CW survey: Compliance is adopting AI tools, but governance and controls lag
More than 83 percent of respondents to a new Compliance Week and konaAI survey report using artificial intelligence (AI) but only about 25 percent say their organizations have implemented a strong governance framework.
SOX was built for humans. AI doesn’t fit that model.
For more than two decades, assurance and compliance frameworks have rested on a simple assumption: Material decisions are made by people. Post‑Sarbanes-Oxley Act (SOX) assurance reset worked because it aligned accountability with human behavior. That assumption shapes how internal controls are designed, how accountability is assigned, and how assurance is ...
CPE Webcast: AI in Compliance & Ethics: What’s Working, What’s Not, and What Comes Next
In this webinar, we’ll unpack how organizations are actually using AI today across compliance and ethics programs.
Managing the permanent tension between compliance and business delivery
Business delivery runs on market deadlines. Compliance runs on regulatory mandates.
Six AI questions compliance officers must answer in 2026
As artificial intelligence reshapes business, compliance teams face new questions about risk and oversight. These are the key issues compliance professionals should be asking as they evaluate their programs heading into 2026.
Congress is about to regulate crypto. Criminals are ready.
Congress is moving toward rules for cryptocurrency. That’s overdue. For years, crypto markets have grown faster than the laws meant to ensure they aren’t exploited by criminals.
U.K. regulators move to curb AI nudification tools as scrutiny of Grok grows
The U.K. government’s spat with Big Tech owner Elon Musk over the more risque capabilities of X’s AI assistant Grok has exposed more cracks than the chatbot was ever meant to.
Experts outline core skills compliance teams need to develop in 2026
Compliance teams will face a range of ongoing challenges in the coming year, as well as greater demands from boards and management for better, wider, and more real-time assurance on an increasing range of risk topics.
Compliance must prepare for post-quantum cryptography requirements in contracts
While companies focus on the risks, opportunities, and regulations emerging around AI, the next tech challenge is already on the horizon. Quantum computers are here – and so are the associated crime risks, plus some encryption protections.
Tech and compliance 2026: What to watch for in AI, cybersecurity and quantum computing
What will be the critical tech issues for compliance in 2026? We asked experts what tech, digital, and cyber issues they believe compliance teams should be focusing on in the year ahead.
Tips for making AI tools more compliant in 2026
AI mistakes can lead to viral news stories and, sometimes, big legal bills. How can compliance managers learn from past mishaps and protect their organizations as AI becomes increasingly integrated into every part of our working lives? We asked experts what compliance should do to make sure AI toes the ...
EU agrees rules to make payment providers and online platforms liable for customer fraud losses
Payment service providers operating in the EU will have to cover customers’ losses from fraud if their fraud protection regimes are inadequate or poorly implemented under new EU rules.
First standard for EU AI Act targets quality management regime
The first EU standard to drive conformity and facilitate enforcement of the EU AI Act has been published in draft and circulated for feedback among the countries involved, and compliance managers should prepare for it to be finalized and published by the end of 2026.
Feb 24 | AI - Steps Ethics & Compliance Professionals Should be Taking in 2026
This webinar delivers a practical perspective on what E&C teams should be doing now to comply with new regulations and address AI as both a new potential compliance risk for the organization as well as a tool for them to improve the efficiency and effectiveness of their operations.
What 2025’s AI mishaps should teach compliance in 2026
If 2025 was the year generative AI took off in organizations in every sector, it was also the year we saw increasing examples of the risks of AI mishaps.
FINRA’s GenAI wake-up call: What compliance professionals must do now
FINRA’s rules are intended to be technologically neutral. They apply when companies use GenAI or similar technologies in their businesses, just as they apply when companies use any other technology or tool. But what does that mean for a compliance professional using GenAI?
EU loosens AI and data rules
Europe has been at the forefront of designing strong—but flexible—rules around data use and the safe development of AI, but the EU recently announced plans to simplify some key measures around data privacy and AI governance, which have met with mixed responses.
