Generative AI has the potential to be as game-changing for business and society as the internet, social media, and mobile phones were. At the moment, however, the risks seem to outweigh the rewards.
Third Party Risk
Posted inData Privacy
Alleged fraudster cited privacy in duping JPMorgan into $175M merger
Charlie Javice and her startup Frank allegedly convinced the country’s largest bank to pay $175 million for what largely amounted to a list of fake college students. The apparent due diligence failures by JPMorgan Chase offer a cautionary tale to compliance professionals.
Posted inRegulatory Enforcement
Labcorp to pay $2.1M in third party overbilling case
Laboratory Corporation of America agreed to pay $2.1 million to settle Department of Justice allegations the company overbilled the Department of Defense for genetic tests performed by a third party.
Posted inData Privacy
Survey: Tech key to compliance in changing data privacy landscape
Respondents to a survey from Compliance Week and Exterro largely said they were confident their organizations are meeting regulatory requirements regarding data privacy despite evidence their data retention policies and procedures are outdated.
Posted inRisk Management
Fed governor teases new TPRM guidance for banks
The Federal Reserve and other U.S. banking agencies are working to develop joint guidance to clarify regulatory expectations around third-party risk management, according to Fed Governor Michelle Bowman.
Posted inRegulatory Enforcement
Investment adviser fined $50K for compliance lapses following founder/CCO’s death
E. Magnus Oppenheim & Co. must pay $50,000 and hire an independent compliance consultant to settle Securities and Exchange Commission charges of failing to implement compliance policies and procedures following the death of its founder and CCO.
Posted inAccounting & Auditing
Flutter Entertainment to pay $4M for legacy FCPA violations
Ireland-based gaming and sports betting company Flutter Entertainment will pay a $4 million fine to resolve SEC charges payments made to Russian consultants by a company it acquired violated the Foreign Corrupt Practices Act.
Posted inRisk Management
U.S. authorities list red flags for sanction evasion by third parties
The Bureau of Industry and Security, Office of Foreign Assets Control, and Department of Justice issued guidance to highlight common methods bad actors use to evade sanctions and export controls on Russia and how to spot their use.
Posted inEurope
Italian DPA fines Edison Energia $5.2M over GDPR lapses
The Italian data protection authority penalized electric utility company Edison Energia for multiple alleged violations of the General Data Protection Regulation regarding marketing communications and data processing transparency.
Posted inRisk Management
Cloud ‘not a silver bullet’ for security
A panel of cyber experts and a chief compliance officer in financial services discussed the business risks, threat vectors, and vendor ‘gotchas’ associated with transitioning to a cloud provider at CW’s virtual Cyber Risk & Data Privacy Summit.