Regulatory Policy


Biden presses banking regs to revisit Trump-era rollbacks


President Joe Biden called on federal banking agencies to consider reforms that would largely reverse changes to regulation made during the Trump administration regarding liquidity requirements, stress tests, and more.

Silicon Valley Bank

Bipartisan bill would empower FDIC to pursue failed bank exec clawbacks


The Failed Bank Executives Clawback Act seeks to require the Federal Deposit Insurance Corporation to claw back five years’ worth of compensation from executives who lead failed banks.

Deutsche Bank

‘An unexpected stress test’: European banks weathering storm of U.S. failures


Except for Credit Suisse’s demise, Europe has so far largely patted itself on the back for preventing further contagion in the banking sector following the failures of Silicon Valley Bank, Silvergate Bank, and Signature Bank in the United States.


​SEC warns newly registered advisers of overburdening CCOs


Investment advisers newly registering with the SEC have been observed not devoting sufficient resources to their chief compliance officers, sometimes ladling additional responsibilities on the role that take away from time to focus on compliance.


FinCEN mulling beneficial ownership reporting changes amid criticism


The reporting requirements of the beneficial ownership information registry being developed by the Financial Crimes Enforcement Network will likely be revised following harsh criticism from lawmakers and businesses.

Iowa State Capitol

Iowa privacy bill signed into law; effective 2025


Iowa became the sixth U.S. state to pass comprehensive data protection legislation allowing residents control over how their personal information is accessed and shared.

Michael Barr

‘Textbook case of mismanagement’: Regs point blame at SVB for collapse


Banking regulators defended their supervisory actions and pledged to find answers as to what went wrong when discussing the factors leading to the failures of Silicon Valley Bank and Signature Bank before the Senate Banking Committee.


CPE Webcast: Piecing together child privacy for organizations

2023-03-28T14:00:00+01:00Provided by

With the Federal Trade Commission cracking down on violations of the Children’s Online Privacy Protection Act, evidenced by its $275 million fine against Epic Games, it’s clear child privacy and parental consent are hot topics in the world of enterprises.

Data lock

Survey: Tech key to compliance in changing data privacy landscape


Respondents to a survey from Compliance Week and Exterro largely said they were confident their organizations are meeting regulatory requirements regarding data privacy despite evidence their data retention policies and procedures are outdated.

CW2022 Kenneth Polite 2

Polite: Look to ABB case for ‘extraordinary cooperation’ example


Compliance officers seeking clarity on what the Department of Justice means by “extraordinary” cooperation or “immediate” self-disclosure should look to the agency’s case history, said Assistant Attorney General Kenneth Polite Jr. during a speech.


Coinbase facing SEC enforcement over potential securities violations


Coinbase said it was served a Wells Notice by the Securities and Exchange Commission for potential violations of securities law regarding multiple of its cryptocurrency products.

Janet Yellen

Yellen says regs might cover deposits of other struggling banks


Treasury Secretary Janet Yellen said federal regulators are willing to extend the same financial assistance—perhaps even extended deposit insurance—to mid-sized banks struggling to handle the fallout from the failures of Silicon Valley Bank and Signature Bank.


SEC chief accountant eyeing auditor use of network member firms


The Securities and Exchange Commission is paying added scrutiny toward audit firms’ increasing use of network affiliates in their work and the potential for inconsistent quality that comes with such an approach.

Joe Biden

Biden calls for banking exec clawbacks amid failures


President Joe Biden is calling on Congress to “do more to hold senior bank executives accountable” since the market turmoil that has followed the collapses of Silicon Valley Bank and Signature Bank.


Bipartisan bill strengthening SEC whistleblower program reintroduced


Sens. Chuck Grassley (R-Iowa) and Elizabeth Warren (D-Mass.) revived a whistleblower protection bill aimed at shielding whistleblowers from retaliation and cutting down on the time it takes to receive an award from the Securities and Exchange Commission.

Silicon Valley Bank sign

Where will regulators turn following SVB, Signature Bank failures?


