Thinking of becoming a whistleblower? The path ahead likely won’t be easy. Learn from others that have been through the process.
While many aspects of life over the last year have stagnated because of the pandemic, human trafficking has not slowed down. A new report from the U.S. Department of State explores the latest trends.
Aaron Nicodemus explains what whistleblowers, their supporters, and advocates would like compliance officers who handle internal complaints to understand about the process from their side of the table.
The European Banking Authority is seeking comment on new draft guidelines that set clear expectations regarding the appointment, role, tasks, and responsibilities of anti-money laundering and countering the financing of terrorism compliance officers.
Transaction monitoring has evolved to the point where the emphasis is now on the requirement firms carry out ongoing monitoring of client relationships. Recent enforcement actions provide lessons on pitfalls to avoid.
Activision Blizzard is not only a case study in how not to respond to allegations of sexual harassment and discrimination in the workplace—it’s also the latest blatant showing of managerial recklessness in an industry ripe for transformational change.
With the sheer volume of communications happening on more platforms than ever, a modern approach to compliance and archiving has become critical.
The SEC will require China-based public companies listed on U.S. exchanges to make more disclosures about the financial risks posed by potential interference in their operations by the Chinese government.
Insurance giant Allianz disclosed it could face enforcement resulting from Department of Justice and Securities and Exchange Commission probes into its Structured Alpha Funds business.
A federal judge in California dismissed a lawsuit alleging a data breach at Walmart was a violation of the California Consumer Privacy Act, noting the plaintiff failed to prove a breach occurred.
For the month of August, we’re tearing down our paywall. Readers can access our entire archive of news, benchmarking surveys, special reports, case studies, and Webcasts by simply creating a free account and signing in.
It’s important to take stock of how far whistleblowing has advanced over the last few years. That said, there is still room for improvement. Aaron Nicodemus offers three suggestions.
The road to a payout for whistleblowers is long, lonely, and full of obstacles. Commitment to the idea that they are doing the right thing helped our whistleblower subjects endure years of hardship to bring their cases to conclusion.
An independent report commissioned by Credit Suisse to examine the bank’s failures that led to $5.5 billion in losses when Archegos Capital Management collapsed this year concluded a series of missteps by risk and compliance failed to escalate numerous red flags.
Today’s breach landscape is unprecedented and complex. Every organization is facing potential enforcement of many interconnected and overlapping laws in multiple jurisdictions, each with restrictive timelines. In this complex environment, it is not enough to have a response plan. Your organization needs a response system.
Retaliation for blowing the whistle comes in all kinds of forms. Our whistleblower subjects share their stories—from losing jobs to getting blacklisted to being the target of a newspaper hit piece.
The Office of the Comptroller of the Currency has appointed Darrin Benhart as its first climate change risk officer—a move in line with the agency’s plans to better develop effective climate risk management practices at banks.
Once someone decides to blow the whistle, their life is forever changed. Their action stands to benefit many people they don’t even know while putting much in jeopardy on a personal level. Our whistleblower subjects each explain what led them to their determinations.
Credit Suisse Group has appointed longtime Goldman Sachs risk management expert David Wildermuth as its chief risk officer.
Almost no one becomes a whistleblower by choice. A slow and steady whittling down of options often leads individuals to isolation in coming to their decision. Our whistleblower subjects share the roadblocks they faced in reporting internally.
The U.K. Financial Reporting Council has proposed a series of measures from which companies—as well as other regulators like the SEC—could benefit as ESG disclosures receive closer scrutiny.
Whistleblowers aren’t born—they’re made. For five individuals that have taken on that mantle, the story began with discovering a problem that could no longer be ignored.
The challenges for compliance moving forward through the decade will become more insidious in nature. The profession requires fresh thinking and different perspectives, complemented by creativity, curiosity, and care.
For individuals managing third-party risk, there is one primary question that needs answering: Are your vendors safe to do business with? Answering that question is not so straightforward.
A new book proves compliance practitioners can take risks and get paid dividends, and the authors are willing to show you how.
