An appreciation of CW’s data and research journalist, Aly McDevitt
One of the best things about writing for Compliance Week is reading the fabulous work by my colleagues. For me, CW data and research journalist Aly McDevitt has always stood out as someone whose work in reporting on and writing the Compliance Week case studies is work I have greatly ...
Q&A with Isabella Agius, client compliance head at Apex Group: AML keeps EU fund managers awake
Anti-money-laundering rules are the chief compliance concern for fund managers – and other sectors should take note – according to Isabella Agius, product head, corporate solutions, in the client compliance and regulatory services at Apex Group.
Institutional resilience: Why remediation fails without independent governance challenge
Changing governance and internal controls in response to recent enforcement actions cannot mask a fundamental deficiency: remediation is not changing the way decisions are being made, allowing the same mistakes to happen over and over.
How to responsibly roll out AI in compliance, from a former Google exec
Compliance officers across the economy are being told to adopt AI - to save costs, increase and expand compliance coverage through more real-time and contextualized information, navigate the ever-changing regulatory landscape, and leverage more analytical firepower to make better decisions.
Rethinking war risk in an era of persistent conflict
For many organizations, “war risk” still sounds like a niche concern, something reserved for defense contractors, energy companies, or humanitarian organizations operating near active conflict. Over the past several years, that assumption has quietly eroded, particularly for the insurance industry.
When AI acts: The compliance challenge of agentic systems
Artificial intelligence is no longer limited to generating insights or supporting analysis. With every passing day, AI systems are being designed to initiate actions, trigger workflows, and influence outcomes with minimal human intervention.
A snapshot of the state of financial crime in the United States
Financial crime in the U.S. isn’t just evolving; it is accelerating faster than most institutions can adapt.
Tips for creating and implementing a global gifts and hospitality policy
Across the globe, gift giving and wining and dining play a role in building business relationships. But be it a tin of cookies, coveted concert tickets, or a gourmet meal, employees should understand what types of gifts and hospitality are acceptable to avoid exposing their company to risk.
Experts urge stronger compliance involvement to mitigate AI liability
Companies look set to increase their spend on AI technologies during 2026, but not every investment is likely to pay off. In fact, most appear to offer little return quickly.
What to know about double materiality assessments for ESG initiatives
Double materiality assessments help organizations identify and prioritise ESG topics that matter most, both in terms of their impact on society and the environment, and their financial implications for the business.
Start considering contracts as part of your compliance infrastructure
For many compliance teams, 2025 marked an inflection point: A familiar problem in an unfamiliar form, significant regulatory exposure without settled rules, benchmarks, or enforcement patterns.
Cybersecurity terms in third-party contracts: Are you being served, or served up?
Governance failures embedded in standard agreements are amplifying organizations’ exposure to cyber incidents by failing to account for modern supply-chain realities, where third- and fourth-party vendors, cloud platforms, subcontractors create a cascading risk far beyond the contracting entity.
Beyond the paper shield: Noting differences between U.S. and Brazilian anti-corruption law
The difference between U.S. and Brazilian anti-corruption laws lies in the logic of their enforcement, writes Gustavo Aguiar, a Brazilian attorney whose practice specializes in public procurement, compliance, and land regulation.
Q&A with Norm Ashkenas, CCO at Robinhood, on compliance challenges, opportunities and being a strategic adviser
Chief among Norm Ashkenas’ priorities is positioning compliance as a strategic adviser, supporting those leading this global expansion in a complex financial services world. He stresses that compliance puts a huge effort into ensuring that it is not seen as a back-office function.
The hidden compliance costs behind failed AI deployments
Companies look set to increase their spend on AI technologies during 2026, but not every investment is likely to pay off. In fact, most appear to offer little return quickly.
Five questions business leaders should be asking in 2026 to manage transformation risk
Working with clients in various sectors over the past year, one thing is clear: Transformation is bigger, faster, and more interconnected. Tech, talent, regulation, and operations—it’s hitting at once.