FTC’s $60 million Instacart case puts misleading fees in the spotlight
The U.S. Federal Trade Commission settled with grocery delivery giant Instacart over accusations of deceptive billing and subscription practices.
Q&A with FINRA’s Greg Ruppert on the organization’s use of Artificial Intelligence
Greg Ruppert, Chief Regulatory Operations Officer at the Financial Industry Regulatory Authority (FINRA), recently shared insights with Compliance Week regarding the self-regulatory organization’s use of Artificial Intelligence in monitoring trends in the market, spotting threats, and keeping its members informed.
What the Copilot Usage Report 2025 Means for Corporate Compliance
Microsoft’s Copilot Usage Report 2025 offers compliance professionals a rare, data-driven look at how artificial intelligence is actually being used by millions of people, rather than how organizations assume it is being used.
Emerging antitrust risks in the expanded use of AI
Concerns over competitors using AI pricing tools to fix prices have dominated antitrust discussions in the U.S. and EU. Recent cases show how algorithmic pricing might enable unlawful coordination.
CPE Webcast: Hot Topics in Risk and Compliance: AI, Analytics, and Emerging Audit Technologies
Join experts from KPMG, Cisco, and Workiva as they explore how audit, accounting, and finance professionals can leverage a technology mix of data analytics, gen AI, and other tools to ramp up efficiency and strengthen control effectiveness.
FATF focus on criminal asset recovery points to a more investigatory role for compliance
Global organised crime is booming, and only 1 to 2 percent of the $4 trillion black economy is intercepted, according to figures from the Financial Action Task Force. Its new guidance suggests that countries should focus on rapid investigations, collaborative intelligence gathering, and confiscating the proceeds of criminal activity.
EU moves to simplify GDPR and AI Act obligations, raising compliance questions for companies
For the past decade, Europe has led in creating strong but flexible rules for data use and safe AI development. The EU’s new plans to simplify key data privacy and AI governance measures have received a mixed response.
How to make the business case to upgrade records management systems
Companies are giving their records management programs a makeover, and not for the reasons you may think. What used to be a sleepy back-office legal department function is now front and center, often driven by compliance teams.
CPE Webcast: Driving Success Through Effective Change Management
Join us as we discuss how structured change management accelerates digital initiatives and ensures long-term success. In this session, we’ll explore proven strategies to enhance alignment, reduce resistance, and enable successful transformation.
U.K. data regulator pushes transparency on investigations
Plans to increase transparency around how the U.K.’s Information Commissioner investigates and fines companies should give businesses more clarity, but experts say the regulator still needs to explain how it will prioritize cases.
The AI audit burden: Why ‘Explainable AI’ is the key
AI decisions are only defensible when the reasoning behind them is visible, traceable, and auditable. Explainable AI delivers that visibility, turning black-box outputs into documented logic that compliance officers can stand behind when regulators, auditors, or stakeholders demand answers.
U.K. Cyber Security and Resilience bill set to regulate critical infrastructure suppliers
Suppliers to the U.K. critical infrastructure will face new regulations to ensure they are protected from cyberattacks. The Cyber Security and Resilience Bill, introduced on November 12, also raises penalties for breaches and expands regulator powers to label certain suppliers as critical.
SEC dismisses SolarWinds case tied to 2020 cyberattack
The dismissal of charges against SolarWinds for alleged cybersecurity lapses related to a 2020 Russian cyberattack in 2020 are the latest in a continuing pattern of leniency for corporations by the Trump administration.
Rapid regulatory change requires investment in compliance processes in financial services firms
Geopolitical instability and a general focus on increasing growth and productivity by governments worldwide are causing a slew of regulatory changes in the financial services sector. But most firms are failing to identify potential compliance changes early enough to make meaningful decisions.
The rise of the AI compliance officer
As AI reshapes business operations and regulators move quickly, companies increasingly need a dedicated AI compliance officer to ensure ethical, transparent, and accountable deployment.
U.K. outlines AI sandbox plan as regulators weigh compliance risks
The U.K. has set out a new blueprint for AI regulation, which aims to slash bureaucracy and ramp up the safe adoption of new and emerging technology to unlock potential and boost investment.
