Third Party Risk


AI governance web

Premium

Survey: Organizations broadly adopting AI, with varied governance

2024-12-16T19:23:00+00:00By

The majority of businesses are using AI and doing so without governance–a compliance gap that poses extreme risks, a new survey by Compliance Week and GAN Integrity found. A webinar will discuss why it is crucial to have AI governance, how to implement it, and what strategies to strengthen programs.

iran_sanctions_web

Opinion

German firm Aiotec to pay $14.5M to settle Iran sanctions violation

2024-12-03T21:32:00+00:00By

German petrochemical parts supplier Aiotec agreed to pay $14.5 million to settle allegations that it engaged in a four-year conspiracy to dismantle and ship a plastics manufacturing plant owned by a U.S. company to Iran, in violation of U.S. sanctions.

thumbnail_Boeing_Safety

Premium

Top E&C fails of 2024: Boeing, TD Bank, RTX/Raytheon on compliance naughty list

2024-11-27T15:09:00+00:00By

The biggest Compliance Fails of 2024 show the real-world consequences of noncompliance for the companies that faltered, but also for their customers and their employees.

Morgan Stanley3

News Brief

FINRA fines Morgan Stanley $1M for alleged documentation failures

2024-11-06T21:36:00+00:00By

The Financial Industry Regulatory Authority fined broker-dealer Morgan Stanley $1 million over alleged documentation failures related to risk management controls and supervisory procedures involving violations of the Market Access Rule.

Meta building

News Brief

Meta discloses potential CFPB lawsuit following probe into advertising, disclosure practices

2024-11-04T14:44:00+00:00By

Meta disclosed in a public filing that an investigation by the Consumer Financial Protection Bureau related to financial product advertising on platforms Instagram and WhatsApp may lead to a lawsuit.

ESG

News Brief

WisdomTree pays $4M SEC fine for including fossil fuel, tobacco securities in ESG funds

2024-10-22T16:08:00+01:00By

Fund management company WisdomTree will pay $4 million to settle allegations by the Securities and Exchange Commission that it improperly invested in fossil fuel and tobacco companies in environmental, social and governance (ESG) funds despite promising to avoid them.

AI_Compliance_11

Premium

Keys to a successful GenAI use policy: Clear roles, training, vendor management

2024-10-18T12:00:00+01:00By

For all the hype surrounding generative artificial intelligence, the technology has been met with a healthy skepticism in the compliance community. Compliance practitioners want to know: Is it safe? Can it be deployed ethically? Are the risks greater than the rewards? And what should an AI acceptable use policy contain?

Raytheon

Premium

Raytheon parent RTX settles false claims, defective pricing, Qatar FCPA violations for $950M

2024-10-17T17:01:00+01:00By

The other shoe finally dropped for Raytheon and parent company RTX, as two U.S. regulators announced nearly $1 billion in penalties to settle defective pricing in defense contracts, false claims related to inflated prices on government contracts, and bribes paid to government officials in Qatar that violated the FCPA.

wynn_las_vegas_web

News Brief

DOJ orders Wynn Las Vegas to forfeit $130M over BSA/AML violations

2024-09-10T14:29:00+01:00By

Wynn Las Vegas agreed to forfeit $130 million to settle a range of criminal allegations, including allegedly helping foreign customers hide money transfers and shielding patrons from Bank Secrecy Act and anti-money laundering rules, the Department of Justice said.

Merrill Lynch sign

News Brief

Bank of America unit reaches $3M settlement with FINRA over surveillance lapses

2024-08-30T15:44:00+01:00By

A subsidiary of Bank of America agreed to pay $3 million and take remedial measures to resolve allegations that its surveillance system didn’t detect manipulative trading, the Financial Industry Regulatory Authority said.

nordea_web

News Brief

Nordea Bank to pay $35M to resolve NYDFS probe into AML shortcomings

2024-08-28T17:41:00+01:00By

Finland-based Nordea Bank will pay $35 million to resolve an investigation by the New York Department of Financial Services into “significant compliance failures” in its anti-money laundering and Bank Secrecy Act program.

onetrust 2022 300x200

Webcast

CPE Webcast: Third party due diligence: A practical deep dive

2024-08-27T14:00:00+01:00Provided by

A corporate code of conduct can be internally enforced, but how do you ensure third parties measure up to your values and requirements?