When AI Is Forced on Compliance: The ECCP as your Guide
When a company rapidly adopts AI, compliance officers can be blindsided, tasked with governance almost immediately. Luckily, there is a guide from the U.S. Department of Justice to help.
Ethics as strategic value: When compliance becomes a board-level decision tool
For many Boards of Directors, compliance reporting feels familiar and reassuring. Dashboards are green. Policies are updated. Training is complete. Incidents are investigated and closed. On paper, the system works.
Safely leveraging generative AI: A practical guide for compliance leaders
Generative AI (GenAI) has moved rapidly from experimentation into day-to-day use across many organizations. Over the past year, teams have shifted from exploratory pilots to relying on these tools for core activities such as contract analysis, research, and software development.
The illusion of control: How shrinking teams and AI are redefining cyber risk
Over recent years, cybersecurity executives have been tasked with an almost impossible Challenge: reduce headcount, accelerate transformation, integrate artificial intelligence, meet regulatory obligations, and still maintain resilience.
National Fraud Enforcement Division: A dangerous escalation of compliance risk
Chief compliance officers and general counsel, beware: The Trump administration’s merging of its whole-of-government enforcement approach with its political agenda forewarns of escalating compliance risk on a national scale.
Best practices for responding to government investigations
In the current business environment, companies must have a documented plan for responding to government investigations. Shifts in tariffs, dynamic export controls, and a potentially less strict enforcement environment around international bribery all increase the risk that an employee or representative could violate the law – inadvertently or intentionally.
Why “just do the work” fails in regulated organizations
Most organizational failures are not failures of effort, discipline, or follow-through. They are interpretation failures misdiagnosed as execution problems.
Creating effective compliance messages for specific employee groups
As 2026 arrives, have you considered the efficacy of your compliance messaging efforts? We have all seen these compliance taglines “Speak Up!,” “See Something, Say Something,” “Ethics Matter!”
Teaching the business to speak risk
Compliance professionals understand the value of risk assessments. We conduct them annually, map risks to controls, and present heat maps to the board. But there is a strategic opportunity that many compliance programs overlook: Teaching the business itself to think in the language of risk.
SOX was built for humans. AI doesn’t fit that model.
For more than two decades, assurance and compliance frameworks have rested on a simple assumption: Material decisions are made by people. Post‑Sarbanes-Oxley Act (SOX) assurance reset worked because it aligned accountability with human behavior. That assumption shapes how internal controls are designed, how accountability is assigned, and how assurance is ...
Managing the permanent tension between compliance and business delivery
Business delivery runs on market deadlines. Compliance runs on regulatory mandates.
Six AI questions compliance officers must answer in 2026
As artificial intelligence reshapes business, compliance teams face new questions about risk and oversight. These are the key issues compliance professionals should be asking as they evaluate their programs heading into 2026.
How banks are responsibly embedding machine learning and GenAI into AML surveillance
As financial crime grows in scale, speed, and sophistication, banks are increasingly turning to artificial intelligence, machine learning, and generative AI to strengthen anti-money laundering and surveillance programs.
Congress is about to regulate crypto. Criminals are ready.
Congress is moving toward rules for cryptocurrency. That’s overdue. For years, crypto markets have grown faster than the laws meant to ensure they aren’t exploited by criminals.
Experts outline core skills compliance teams need to develop in 2026
Compliance teams will face a range of ongoing challenges in the coming year, as well as greater demands from boards and management for better, wider, and more real-time assurance on an increasing range of risk topics.
Tech and compliance 2026: What to watch for in AI, cybersecurity and quantum computing
What will be the critical tech issues for compliance in 2026? We asked experts what tech, digital, and cyber issues they believe compliance teams should be focusing on in the year ahead.