Small and mid-sized banks can expect more regulatory scrutiny in the aftermath of the collapses of Silicon Valley Bank and Signature Bank, according to legal experts. The time to prepare is now.


​Fed governor teases new TPRM guidance for banks


The Federal Reserve and other U.S. banking agencies are working to develop joint guidance to clarify regulatory expectations around third-party risk management, according to Fed Governor Michelle Bowman.


CFPB eyeing data broker practices in planned rulemaking push


The Consumer Financial Protection Bureau is asking companies that “track and collect information on people’s personal lives” to provide information to the agency as it considers rulemaking under the Fair Credit Reporting Act.

DOJ wall

Experts: DOJ clawback pilot to be ‘work in progress’


Businesses and compliance professionals should expect the Department of Justice’s new compensation clawback policies to be applied on a case-by-case basis, with broad discretion, according to legal experts.


​SEC proposes Reg S-P updates on incident response, breach notifications


The Securities and Exchange Commission proposed amendments to its regulation requiring broker-dealers, investment companies, and registered investment advisers to establish policies and procedures to safeguard customer records and information.

ESG money

Accounting and reporting challenges of environmental credits


Companies are working on plans to reduce their carbon emissions. The popularity of environmental credits has grown as a way for companies to meet their emission reduction targets.

Coal mining

DOJ declines to prosecute Corsa Coal in FCPA case


Corsa Coal Corp. was notified by the Department of Justice it won’t face prosecution for alleged bribes employees paid to Egypt’s Al Nasr Company for Coke and Chemicals to secure coal supply contracts.


Five more board members resign in DOJ antitrust sweep


Five corporate board members resigned after being flagged by the Department of Justice for potentially violating the antitrust provisions of the Clayton Act.

London cityscape

U.K. moves forward with GDPR reform bill


The U.K. government formally introduced a bill to reform the country’s data privacy laws in a manner projected to save British businesses “billions.”


Ten things I’m excited for at CW National 2023


Ten weeks before Compliance Week National 2023 kicks off May 15 at the JW Marriott in Washington, D.C, CW Editor in Chief Kyle Brasseur shares what he’s looking forward to most at the annual event.

Employee monitoring

CFPB, NLRB to collaborate on monitoring employee surveillance


The Consumer Financial Protection Bureau and National Labor Relations Board pledged to share information regarding instances of improper employer use of surveillance tools and the sale of employees’ personal information.

Virgin Media

U.K. push for GDPR reprimand transparency draws mixed reviews


The U.K. Information Commissioner’s Office began publishing the details of cases where organizations breached the General Data Protection Regulation but were not fined. Legal experts share their take on the initiative.


SEC commissioner advocates blanket compliance delays for small companies


Smaller reporting companies should, by default, have delayed compliance dates of at least one year on any new disclosure rule, SEC Commissioner Mark Uyeda said in a recent speech.

Google HQ

​Google, Uber CCOs share approaches to data analytics


The chief compliance officers of Google and Uber offer insight into how their data analytics compliance programs have evolved amid enhanced scrutiny on use of technology from the Department of Justice.

Russia_United States

U.S. authorities list red flags for sanction evasion by third parties


The Bureau of Industry and Security, Office of Foreign Assets Control, and Department of Justice issued guidance to highlight common methods bad actors use to evade sanctions and export controls on Russia and how to spot their use.

DOJ building

DOJ sets new compliance criteria for criminal investigations


The Department of Justice announced changes to its evaluation procedures for corporate compliance programs in criminal investigations, including monitoring off-channel messaging by employees, executive compensation programs, and how the agency selects compliance monitors.

ask cco 3x2 20235

Ask a CCO: What matters most in federal privacy law?

2023-03-03T14:00:00+00:00By Compliance Week

Four senior compliance practitioners provide their opinions on what a federal privacy law in the United States should strive to accomplish.

EU US privacy

Privacy Shield replacement on track, though hurdles remain


The agreement on a new framework for transatlantic data flows between the United States and European Union could be finalized this year. Whether it can stand legal scrutiny is the real question.