Compliance should protect firms from AI-washing investigations and insurance claims
Insurance firms are warning that AI-washing could trigger a slew of cases against directors, and are adjusting their directors’ and officers’ liability premiums accordingly. With regulators cracking down on AI-washing, compliance could be a crucial line of defense and save companies on their insurance costs.
Agentic AI and the policy blind spot: Why security can’t wait
The current AI policy and regulation landscape is still emerging globally. While some regulations and standards exist, governments, industry, and security leaders have critical gaps to close, especially around agentic artificial intelligence.
CFPB ends probe into Meta’s financial advertising practices
Meta says it is no longer under investigation by the U.S. Consumer Financial Protection Bureau (CFPB), the latest instance of the agency scaling back enforcement under President Donald Trump.
Complying with the EU Data Act – What companies should know
Companies could face significant compliance challenges in trying to meet new EU legal requirements about how companies share data with third parties.
Compliance Career Forum
A one-day virtual event exploring how the career path for compliance professionals is changing, and what compliance professionals should be doing now to assure career success and security for years to come.
The CFO, AI, and the New Compliance Frontier
As CFOs use AI to streamline operations, they face new compliance risks tied to accountability and algorithmic governance. CCOs must work with them to ensure transparency and oversight throughout adoption.
New EU Data Act may impact companies’ GDPR compliance efforts
New rules that have recently come into effect across the EU will allow for greater transfers of data between companies, though experts fear the changes could conflict with Europe’s strict privacy legislation, which protects personal information.
AI hallucinations in Deloitte Australia report highlight important role for compliance
“Hallucinatory” citations and errors in an AI-assisted report produced by Deloitte for the Australian government should be a wake-up call for compliance officers about the risks of placing too much trust in AI.
Q&A with Olga Kozak-Anlar of Robinhood Markets
Compliance Week Editor-in-Chief Aaron Nicodemus recently interviewed Olga Kozak-Anlar, Compliance AI Lead at Robinhood Markets Incorporated, about her role at Robinhood and the company’s use of AI.
Employee use of ‘shadow AI’ poses significant risks for companies
Companies face increased risk of cyberattacks, data loss, and even regulatory action because employees are using unapproved “shadow AI” tools to help with work-related tasks.
Shadow AI: Another element of TPRM
Companies may face significant financial and legal risks if they fail to vet suppliers and third parties over their use of unauthorized AI and how the technology may use and share their corporate data.
What compliance can learn from a 95 percent AI pilot failure rate
Compliance professionals have long known that systems fail when governance does. An MIT study’s finding that 95 percent of enterprise artificial intelligence (AI) pilots fail underscores how essential compliance-grade discipline is to the success of emerging technologies.
PCAOB’s Christina Ho: How emerging technologies could improve audit quality
Emerging technologies, like artificial intelligence (AI) and advanced data analytics, can improve audit quality in significant ways. As the regulatory overseer of public-company audits, the Public Company Accounting Oversight Board (PCAOB) has a critical role to play by ensuring that its audit standards evolve as the audit profession evolves.
Webcast: The Future of AI for Compliance Champions
In this exclusive interview, Mitratech’s Strategic Advisor – Integrated Risk Management will share how AI is evolving the Risk and Compliance function, challenges and opportunities presented for Risk and Compliance, and the need for AI Governance.
Compliance must use AI to maximize benefits from sustainability reporting
Global pressure for sustainability reporting is rising. Despite political uncertainty and regulatory delays, companies continue to improve reports for regulators and stakeholders with the help of AI.
U.K. to introduce mandatory ransomware reporting, raising risk of ‘box-ticking’ compliance
The U.K. will require companies to report ransomware payments, but experts warn this could lead to “box-tick” compliance rather than real cyber-resiliency, since it’s cheaper.
Study: Compliance managers must set rules in race to adopt AI agents and copilots
More than half of all compliance teams are “actively using” or “piloting” AI applications, according to a Moody’s report. While most are focusing on streamlining routine tasks, some are developing AI agents and asking vital questions about AI decision-making.