Grant Thornton

Grant Thornton UK fined $3.2M for Patisserie Valerie audit lapses


Grant Thornton UK has been fined £2.34 million (U.S. $3.2 million) by the Financial Reporting Council for failures in its audits of collapsed café chain Patisserie Valerie between 2015 and 2017.


Petrofac readies bribery guilty plea, touts compliance enhancements


Petrofac will plead guilty to seven counts of failing to prevent bribery, the potential endpoint in a long-running investigation into allegations company executives paid to win lucrative contracts in Iraq, Saudi Arabia, and the UAE.

Green reporting

CMA’s Green Claims Code latest effort in greenwashing crackdown


Companies have until the end of the year to stop making misleading claims about the green credentials of their products and services or face regulatory action, the U.K. Competition and Markets Authority has warned.


Big Four mishaps in U.K. underscore need to challenge auditors


Companies should question their auditors throughout the audit process, particularly in the wake of a spate of recent enforcement actions in the United Kingdom targeting the Big Four and other large firms for audit deficiencies.


Swedbank CCO lauded for role in AML rebound to retire


Ingrid Harbo, Swedbank’s chief compliance officer during its ongoing recovery from a massive AML scandal, announced she will retire in March 2022.

Nord Stream 2

Nord Stream 2 a study in sanctions complexity

2021-09-20T16:40:00+01:00By Jake Plenderleith, International Compliance Association

The construction of Nord Stream 2 and the accompanying geopolitics at play illustrate how difficult it can be for compliance to respond to evolving sanctions risks.

WhatsApp phone

WhatsApp GDPR fine fallout: EDPB actions shift enforcement landscape


Experts weigh in on the Irish Data Protection Commission’s €225 million (U.S. $267 million) GDPR fine against WhatsApp, which saw the European Data Protection Board rule to increase the fine total and compliance obligations.

German parliament

German AML deficiencies in spotlight ahead of election


A recent raid by German prosecutors of the country’s finance and justice ministries has once again put a spotlight on Germany’s apparent failings in tackling financial crime.

Credit Suisse sign

Credit Suisse appoints Rafael Lopez Lorenzo as chief compliance officer


Credit Suisse has named Rafael Lopez Lorenzo as its chief compliance officer, five months removed from his predecessor stepping down in the wake of massive losses caused by the collapses of Archegos Capital Management and Greensill Capital.


Ireland shakes up GDPR enforcement with $267M fine against WhatsApp


Ireland’s Data Protection Commission announced a record-breaking €225 million (U.S. $267 million) fine against WhatsApp that is equally significant for the compliance lessons it imparts and inconsistency of the GDPR it exposes.


FRC: KPMG provided ‘false’ info in Carillion, Regenersis audit inspections


The U.K. Financial Reporting Council issued a disciplinary formal complaint against KPMG for allegedly providing “false and misleading” information during inspections into the Big Four firm’s audits of Carillion and Regenersis.

UK privacy

U.K. signals divergence from GDPR with new data transfer approach


The United Kingdom announced plans to strike independent data adequacy decisions with key countries—including the United States—as part of its post-Brexit economic strategy.


U.K. audit breakup plan hits snag without Big Four support


The Big Four audit firms have refused to back a U.K. government plan to break their dominance of the market by forcing them to share work with smaller competitors to give them a foothold.

Binance crypto

Weathering the storm: Why FinTech compliance failures persist


Experts weigh in with their thoughts on why FinTechs and cryptocurrency firms continue to have a bad reputation in terms of compliance.


EY fined $3M in U.K. for Stagecoach audit failings


The U.K. Financial Reporting Council ordered EY to pay a reduced fine of £2.2 million (U.S. $3 million) related to its audits of international transport company Stagecoach Group for the 2017 financial year.

Greensill Capital

What went wrong at Greensill Capital? Former risk chief shares his view


Brett Downes, the chief risk officer at Greensill Capital for five years before the company filed for insolvency, explains what factors he believes led to the supply chain finance startup’s abrupt collapse.