DOJ to implement new clawback, compensation policies for corporate settlements


Corporate resolutions involving the Department of Justice’s Criminal Division will now include a requirement the resolving company develop compliance-promoting criteria within its compensation and bonus system, according to Deputy Attorney General Lisa Monaco.

Texas State Capitol

Anti-ESG fervor catching fire with Republican lawmakers


The blowback against environmental, social, and governance initiatives in investments and corporate strategies is quickly building momentum in conservative politics, with nearly two dozen states proposing bills that limit ESG investments.


Legacy of CCPA: A blueprint for prioritizing compliance


Three years in, the promise of the California Consumer Privacy Act as a means of handing down eye-watering penalties against companies for data protection violations remains unfulfilled. And yet, the expanding U.S. data privacy legislation landscape is better for this.


California ‘setting the tone’ for privacy push with CPRA updates


Changes to the California Consumer Privacy Act set to come over the course of 2023 strengthen the nation’s first comprehensive state privacy law to a benchmark no other states have yet to equal.

FTC seal

FTC attorney warns of scrutiny toward AI claims in marketing


The Federal Trade Commission is keeping close watch on companies that use the term “artificial intelligence” when marketing their products.

HHS building

HHS creates new enforcement office for health privacy


The Department of Health and Human Services and its office responsible for enforcing health privacy reorganized so it can sharpen enforcement of cybersecurity and data breaches.


Congress or FTC? What about SEC? Where U.S. federal privacy legislation efforts stand in 2023


As more state laws hit the books, businesses are more adamant than ever Congress needs to pass a federal data privacy law. If lawmakers don’t rise to the occasion, which government agency might?

Experian sign

Ruling in Experian GDPR case thrusts ‘legitimate interest’ into spotlight


Experian won a legal battle against the U.K. Information Commissioner’s Office after the data regulator ordered the credit reference agency to make “fundamental changes” over the way it handled personal data for direct marketing purposes or stop altogether.

ask cco 3x2 2023

Ask a CCO: Plan for complying with varied U.S. privacy laws

2023-02-27T14:00:00+00:00By Compliance Week

Four senior compliance practitioners detail steps their respective companies are taking to confront the expanding U.S. data privacy legislation landscape.

U.S. privacy

Best practices for navigating changing U.S. data privacy landscape


With five new or amended state laws set to hit the books in 2023, companies would be wise to ensure their data privacy compliance house is in order—and start preparing for the next wave of legislation.


HHS proposal aims to ‘shine a light’ on nursing home ownership


It is still too early in the rulemaking process to know what will be included in the Biden administration’s final rule on transparency of nursing home ownership, but there are some steps facilities can take to prepare, according to experts.

DOJ wall

DOJ publishes voluntary self-disclosure policy for corporations


The Department of Justice codified a new policy regarding the voluntary self-disclosure of corporate misconduct, following recent announcements on the updates by agency officials.

DOJ building

DOJ official defends use of DPAs amid criticisms


Deputy Assistant Attorney General Lisa Miller spoke to the value of deferred prosecution agreements to resolve corporate misconduct amid renewed criticism directed toward the Department of Justice’s 2021 agreement with Boeing.

IDology thumbnail

e-Book: Regulator expectations for AI use

2023-02-17T06:16:00+00:00Provided by

The need to keep pace with technology is paramount for compliance departments. Regulators have high expectations that risks are being properly managed during new tech implementation.

SEC building

SEC proposes expansion of RIA custody rule


The Securities and Exchange Commission proposed registered investment advisers be required to place nearly any asset, not just cash and securities, with qualified custodians, thereby expanding the scope of client assets.

Biden taps vice chair of Fed for economics post

2023-02-15T15:15:00+00:00By CW Staff

President Joe Biden announced the appointment of Vice Chair of the Federal Reserve Lael Brainard as director of the National Economic Council.

California flag

CPPA seeking comment on cybersecurity audit, risk assessment rule adds


The California Privacy Protection Agency is seeking comment on privacy rules requiring certain large businesses to conduct annual cybersecurity audits and risk assessments if the state believes they are placing consumer data at risk.