Volkswagen completes monitorship; Deloitte family leave policy too good to be true?
Volkswagen gets a nod this week for successfully completing its 3-year compliance monitorship related to Dieselgate. Deloitte, on the other hand, lands on the wrong side of our list.
Brockmeyer at TPRM: Regulator expectations for monitoring third parties
Former chief of the SEC’s FCPA Unit Kara Brockmeyer shared what regulators are looking for when they assess a company’s relationship with its third parties at Compliance Week’s TPRM virtual conference Thursday.
ICA news program looks at initiatives leading compliance into future
The ICA and ITN Productions Industry News have co-produced “Compliance: the new decade”: a series of reports addressing the role of the compliance professional and the latest insights, challenges, and opportunities for business growth.
Chapter 6: Carnival looks toward a new horizon
Carnival will go through extraordinary scrutiny as it prepares to resume guest operations—not just in health, safety, and security but in environmental compliance as well. The storm is not over yet.
Chapter 5: The storms merge
How can Carnival meet the expectations of a government-mandated environmental compliance plan and stay in the court’s good graces while the coronavirus brings business to a standstill?
A step toward managing climate risk in U.S. financial system
A nearly 200-page report on managing climate risk in the U.S. financial system is comprehensively assembled by a group spearheaded by CFTC Commissioner Rostin Behnam, but the real work comes in its implementation.
Chapter 4: Carnival moves ethics and compliance to the fore
This installment looks at how new Carnival CECO Peter Anderson restructured the Ethics and Compliance department and developed a culture action plan to drive change across the organization.
Chapter 3: Carnival’s history as serial polluter catches up to it
This installment looks back at Carnival’s history of environmental law convictions, plea agreements with the DOJ, criminal fines, and environmental compliance plans (yes, there is more than one).
Chapter 1: Amid compliance overhaul, COVID-19 hits hard
It’s early 2020, and the world’s largest cruise line operator is about to confront an immutable collision of two storms: its court-mandated environmental compliance plan, more than 2 years in progress, and the imminent coronavirus pandemic.
Chapter 2: Carnival put to the test as early COVID-19 hotspot
As more and more Carnival ships become hotbeds of infection and the company faces harsh criticism, CEO Arnold Donald trumpets the company’s unwavering focus on compliance.
Compliance Week presents: ‘A Tale of Two Storms’
Our first-ever case study is the story of Carnival’s quest for compliance redemption, set in the context of not only new leadership and a court-appointed monitorship, but in the midst of a global pandemic.
OFAC-Delaware sanctions pact more than meets the eye
As the state home to nearly 70 percent of Fortune 500 companies, the Delaware Department of Justice’s Memorandum of Understanding with OFAC represents a significant milestone for U.S. sanctions enforcement.
Credit to JPMorgan Chase in this week’s banking-themed naughty/nice list
JPMorgan Chase, Danske Bank, Deutsche Bank, and Bank of America all either “Nailed It” or “Failed It” this week.
CFTC issues own guidance on evaluating compliance programs
Like the Department of Justice before it, the Commodity Futures Trading Commission has issued guidance to companies on how it will evaluate compliance programs in connection with enforcement matters.
CPE Webcast: Expert content + third-party risk = enhanced vendor due diligence
Maintaining the status quo with your vendor risk management program is no longer acceptable in today’s ever-changing marketplace as supply chains can drastically change overnight.
‘Tale of Two Storms’: Carnival compliance case study to launch Sept. 14
CW is excited to announce the upcoming publication of its first-ever case study, a deep dive into the history of environmental transgressions at Carnival, its path back to compliance under new leadership, and its shift to crisis management mode when COVID-19 hit.
CPE Webcast: Debunking myths of AI & ML in TPRM technology
This webinar debunks the myths of AI and ML in third-party risk technology and drills into reality with a pragmatic application of how your data can be harnessed to support various risk management use cases.
Forget the status quo: Proactive AML is the path forward
The AML community is guilty of tolerating the failing status quo, and very few have dared to confront, challenge, and disrupt the inefficient and ineffective practices. A proactive approach could be the solution, writes Martin Woods.
CPE Webcast: How to minimize privacy risks and maintain regulatory compliance
Establishing an effective data retention policy is a key step in managing and protecting one of your organization’s most valuable assets: it’s data.
Best practices KYC: What to do when your client is in the headlines
How do we, as AML professionals, assess negative media alerts? It should start with a conversation with the client relationship manager, but it shouldn’t end there, writes Martin Woods.
Q&A with Kara Brockmeyer: How pandemic has impacted third-party risk
In advance of her keynote at Compliance Week’s upcoming TPRM virtual event (Sept. 17-18), former SEC official Kara Brockmeyer discussed with CW the heightened risk third parties have during a pandemic and what companies can do about it.
Survey: Automating entity management greatly reduces compliance risk
A new study from Compliance Week and Diligent finds that many companies are still using unsecure and inefficient entity management processes, leaving them vulnerable to compliance risk.
What the Wirecard story tells us about red flags, healthy skepticism
How we came to learn about the fraud allegedly perpetrated by Wirecard offers important lessons in compliance and corporate governance, writes financial crime expert Martin Woods.
Q&A: New training takes compliance leaders on ‘non-technical’ cyber-journey
A new training offered by renown expert Paul C. Dwyer helps non-technical practitioners gain confidence in dealing with all aspects of cyber-security or cyber-risk.
SEC loosens risk disclosure requirements for public companies
In a split decision, the Securities and Exchange Commission has loosened requirements public companies must follow when they describe risk factors and legal proceedings in their financial statements.
