CFPB sues big banks behind money transfer app Zelle over lax oversight, fraud
JPMorgan Chase, Wells Fargo Bank, Bank of America, and the company behind online money transfer app Zelle were sued by the Consumer Financial Protection Bureau for allegedly failing to safeguard Zelle’s network and causing customers to lose $870 million, the CFPB alleged.
EU AI Act next GDPR? Proof in the pudding as boardrooms prioritize data governance
Breaches of the EU’s GDPR can cost companies substantial sums and huge reputational damage. Now some are warning that the implementation of the EU’s AI Act will be just as far-reaching, and could potentially lead to similar numbers of cases.
’Future-proofing’ products for safety next level of regulation under EU GPSR
Any product that uses AI needs to be safety assessed for its entire lifespan under new rules that went into effect recently across the EU. Experts warned companies using AI to tailor products could be classed as “manufacturers” and face the same duty of care as developed.
Survey: Organizations broadly adopting AI, with varied governance
The majority of businesses are using AI and doing so without governance–a compliance gap that poses extreme risks, a new survey by Compliance Week and GAN Integrity found. A webinar will discuss why it is crucial to have AI governance, how to implement it, and what strategies to strengthen programs.
Worries DOJ is ‘dumping’ AI responsibilities on compliance departments in ECCP update
When the DOJ released its revised Evaluation of Corporate Compliance Programs, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of AI tools by their firms.
Compliance’s fit in AI governance: Reading between lines of DOJ’s updated ECCP guidance
The Department of Justice’s Evaluation of Corporate Compliance Programs has made the importance of artificial intelligence governance frameworks clear, but it didn’t say what role compliance should play. Here’s the answer.
CPE Webcast: Fostering a learning culture to drive innovation
Discover the vital role company culture plays in not only embracing new technologies and processes but also driving continuous improvement through a commitment to learning and a growth mindset.
Proposed CFPB rule would attempt to rein in data broker buying, selling
Data brokers have been getting away with selling Americans’ personal and financial data without adequate protections, an illegal practice that a new rule proposed by the Consumer Financial Protection Bureau will intend to stop, CFPB Director Rohit Chopra said.
Good AI governance starts with proactive, continuous risk assessments
Data governance has become a key concern for companies, especially when the EU AI Act and General Data Protection Regulation have put a premium on handling data responsibly and ensuring that artificial intelligence does not cause harm.
How compliance monitoring can create a stronger foundation for AI, emerging technologies
The era of artificial intelligence adoption is testing the old ways of doing compliance, underscoring the need for continuous monitoring. Compliance isn’t a one-and-done activity, but sometimes organizational incentives and goals fail to prioritize the importance of this.
European Commission accuses Meta of anticompetive practices, issues $841M fine
Meta, the parent company of Facebook, has been fined nearly 798 million euros (U.S. $841 million) by the European Commission to resolve the agency’s long-running investigation into alleged “abusive practices” by Facebook Marketplace.
FinCEN alerts financial institutions to be wary of AI-enabled deepfakes
The U.S. Department of the Treasury’s Financial Crimes Enforcement Network issued an alert to financial institutions about their obligations to report deepfakes, warning artificial intelligence has given bad actors additional tools in their arsenal.
Annual survey: Help us get ‘Inside the Mind of the CCO’
Compliance Week’s sixth annual “Inside the Mind” survey seeks to discover what makes CCOs and other risk and compliance practitioners tick. Take 10 minutes to share your experiences and be part of our special report.
Meta discloses potential CFPB lawsuit following probe into advertising, disclosure practices
Meta disclosed in a public filing that an investigation by the Consumer Financial Protection Bureau related to financial product advertising on platforms Instagram and WhatsApp may lead to a lawsuit.
Meta-backed EU appeals body facing conflicts of interest concerns
Ireland’s cozy relationship with big business and Big Tech has once again come under scrutiny after the country’s media regulator allowed a $15 million one-off funding payment from Meta’s Oversight Board Trust to help launch the newly formed Appeal Centre Europe.
Speakers at Compliance Week AI & Compliance Summit talk future rules around technology
While companies are exploring and building artificial intelligence technology, lawmakers and regulators are trying to identify what ground rules they need to set. These guardrails are what companies and governments alike believe are essential parts of ensuring safe and responsible use of the technology.
