Our rapidly changing world still needs thoughtful compliance, now more than ever
Sometimes, it feels like the only thing that’s certain is that tomorrow will be different from today. For an industry that’s focused on rules, regulations, and ethics, that lack of consistency can seem overwhelming. That’s why the next few days will matter so much.
EU hits Apple, Meta with antitrust fines weeks after Trump tariffs announced
The European Union issued significant antitrust fines against two tech titans, hitting Apple with 500 million euros (U.S. $570 million) and Facebook owner Meta with 200 million euros (U.S. $228 million). The move sought to undermine key parts of both companies’ businesses less than a month after U.S. President Donald ...
UK’s deregulation drive raises compliance risk, say top lawyers
The United Kingdom’s latest effort to encourage regulators to pare down rules to attract companies and investment as a way to stimulate the economy has received mixed reviews from lawyers.
AI regulation: U.K. sits on regulatory fence between U.S. and E.U.
The U.K. has pressed pause on artificial intelligence regulation as its government comes under twin pressures from those who fear the growing power of unregulated AI and the overriding need to generate growth. The postponement of long-expected legislation means that the U.K. is left sitting on the fence between federal ...
Companies unprepared for European Accessibility Act as June deadline looms
An accessible website should be a basic requirement for businesses, allowing the largest number of people to access a company’s content and services. With technology as an enabler, it also makes good business sense. After all, why would any organization want to hinder customer access? However, many websites are not ...
EU regulator questions 'culture of compliance' with Digital Markets Act at Apple, Google
The European Commission released its preliminary findings last week regarding Apple and Google not complying with the Digital Markets Act. It issued orders to both companies regarding their business practice and plans to release all of its findings next week.
‘Abject failure’: U.K. lawmakers sound off on FCA’s failed 'naming and shaming' enforcement
U.K. lawmakers slammed the country’s chief financial regulator’s hopes of “naming and shaming” firms as part of its efforts to beef up enforcement, denting its credibility in the process and questioning the leadership of its chief executive.
EU drives ‘omnibus’ of simplifications through landmark sustainability reporting directives
The European Commission has adopted proposals for radical simplifications to the EU’s trailblazing environmental regulations. The commissioners argue that this is a pragmatic response to changing global economics and indicates that they have listened to the concerns of smaller businesses that are struggling to comply with onerous and conflicting rules.
Why are CFOs struggling to stay compliant?
CFOs are tasked with overseeing an organization’s entire financial processes, not least ensuring that financial operations remain compliant with the multitude of global regulations. It’s a heavy burden to carry that might be alleviated slightly with the help of artificial intelligence, writes Markus Hornburg, head of compliance at Basware.
'Measured approach' or light-handed GPDR? Noyb reports only 1.3 percent of EU cases result in fine
When Europe’s strict set of data protection rules came into force nearly seven years ago, privacy campaigners, industry experts, and lawyers all warned that noncompliance could result in eye-watering fines and other costly sanctions, especially for repeated breaches. However, the reality appears to be very different.
U.K. Employment Rights Bill promises to thwart forced labor through new consolidated regulator
For the past decade, the United Kingdom has tried to make companies more directly accountable for forced labor in their supply chains. But lawyers warn that the government’s latest plans to beef up protections against worker violations risk being heavily watered down and poorly policed by regulators.
Experts: U.K. digital market reforms a ‘watershed moment,’ could speed up enforcement
The U.K.’s competition regulator has outlined new plans to regulate Big Tech firms that will enable it to take a much more flexible and proactive approach towards investigations.
FBI, Europol shut down hacking sites selling personal info, tools for cybercriminals
Two massive hacking websites–where criminals sold everything from stolen social security numbers to tools for cybercriminals to gain access to computers–have finally been shut down by an international law enforcement team, the Department of Justice announced.
Q&A: Hellenic Bank CCO on progress made to fight corruption in Cyprus
Maria Aristidou Demetriou, chief compliance officer at Cyprus-based Hellenic Bank, spoke to Compliance Week about derisking in the Cypriot banking sector since Russian’s invasion of Ukraine and efforts to combat corruption, money laundering, and sanctions evasion.
Inside Cyprus’ efforts to stem money laundering and sanctions evasion
Are there success stories in the international fight against money laundering and sanctions evasion? The island nation of Cyprus is making its case.
Experts say DORA compliance not coming easy as more firms pass buck to IT providers
New rules have come into effect across the European Union to promote better cybersecurity and IT resilience across the financial services sector, but experts warn that compliance is likely to be patchy and regulatory enforcement across the bloc perhaps even patchier.