​ICO’s first GDPR fine reduced on appeal


The U.K. Information Commissioner’s Office’s fine against pharmacy Doorstep Dispensaree for violations of the General Data Protection Regulation has been slashed approximately two-thirds on appeal to £92,000 (U.S. $126,000).


BSI guidance offers whistleblower management best practices


The British Standards Institution has created international guidance to help companies set up an effective whistleblowing management system.


Hamburg DPA warns Zoom incompatible with GDPR


The Hamburg data protection authority has warned local government departments to stop using Zoom because it believes the videoconferencing app is not compliant with the General Data Protection Regulation.


GDPR fines worth appealing? Factors to consider


Experts weigh in on the results of a report from the European Data Protection Board showing which countries have seen the most GDPR fines annulled or modified following court appeal.

Credit Suisse

Rebuilding Credit Suisse nominates risk management veterans to board


In a continuing overhaul of its risk and compliance leadership, Credit Suisse announced the nominations of Axel Lehmann and Juan Colombas to serve as non-executive members of its board.

Euros chained

Resource demand to enforce GDPR weighing heavy on EU authorities


A new report from the European Data Protection Board has found an overwhelming majority of data protection authorities believe they are under-resourced to deal with the demands of the General Data Protection Regulation.

Employee spying

Employee monitoring proving hot target for GDPR enforcement


Recent fines in Italy against two food delivery companies for violating the privacy of their drivers should act as a warning that employee surveillance can prove to be a major breach of the General Data Protection Regulation.


KPMG fined $18M for ‘integrity and objectivity’ breaches in Silentnight sale


The Financial Reporting Council ordered KPMG to pay a £13 million (U.S. $18 million) fine for “breaches of the principles of integrity and objectivity” in its advisory role regarding the 2011 sale of mattress company Silentnight to U.S. private equity firm HIG Capital.

European Commission

EU guidance seeks to clarify role of AML/CFT compliance officers


The European Banking Authority is seeking comment on new draft guidelines that set clear expectations regarding the appointment, role, tasks, and responsibilities of anti-money laundering and countering the financing of terrorism compliance officers.


Italian DPA fines Deliveroo $3M for worker privacy violations


Italy’s data protection authority Garante fined U.K.-based food delivery company Deliveroo €2.5 million (U.S. $3 million) under the GDPR for violating the privacy rights of its Italian drivers.

Corporate monitor

The importance of transaction monitoring, and the cost of getting it wrong

2021-08-03T18:36:00+01:00By Teodora Harrop, for International Compliance Association

Transaction monitoring has evolved to the point where the emphasis is now on the requirement firms carry out ongoing monitoring of client relationships. Recent enforcement actions provide lessons on pitfalls to avoid.

Amazon building

Amazon discloses record-shattering $887M GDPR fine


Amazon disclosed it has received notice of a €746 million (U.S. $887 million) GDPR fine in Luxembourg for unlawful processing of personal data. The company intends to appeal the penalty, which would be more than 15 times the current record under the law.

Credit Suisse sign

Report: Deficient risk culture at Credit Suisse contributed to Archegos collapse


An independent report commissioned by Credit Suisse to examine the bank’s failures that led to $5.5 billion in losses when Archegos Capital Management collapsed this year concluded a series of missteps by risk and compliance failed to escalate numerous red flags.

Oil barrels

Ex-Glencore oil trader pleads guilty for role in bribery scheme


A former oil trader for a subsidiary of Glencore entered a guilty plea for his role in bribing government officials in Nigeria in exchange for the award of oil cargoes and more favorable delivery terms.

Credit Suisse

Credit Suisse hires Goldman Sachs veteran as chief risk officer


Credit Suisse Group has appointed longtime Goldman Sachs risk management expert David Wildermuth as its chief risk officer.


What companies (and the SEC) can learn from U.K. ESG reporting guidance


The U.K. Financial Reporting Council has proposed a series of measures from which companies—as well as other regulators like the SEC—could benefit as ESG disclosures receive closer scrutiny.