GenAI_Web

Premium

How are you keeping up? The adoption of AI in compliance

2024-08-22T15:15:00+01:00By

Artificial intelligence is rapidly transforming the business landscape, and this is especially true for anyone working in compliance. But while AI offers immense potential to streamline processes, enhance decision-making, and mitigate risks, it also introduces a new set of challenges that compliance professionals must navigate.

UK_Court_of_Appeal

Premium

U.K. forced labor ruling raises bar for supply chain monitoring

2024-08-19T14:32:00+01:00By

Companies will need to tighten up how they monitor their supply chains after a recent U.K. ruling determined that corporates could be open to money laundering charges if they fail to act in cases where they believe there is a risk of forced labor.

ICO_web

Premium

ICO proposes $7.8M fine against NHS contractor in warning to IT providers

2024-08-13T20:35:00+01:00By

The U.K. Information Commissioner’s Office proposed a 6.1 million pound (U.S. $7.8 million) fine against Advanced Computer Software Group, an IT contractor for the National Health Service that allegedly failed to secure the data of 83,000 people after a cyberattack.

British pounds

Premium

LexisNexis survey: Compliance costs soared for U.K. banks in 2023

2024-08-06T16:54:00+01:00By

Nearly all but a tiny minority of financial institutions saw their costs of financial crime compliance rise in 2023, a survey by LexisNexis and Oxford Economics found.

DORA_Web

Premium

DORA set to enhance cyber resilience requirements for EU financial firms

2024-08-05T13:01:00+01:00By

The European Union’s Digital Operational Resilience Act, which is set to take effect next year, will require financial services firms to implement stronger measures to protect not only themselves from disruption caused by cyberattacks but also the sector as a whole.

FinTech

News Brief

Banking regs issue guidance on risks posed by bank-fintech relationships

2024-07-26T19:49:00+01:00By

Three federal banking regulators issued guidance on the risks posed by the use of third-party financial technology firms to deliver bank deposit products and services to customers.

DOJ

News Brief

DOJ orders Admera Health to pay $5.5M to settle kickback allegations

2024-07-26T13:36:00+01:00By

Admera Health agreed to pay more than $5.5 million to resolve allegations first brought by two whistleblowers that it paid kickbacks to third-party contractors, the Department of Justice said.

RisksAhead

Premium

Risk visibility striking fear in companies onboarding new customers

2024-07-24T17:54:00+01:00By

A lack of risk visibility is causing companies to reject customers–and potentially lose money–over fears they might be in danger of violating rules around anti-money laundering and sanctions regulations.

Spying

News Brief

FTC wants answers from Mastercard, JPMorgan, others on use of AI to collect data

2024-07-24T13:19:00+01:00By

Eight large companies, including Mastercard and JPMorgan Chase, have been ordered by the Federal Trade Commission to provide detailed reports about their possibly secret use of artificial intelligence to track customers and use the information to set prices.

Federal Reserve

News Brief

Green Dot fined $44M by Fed over compliance deficiencies, deceptive practices

2024-07-22T19:09:00+01:00By

The Federal Reserve Board of Governors fined financial technology and bank holding company Green Dot $44 million for numerous unfair and deceptive practices and a deficient consumer compliance risk management program.

UBS

News Brief

FINRA fines UBS unit $850K for failing to properly monitor customer transactions

2024-07-11T19:04:00+01:00By

UBS Financial Services, a subsidiary of the Swiss banking giant UBS, has been fined $850,000 for failing to properly monitor transactions between its broker-dealers and third parties.

Tibbets_web1

Premium

How fintechs can overcome major compliance hurdles in embedded finance

2024-07-01T15:45:00+01:00By Margaret Holmes Tibbets, CW guest columnist

Margaret Holmes Tibbets, chief compliance officer at financial technology company Pipe, explains how firms are facing an existential compliance crisis, and to survive they’ll need to overcome not one but two hurdles.

Financial Crimes 2024 Managing Nonbanks

Premium

Banks must bolster awareness of fintech partner risks, experts advise at Fordham

2024-07-01T15:44:00+01:00By

During a panel at Compliance Week’s Financial Crimes and Regulatory Compliance Summit, held June 10-11 in New York, experts discussed nuances in bank-financial technology partnerships, offering best practices for how banks should protect themselves.

