The 2025 year has been so rich with compliance stinkers, and rife with poor judgment, compliance missteps, outright malfeasance and greed, greed, greed, that it was almost impossible to choose just six epic compliance failures from this year’s massive poop pile.
Regulatory Enforcement
Posted inRegulatory Enforcement
SEC exam priorities for 2026 signal heightened focus on firmwide compliance
The U.S. Securities and Exchange Commission’s (SEC) Division of Examinations released its 2026 examination priorities, which give companies a roadmap of areas of heightened risk and regulatory focus for next year.
Posted inRegulatory Enforcement
San Francisco firm pays $11.4M for alleged Russia-related sanctions violations
A San Francisco-based private equity firm has agreed to pay $11.4 million to settle allegations it violated U.S. sanctions rules by handling investments for a sanctioned Russian oligarch.
Posted inData Privacy
Company agrees to report to FTC for 10 years after breach of 10 million student records
A tech company that stores student information for schools has agreed to implement a data security program and report to the Federal Trade Commission for 10 years, after security failures led to data for 10 million students being breached.
Posted inRegulatory Enforcement
Large wound care practice allegedly overbilled Medicare, pays $45M, agrees to monitoring
One of the largest wound care practices in the nation and its founder have agreed to pay $45 million and be subjected to third-party monitoring, to settle allegations that the business intentionally overbilled Medicare by priming its electronic medical records system to do so.
Posted inRegulatory Enforcement
Former CEO of steel pipe maker indicted for alleged $66M investor fraud
A former chief executive of a large steel pipe manufacturer has been accused by the Department of Justice (DOJ) of defrauding more than $66 million from a bank and investors.
Posted inRegulatory Enforcement
OFAC sanctions Russian web company that hosted LockBit ransomware
Two Russian web-hosting services that provide cover for ransomware operators, including Lockbit, have been sanctioned by the U.S. Treasury’s OFAC and international partners.
Posted inRegulatory Enforcement
Nursing home chain and former CEO pay $146M each for federal health fraud
A New Jersey and Midwest nursing home chain, and its former chief executive, must pay more than $146 million each for extensive health care fraud for engaging in widespread fraud related to Medicare and Medicaid.
Posted inRegulatory Enforcement
Horizon Blue Cross Blue Shield pays $100M to settle state false claims allegations, while denying wrongdoing
Horizon Blue Cross Blue Shield of New Jersey has agreed to pay $100 million to settle allegations that its 2020 contract with the state was fraudulent, according the state’s Attorney General.
Posted inRegulatory Enforcement
FinCEN cuts off 10 Mexican casinos from U.S. financial system for laundering cartel drug money
Ten Mexican cartels will be severed from the U.S. financial system for laundering money for the Sinaloa Cartel criminal organization, according to the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN).