The No. 1 priority at the Securities and Exchange Commission after organizations are impacted by a cybersecurity incident is that investors receive timely and accurate disclosures, according to Enforcement Division Director Gurbir Grewal.
Adrianne Appel
Adrianne Appel writes regulatory news, policy, and trends for Compliance Week. She previously reported about policy developments for Bloomberg Law and Bloomberg Government.
Email: adrianne.appel@complianceweek.com
LinkedIn: Follow
Posted inData Privacy
FTC cases thrust COPPA compliance into spotlight
The Federal Trade Commission’s recent children’s privacy enforcement activity—including fines against Microsoft and Amazon—leaves no doubt businesses must make complying with the Children’s Online Privacy Protection Act a top priority.
Posted inRisk Management
CFTC commissioner crafting potential proposed rule on cyber resiliency
The Commodity Futures Trading Commission’s Technology Advisory Committee sponsored by Commissioner Christy Goldsmith Romero is crafting potential rulemaking to establish cyber resiliency baselines among swap dealers and futures commission merchants.
Posted inAccounting & Auditing
Nutanix discloses remediation steps following costly software misuse
A lack of oversight of employees handling vendor software is one of several failings at cloud computing company Nutanix that led to misuse, $11 million in estimated costs, and two pending lawsuits.
Posted inRisk Management
Verizon report: Lion’s share of data breaches linked to organized crime
About 83 percent of data breaches are perpetrated by external bad actors and not employees, with 70 percent of those breaches linked to organized crime groups with financial motives, according to the latest research.
Posted inAnti-Bribery
Tenet-affiliated health systems to pay $30M in DOJ kickback case
Tenet Healthcare, Vanguard Health Systems, and the Detroit Medical Center agreed to pay $29.7 million as part of a settlement with the Department of Justice addressing allegations they provided kickbacks to doctors who made referrals to their health organizations.
Posted inData Privacy
FTC orders Amazon pay $30M for alleged Alexa, Ring privacy violations
Amazon is set to pay more than $30 million comprised of a civil penalty and consumer refunds to resolve two separate cases alleging privacy violations regarding its Alexa voice assistant service and Ring doorbell subsidiary.
Posted inRegulatory Enforcement
Crown Resorts agrees to pay $292M over AML/CFT violations
Crown Resorts agreed to pay 450 million Australian dollars (U.S. $292 million) and overhaul its anti-money laundering and combating the financing of terrorism compliance controls for repeatedly violating Australia’s AML/CFT law.
Posted inEthics & Culture
CW2023: CBP official on early impact of Uyghur forced labor law
Customs agents have flagged thousands of products marked as made in Malaysia, Vietnam, or elsewhere in accordance with the UFLPA, an official from U.S. Customs and Border Protection shared during a panel at Compliance Week’s 2023 National Conference.
Posted inRegulatory Enforcement
OneMain Financial fined $4.25M in NYDFS cybersecurity case
Mortgage servicer OneMain Financial Group will pay $4.25 million to settle allegations it left customer information vulnerable to cyberattacks by failing to implement required controls under New York’s cybersecurity law.
