Internal Controls


Veradigm discloses ICFR weakness related to rev rec software tool


Healthcare technology company Veradigm disclosed it expects it misstated revenue by approximately $40 million during its 2021 and 2022 reporting periods.

Compliance steps

Best practices to ensure your firm’s compliance resiliency


What is compliance resiliency, and why is it crucial for your organization to have it? Recent enforcement examples demonstrate why mapping out a clear business continuity plan can help thwart a risky management reshuffle.


SEC chief accountant eyeing auditor use of network member firms


The Securities and Exchange Commission is paying added scrutiny toward audit firms’ increasing use of network affiliates in their work and the potential for inconsistent quality that comes with such an approach.

Tupperware Brands

Tupperware to delay annual report amid ICFR weaknesses


Tupperware Brands Corp. disclosed it uncovered material weaknesses in its internal control over financial reporting as part of an announcement its 2022 annual report would be delayed.

EIC cover img

Nomination deadline for 2023 ‘Excellence in Compliance Awards’ extended


The nomination deadline for Compliance Week’s fourth annual “Excellence in Compliance Awards” has been extended and will now close March 31. Finalists are expected to be announced in early April.

Credit Suisse sign

Credit Suisse discloses ICFR ‘not effective’ in 2022


Credit Suisse Group disclosed in its annual report its internal control over financial reporting was “not effective” for the fiscal year ending December 2022.


Evoqua Water Technologies to pay $8.5M for alleged revenue inflation


Evoqua Water Technologies Corp. agreed to pay $8.5 million to resolve charges the actions of a former company finance director led the firm to misstate its revenue in filings with the Securities and Exchange Commission.


Flutter Entertainment to pay $4M for legacy FCPA violations


Ireland-based gaming and sports betting company Flutter Entertainment will pay a $4 million fine to resolve SEC charges payments made to Russian consultants by a company it acquired violated the Foreign Corrupt Practices Act.


SEC orders Rio Tinto to pay $15M over FCPA violations


U.K.-based mining and minerals company Rio Tinto will pay a $15 million fine to settle charges of violating the Foreign Corrupt Practices Act when it entered into a scheme with a consultant in 2011 to bribe government officials in Guinea.


Ericsson to pay $207M for breaches of 2019 DPA over FCPA violations


Swedish telecommunications company Ericsson agreed to pay nearly $207 million following two breaches of its 2019 deferred prosecution agreement with U.S. authorities.

Corporate reporting

Qualtrics discloses ICFR weakness in IT controls


Software company Qualtrics disclosed the discovery of a material weakness in its internal control over financial reporting for the 2022 fiscal year.


SEC fines SPAC $104K for control failures that enabled CFO embezzlement


African Gold Acquisition Corp. will pay a $103,591 fine for allegedly having flawed internal controls, reporting, and recordkeeping procedures that allowed its former chief financial officer to drain approximately $1.2 million from its bank account.


SEC, CFTC order Options Clearing Corp. to pay $22M over internal rule failures


Options Clearing Corp. agreed to pay $22 million as part of settlements with the Securities and Exchange Commission and Commodity Futures Trading Commission addressing charges the company failed to comply with internal rules to manage risks.


Book review: Why revamping procurement benefits business—and compliance


In “Profit from the Source,” four Boston Consulting Group thought leaders argue why procurement should be shaping corporate strategy, not just supporting it. Author Daniel Weise tells Compliance Week why such a transformation would elevate compliance, too.

Risk reward

Is threat of regulatory censure a risk worth taking?

2023-02-14T21:13:00+00:00By Paul Eccleson, for International Compliance Association

When making anti-regulatory decisions, a board is expressing its real risk appetite. This can be frustrating, even bewildering, for compliance professionals, especially when rules are clear and explicit in their expectations.


Amigo Loans dodges $89M fine over IT system lending lapses


Amigo Loans faced a penalty of £72.9 million (U.S. $88.7 million) after the U.K. Financial Conduct Authority found it used automated decision-making to drive sales over ensuring whether customers posed credit risks.


Report: FCA probing Barclays over AML controls


Barclays Bank is reportedly being investigated by the U.K. Financial Conduct Authority for failures regarding its anti-money laundering procedures and controls.