Treasury set to block investment flow on American AI, semiconductor tech to China
The U.S. Treasury Department has issued a final rule–and created a new division to oversee it–that will attempt to limit outbound investments to China related to sensitive technologies with military applications.
AI & Compliance Summit: Regs discuss artificial intelligence guardrails for financial services
Artificial intelligence is an exciting, new technology and it is well-regulated by old laws and rules already on the books, financial regulators said at Compliance Week’s AI & Compliance Summit at Boston University.
How to adopt AI tools the right way at your company, from people who’ve tried
Companies are adopting artificial intelligence tools at a breakneck pace, but it’s increasingly clear that they set guardrails early. AI leaders say that approaching the technology with safety and ethics in mind will help ensure its upside benefits, while avoiding the significant risks it poses as well.
Keys to a successful GenAI use policy: Clear roles, training, vendor management
For all the hype surrounding generative artificial intelligence, the technology has been met with a healthy skepticism in the compliance community. Compliance practitioners want to know: Is it safe? Can it be deployed ethically? Are the risks greater than the rewards? And what should an AI acceptable use policy contain?
NYDFS expects banks, firms to cut risks posed by AI, according to new guidance
New York financial institutions are expected to address cybersecurity risks posed by artificial intelligence, and new guidance from the New York Department of Financial Services is aimed at helping firms do just that.
Pace of innovation will make EU AI Act hard to enforce, experts say
Concerns about how robustly European member states may enforce the EU AI Act, which took effect on Aug. 1, are divided between if regulators will take a “light touch” approach or a sledgehammer for noncompliance. One thing’s for sure, the pace of AI innovation will make enforcement very difficult.
Government contractor fined $307K after third-party hack compromised personal data
It was a double whammy of cybersecurity no-nos for a federal contractor hit with a data breach: The personal data of Medicare beneficiaries contained in unencrypted screenshots were allegedly compromised when their third-party vendor’s server was hacked.
Control and delete: How regulators can shutdown companies’ AI investments
Companies are increasingly putting their faith in AI to realize the kind of business benefits that the technology seems to promise, but they are also opening themselves up to new and potentially crippling sanctions if they are unable to answer questions that surround how AI operates.
SEC penalizes Rimar CEO, holding company board member $524K total for ‘AI washing’
The Securities and Exchange Commission ordered the owner of Rimar Capital and a board member of its holding company to pay nearly $524,000 in penalties for defrauding investors with false and misleading statements about its use of artificial intelligence.
Photo gallery: Compliance Week AI & Compliance Summit
Compliance Week’s AI & Compliance Summit, held Oct. 8-9 at Boston University, gathered business leaders, academics, and government officials to discuss some of the biggest questions around AI, including business adoption standards, ethical guardrails, and its application in decision making. Check out some of the sights from the summit.
AI & Compliance Summit notebook: ‘Think big. Start small. Scale fast.’
When starting artificial intelligence efforts for companies large or small, one approach compliance practitioners said they’ve found works best is to start with a specific use case.
Companies are slowing AI launches in Europe, some say European Union regulations are why
The European Union’s Digital Markets Act is forcing many Big Tech companies to postpone the launch of artificial intelligence-powered features, like Apple Intelligence, over user privacy and data security concerns.
DOJ steps up enforcement approach against AI-powered cybercrime
The Criminal Division of the Department of Justice plans to heighten its focus on cybercrime, according to division head Nicole Argentieri.
AI Governance Benchmarking Survey
This is a Compliance Week Survey, sponsored by GAN Integrity. It is completely anonymous and designed to help benchmark the approaches compliance is taking to AI Governance. Results will be shared by Compliance Week and GAN Integrity in the form of a benchmark report.
AI misuse could lead to sanctions from multiple regulators, experts warn
The proliferation of AI, as well as the promised business cases promoting its use, has led companies around the world to quickly invest in the technology. Executives hope these AI tools will improve efficiencies, reduce costs, and help them stay competitive. But it could lead to just the opposite.
DOJ updates ECCP to include AI risks, whistleblower protections
Companies under criminal prosecution by the Department of Justice for any reason must show they have robust compliance for any artificial intelligence in use–or risk heightened prosecution–under a DOJ policy update.
AI and government: How Trump or Harris presidency will differ on policy, regulation
AI may be one of the hottest things in the business world but former President Donald Trump and Vice President Kamala Harris haven’t devoted much time to discussing the technology. Still, each candidate has offered a few clues as to how they would govern over this next wave of innovation.