Vulnerable customers have finally reached the top of the regulatory priority list. New guidance from the U.K. Financial Conduct Authority sets out what will be expected of firms in providing an appropriate level of care.
Recent comments by Facebook’s top executive in charge of developing AI reignite the debate over whether regulators should be more focused on reining in the technology itself or just the way it is used.
ESG and its role in third-party risk management have gained prominence this past year as the awareness for environmental and social issues continue to grow.
Three federal banking regulators are seeking public input on the first comprehensive update to risk management guidance for financial institutions entering into business relationships with third parties since 2013.
The SEC issued a $7 million fine against startup space company Momentus for misleading investors about the viability of its technology and an additional $1 million fine against the SPAC taking it public for not conducting adequate due diligence.
A recent roundtable on best practices for risk management saw delegates share their experiences in conducting assessments that are accurate, effective, and efficient.
Compliance is a necessity for every business, but the best long-term strategies for any company depend on factors like portfolio size, internal expertise, available budget, and risk tolerance.
Credit Suisse has named Amélie Perrier to a new senior executive position to track the trading positions of its largest customers after the bank lost $4.7 billion in the aftermath of the collapse of Archegos Capital Management.
Why settle for an average compliance program when you can have so much more? It isn’t easy, but commitment to a handful of key requirements can push your program to the next level.
At CW’s TPRM virtual event, Dianna Jones, director of legal compliance at Uber, shared how the company seeks to build compliance into new initiatives without stifling innovation.
Kroll’s newest anti-corruption benchmarking report highlights current TPRM trends such as evolving challenges with enhanced due diligence, the rise of automation, the growing incorporation of ESG matters into compliance programs today, and more.
British Airways has settled one of the U.K.’s largest group actions after thousands of people sought compensation following a 2018 data breach that resulted in the airline being fined under the GDPR.
Two risk and compliance practitioners opened their cyber-playbooks at CW’s TPRM virtual event, explaining how to identify and address vulnerabilities, establish transparency with vendors, and strengthen an organization’s incident management program.
The New York State Department of Financial Services has issued guidance for regulated entities describing best practices for reducing the risk of a ransomware attack.
What are the biggest challenges you face in establishing and carrying out your ESG framework? Please share your insights with Compliance Week and Fulcrum.
The Financial Industry Regulatory Authority ordered Robinhood Financial to pay a record-breaking $70 million in penalties, the result of “systemic supervisory failures in several critical parts of its business.” The firm must retain a compliance consultant, among other enhancements.
Charles Duross, former deputy chief of the DOJ’s Fraud Section, shared tips on how companies can best manage third parties and employees who willfully try to circumvent internal controls during his keynote speech at CW’s virtual TPRM conference.
The Financial Crimes Enforcement Network tipped its hand at changes ahead for the Bank Secrecy Act in announcing the first government-wide list of priorities for anti-money laundering and countering the financing of terrorism.
With many businesses still sorting through the new layers of risk that have emerged over the last 16 months, Linda Tuck Chapman of the Third Party Risk Institute shared her top areas of focus and more at CW’s virtual TPRM event.
What allows bad actors to perpetuate accounting fraud? In many cases, it’s bad processes and controls. Consider introducing automation to help your company more successfully detect and prevent bad actors.
The Financial Action Task Force added Haiti, Malta, the Philippines, and South Sudan to its “grey list” focused on areas subject to increased monitoring for deficiencies in fighting financial crime.
Large global financial institutions are utilizing advanced technologies like never before to help manage their regulatory compliance needs, driving major efficiencies within compliance, risk, and internal audit functions in the process.
Despite best effort, a chief compliance officer has a lot to lose when his or her company faces enforcement. Acknowledging this as part of any potential CCO liability framework will be important to its success.
Multiple high-profile companies—including Carnival, Wegmans, McDonald’s, Volkswagen, and CVS—have confirmed in recent days they were either victims of a data breach or were alerted to a gap in their security controls.
Your organization might be using HITRUST to manage multiple compliance initiatives, including HIPAA, NIST and the ISOs. The framework sets up a good set of practices that lend well to various privacy regulations and standards, yet connecting all that data for fast reporting is where most organization’s hit a wall.