Lee Enterprises flags ICFR weaknesses following internal review


Lee Enterprises, the media company that owns the St. Louis Post-Dispatch and 76 other newspapers nationwide, concluded its internal controls over financial reporting were not effective for the fiscal year ended Sept. 25, 2022.


Activision Blizzard fined $35M by SEC over workplace harassment disclosures


Activision Blizzard will pay $35 million to resolve Securities and Exchange Commission charges it violated federal securities laws by failing to adequately disclose how its ineffective response to workplace complaints was harming its ability to hire and retain skilled employees.

Morgan Stanley

Reports: Morgan Stanley fines bankers up to $1M for off-channel communications


Morgan Stanley fined its employees up to $1 million for using unauthorized communication channels in violation of recordkeeping rules, according to multiple reports.

Scott Hulsey

Q&A: Ex-DOJ official on policy changes, new CCO expectations


Scott Hulsey, partner at Barnes & Thornburg, former federal prosecutor, and a former chief compliance officer, discusses with Compliance Week how CCOs should respond to the Department of Justice’s recent policy changes regarding corporate crime.


Popular Bank fined $2.3M by Fed over fraudulent PPP loan approvals


The Federal Reserve Board fined New York-based Popular Bank $2.3 million for processing Paycheck Protection Program loans despite finding significant indications of possible fraud in the loan applications.


Report: Audit committees bracing for increased role in ESG, ERM, cyber


A new report from the Center for Audit Quality and Deloitte found corporate boards are taking a fresh look at their audit committee structures and practices to respond to emerging corporate reporting areas and increased risks.

Christy Goldsmith Romero

CFTC commissioner urges crypto gatekeepers ‘step up and call for compliance’


Christy Goldsmith Romero of the Commodity Futures Trading Commission called out gatekeepers—lawyers, accountants, auditors, compliance professionals, and others—for failing customers in the unregulated cryptocurrency market.


Coinbase to pay $100M after NYDFS probe into compliance lapses


Cryptocurrency exchange Coinbase agreed to pay $100 million as part of a settlement with the New York State Department of Financial Services for compliance failures that opened the door for criminals to carry out illegal activity through the platform.

TSB Bank

TSB Bank fined $59.2M for governance lapses in botched IT migration


TSB Bank was fined £48.65 million (U.S. $59.2 million) by U.K. regulators after a disastrous IT migration left customers unable to access cash or use online accounts for weeks.

Business defense

TPRM panel: Underscoring need for first line of defense to own risk


Panelists discussing risk ownership at CW’s virtual TPRM and Oversight Summit share their experiences educating first-line leaders on their roles and responsibilities in the TPRM process.

Sam Bankman-Fried

Bankman-Fried fraud charges detail FTX’s lack of internal controls, risk management protocols


A flurry of criminal and civil fraud charges laid against FTX founder Sam Bankman-Fried have pulled back the veil on the cryptocurrency exchange’s complete lack of internal controls and toothless risk management procedures.

Danske Bank

Compliance implications of Danske Bank’s $2B Estonia money laundering settlement


Danske Bank reached final resolutions with U.S. and Danish authorities to settle allegations regarding widespread anti-money laundering deficiencies at its former Estonia branch.


Compliance budgets, staffing brace for impact of recession prep efforts


Respondents to our “Inside the Mind of the CCO” survey whose businesses are anticipating an economic recession note smaller budgets and the delay of new initiatives among efforts already undertaken to cut costs.


Santander UK fined $132M for poor AML controls


The U.K. arm of Santander was fined approximately £107.8 million (U.S. $132 million) by the Financial Conduct Authority for “serious and persistent” gaps in its anti-money laundering controls.


Challenges for SPACs: Public company, now what?


Special purpose acquisition company transactions have unique risks and require awareness of what it takes to operate as a public business. Internal controls, governance, technology, and more are essential.


No time managing risk? No wonder FTX collapsed


Sam Bankman-Fried’s admission he put no effort into risk management in leading cryptocurrency exchange FTX makes it easy to understand how the firm collapsed so quickly.

