Risk Management

COVID vaccine

Without OSHA vaccine policy, companies at risk of undercutting corporate culture


The Supreme Court’s decision to block President Joe Biden’s Covid-19 vaccine-or-test policy for large businesses leaves a patchwork quilt of state, local, and city requirements that companies will have to follow as best they can, according to experts.


NAVEX: Top 10 risk and compliance trends for 2022


Diversity, equity, and inclusion; prioritizing ESG; business continuity; and more highlight the latest edition of NAVEX’s annual list of risk and compliance trends worth monitoring.

U.K. park

Bumps in road expected as U.K. strives to be climate risk leader


The United Kingdom has paved the way for companies to report on the future financial impact of climate risks, but the process is far from easy and rates of noncompliance—at least initially—could be high.


Report: Financial crime fines down in 2021; AML penalties drop 78 percent


Fines for corporate crimes last year fell by more than half to 8.7 billion euros (U.S. $9.9 billion) from 2020’s total of €20 billion (U.S. $22.6 billion), according to a report released by research firm AML Intelligence.

Wells Fargo

Wells Fargo names Derek Flowers chief risk officer


Wells Fargo named longtime executive Derek Flowers as its new chief risk officer. Flowers will lead the bank’s independent risk management function, including compliance risk management.

Ransomware cover

CW case study to offer 360-degree view of ransomware attack


Learn through the eyes of the C-suite at Vulnerable Electric, a fictional private utility company impacted by a significant ransomware attack, as part of Compliance Week’s upcoming case study set to begin publishing Jan. 31.


Report: GDPR fines surpass $1B in 2021; breach notifications also rise


Nearly €1.1 billion (U.S. $1.2 billion) worth of fines have been issued against organizations in the past year for violations of the General Data Protection Regulation, according to the latest annual report by law firm DLA Piper.

Credit Suisse sign

Credit Suisse chairman resigns over breach of Covid-19 rules


António Horta-Osório, the leader who was supposed to bring stability and accountability back to Credit Suisse, resigned after eight months as chairman following an investigation into his flouting of Covid-19 rules.

EIC cover img

CW accepting nominations for 2022 ‘Excellence in Compliance Awards’


Nominations are open for Compliance Week’s third annual “Excellence in Compliance Awards,” to be presented at our 2022 National Conference from May 16-18 in Washington, D.C.


Accellion to pay $8.1M in proposed data breach settlement


The Accellion data breach that last year affected a variety of private- and public-sector organizations and compromised the personal data of millions of individuals could be resolved in an $8.1 million class-action settlement.

U.K. business

NSI Act reshapes U.K. acquisition landscape


The U.K. National Security and Investment Act might present “unforeseen” compliance problems for companies wanting to merge with or buy foreign businesses, according to legal experts.

Supreme Court

Supreme Court strikes down OSHA vaccine policy for large employers


The U.S. Supreme Court has blocked the Biden administration’s Covid-19 vaccine-or-test mandate for large businesses, striking down an emergency temporary standard from OSHA that had technically been in effect since Monday.

Bank of America

Bank of America, Wells Fargo headline climate risk consortium


Bank of America, Wells Fargo, U.S. Bank, and 16 other financial institutions have formed a climate risk consortium in response to calls from investors and regulators that banks work to mitigate climate-related risks within their own operations.


CCO liability framework seeks to acknowledge compliance support concerns


The National Society of Compliance Professionals has drafted a framework that urges regulators to consider chief compliance officer liability more holistically, in the context of the compliance culture within a CCO’s firm.


Sojitz Hong Kong subsidiary fined $5.2M for violating Iran sanctions


Sojitz HK agreed to pay approximately $5.2 million for violations of U.S. sanctions against Iran that occurred when rogue employees deliberately misled company executives and compliance regarding the true origin of goods worth more than $75 million.

Stock downward trend

DOJ probe into shadowy underworld of short selling ‘long overdue’


A Department of Justice criminal investigation into illegal short selling is just the latest indication these schemes demand greater scrutiny that chief compliance officers and in-house counsel can no longer afford to ignore.


Carnival to pay $1M for environmental probation violation


Cruise line operator Carnival Corp. has pleaded guilty and agreed to pay a $1 million penalty for violating a condition of its probation relating to its environmental compliance plan.