TikTok fined $883K under GDPR for children’s privacy violations


The Dutch Data Protection Authority imposed a €750,000 (U.S. $883,000) fine on TikTok for violating the privacy of young children following a wide-scale investigation launched last year.


FRC 2020/21 audit inspections: KPMG rebuked over continued struggles


The U.K. Financial Reporting Council released the results of its 2020/21 audit quality inspections, in which it singled out KPMG for “unacceptable” deficiencies regarding the firm’s audits of banks and similar entities.

AML Euros

New agency Europe’s latest hope to curb AML struggles


The European Commission unveiled new plans to set up an agency specifically aimed at tackling the region’s spiraling problems with money laundering.


SFO secures DPAs worth $3.4M with two unnamed companies


The Serious Fraud Office announced deferred prosecution agreements worth £2.5 million (U.S. $3.4 million) with two unidentified U.K.-based companies for bribery offenses.


FCA pledge to be more assertive rings hollow amid enforcement drops


A steady decrease in enforcement activity makes it easy to question whether the U.K. Financial Conduct Authority is in position to become the “more innovative, assertive, and adaptive regulator” it pledges to be.

AI regulation

The debate over AI: Regulate the tech or its use?


Recent comments by Facebook’s top executive in charge of developing AI reignite the debate over whether regulators should be more focused on reining in the technology itself or just the way it is used.

U.K. bribery

10 years of U.K. Bribery Act: Compliance enough to define law’s success?


The U.K. Bribery Act marked its 10th anniversary this month, but views are mixed about how the legislation and its enforcement have fared in the decade since it came into force.


Binance enhancing compliance after recent U.K. ban


The CEO of cryptocurrency platform Binance touted the company’s growing commitment to compliance after one of its units was banned from operating in the United Kingdom.

Food delivery

Italian DPA cites biased tech in $3.1M GDPR fine


Italy’s data protection authority fined food delivery company Foodinho €2.6 million (U.S. $3.1 million) because the app at the core of its business model allegedly discriminated against employees.


British Airways settles 2018 data breach class action


British Airways has settled one of the U.K.’s largest group actions after thousands of people sought compensation following a 2018 data breach that resulted in the airline being fined under the GDPR.

Credit Suisse

Credit Suisse entities to pay $1.5M for swap data reporting failures


The Commodity Futures Trading Commission reached a $1.5 million settlement with three entities of Credit Suisse for swap data reporting failures caused by a technical error.

John Wood Group

Compliance lessons from Wood Group’s $177M global bribery settlement


John Wood Group reached a $177 million settlement with authorities in the United States, the United Kingdom, and Brazil, concluding legacy bribery and corruption investigations into Amec Foster Wheeler companies.

PwC sign

PwC audit facing scrutiny amid Greensill collapse fallout


Big Four firm PwC is under investigation for its audit of Wyelands Bank as part of a larger U.K. review linked to the recent collapse of Greensill Capital.

British pounds

U.K. AML expert convicted of aiding money launderers


A U.K. money laundering prevention expert was found guilty of allowing criminals to use his company to launder the proceeds of an £850,000 (U.S. $1.2 million) investment fraud that resulted in dozens of victims being ripped off.

Privacy future

New tech, legal precedent forcing GDPR to evolve


Companies’ priorities regarding compliance with the GDPR are likely to become more focused because of a mixture of recent legal decisions and efforts by the European Commission to keep privacy rules in sync with changes in technology.


Ex-Deutsche Bank traders imprisoned for ‘spoofing’ roles


James Vorley and Cedric Chanu, former precious metals traders at Deutsche Bank, were each sentenced to one year and one day in prison for their respective roles in a scheme to manipulate the precious metals markets with fraudulent trades.

UK cryptocurrency

AML compliance proving tall hurdle for U.K. crypto firms


The U.K.’s financial regulator has been forced to extend a registration deadline for cryptocurrency firms by nearly nine months because so few have been able to meet even basic anti-money laundering requirements.

Data privacy

New rules for SCCs: What you need to know


The latest set of standard contractual clauses for companies transferring data between the European Union and third countries, such as the United States, is meant to align more closely with the GDPR and root out government snooping.