All Third Party Risk articles – Page 11
-
Article
A look inside USAA’s ‘catastrophically mismanaged’ compliance culture
In exclusive interviews with Compliance Week, former USAA insiders describe a risk and compliance culture in which numerous individuals either were given the axe or quit because the problems were so endemic.
-
Article
Whistleblower: USAA ‘actively lying to regulators for years’ regarding violations of law
Senior executives at USAA ignored warnings from compliance staff and consultants for years regarding violations of U.S. federal banking laws and hid from regulators the scope of the company’s illegal practices, a former USAA director of compliance turned whistleblower told Compliance Week.
-
Article
Whistleblower to OCC: USAA had 400,000 undisclosed Military Lending Act violations
USAA Bank engaged in an estimated 400,000 violations of the Military Lending Act, a former director of compliance within the bank reported to the Office of the Comptroller of the Currency in documents seen by Compliance Week.
-
Article
Experts assess risks to weigh as companies confront exit from Russia
As sanctions against Russia continue to come down from the United States, European Union, and other countries, companies must ensure they have the means to comply instantly—even if ceasing business dents their financials and puts them at legal risk for breaching contract.
-
Article
ICA Insight: Russia sanctions frequently asked questions
Jake Plenderleith of the International Compliance Association answers selected questions from attendees of a recent ICA webinar on Russian sanctions intended to help provide clarity on what firms can do to protect themselves from exposure.
-
Article
How to prepare for SEC’s climate-related disclosure rule
The Securities and Exchange Commission’s proposed climate-related disclosure rule would force companies that have been reluctant to initiate a self-examination of their environmental impact to do so, posthaste. Experts weigh in on where to start.
-
Article
Compliance implications of USAA order addressing AML lapses
The consent order issued by the Office of the Comptroller of the Currency against USAA Bank imparts lessons for compliance officers in the financial services industry on how—and how not—to maintain a Bank Secrecy Act/anti-money laundering compliance program.
-
Article
Advice for navigating ‘fast and furious’ Russian sanctions landscape
To help sort through the gray area of evolving sanctions and export control restrictions against Russia, chief compliance officers should consider a handful of key best practices.
-
Article
USAA fined $140M for AML compliance failures
USAA Federal Savings Bank must pay $140 million as part of consent orders reached with the Financial Crimes Enforcement Network and Office of the Comptroller of the Currency for its failures maintaining its Bank Secrecy Act/anti-money laundering compliance program.
-
Article
Top 10 reasons to attend Compliance Week 2022
A keynote with two SEC commissioners; interactive sessions on global sanctions, ESG, and ethical leadership; and a new conference location and format highlight Dave Lefort’s list of reasons to be excited for CW’s first in-person event in nearly three years.
-
Article
Third-party cybersecurity monitoring: Tips for keeping vendors honest
A continuous monitoring cybersecurity strategy for third-party risks goes a long way toward proactively identifying external vulnerabilities. At CW’s virtual Cyber Risk & Data Privacy Summit, a panel of experts shared leading practices.
-
Article
Transparency key to navigating modern employee monitoring risk landscape
The opening session of Compliance Week’s virtual Cyber Risk & Data Privacy Summit addressed the challenges of using technology to monitor employees while considering regulatory and ethical risks.
-
Article
How Accor manages global data privacy compliance
Marie-Christine Vittet, vice president of compliance at hospitality chain Accor, shares with Compliance Week the company’s journey toward a global data privacy compliance program.
-
Article
REWE International $9M GDPR fine a lesson in managing subsidiary risk
A recent decision by the Austrian Data Protection Authority against food retailer REWE International underlines the fact parent companies are ultimately responsible for how their subsidiaries manage people’s data, even if the offshoot entity operates separately.
-
Article
NAVEX: Top 10 risk and compliance trends for 2022
Diversity, equity, and inclusion; prioritizing ESG; business continuity; and more highlight the latest edition of NAVEX’s annual list of risk and compliance trends worth monitoring.
-
Article
Morgan Stanley agrees to $60M settlement over compromised personal data
Morgan Stanley has agreed to establish a $60 million fund to settle a class-action lawsuit filed by nearly a dozen customers regarding personal data that was compromised when the bank decommissioned two wealth management centers.
-
Article
Survey highlights need for better data integration between risk and compliance
A recent survey from Compliance Week and Riskonnect presents a compelling argument for companies to invest in bridging the gap between risk management and compliance data.
-
Article
Grindr fined $7.2M for GDPR consent violations
The Norwegian Data Protection Authority announced a fine of NOK 65 million (U.S. $7.2 million) against gay dating app Grindr for sharing personal data with third parties without users’ consent.
-
Article
NYDFS guidance addresses common MFA problems—and how to fix them
The New York State Department of Financial Services outlined common vulnerabilities in multi-factor authentication and how to address them from a cybersecurity risk management standpoint.
-
Article
OCC report: Cyberattacks, pandemic among top bank risk areas in 2021
Banks and financial institutions regulated by the OCC faced elevated risks in 2021 from cyberattacks launched on them and their third parties, as well as compliance risks related to the pandemic, according to the agency’s latest report.