of Financial Services is aimed at helping firms do just that.
Pace of innovation will make EU AI Act hard to enforce, experts say
Concerns about how robustly European member states may enforce the EU AI Act, which took effect on Aug. 1, are divided between if regulators will take a “light touch” approach or a sledgehammer for noncompliance. One thing’s for sure, the pace of AI innovation will make enforcement very difficult.
Government contractor fined $307K after third-party hack compromised personal data
It was a double whammy of cybersecurity no-nos for a federal contractor hit with a data breach: The personal data of Medicare beneficiaries contained in unencrypted screenshots were allegedly compromised when their third-party vendor’s server was hacked.
Control and delete: How regulators can shutdown companies’ AI investments
Companies are increasingly putting their faith in AI to realize the kind of business benefits that the technology seems to promise, but they are also opening themselves up to new and potentially crippling sanctions if they are unable to answer questions that surround how AI operates.
SEC penalizes Rimar CEO, holding company board member $524K total for ‘AI washing’
The Securities and Exchange Commission ordered the owner of Rimar Capital and a board member of its holding company to pay nearly $524,000 in penalties for defrauding investors with false and misleading statements about its use of artificial intelligence.
Photo gallery: Compliance Week AI & Compliance Summit
Compliance Week’s AI & Compliance Summit, held Oct. 8-9 at Boston University, gathered business leaders, academics, and government officials to discuss some of the biggest questions around AI, including business adoption standards, ethical guardrails, and its application in decision making. Check out some of the sights from the summit.
AI & Compliance Summit notebook: ‘Think big. Start small. Scale fast.’
When starting artificial intelligence efforts for companies large or small, one approach compliance practitioners said they’ve found works best is to start with a specific use case.