We’re losing the war on AML, and big consultancies aren’t helping
Financial crimes expert Martin Woods writes that, in his experience, the big consultancy firms have made a substantial negative contribution to global AML endeavors.
Banking regs reemphasize rules for monitoring accounts of foreign officials
Five federal regulatory agencies issued a reminder to banks and financial institutions that they should continually monitor risks associated with the accounts of foreign officials.
Curtiss-Wright reports possible Russia sanctions violation
A North Carolina manufacturer that traces its origins back to the Wright brothers may have violated sanctions by doing business with two longtime customers purchased by a blacklisted Russian company.
Survey: Coronavirus revealed weaknesses in companies’ GRC, data processes
A recent survey from Compliance Week and Riskonnect of 261 compliance and audit professionals found that half of the respondents were not prepared for the coronavirus pandemic with an updated crisis management plan.
Survey: Weak leadership contributes to employee pressure to bend rules
A new global business ethics survey released by the Ethics & Compliance Initiative seeks to explain what factors contribute to employee pressure to compromise ethical policies or regulations and how to reduce that pressure.
John Carreyrou at TPRM: How to spot a wolf in Steve Jobs’ clothing
John Carreyrou, the Wall Street Journal reporter who exposed Theranos and its founder Elizabeth Holmes as frauds, will be the keynote speaker on Day 2 of Compliance Week’s TPRM virtual conference Sept. 18.
CPE Webcast: Compliance in the age of cloud
Running a business “in the cloud” was once reserved for innovators and large enterprises, but now nearly every business on the internet is operating in the cloud.
Carnival discloses ransomware attack
Carnival Corp., already hit with a complete halt of business since April due to the coronavirus pandemic, is the latest major company to reveal the discovery of a ransomware attack.
e-Book: Artificial intelligence: Risks and benefits for compliance
Artificial Intelligence (AI) tools are being deployed in numerous areas by financial institutions and broker-dealer firms.
Analysis: What to make of the DOJ’s rare FCPA opinion
The Department of Justice last week issued its first FCPA opinion procedure in six years. Experts weigh in on the ruling, the gap between opinions, and more.
Wells Fargo CCO Roemer to depart amid new risk hirings
Wells Fargo announced Chief Compliance Officer Mike Roemer will depart two years after taking on the daunting task of transforming the troubled bank’s compliance and risk management efforts. Paula Dominick will succeed him as CCO.
New survey highlights internal audit’s vital role in fraud risk management
The more internal audit plays a key role in the strategic management of fraud, the more effective and robust organizations’ fraud risk management processes seem to be, according to the results of a recent Kroll/IIA survey.
OCIE risk alert offers coronavirus-related advice to investment, brokerage firms
Many of the coronavirus-related risks recently highlighted by the Office of Compliance Inspections and Examinations are well-known, but the agency made a point of mentioning fees and expenses.
McDonald’s handling of ex-CEO scandal gets compliments, criticism
A fresh podcast from the Theranos whistleblower and a new compliance association for Black practitioners get a round of applause from us this week, while a complicated case involving McDonald’s lands the company on both the “Nailed It” and “Failed It” lists.
CPE Webcast: Future-proof your global supply chain with data & analytics
The COVID-19 pandemic has certainly changed the landscape of global risk, and many organizations are quickly adapting their third-party risk management processes as a result.
OFAC announces rare sanctions enforcement against individual
The Office of Foreign Assets Control announced a $5,000 settlement with a U.S. person for apparent sanctions violations—a reminder the regulator can pursue enforcement against individuals in addition to companies.
Survey: How COVID-19 has impacted companies’ leases
The coronavirus pandemic has wreaked havoc on companies’ leasing function, according to results from a recent survey from Compliance Week and Visual Lease. The study reveals how companies are tackling leasing issues in the “new normal.”
Basel Committee issues final AML risk management guidance
The Basel Committee on Banking Supervision recently issued an updated version of its guidelines on sound management of risks related to anti-money laundering and combating the financing of terrorism.
Basel Committee seeks comment on principles for operational resilience
The Basel Committee on Banking Supervision is seeking comment from the financial services industry on its proposed principles for operational resilience that aim to enhance banks’ ability to withstand, adapt to, and recover from potentially severe adverse events.
NRA shot itself in foot with poor compliance commitment
The New York Attorney General’s lawsuit to dissolve the National Rifle Association might not play out as intended, but it nevertheless exposes a number of systemic compliance flaws at the organization that appear to still need to be addressed.
CPE Webcast: Third party risk management: Are programs up to scratch?
This webinar will discuss the results of the Compliance Week and Aravo TPRM benchmarking survey in the context of the DOJ’s Evaluation of Corporate Compliance Programs.
Q&A: IIA president Chambers on Three Lines update, COVID-19, more
In the wake of drastic updates to the “Three Lines Model” for managing risk, IIA President and CEO Richard Chambers catches up with Compliance Week to discuss the changes, how COVID-19 has impacted the internal audit profession, and more.
OCC fines Capital One $80M over 2019 data breach
Capital One and Capital One Bank (USA) were fined $80 million for failing to establish sound risk management processes and internal controls related to the company’s data breach last year.
Common sense KYC: Customers should supply the knowledge
No one knows a customer better than the customer. As such, financial crime expert Martin Woods believes the onus should be on the customer to provide the required data to keep KYC logs up to date.
CPE Webcast: Managing third-party risk during and after a pandemic
As new insights are continually evolving, organizations around the world are trying to plan and develop their strategies for returning to the new “normal.”