Five pieces of advice for potential whistleblowers
Thinking of becoming a whistleblower? The path ahead likely won’t be easy. Learn from others that have been through the process.
Report: Human trafficking undeterred by COVID-19
While many aspects of life over the last year have stagnated because of the pandemic, human trafficking has not slowed down. A new report from the U.S. Department of State explores the latest trends.
Seven things whistleblowers want compliance officers to know
Aaron Nicodemus explains what whistleblowers, their supporters, and advocates would like compliance officers who handle internal complaints to understand about the process from their side of the table.
EU guidance seeks to clarify role of AML/CFT compliance officers
The European Banking Authority is seeking comment on new draft guidelines that set clear expectations regarding the appointment, role, tasks, and responsibilities of anti-money laundering and countering the financing of terrorism compliance officers.
The importance of transaction monitoring, and the cost of getting it wrong
Transaction monitoring has evolved to the point where the emphasis is now on the requirement firms carry out ongoing monitoring of client relationships. Recent enforcement actions provide lessons on pitfalls to avoid.
Activision Blizzard scandal signals day of reckoning for video game industry
Activision Blizzard is not only a case study in how not to respond to allegations of sexual harassment and discrimination in the workplace—it’s also the latest blatant showing of managerial recklessness in an industry ripe for transformational change.
Webcast: Mitigate risk and improve litigation readiness
With the sheer volume of communications happening on more platforms than ever, a modern approach to compliance and archiving has become critical.
SEC seeks more risk disclosures from China-based companies
The SEC will require China-based public companies listed on U.S. exchanges to make more disclosures about the financial risks posed by potential interference in their operations by the Chinese government.
Allianz bracing for financial hit amid DOJ scrutiny
Insurance giant Allianz disclosed it could face enforcement resulting from Department of Justice and Securities and Exchange Commission probes into its Structured Alpha Funds business.
Judge dismisses CCPA-related lawsuit against Walmart
A federal judge in California dismissed a lawsuit alleging a data breach at Walmart was a violation of the California Consumer Privacy Act, noting the plaintiff failed to prove a breach occurred.
We bet you’ll love us: Free CW access for month of August
For the month of August, we’re tearing down our paywall. Readers can access our entire archive of news, benchmarking surveys, special reports, case studies, and Webcasts by simply creating a free account and signing in.
Three ideas to improve the whistleblowing process
It’s important to take stock of how far whistleblowing has advanced over the last few years. That said, there is still room for improvement. Aaron Nicodemus offers three suggestions.
Part 5: Waiting for payout a grueling test of tenacity for whistleblowers
The road to a payout for whistleblowers is long, lonely, and full of obstacles. Commitment to the idea that they are doing the right thing helped our whistleblower subjects endure years of hardship to bring their cases to conclusion.
Report: Deficient risk culture at Credit Suisse contributed to Archegos collapse
An independent report commissioned by Credit Suisse to examine the bank’s failures that led to $5.5 billion in losses when Archegos Capital Management collapsed this year concluded a series of missteps by risk and compliance failed to escalate numerous red flags.
CPE Webcast: Incident and breach management 101
Today’s breach landscape is unprecedented and complex. Every organization is facing potential enforcement of many interconnected and overlapping laws in multiple jurisdictions, each with restrictive timelines. In this complex environment, it is not enough to have a response plan. Your organization needs a response system.
Part 4: Retaliation pervades while whistleblowers persevere
Retaliation for blowing the whistle comes in all kinds of forms. Our whistleblower subjects share their stories—from losing jobs to getting blacklisted to being the target of a newspaper hit piece.
OCC appoints first climate change risk officer
The Office of the Comptroller of the Currency has appointed Darrin Benhart as its first climate change risk officer—a move in line with the agency’s plans to better develop effective climate risk management practices at banks.
Part 3: Blowing the whistle weighs uncertainty against moral duty
Once someone decides to blow the whistle, their life is forever changed. Their action stands to benefit many people they don’t even know while putting much in jeopardy on a personal level. Our whistleblower subjects each explain what led them to their determinations.
Credit Suisse hires Goldman Sachs veteran as chief risk officer
Credit Suisse Group has appointed longtime Goldman Sachs risk management expert David Wildermuth as its chief risk officer.
Part 2: Internal reporting sends whistleblowers down path alone
Almost no one becomes a whistleblower by choice. A slow and steady whittling down of options often leads individuals to isolation in coming to their decision. Our whistleblower subjects share the roadblocks they faced in reporting internally.
What companies (and the SEC) can learn from U.K. ESG reporting guidance
The U.K. Financial Reporting Council has proposed a series of measures from which companies—as well as other regulators like the SEC—could benefit as ESG disclosures receive closer scrutiny.
Part 1: Finding the fraud launches whistleblowers on life-changing journey
Whistleblowers aren’t born—they’re made. For five individuals that have taken on that mantle, the story began with discovering a problem that could no longer be ignored.
Who will be suited to compliance roles in the 2020s?
The challenges for compliance moving forward through the decade will become more insidious in nature. The profession requires fresh thinking and different perspectives, complemented by creativity, curiosity, and care.
CPE Webcast: Identifying risky vendors: 7 warning signs
For individuals managing third-party risk, there is one primary question that needs answering: Are your vendors safe to do business with? Answering that question is not so straightforward.
‘The Compliance Entrepreneur’s Handbook’ dispels false paradox
A new book proves compliance practitioners can take risks and get paid dividends, and the authors are willing to show you how.