North Korea sanctions

News Brief

Mondo TV reaches $538K settlement with OFAC over N. Korea sanctions violations

2024-06-27T16:56:00+01:00By

Italy-based Mondo TV agreed to pay $538,000 to settle charges with the Treasury Department’s Office of Foreign Assets Control over 18 apparent violations of North Korea sanctions regulations.

cyber_utilities_web

News Brief

DOE offers supply chain cybersecurity guidance for energy, oil, gas industries

2024-06-27T16:37:00+01:00By

The U.S. Department of Energy released supply chain cybersecurity principles meant to help strengthen key technologies used to manage and operate electricity, oil, and natural gas systems.

iran_sanctions_web

News Brief

OFAC sanctions nearly 50 entities for ‘shadow banking’ benefiting Iranian military

2024-06-26T14:37:00+01:00By

The Treasury Department’s Office of Foreign Assets Control sanctioned nearly 50 entities connected with so-called “shadow banking” networks that help Iran’s military evade U.S. sanctions and to sell the country’s oil and petrochemical products.

Child Privacy

News Brief

SpongeBob game developer ordered to pay $500K over CCPA, COPPA violations

2024-06-25T19:42:00+01:00By

Popular children’s mobile game developer Tilting Point Media agreed to pay $500,000 to settle allegations the company illegally collected children’s personal data, a violation under the California Consumer Privacy Act and a federal children’s privacy law.

OCC

News Brief

OCC emphasizes compliance’s role in FI’s operational resiliency

2024-06-20T15:40:00+01:00By

Compliance departments at financial institutions must become more involved in ensuring their firm’s operational resiliency to address emerging risks, the Treasury Department’s Office of the Comptroller of the Currency said in its semi-annual risk perspective.

processunity300x200

Webcast

CPE Webcast: Digital Operational Resilience Act: Key provisions and best practices

2024-06-18T14:00:00+01:00Provided by

This presentation will provide an overview of the key provisions of DORA and their implications for Third-Party Risk Management (TPRM) teams, list best practices for DORA preparation and review key considerations for teams looking to implement the DORA framework.

columnist dale

Opinion

Top-of-mind takeaways from TPRM Summit

2024-06-17T21:11:00+01:00By

Top-of-mind issues addressed at Compliance Week’s Third-Party Risk Management & Oversight Summit, held June 3-4 in Atlanta, included safe deployment of artificial intelligence, assessing vendor viability and sustainability, understanding the role of procurement in risk ranking, the intersection (or lack thereof) between data privacy and cybersecurity, and many others.

DOJ

News Brief

Washington state importer ordered to hire CCO in response to Lacey Act violations

2024-06-17T16:53:00+01:00By

A Washington state importer has been ordered by the Department of Justice to pay a $360,000 fine and hire a chief compliance officer after imported wood items the company claimed to be from Malaysia were found to be from China.

Financial Crimes 2024 Axelrod

Premium

BIS’s Axelrod makes plea to financial services: ‘We want to work with you’

2024-06-12T21:47:00+01:00By

Matthew Axelrod, assistant secretary for export enforcement at the Bureau of Industry and Security, addressed efforts to reach financial services firms, working with the Financial Crimes Enforcement Network, and more during his fireside chat at CW’s Financial Crimes Summit.

ChinaCargoContainer

News Brief

Additions to UFLPA Entity List signal seafood supply chain risks

2024-06-12T18:23:00+01:00By

The U.S. Department of Homeland Security added three China-based entities across the seafood, aluminum, and footwear industries to the Uyghur Forced Labor Prevention Act Entity List.

Sanctions compliance TPRM

Premium

Panelists break down robust sanctions landscape at TPRM Summit

2024-06-12T02:35:00+01:00By

Sanctions compliance officers face myriad challenges as complex geopolitical situations heighten risks worldwide, experts discussed during Compliance Week’s Third-Party Risk Management & Oversight Summit.

WIC_1

Premium

Experts: AI risk mitigation second nature for compliance professionals

2024-06-07T22:34:00+01:00By

Compliance has been “sleeping on” artificial intelligence, two panelists discussed at Compliance Week’s Women in Compliance Summit. The profession should be positioned to lead on AI governance at the business level.