Deloitte survey: AI adoption raising concerns about trust, reputational damage, ethics
As the artificial intelligence boom sweeps into the business world, employees are increasingly concerned about ethics questions and data privacy, a new Deloitte survey found, leading them to increasingly lose trust in their organizations.
FTC sounds alarm on business practices turning into ‘vast surveillance’
The Federal Trade Commission took aim at the business models of some of the world’s largest companies, publishing a years-long study that decried technologies that have created “vast surveillance” networks that expose people to “a host of harms” and violate children’s privacy laws.
SEC charges Kubient 'gatekeepers' with failing to stop CEO's AI fraud
Gatekeepers including chief financial officers and the chair of the audit committee have a responsibility to shareholders to report fraud wherever they find it–especially when that fraud involves an artificial intelligence tool meant to combat fraud.
SEC nets $1.3M in off-channel comms sweep against municipal advisory firms
Fines for off-channel communications use by employees just keep on coming, with 12 municipal advisory firms fined a total of $1.3 million in the latest Securities and Exchange Commission sweep.
DOJ orders Walgreens to pay $107M for fraudulent claims caused by Rx ‘software error’
Walgreens agreed to pay nearly $107 million to resolve allegations, first brought by two whisteblowers, that it improperly billed federal healthcare programs for prescriptions that were never picked up or delivered.
Commerce Dept. unveils new supply chain risk assessment tool
The U.S. Department of Commerce unveiled a diagnostic supply chain risk assessment tool, which will “utilize a comprehensive set of indicators to assess structural supply chain risk across the U.S. economy,” the agency said.
Clearview AI’s GDPR fines rise to $110M total after latest penalty by Dutch DPA
Clearview AI was fined 30.5 million euro (U.S. $33.8 million) by the Dutch Data Protection Authority and ordered to stop collecting images of Dutch citizens in the latest enforcement action against the U.S. company.
Experts warn U.K. money laundering cases to ‘significantly increase’
The U.K. has an ongoing problem with money laundering, but recent changes to economic crime law and corporate registration requirements could bring more cases to court, according to consultancy KPMG.
CISA creates new portal for businesses to file cyber incident reports
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has created a new online portal for organizations to voluntarily report cybersecurity incidents, including ransomware attacks.
Six credit rating firms to pay $49M for off-channel comms violations
Six credit rating agencies will pay $49 million in fines to the Securities and Exchange Commission for allowing their employees to communicate on company business using nonapproved communication channels like Whats App and WeChat.
Nordea Bank to pay $35M to resolve NYDFS probe into AML shortcomings
Finland-based Nordea Bank will pay $35 million to resolve an investigation by the New York Department of Financial Services into “significant compliance failures” in its anti-money laundering and Bank Secrecy Act program.
How are you keeping up? The adoption of AI in compliance
Artificial intelligence is rapidly transforming the business landscape, and this is especially true for anyone working in compliance. But while AI offers immense potential to streamline processes, enhance decision-making, and mitigate risks, it also introduces a new set of challenges that compliance professionals must navigate.
All hands on deck needed to get ESG disclosures right, report finds
Multiple emerging environmental, social, and governance and disclosure standards pose legal and operational risks to many companies, but also opportunities to improve reporting and get ahead of requirements, a new report found.
Examining potential uses for GenAI in banking, financial services
The American Bankers Association sent a letter to the Treasury Department asking questions on the ethical application of generative AI in banking and finance, with an IBM report published the same day describing potential future uses of GenAI tools in finance.
Latest off-channel comms sweep nets SEC, CFTC $477M in fines
Two regulators doled out more than $477 million in fines on a new group of broker-dealers, investment advisers, and swaps dealers that failed to maintain and preserve the electronic communications of their employees, bringing total such fines issued since 2021 to $3.2 billion.
SEC fines OTC Link $1.2M over allegedly failing to file SARs
New York-based broker-dealer OTC Link will pay a $1.2 million fine to settle charges levied by the Securities and Exchange Commission over allegedly failing to implement a system to monitor and report potential suspicious activities on its platforms.
Podcast: BCG managing director on anti-financial crime technology
Staff writer Aaron Nicodemus discussed anti-financial crime technology in banking with Hanjo Seibert, managing director and partner of Boston Consulting Group, during the latest episode of the Compliance Week podcast.