CJEU ruling adds to GDPR liability over unfair competition, AML/CFT
Legal cases and fines for noncompliance with EU’s GDPR could rise sharply after a court found that a breach was a source of unfair competition. The judgment also opens doors to civil cases over companies that ignoring expensive or challenging rules, such as those regarding AML/CFT.
Portuguese bank ousts chief risk officer after ‘suspicious’ transactions uncovered
Portuguese bank Novo Banco, S.A., fired Chief Risk Officer Carlos Jorge Ferreira Brandão “with just cause” after an internal probe discovered “suspicious financial transactions” in his sphere.
Experts unsure of risk appetite as EU beefs up cyber rules for critical infrastructure
New rules on cyber risk management across the EU put execs firmly in the crosshairs for noncompliance and are likely to apply to a wider range of organizations than many business leaders may initially think. However, there are also concerns that the rules may become muddled across the wide bloc.
TPRM critical as DORA, new FCA third-party engagement rules come into effect in 2025
New rules that push IT firms providing “critical” services to the U.K.’s financial sector to share more data about cyberattacks and resiliency measures have been welcomed by industry experts. However, concerns remain over how suppliers will be classified and how key data might be gathered and shared.
EU AI Act next GDPR? Proof in the pudding as boardrooms prioritize data governance
Breaches of the EU’s GDPR can cost companies substantial sums and huge reputational damage. Now some are warning that the implementation of the EU’s AI Act will be just as far-reaching, and could potentially lead to similar numbers of cases.
’Future-proofing’ products for safety next level of regulation under EU GPSR
Any product that uses AI needs to be safety assessed for its entire lifespan under new rules that went into effect recently across the EU. Experts warned companies using AI to tailor products could be classed as “manufacturers” and face the same duty of care as developed.
Overabundance of U.K. AML regulators stretching enforcement resources thin, experts say
The U.K. will struggle to shed its reputation as one of the world’s biggest conduits for dirty money due to a combination of patchy intelligence-sharing and poorly resourced enforcement agencies, experts told Compliance Week.
U.K., EU enforcement regimes set to escalate, but critics question sanctions’ effectiveness
With a new political regime ready to take over in the U.S., the effectiveness of sanctions against malign foreign actors like Russia, North Korea, and Iran have come into question. While the European Union and U.K. have increased sanctions pressure, critics have publicly asked: Is it enough?
Good AI governance starts with proactive, continuous risk assessments
Data governance has become a key concern for companies, especially when the EU AI Act and General Data Protection Regulation have put a premium on handling data responsibly and ensuring that artificial intelligence does not cause harm.
EU Deforestation Directive delayed, experts advise compliance managers to not rest on laurels
If your business uses leather, rubber, wood, beef, palm oil, soy, or paper, then you may need to comply with the EU Deforestation Directive, a new rule intended to ensure that no goods traded in the EU contribute to global deforestation.
Spanish telecomm Telefónica S.A. fined $85M over bribes to government officials in Venezuela
A subsidiary of Spanish telecommunications provider Telefónica S.A. will pay $85.2 million to settle a charge that it violated the Foreign Corrupt Practices Act when it paid bribes to Venezuelan officials to gain preferential access to a currency auction.
Meta-backed EU appeals body facing conflicts of interest concerns
Ireland’s cozy relationship with big business and Big Tech has once again come under scrutiny after the country’s media regulator allowed a $15 million one-off funding payment from Meta’s Oversight Board Trust to help launch the newly formed Appeal Centre Europe.
Irish DPC fines LinkedIn $335M over GDPR violations related to targeted advertising
The Irish Data Protection Commission fined Microsoft-owned LinkedIn 310 million euros (U.S. $335 million) over violations of the European Union’s General Data Protection Regulation related to the social media company’s data processing and targeted advertising.
EU businesses will soon have to report on supply chains and sustainability. Not all are ready
Supply chains are about to become the next big thing in sustainability compliance. However, many organizations still lack the data and assurance capabilities to track sustainability and human rights activities across their extended supply chains – which is required by the EU’s CS3D. Many others that fall out of scope ...
Pace of innovation will make EU AI Act hard to enforce, experts say
Concerns about how robustly European member states may enforce the EU AI Act, which took effect on Aug. 1, are divided between if regulators will take a “light touch” approach or a sledgehammer for noncompliance. One thing’s for sure, the pace of AI innovation will make enforcement very difficult.
Photo gallery: Compliance Week Europe 2024
Compliance Week Europe, held Oct. 15-16 in Amsterdam in partnership with our sister organization the Internation Compliance Association, gathered more than 200 GRC professionals across industries. Check out some of the sights from the event.
