OFAC crypto crackdown: Coinbase disclosures under review
Coinbase disclosed certain of its transactions are “under review” by the Office of Foreign Assets Control for potential violations of U.S. sanctions laws. Fellow cryptocurrency platforms BitGo and BitPay have each been fined by the regulator in the last three months.
Ask a CCO: How has your company prioritized data privacy compliance?
Five senior compliance practitioners tell us how their companies have reacted to recent privacy legislation like the GDPR, CCPA, and other state regulations in the pipeline.
Video: Google ad change a boon for privacy; red flags apparent in Greensill downfall
Aaron Nicodemus acknowledges Google’s decision to stop selling ads based on user browsing history as a good first step, while Kyle Brasseur laments apparent red flags ignored in the seemingly impending collapse of Greensill Capital.
How audit can support increased ESG mandates
The Center for Audit Quality and American Institute of Certified Public Accountants released a new roadmap that provides tools for independent auditors to support companies in achieving their ESG reporting goals.
Ask a CCO: What’s your strategy for preventing and detecting data breaches?
Five senior compliance practitioners outline their strategies for protecting their firms from data breaches.
OFAC Director Andrea Gacki dishes advice on mitigating sanctions risk
OFAC Director Andrea Gacki shares insights about her organization’s latest sanctions enforcement priorities, its expectations of sanctions compliance programs, and how to mitigate sanctions risk.
Biden influence apparent in SEC 2021 examination priorities
The long-awaited 2021 examination priorities of the Securities and Exchange Commission were released Wednesday, with climate- and ESG-related risks unsurprisingly among areas that will receive enhanced focus.
More than a CCPA clone? Virginia passes nation’s second comprehensive privacy law
In what might be a sign of things to come for data privacy legislation nationwide, Virginia passed the country’s second comprehensive data privacy law. How does it stack up to its peer in California?
Ask a CCO: How is your company reacting to cyber-risks introduced by COVID-19?
Five senior compliance practitioners tell Compliance Week how their organizations are reacting to new cyber-threats introduced by the pandemic.
Ask a CCO: What’s your role in creating/implementing cyber-security policies?
Five senior compliance practitioners share insights on their roles in implementing and overseeing cyber-security policies and procedures.
Battling cyber-threats takes collaboration between compliance, information security
LifePoint Health’s VP for Compliance Program Operations/Chief Privacy Officer Ellen Hunt and VP/CISO Andy Heins share how they work ”hand in glove” to protect their company’s data from bad actors.
CCOs, take note: ESG is having its moment
The Biden administration is not so quietly making big moves in the area of ESG regulatory initiatives that should give CCOs the cachet to elevate these issues closer to the top of the priority list at their organizations.
Banks filing more SARs amid pandemic; is this the right approach?
An increase in the submission of suspicious activity reports for cash values that fall under the mandatory $10,000 transaction reporting threshold last year is a proactive step by banks, but more can always be done, writes Martin Woods.
CW panel: Preparing for the return to the workplace—and the next pandemic
Experts at CW’s “Compliance Considerations for the New Workplace” virtual summit discuss striking the balance between complying with laws applicable to matters of health and safety while still respecting employee privacy in the return to the office and beyond.
SEC charges Gulfport, former CEO with failing to disclose executive perks
The SEC settled charges against gas exploration and production company Gulfport Energy and its former CEO Michael Moore for failing to properly disclose as compensation certain perks provided to Moore and related personal expenses.
Legal precedent for COVID-19 vaccine mandates on shaky ground, expert says
Mandating COVID-19 vaccines for your workplace might not be as straightforward as following the legal precedent set by flu vaccines, an expert explained at CW’s “Compliance Considerations for the New Workplace” virtual summit.
SEC takes first step toward new framework for climate-related disclosures
If there were any doubts the SEC under the Biden administration will increase its expectations of public companies to assess and disclose climate change-related risks, they were laid to rest Wednesday.
Best practices for navigating political discussions among coworkers
It’s not realistic to outright ban talk of politics with coworkers, but in today’s polarized climate it’s smart to set policies and educate employees about lines that should not be crossed.
CPE Webcast: How modern cyber-threat intelligence can enrich system security
Threat Intelligence is normally used to enrich the process of security assessment, providing proof on the enforcement of security controls required to be secure and compliant.
Cyber-insurance: Why you need it and how to choose the right plan
As cyber-attacks surge, the need for cyber-insurance is growing more urgent. But it’s critical for companies to first familiarize themselves with how to navigate the labyrinth of cyber-insurance products on the market so that they are properly covered.
Kroger joins victims of Accellion data breach
Two months after cloud service vendor Accellion first identified one of its legacy products was targeted by a sophisticated cyber-attack, users of the product continue to feel the impact, with grocery chain Kroger the latest to reveal its exposure.
Done right, outsourcing compliance can be rewarding
Should you consider outsourcing some of your firm’s compliance functions? Perhaps, even, all of them? The answer is complicated and requires a thorough analysis of the risks and rewards.
Are CEOs really the best people to set the compliance example?
After a bad week for motivational leadership in the United Kingdom, experts expound on who should really set “tone from the top.”
CPE Webcast: Picking up the pieces, planning for recovery
In the wake of COVID-19, compliance professionals need to be aware that the pandemic made instances of fraud more likely. This reflects the astonishing pressure put on governments and global financial systems and service providers to respond and adapt to the crisis.
Survey: Firms enhanced cyber-security in 2020, but not enough
Companies forced to pivot to remote work in a global health crisis spent the bulk of 2020 grappling with heightened cyber-security risks. A year later, compliance practitioners say their companies’ cyber-security postures are better for it—even in the wake of the stunning SolarWinds hack.