Compliance_Fails_2022 Main Art_index

Top ethics and compliance failures of 2022


Businesses not taking AML requirements seriously, years of noncompliant off-channel communications catching up to financial services titans, and a manufacturing firm that shared revenue with terrorists comprise CW’s list of the biggest ethics and compliance fails of 2022.


Avaya discloses ICFR weaknesses linked to whistleblower logs


Avaya Holdings disclosed its assessment of internal control over financial reporting in its fiscal year 2021 annual report can’t be relied upon, along with acknowledging weaknesses in its ethics and compliance program.

Jyske Bank

Danish financial regulator refers Jyske Bank to police for AML violations


The Danish Financial Supervisory Authority reported Jyske Bank to Danish police for allegedly violating the country’s anti-money laundering law regarding its customer due diligence measures.


Regs order Citi to address unresolved data management woes


Citigroup has successfully resolved key compliance shortcomings identified as part of a 2020 enforcement action but still has work to do to address data management weaknesses, according to federal banking regulators.

Goldman Sachs Tower

Goldman Sachs unit fined $4M for ESG investment lapses


Goldman Sachs Asset Management agreed to pay $4 million to settle SEC charges it failed to follow its own policies and procedures regarding a trio of investment products marketed for their environmental, social, and governance considerations.


Unisys: Probe identified ‘material weaknesses’ in disclosure controls


IT services company Unisys Corp. revealed the discovery of faults in its internal control over financial reporting, including involving its compliance functions, following an internal investigation it first disclosed earlier this month.


FTX collapse should provide momentum to regulate crypto


The collapse and bankruptcy of digital asset exchange FTX offers stark lessons into why rules that apply to traditional investments—overseen by government regulation—ought to apply to digital investments as well.


S&P Global fined $2.5M over conflict of interest lapses


Credit rating agency S&P Global Ratings agreed to pay $2.5 million and improve its compliance practices to settle allegations by the SEC that its marketing team pressured the ratings team concerning the rating of a particular mortgage-backed security transaction.

Code of conduct

How to build an effective code of conduct

2022-11-14T20:21:00+00:00By Paul Eccleson, for International Compliance Association

Literature and survey results regarding codes of conduct and ethics reveal the elements of strong (and weak) examples.

ESG vector

CW Europe panelists: ESG reporting still in ‘immature’ phase


Companies are continuing to fail in their efforts to improve environmental, social, and governance reporting, while compliance functions are finding it tough to keep up with demands for better assurance in the area, according to experts.


CW Europe: Rebuilding a culture of compliance post-pandemic


Remote and hybrid working caused by the pandemic has meant it can be more difficult for organizations to monitor compliance and detect incidences of rules being broken or procedures not being followed.

Corporate reporting

FRC’s corporate governance reporting review finds room for improvement


Companies continue to improve their reporting against the U.K.’s Corporate Governance Code, but the lack of detail about the outcomes and impacts of governance policies hampers proper understanding of how risks are being managed.

Credit Suisse

Credit Suisse names new CCO, plans strategic overhaul


Credit Suisse announced sweeping changes to its strategy that includes selling off parts of its investment banking portfolio and shrinking its global headcount—an attempt to pivot from risky investment ventures and back toward its historic specialty of wealth management.


Mattel fined $3.5M over accounting misstatements; ex-PwC partner could face discipline


The Securities and Exchange Commission fined Mattel $3.5 million for allegedly overstating tax expenses and initiated litigation against a former PwC partner accused of failing to inform the toy company’s audit committee about its financial statement errors.

Bank of England

MS Amlin Underwriting fined $11M over risk, governance lapses


The U.K.’s Prudential Regulation Authority fined specialty insurer MS Amlin Underwriting nearly £9.7 million (U.S. $10.9 million) for risk management and governance failings over a five-year period.


SEC order against recidivist Oracle skirts the issue


The most notable and relevant details in settlement agreements concerning regulatory compliance violations are often what is not stated. The SEC’s cease-and-desist order against Oracle over violations of the Foreign Corrupt Practices Act is no exception.

London cityscape

FCA faults board oversight of compliance in fining Sigma Broking $589K


London-based brokerage firm Sigma Broking was fined £531,000 (U.S. $589,000) for failing to report certain transactions to the U.K. Financial Conduct Authority.