Hyundai

News Brief

Hyundai Motor caught in DOL complaint over child labor

2024-05-31T18:41:00+01:00By

The Department of Labor sued three Alabama businesses, including a Hyundai Motor manufacturing plant, for employing a 13-year-old worker on an auto parts assembly line.

Albemarle 2000x1333

Event

Revamped compliance processes key Albemarle win as Compliance Program of the Year

2024-05-29T18:30:00+01:00By

For successfully navigating thorny compliance issues related to self-disclosed violations of the Foreign Corrupt Practices Act, Albemarle was named Compliance Program of the Year at the 2024 Excellence in Compliance Awards.

Sharon Johnson Heather Sudo 2000x1333

Event

Creative engagement approach drives Compliance Innovators Johnson, Sudo

2024-05-28T16:00:00+01:00By

Through clever rhymes and real-life examples, Sharon Johnson and Heather Sudo of MODE Global have made it their mission to think outside the box when it comes to compliance awareness. Their approach earned them Compliance Innovator(s) of the Year at the 2024 Excellence in Compliance Awards.

OCC

News Brief

Lemont National, Comerica Bank unit avoid penalties in separate OCC deals

2024-05-24T17:39:00+01:00By

The Office of the Comptroller of the Currency reached agreements with Lemont National Bank and Comerica Bank & Trust over concerns related to risk governance practices.

Volkswagen

News Brief

Senate report cites VW, BMW, JLR for potential forced labor violations

2024-05-20T19:16:00+01:00By

A U.S. Senate report found three European automakers—Volkswagen, BMW, and Jaguar Land Rover—sold cars in the United States with parts sourced from a supplier suspected of using forced labor from China’s Xinjiang region.

U.S. China flags

News Brief

UFLPA Entity List nearly doubles with textile industry sweep

2024-05-16T16:16:00+01:00By

The Department of Homeland Security announced its largest batch of additions to the list of companies blocked under the Uyghur Forced Labor Prevention Act in the form of a sweep of the Chinese textile industry.

New York cyber-security

News Brief

NYDFS offers cyber rule compliance template for small businesses

2024-05-14T16:59:00+01:00By

The New York State Department of Financial Services issued guidance for small businesses attempting to comply with its cybersecurity regulations.

CW2024_TPRM_Session

Premium

CW2024 panel: TPRM board buy-in earned through impact, activity

2024-05-08T15:48:00+01:00By

Identifying critical measures for third-party risk management has become vitally important as risk professionals face an uphill battle in fighting for resources, experts discussed at Compliance Week’s 2024 National Conference.

Cyber-security

Premium

Report: Human error driving growing number of data breaches

2024-05-07T21:21:00+01:00By

Verizon’s annual data breach report shows trends in cybersecurity incidents, including more ransomware and extortion attacks last year.

chime_web

News Brief

CFPB fines Chime $3.25M over account refund delays

2024-05-07T17:48:00+01:00By

The Consumer Financial Protection Bureau ordered Chime Financial to pay $3.25 million in penalties for allegedly delaying consumer refunds past its promised 14-day timeframe.

FDIC

News Brief

Federal banking regulators issue TPRM guidance for community banks

2024-05-06T15:29:00+01:00By

The Federal Deposit Insurance Corporation, Federal Reserve Board, and Office of the Comptroller of the Currency combined to provide guidance on third-party risk management focused on the unique risks faced by community banks in their third-party relationships.

T-Mobile

News Brief

FCC finalizes $196M in fines against telecoms for sharing location data

2024-04-29T20:30:00+01:00By

The Federal Communications Commission fined telecommunications giants T-Mobile, Sprint, AT&T, and Verizon a total of approximately $196 million for allegedly selling customers’ location data to third parties without consent.

Williams-Sonoma-web

News Brief

Williams-Sonoma fined record $3.2M over admitted ‘Made in USA’ order violations

2024-04-29T18:50:00+01:00By

Kitchen and home retail company Williams-Sonoma agreed to pay nearly $3.2 million for failing to comply with a 2020 administrative order by the Federal Trade Commission prohibiting its marketing of imported goods as made in the United States.