Tips for making AI tools more compliant in 2026
AI mistakes can lead to viral news stories and, sometimes, big legal bills. How can compliance managers learn from past mishaps and protect their organizations as AI becomes increasingly integrated into every part of our working lives? We asked experts what compliance should do to make sure AI toes the ...
Top of mind compliance topics in 2026: Finance, immigration, supply chains and sustainability
What will you be doing in the coming year? We asked experts in a range of sectors to gaze into their crystal balls and highlight one legal development or compliance topic that will be critical for compliance teams in 2026. This is an edited version of what they told us.
Top Ethics and Compliance Triumphs of 2025
This year’s compliance triumphs were all born out of compliance fails. In some cases, it was a regulator finding fault and demanding change. In others, acquiring companies noticed something a little fishy in their new acquisition. What formed a compliance triumph in every case wasn’t the mistake; it was the ...
Bribery exposure doesn’t start with policy failure. It starts with training.
Anti-bribery and corruption failures in financial institutions rarely stem from bad policies.
What 2025’s AI mishaps should teach compliance in 2026
If 2025 was the year generative AI took off in organizations in every sector, it was also the year we saw increasing examples of the risks of AI mishaps.
Building resilient teams in cyberdefense
The stress on cyberdefense teams can be accurately described as a form of chronic occupational trauma stemming from several unique pressures. But there are ways to build a culture that combats these pressures.
The invisible cost of digital defense on mental health
Cybersecurity professionals, particularly those in leadership roles, often face immense pressure and stress due to the constant threat of cyberattacks.
FINRA’s GenAI wake-up call: What compliance professionals must do now
FINRA’s rules are intended to be technologically neutral. They apply when companies use GenAI or similar technologies in their businesses, just as they apply when companies use any other technology or tool. But what does that mean for a compliance professional using GenAI?
How to identify and mitigate risks posed by Foreign Terrorist Organizations
Since Inauguration Day on Jan. 20, 2025, the Trump Administration has made it a priority to expand the list of designated Foreign Terrorist Organizations.
Misused and abused: What the President’s pardon power would do to your compliance team
President Donald Trump’s unprecedented misuse and abuse of a pardon power that dates back 250 years serves as a real-world scenario of what can happen when a system of checks-and-balances – like, say, a corporate ethics and compliance program – is upended by a tyrannical executive.
What the Copilot Usage Report 2025 Means for Corporate Compliance
Microsoft’s Copilot Usage Report 2025 offers compliance professionals a rare, data-driven look at how artificial intelligence is actually being used by millions of people, rather than how organizations assume it is being used.
Emerging antitrust risks in the expanded use of AI
Concerns over competitors using AI pricing tools to fix prices have dominated antitrust discussions in the U.S. and EU. Recent cases show how algorithmic pricing might enable unlawful coordination.
How to make the business case to upgrade records management systems
Companies are giving their records management programs a makeover, and not for the reasons you may think. What used to be a sleepy back-office legal department function is now front and center, often driven by compliance teams.
Why the EU’s new Machinery Regulation is a wake-up call on cybersecurity
The European manufacturing industry is on the cusp of a regulatory shift that promises to reshape how machines are designed and operated.
Write supply chain resilience into the contract
The only thing constant is change. Shouldn’t we be ready for that in our contracts?
The AI audit burden: Why ‘Explainable AI’ is the key
AI decisions are only defensible when the reasoning behind them is visible, traceable, and auditable. Explainable AI delivers that visibility, turning black-box outputs into documented logic that compliance officers can stand behind when regulators, auditors, or stakeholders demand answers.
Turning compliance into a competitive advantage in defense tech
For emerging defense tech companies to take full advantage of acquisition reforms and increased funding, they will need to overcome a defining feature of the U.S. defense industry: It is highly regulated, and will likely remain so.
The rise of the AI compliance officer
As AI reshapes business operations and regulators move quickly, companies increasingly need a dedicated AI compliance officer to ensure ethical, transparent, and accountable deployment.