Report: Financial services fines drop 49 percent in 2021


The value of penalties against global financial services firms in 2021 dropped to half the total levied in 2020, according to research by compliance technology provider Fenergo.


Elizabeth Holmes verdict primes DOJ for white-collar crackdown


For Department of Justice leadership that recently laid out plans to strengthen their response to corporate crime, the outcome of the Elizabeth Holmes trial is an arrow in the quiver for what might be a new age of white-collar enforcement.


Mishcon de Reya fined $316K for AML failings


The Solicitors Regulation Authority, the regulatory body for solicitors in England and Wales, announced British law firm Mishcon de Reya has agreed to pay a financial penalty of £232,500 (U.S. $316,000) for AML compliance violations.

Crypto scam

Report: Cryptocurrency-related crime reaches record $14B in 2021


The amount of illicit cryptocurrency transactions reached an all-time high in 2021 at $14 billion, according to a Chainalysis study due out next month. The rise coincides with significant increases in the overall volume of crypto transactions.


Supply chains brace for Uyghur Forced Labor Prevention Act


President Joe Biden signed into law a measure that introduces a U.S. import ban on goods mined, produced, or manufactured wholly or in part from the Xinjiang Uyghur Autonomous Region of China through forced labor.

Wells Fargo bank

Wells Fargo chief risk officer to retire


Amanda Norton, Wells Fargo’s chief risk officer since 2018, will retire at the end of June, according to a memo from CEO Charlie Scharf distributed internally.

Business pyramid

How to identify ultimate beneficial owners

2022-01-05T16:39:00+00:00By Teodora Harrop, for International Compliance Association

As financial institutions continue to face enhanced public scrutiny and potential regulatory attention, it is important they allocate competent resources to their AML programs regarding beneficial ownership.

Morgan Stanley

Morgan Stanley agrees to $60M settlement over compromised personal data


Morgan Stanley has agreed to establish a $60 million fund to settle a class-action lawsuit filed by nearly a dozen customers regarding personal data that was compromised when the bank decommissioned two wealth management centers.

Deutsche Bank

Deutsche Bank fined $9.8M for Euribor control weaknesses


Germany’s market regulator BaFin imposed an administrative fine of 8.66 million euros (U.S. $9.8 million) on Deutsche Bank for breaches of the European Union’s Benchmarks Regulation.

2021 talking points

​ICA: Three major compliance talking points from 2021

2021-12-30T15:18:00+00:00By Jon Prentice, International Compliance Association

With 2021 nearing its end, Jon Prentice of the International Compliance Association recaps three major compliance topics and talking points that have stood out this year.

Riot Games

Riot Games to pay $100M in gender discrimination lawsuit settlement


Video game developer Riot Games has agreed to pay more than $100 million as part of a settlement in California resolving allegations of sex discrimination against female workers and harassment.

Global money dealings

Financial crime risk management: Old crimes, new methods

2021-12-29T17:33:00+00:00By David Povey, International Compliance Association

Times and technologies change, but the fundamental means by which criminals attempt to launder money and carry out their nefarious acts are still rooted in the same criminal process.


DiMauro: Seven compliance areas to watch in 2022


If 2021 was about transition under the Biden administration, 2022 is looking as if it will be a year of action. CW Director of Compliance Programs & Training Julie DiMauro shares her list of key areas she expects to receive enhanced scrutiny in the year ahead.

Magnifying glass

S&T AG orders Deloitte audit of short seller allegations


Austrian technology company S&T AG has ordered a forensic audit of its corporate structure and several recent acquisitions in response to allegations made by short seller Viceroy Research.


Should lawyers, accountants be filing more SARs?

2021-12-28T14:32:00+00:00By Jason Morris, International Compliance Association

A study of suspicious activity reporting data in the United Kingdom suggests accountants, lawyers, estate agents, and other service-facing professionals could be doing more to contribute to the fight against financial crime.

London cityscape

BlueCrest facing $55.5M fine for failing to manage fairly a conflict of interest


The U.K. Financial Conduct Authority announced its intention to fine hedge fund BlueCrest Capital Management £40,806,700 (U.S. $55.5 million) for failing to manage fairly a conflict of interest. BlueCrest has challenged the decision.


FinCEN report highlights uptick in wildlife trafficking SARs


Suspicious activity reports flagging potential financial crime risks posed by wildlife trafficking are on the rise, according to a report published by the Financial Crimes Enforcement Network.

