Five compliance triumphs from 2022
Positive contributions in the areas of ESG, AI responsibility, and setting standards regarding CCO liability highlight the latest installment of CW’s annual list of laudable ethics and compliance moments.
Top ethics and compliance failures of 2022
Businesses not taking AML requirements seriously, years of noncompliant off-channel communications catching up to financial services titans, and a manufacturing firm that shared revenue with terrorists comprise CW’s list of the biggest ethics and compliance fails of 2022.
e-Book: Effective beneficial ownership searches leverage technology
Determining the ultimate beneficial owner of individuals and companies your firm does business with can be a tricky thing.
Treasury recommends more oversight for bank-fintech relationships
A new Treasury report found as the trend of nonbank fintech companies providing financial services in partnership with regulated entities continues to grow, regulators need to increase oversight of these relationships to curb the risks they pose.
SEC investigating Apollo Global, Carlyle Group, KKR for employee off-channel communications
Three private equity firms have disclosed they are under investigation by the Securities and Exchange Commission (SEC) for having allowed employees to use unauthorized communication channels like WhatsApp and WeChat to conduct company business.
CW Europe: Compliance challenges in 2023 and beyond will look a bit different
Dealing with risks relating to artificial intelligence; diversity, equity, and inclusion; and shortfalls in staff, training, and expertise are set to be among the biggest challenges for compliance officers in 2023 and the years ahead, say practitioners.
Automation can improve AML compliance but won’t replace human touch
While automation has the potential to transform anti-money laundering compliance, it will not replace the human practitioners relied upon to get investigations to the finish line, experts discussed at the ACAMS annual conference in Las Vegas.
New OCC office to supervise fintechs
The Office of the Comptroller of the Currency will heighten its focus on the financial technology space with the creation of a new department in early 2023.
French DPA latest to fine Clearview AI over GDPR violations
France’s CNIL became the fourth European data protection authority this year to fine Clearview AI over its controversial facial image aggregation practices, matching a pair of its counterparts with a €20 million (U.S. $19.6 million) penalty.
ICO guidance stresses importance of reasoning in employee monitoring
The U.K. Information Commissioner’s Office issued draft guidance to help ensure employers’ monitoring of staff performance does not turn into surveillance or harassment.
CPE Webcast: AI for TPRM - What you need to know to stay ahead
Artificial intelligence is no longer the stuff of science fiction. It has already transformed transportation, marketing, and retail, to name a few areas. It is also driving the most meaningful shift third-party risk management has experienced since its inception.
AI monitoring benefits must be weighed against employee skepticism
The EU’s agency for occupational safety and health released a report examining the risks and opportunities of AI-based worker management systems for employee’s physical and mental wellbeing.
Experts: EU Cyber Resilience Act puts pressure on tech developers, users
The EU’s proposed Cyber Resilience Act primarily puts pressure on tech manufacturers to ensure the cybersecurity of their products, but companies also have a duty of care to use the most secure products available.
CPE Webcast: Top 10 compliance management considerations for 2023
Learn how increased automation and data intelligence in regulatory compliance operations enables the realization of compliance technology value while mitigating ongoing compliance risks in 2023.
Compliance deficiencies highlighted in $1.8B crackdown on messaging apps
Eleven banks, investment firms, and their affiliates will pay a total of more than $1.8 billion in fines for “widespread and longstanding failures” in monitoring, maintaining, and preserving electronic communications by employees.
e-Book: Managing regulatory, financial crime compliance risks of virtual assets
This free e-Book considers the new opportunities the virtual asset space has opened, as well as the risks deriving from criminal exploitation and a lack of regulatory oversight in this burgeoning area.
Ask a CCO: Tech most subject to regulator scrutiny over next 5 years?
Four senior compliance practitioners offer what they believe will be the technology currently on the market that will receive the most attention from regulators over the next five years.
Ask a CCO: Accounting for regulator expectations in using new tech
Regulatory environments are ever evolving; four senior compliance practitioners detail what their respective businesses do to ensure compliance while utilizing new technologies.
Ask a CCO: Due diligence during Year 1 of implementing new tech
The first year is critical in assessing the success of implementing a new technology. Four senior compliance practitioners reveal how their respective firms carry out due diligence during implementation.
Ask a CCO: How does your firm assess the efficacy of new tech?
Four senior compliance practitioners describe how they evaluate new technologies to determine whether they are the right fit for their respective companies.
Ask a CCO: How do you get buy-in from leadership to invest in new tech?
Four senior compliance practitioners share keys to delivering a strong business case to management to secure budget resources for investment in new technologies.
How effective beneficial ownership searches leverage technology
Determining the ultimate beneficial owner of individuals and companies your firm does business with can be a tricky thing. The most efficient investigations require an understanding of your firm’s risk appetite and appropriate technology to automate searches.
Experts: Europe’s AI Act to push companies to confront technology’s use
The Artificial Intelligence Act, along with upcoming EU rules addressing digital markets and services, should have companies considering their use of AI and other emerging technologies to determine how the laws might impact their business.
Strategies for balancing risk/reward of investing in new technologies
Taking a step back before committing to a technology project to weigh the risks and rewards can prove beneficial in the long term. Consider the following best practices.