What’s your risk appetite? EU firms grapple with ‘ridiculously complex’ ESG reporting rules
Discussions on the increasingly complex ESG rules in the EU were the crux of some conversations at Compliance Week Europe, a two-day conference in Amsterdam Oct. 15-16. The event brought together Compliance Week and its sister organization, the International Compliance Association, and more than 200 GRC professionals across industries.
Companies are slowing AI launches in Europe, some say European Union regulations are why
The European Union’s Digital Markets Act is forcing many Big Tech companies to postpone the launch of artificial intelligence-powered features, like Apple Intelligence, over user privacy and data security concerns.
AI misuse could lead to sanctions from multiple regulators, experts warn
The proliferation of AI, as well as the promised business cases promoting its use, has led companies around the world to quickly invest in the technology. Executives hope these AI tools will improve efficiencies, reduce costs, and help them stay competitive. But it could lead to just the opposite.
Barclays is axing its bonus caps. Is it also ditching good governance?
Four years post-Brexit, London-based Barclays became the first British bank to scrap bonus caps for its traders that were meant to curb excessive risk-taking with client cash, improve corporate governance, and restore faith in an industry most working people still hold responsible for 15 years of economic misery.
FTC sounds alarm on business practices turning into ‘vast surveillance’
The Federal Trade Commission took aim at the business models of some of the world’s largest companies, publishing a years-long study that decried technologies that have created “vast surveillance” networks that expose people to “a host of harms” and violate children’s privacy laws.
An Amsterdam discussion on increased role of CCOs
Compliance Week and its sister organization the International Compliance Association will bring together more than 200 GRC professionals for Compliance Week Europe Oct. 15-16 in Amsterdam to discuss how they’re making sense of the constantly changing regulatory landscape.
All hands on deck needed to get ESG disclosures right, report finds
Multiple emerging environmental, social, and governance and disclosure standards pose legal and operational risks to many companies, but also opportunities to improve reporting and get ahead of requirements, a new report found.
DORA set to enhance cyber resilience requirements for EU financial firms
The European Union’s Digital Operational Resilience Act, which is set to take effect next year, will require financial services firms to implement stronger measures to protect not only themselves from disruption caused by cyberattacks but also the sector as a whole.
Lithuanian DPA orders Vinted to pay $2.6M over GDPR violations
The data protection authority of Lithuania levied a fine of 2.4 million euros (U.S. $2.6 million) against Vinted UAB, an online clothing trading and exchange platform, for alleged violations of the European Union’s General Data Protection Regulation.
European Commission informs X it may be in breach of Digital Services Act
The European Commission informed X, formerly Twitter, that it may be the first company found to be in violation of the European Union’s Digital Services Act in areas “linked to dark patterns, advertising transparency, and data access for researchers.”
EU agencies examine efforts to identify and monitor examples of greenwashing
The European Securities and Markets Authority, European Banking Authority, and European Insurance and Occupational Pensions Authority issued reports on greenwashing in the financial sector, describing how they plan to call out examples of false or misleading sustainability claims.
Reignited calls to tighten up AML in London, crown dependencies
Despite repeated interventions, fines, and negative publicity, money laundering is rife in U.K. financial services firms, according to Deputy Foreign Secretary Andrew Mitchell.
Big Tech data for finance: Will FCA plans set trend?
Plans in the United Kingdom to share Big Tech data with financial services firms could prompt other industry regulators to follow suit or result in “unintended consequences” that see Meta, Google, and others growing market share.
Ericsson completes DOJ-imposed compliance monitorship
Swedish telecommunications giant Ericsson announced the conclusion of the independent compliance monitorship imposed on the company following its 2019 settlement for violations of the Foreign Corrupt Practices Act.
Experts express skepticism toward ‘challenging’ SFO strategy
The U.K. Serious Fraud Office last month published its five-year strategic plan outlining how it intends to improve information gathering and international cooperation, as well as its enforcement record.
BaFin relaxes growth restrictions on N26 following AML improvements
German financial regulatory authority BaFin lifted growth restrictions on N26, after the digital bank made improvements to its anti-money laundering program.
HSBC fined $8M by FCA for mishandling customers in default
The U.K. Financial Conduct Authority fined HSBC nearly £6.3 million (U.S. $8 million) for failing to properly consider the financial position of customers who missed payments.
N26 fined $9.6M for not timely filing AML reports to BaFin
Germany’s financial supervisory authority issued a fine of €9.2 million euros against mobile bank N26 for “systematically” submitting late anti-money laundering reports.