‘The Empathetic Workplace’ can help you navigate hard conversations
Aly McDevitt reviews “The Empathetic Workplace” by Katharine Manning, a practical guide that offers an eye-opening look into how employers should use empathy and soft skills to respond to employees in crisis.
CPE Webcast: Vital framework to defensible data incident and breach response
Today’s breach landscape is unprecedented and complex. Every organization is facing potential enforcement of many interconnected and overlapping laws in multiple jurisdictions.
Former FBI Director James Comey to speak at two upcoming CW events
Compliance Week is pleased to announce James Comey will be joining two key virtual events this year—“Financial Crimes: Risks, Trends, and Proven Practices” from March 30-31 and “Compliance Week 2021” from May 11-13.
Video: Wirecard’s failings back in spotlight
Jaclyn Jaeger lauds two oil companies for raising the bar on ESG commitment in the industry, while Dave Lefort assesses new developments in the Wirecard saga that point to greater failures in the firm’s internal controls.
CPE Webcast: Advancing the audit despite disruption
There’s no question that F&A teams have been disrupted by the ongoing pandemic. In fact, nearly half of respondents in a recent survey said that closing virtually with a distributed workforce impacts the audit and other third-party engagements.
CPE Webcast: COVID-19 employee training requirements
This one-hour Webinar covers what coronavirus pandemic training and education are needed to safely re-enter the workplace.
White paper: Rethinking Third-Party Cyber Risk Management
This guide will help you better understand the choices before you, no matter if your organization hasn’t even cracked the seal on third party cyber risk management.
Clover Health facing SEC probe over short-seller report
The Securities and Exchange Commission has launched an investigation into Clover Health Investments in response to scathing allegations made against the Medicare provider by short-seller Hindenburg Research.
FINRA report: Top risk areas for AML, cyber-security
The Financial Industry Regulatory Authority has published a new report designed to help inform member firms’ compliance programs by providing annual insights from its examinations and risk monitoring programs.
Survey: Pandemic pervades executives’ top 10 risks for 2021
The aftermath of the coronavirus pandemic dominates the top risks that will keep boards of directors and executive management teams on their toes in 2021, a new survey by Protiviti and NC State’s ERM Initiative finds.
Treasury head Yellen calls regulators together to discuss market volatility
Treasury Secretary Janet Yellen will meet with the heads of several regulatory agencies to discuss potential responses to the wild swings in value of GameStop and several other stocks.
Anti-corruption developments in 2020: China, India make strides
A global panel of experts with law firm Gibson Dunn share insights around recent anti-corruption developments in some of the world’s largest regions, including China, India, Latin America, and Africa.
Goldman Sachs 1MDB fallout a case study for bonus risks
As Goldman Sachs cuts the pay of its top executives in response to more than $5 billion in penalties incurred for the 1MDB scandal, Martin Woods once again ponders whether bonuses helped facilitate the improper conduct that took place.
SolarWinds hack turning into Pandora’s box of cyber-risk
The more we learn about the SolarWinds hack, the more troubled compliance officers should be by the scope and breadth of the risks their companies might have incurred.
Recently penalized USAA adds chief risk officer
USAA announced the appointment of Neeraj Singh as chief risk officer nearly four months after its federal savings bank was fined $85 million by the OCC for compliance risk management failures.
New SEC senior advisor will specialize in climate change, ESG
The acting chair of the Securities and Exchange Commission has created a new senior policy advisor position on climate change and ESG, another signal the agency will prioritize both areas under a Biden administration.
NYDFS regulation a best-practices model for cyber-security training
Companies must make cyber-security a continuous priority as threats evolve, often more quickly than the technology and regulations to counter them. That’s why the New York Department of Financial Services, under Maria Vullo, developed a policy that should act as a model for organizations.
Transparency International index: Pandemic tests anti-corruption efforts
Corrupt activity bolstered by the coronavirus pandemic features heavily in the findings of Transparency International’s 2020 Corruption Perceptions Index, with even some of the highest-scoring countries having their share of challenges.
Video: Thumbs-down to all parties in GameStop madness
While Kyle Brasseur gives Data Privacy Day the shout-out it deserves, Dave Lefort explains why retail investors, the apps they use, and regulators all “Failed It” in the GameStop stock market craze.
Compliance lessons from GameStop market insanity
Wall Street has been consumed this week watching a real-time battle unfold between retail investors and hedge funds over formerly moribund stocks like GameStop, AMC Entertainment, and BlackBerry. The compliance lessons lie in the levels of risk.
A risk management perspective on GameStop stock surge
Actions taken by Robinhood and TD Ameritrade amid the crazy GameStop stock surge can be understood from the perspective of risk management, but who’s watching out for the retail investors? That’s where the real risks lie.
Spain, Italy setting new standard for GDPR enforcement
While big fines against big companies make headlines, Spain and Italy have flown under the radar as two of the most frequent enforcers of the GDPR, instead primarily focusing on smaller penalties. Might other countries follow suit?
CPE Webcast: Compliance considerations to prepare for returning to the office
With the pandemic lingering and the coronavirus vaccine shipping in the United States, we are hopefully beginning to turn the corner on the pandemic.
Treasury under Yellen to prioritize climate change, sanctions, AML reform
Janet Yellen takes over as leader of a Treasury Department with a lot on its plate, including studying the effects of climate change on the economy, unwinding Trump administration sanctions, revamping the Bank Secrecy Act, and more.
Norwegian DPA warns Grindr of $11.7M GDPR fine
Norway’s data privacy watchdog issued gay dating app Grindr with a notice of intention to fine it NOK 100 million (U.S. $11.7 million) for sharing personal data with third parties without users’ consent.