OCC studying risks posed by bank-fintech partnerships
Bank-fintech partnerships have grown “at exponential rates” and become so complicated it is often difficult to distinguish “where the bank stops and where the tech firm starts,” Acting Comptroller of the Currency Michael Hsu said.
Lawsuit: Lax Coinbase cybersecurity led to theft of customers’ crypto
Coinbase is the subject of a class-action lawsuit alleging cybersecurity failures at the cryptocurrency exchange are to blame for customer accounts losing thousands of dollars in crypto, with the company not doing enough to prevent further thefts.
Big bank messaging app crackdown exposes policy holes, monitoring struggles
U.S. regulators have signaled through an impending widespread enforcement sweep they are zeroing in on banker use of messaging apps to discuss business matters. The cases emphasize the need for financial services firms to enhance their monitoring and recordkeeping.
Twitter whistleblower says poor cybersecurity invites breaches, manipulation
Peiter Zatko, a former cybersecurity executive at Twitter, has blown the whistle on his observations of systemic data security lapses at the company, undercounting of fake accounts, and how the social media platform could be manipulated by foreign intelligence services.
Snap agrees to $35M settlement in Illinois biometric data lawsuit
Social media company Snap reached a $35 million settlement in principle to resolve an Illinois class-action lawsuit alleging violations of the state’s Biometric Information Privacy Act through the collection of “facial biometric identifiers” without users’ consent.
CPE Webcast: What not to miss when changing compliance technology providers
This one-hour webinar will focus on the six steps chief compliance officers and their teams take when making the move from one technology platform to another.
Morgan Stanley reaches $200M agreement over unauthorized electronic messages
Morgan Stanley has reached agreements in principle totaling $200 million with the SEC and CFTC to settle charges its employees used messaging platforms not approved by the financial services company.
IBM report: Data breach costs up, contributing to inflation
The global average cost to mitigate cybersecurity issues resulting from a data breach increased to an all-time high of $4.35 million and could be contributing to current inflation trends, according to the latest annual report from IBM.
SEC touts data analytics in launching 3 insider trading cases
The Securities and Exchange Commission utilized data analytics to detect suspicious trading activity and form the basis of three separate insider trading cases.
Bank of America reserves $200M for enforcement over banker personal device use
Bank of America has set aside $200 million in anticipation of an enforcement action related to unauthorized use of personal devices—an area in which U.S. regulators are cracking down.
Clearview AI fined third time for GDPR violations
The Hellenic Data Protection Authority in Greece fined controversial facial image aggregator Clearview AI a record €20 million (U.S. $19.9 million) for unlawfully processing the biometric data of Greek citizens.
‘Ethical Machines’ breaks down AI ethical risk mitigation planning
It’s only a matter of time before regulators legislate how companies vet artificial intelligence. Ethicist Reid Blackman’s new book, “Ethical Machines,” advises companies on how to implement AI ethical risk mitigation strategies and avoid regulatory, legal, and reputational fallout.
Financial crime within the metaverse
The momentum gathering behind the “metaverse”—a universe of virtual worlds built on blockchain technology—should be of keen interest to everyone in the regulation and compliance space, given its potential impact in terms of business, ethics, financial crime, and safety.
Survey: Spending on AI, new tech to increase despite known risks
Companies are set to ramp up spending on artificial intelligence and other technologies in the coming years despite expectations of rising legal disputes over its use and implementation, according to a new survey.
CPE Webcast: Fireside chat: Transitioning compliance technology solutions
Chief compliance officers and their teams are under increasing pressure to evaluate and choose the right technology partner to meet their growing compliance needs in the face of potential changes to their costs, solutions, and platforms.
Experts: How to move forward with the GDPR
Data privacy experts speaking at an industry event believe the mechanisms in place under the General Data Protection Regulation to ensure compliance, enforcement, and redress need revisiting—and quickly.
Addressing fraud via social media
Fraud and social media have a special relationship, with the two frequently combining to cause harm, distress, and loss to an enormous number of people.
Compliance leadership panel: Current state, future trends, more
Four senior compliance practitioners shared their insights on maintaining an ethical culture, embracing data analytics, determining compliance’s role in measuring ESG metrics, and more as part of a panel discussion at Compliance Week’s National Conference.
Factors to consider when implementing risk assessment technology
With the growing demands of huge data sets, an everchanging regulatory landscape, and constantly evolving typologies, the challenge of assessing, documenting, and managing financial crime risk has never been greater.
Four years of GDPR: New tech testing data privacy law’s longevity?
It has been four years since the European Union’s flagship data privacy legislation came into force, but concerns are already being raised about whether the General Data Protection Regulation is being outpaced by technological developments and their use of data.
Wells Fargo unit fined $7M for AML transaction monitoring failures
For the second time in five years, a subsidiary of Wells Fargo has been charged by the Securities and Exchange Commission with failing to file suspicious activity reports in a timely manner due to deficiencies in the system it used to flag transactions.
CPE Webcast: Data: The ‘new gold’ or ‘new liability’?
If organizations can wrest new insights from the data they harvest and process it can be a valuable business asset, but it has some serious limitations and can become a huge liability if they aren’t ensuring they are protecting the data.
CPE Webcast: Using data to identify training opportunities with Apex Systems
Gaps in an organization’s compliance program can be risky. