All Risk Management articles – Page 51
-
News BriefTreasury No. 2 warns of increased Russian sanctions enforcement
Deputy Secretary of the Treasury Wally Adeyemo said the agency is primed to step up its enforcement efforts regarding sanctions and export controls announced against Russia in the year since the country invaded Ukraine.
-
News BriefHHS reports: Compliance reviews, health data breaches up
The number of compliance reviews by the Department of Health and Human Services of health organizations increased between 2017 and 2021, according to the agency’s latest reports to Congress.
-
News BriefRaiffeisen confirms OFAC probe into Russia, Ukraine business
Raiffeisen Bank International said it received a request for information from the Treasury Department’s Office of Foreign Assets Control regarding its business activities related to Russia and Ukraine.
-
PremiumCybersecurity pillars: Prevention, protection, mitigation, governance
The former superintendent of the New York State Department of Financial Services explained how the structure of a cybersecurity program is like a compliance program and can be divided into four buckets during a panel discussion at CW’s Cyber Risk & Data Privacy Summit.
-
News BriefSEC, CFTC order Options Clearing Corp. to pay $22M over internal rule failures
Options Clearing Corp. agreed to pay $22 million as part of settlements with the Securities and Exchange Commission and Commodity Futures Trading Commission addressing charges the company failed to comply with internal rules to manage risks.
-
OpinionBook review: Why revamping procurement benefits business—and compliance
In “Profit from the Source,” four Boston Consulting Group thought leaders argue why procurement should be shaping corporate strategy, not just supporting it. Author Daniel Weise tells Compliance Week why such a transformation would elevate compliance, too.
-
PremiumCISA strategist: What is an SBOM and why it matters to compliance
Cyberattacks on software are increasing, and the best chance organizations have of protecting themselves is to know about potential vulnerabilities through a software bill of materials, CISA Strategist Allan Friedman shared at CW’s virtual Cyber Risk & Data Privacy Summit.
-
ArticleIs threat of regulatory censure a risk worth taking?
When making anti-regulatory decisions, a board is expressing its real risk appetite. This can be frustrating, even bewildering, for compliance professionals, especially when rules are clear and explicit in their expectations.
-
News BriefAmigo Loans dodges $89M fine over IT system lending lapses
Amigo Loans faced a penalty of £72.9 million (U.S. $88.7 million) after the U.K. Financial Conduct Authority found it used automated decision-making to drive sales over ensuring whether customers posed credit risks.
-
PremiumComerica pressured over handling of government program fraud claims
Comerica Bank has been battling allegations for years of mishandled fraudulent transactions in violation of U.S. federal banking laws. A series of class-action lawsuits against the bank recently certified by a federal district court judge provide scope into the alleged failings.
-
News BriefJudge rules against adding compliance monitor in Boeing DPA
A federal judge in Texas ruled against a request by the families of those killed in two Boeing 737 MAX crashes to alter the terms of a 2021 deferred prosecution agreement between the company and the Department of Justice to add an independent compliance monitor.
-
News BriefCPPA seeking comment on cybersecurity audit, risk assessment rule adds
The California Privacy Protection Agency is seeking comment on privacy rules requiring certain large businesses to conduct annual cybersecurity audits and risk assessments if the state believes they are placing consumer data at risk.
-
News BriefBanking regs set 2023 stress test scenarios
Banking regulators unveiled new stress test requirements for the largest financial institutions, including a series of hypothetical global market shocks six banks will be required to face.
-
PremiumSurvey: Cybersecurity, regulatory risks lead TPRM priorities in 2023
Respondents to a survey from Compliance Week and Dun & Bradstreet overwhelmingly indicated cybersecurity to be the most important compliance-related area affecting third-party risk management in the new year, though fraud and other risks should still be on their radar.
-
PremiumSFO’s Balli Steel win latest to leverage international cooperation
The Serious Fraud Office secured the convictions of two executives at failed British steel trading business Balli Steel on six counts of fraud. Legal experts examine whether “record-breaking” international cooperation in the case served as a crutch for the U.K. regulator.
-
ResourceSurvey Report: Top TPRM priorities in 2023
Respondents to a survey from Compliance Week and Dun & Bradstreet overwhelmingly indicated cybersecurity to be the most important compliance-related area affecting third-party risk management in the new year, though fraud and other risks should still be on their radar.
-
News Brief
SEC exam report highlights Marketing Rule, Reg BI, private fund advisers
The Securities and Exchange Commission’s 2023 examination priorities report laid out areas under the microscope this year, including compliance with the agency’s Marketing Rule and Regulation Best Interest.
-
News BriefTreasury report flags benefits, drawbacks to use of cloud services
The Treasury Department issued a report regarding the benefits and challenges associated with the use of cloud service providers by financial sector firms, finding shortcomings related to transparency, staff support, and cybersecurity incident response.
-
PremiumEuropean labor laws showing teeth in crackdown on gig economy
Recent enforcement cases against food delivery company Glovo and online retailer Amazon in Spain have shone a spotlight on the compliance difficulties associated with engaging workers as freelancers rather than full-time employees.
-
PremiumCybersecurity challenges: Defense and disclosure
Experts share perspectives regarding the criticality of cybersecurity risks, what the response of management and boards should be, and how proposed disclosure requirements need to be incorporated into cyber-related responsibilities.