How firms can protect vulnerable customers
Vulnerable customers have finally reached the top of the regulatory priority list. New guidance from the U.K. Financial Conduct Authority sets out what will be expected of firms in providing an appropriate level of care.
The debate over AI: Regulate the tech or its use?
Recent comments by Facebook’s top executive in charge of developing AI reignite the debate over whether regulators should be more focused on reining in the technology itself or just the way it is used.
CPE Webcast: The rise of ESG in third-party risk management
ESG and its role in third-party risk management have gained prominence this past year as the awareness for environmental and social issues continue to grow.
New bank guidance expands on advice for handling third parties
Three federal banking regulators are seeking public input on the first comprehensive update to risk management guidance for financial institutions entering into business relationships with third parties since 2013.
SPAC due diligence called out in $8M SEC enforcement
The SEC issued a $7 million fine against startup space company Momentus for misleading investors about the viability of its technology and an additional $1 million fine against the SPAC taking it public for not conducting adequate due diligence.
ICA: Takeaways from risk assessment roundtable
A recent roundtable on best practices for risk management saw delegates share their experiences in conducting assessments that are accurate, effective, and efficient.
CPE Webcast: Cost-effective business license, permit, and registration compliance
Compliance is a necessity for every business, but the best long-term strategies for any company depend on factors like portfolio size, internal expertise, available budget, and risk tolerance.
Credit Suisse creates new risk role to prevent next Archegos
Credit Suisse has named Amélie Perrier to a new senior executive position to track the trading positions of its largest customers after the bank lost $4.7 billion in the aftermath of the collapse of Archegos Capital Management.
Five steps to elevate your average compliance program
Why settle for an average compliance program when you can have so much more? It isn’t easy, but commitment to a handful of key requirements can push your program to the next level.
How Uber toes the line between compliance and innovation
At CW’s TPRM virtual event, Dianna Jones, director of legal compliance at Uber, shared how the company seeks to build compliance into new initiatives without stifling innovation.
Survey: Emerging TPRM trends in anti-corruption
Kroll’s newest anti-corruption benchmarking report highlights current TPRM trends such as evolving challenges with enhanced due diligence, the rise of automation, the growing incorporation of ESG matters into compliance programs today, and more.
British Airways settles 2018 data breach class action
British Airways has settled one of the U.K.’s largest group actions after thousands of people sought compensation following a 2018 data breach that resulted in the airline being fined under the GDPR.
TPRM 2021: What to do before, during, and after a ransomware attack
Two risk and compliance practitioners opened their cyber-playbooks at CW’s TPRM virtual event, explaining how to identify and address vulnerabilities, establish transparency with vendors, and strengthen an organization’s incident management program.
Takeaways from NYDFS ransomware guidance
The New York State Department of Financial Services has issued guidance for regulated entities describing best practices for reducing the risk of a ransomware attack.
Survey: How does your ESG initiative measure up?
What are the biggest challenges you face in establishing and carrying out your ESG framework? Please share your insights with Compliance Week and Fulcrum.
Compliance implications of Robinhood’s record $70M FINRA fine
The Financial Industry Regulatory Authority ordered Robinhood Financial to pay a record-breaking $70 million in penalties, the result of “systemic supervisory failures in several critical parts of its business.” The firm must retain a compliance consultant, among other enhancements.
Charles Duross: Tips for managing third-party FCPA risks
Charles Duross, former deputy chief of the DOJ’s Fraud Section, shared tips on how companies can best manage third parties and employees who willfully try to circumvent internal controls during his keynote speech at CW’s virtual TPRM conference.
FinCEN puts financial institutions on notice with first AML/CFT priorities
The Financial Crimes Enforcement Network tipped its hand at changes ahead for the Bank Secrecy Act in announcing the first government-wide list of priorities for anti-money laundering and countering the financing of terrorism.
Pandemic effect on TPRM practices here to stay, expert warns
With many businesses still sorting through the new layers of risk that have emerged over the last 16 months, Linda Tuck Chapman of the Third Party Risk Institute shared her top areas of focus and more at CW’s virtual TPRM event.
Want to wring out fraud? Automate your accounting processes
What allows bad actors to perpetuate accounting fraud? In many cases, it’s bad processes and controls. Consider introducing automation to help your company more successfully detect and prevent bad actors.
FATF adds four jurisdictions to AML/CFT watchlist
The Financial Action Task Force added Haiti, Malta, the Philippines, and South Sudan to its “grey list” focused on areas subject to increased monitoring for deficiencies in fighting financial crime.
Embrace of RegTech driving financial services transformation
Large global financial institutions are utilizing advanced technologies like never before to help manage their regulatory compliance needs, driving major efficiencies within compliance, risk, and internal audit functions in the process.
Distinction between CCO and company key to any liability framework
Despite best effort, a chief compliance officer has a lot to lose when his or her company faces enforcement. Acknowledging this as part of any potential CCO liability framework will be important to its success.
Big week for breaches: McDonald’s, Carnival, and more
Multiple high-profile companies—including Carnival, Wegmans, McDonald’s, Volkswagen, and CVS—have confirmed in recent days they were either victims of a data breach or were alerted to a gap in their security controls.
CPE Webcast: Streamlining HIPAA & HITRUST compliance with an alternative reporting approach
Your organization might be using HITRUST to manage multiple compliance initiatives, including HIPAA, NIST and the ISOs. The framework sets up a good set of practices that lend well to various privacy regulations and standards, yet connecting all that data for fast reporting is where most organization’s hit a wall.