EU data flag

Dissatisfaction with GDPR pushing EU countries toward local laws


So far, Europe’s wide-reaching data privacy rules have seemingly failed to curb Big Tech firms’ use and abuse of citizens’ personal data. As a result, some EU data regulators are pursuing their own investigations—often through other legislation.

Standard Chartered

Standard Chartered fined record $61.5M for liquidity reporting failures


The U.K. Prudential Regulation Authority imposed a record fine of £46.55 million (U.S. $61.5 million) against Standard Chartered Bank for repeatedly misreporting a key metric to determine liquidity risk.


Desjardins reaches $155M proposed settlement in data breach class action


Desjardins Group has reached a proposed C$201 million (U.S. $155 million) settlement agreement in a class-action lawsuit following a long-running data breach that ultimately compromised the personal information of nearly 10 million individuals in Canada and abroad.


Cybersecurity trends continue in 2021 audit committee transparency report


The most dramatic increase in audit committee disclosures in proxy statements for the second consecutive year was in responsibility for cybersecurity risk oversight, according to the latest report from the Center for Audit Quality and Audit Analytics.


Court lifts hold on OSHA vaccine policy; testing compliance pushed to Feb. 9


The legal delay affecting the Biden administration’s COVID-19 vaccine rules for large employers has been lifted, with updated guidance from OSHA extending compliance deadlines for businesses who temporarily paused their vaccine policy rollouts to redouble their efforts.


Survey highlights need for better data integration between risk and compliance


A recent survey from Compliance Week and Riskonnect presents a compelling argument for companies to invest in bridging the gap between risk management and compliance data.

Climate globe

OCC guidance: Six principles for large banks managing climate risks


The Office of the Comptroller of the Currency published draft guidance for large banks to identify, measure, monitor, and control climate-related risks to ensure the safety and soundness of their institutions and the market.


McDonald’s claws back $105M severance paid to disgraced former CEO


McDonald’s has agreed to drop its lawsuit against disgraced former CEO Steve Easterbrook, who will return more than $105 million in equity and cash he received upon the termination of his employment in 2019.


HSBC hit with $84M penalty over AML failings


The U.K. Financial Conduct Authority fined HSBC Bank £63,946,800 (U.S. $84.3 million) for failings in its anti-money laundering processes over an eight-year period.

JPMorgan Chase

SEC, CFTC fine JPMorgan Chase $200M for recordkeeping violations


JPMorgan Chase will pay $200 million in fines to settle charges brought by two federal regulators regarding the bank’s failure to maintain records of communications on securities, commodities, and swaps business matters made on bank employees’ personal devices.

Money laundering

CommunityBank of Texas fined $8M over AML failures


CommunityBank of Texas has agreed to pay $8 million as part of a consent order reached with the Financial Crimes Enforcement Network regarding deficiencies in its anti-money laundering program linked to understaffing.

SEC office

SEC rulemaking frenzy: New proposals for security-based swaps, mutual funds, share buybacks


The SEC and its Democratic majority ushered in a slew of rulemaking proposals Wednesday that include new disclosure requirements for the security-based swaps market, mutual funds, and share buyback arrangements.

Sustainability measures

TCFD recommendations more than building block for SEC climate disclosure rules?


SEC Chair Gary Gensler has hinted the agency’s highly anticipated climate-related disclosure rules will likely be pegged to an international framework, specifically mentioning the Task Force on Climate-Related Financial Disclosures. How can the TCFD help companies prepare for what’s ahead?


CPE Webcast: IPO prep & SOX compliance: Instacart, Armanino share hard-earned knowledge

2021-12-16T14:00:00+00:00Provided by Hyperproof

Hear from compliance and SOX subject matter experts at Armanino and Instacart on what pre-IPO companies should know, plan for, and do to ready their organization for going public.

Comment letter

FinCEN seeking feedback on AML/CFT regime ahead of report to Congress


The Financial Crimes Enforcement Network has issued a request for information on ways to modernize the Bank Secrecy Act ahead of a report Treasury Secretary Janet Yellen must provide Congress by Jan. 1, 2022.


Grindr fined $7.2M for GDPR consent violations


The Norwegian Data Protection Authority announced a fine of NOK 65 million (U.S. $7.2 million) against gay dating app Grindr for sharing personal data with third parties without users’ consent.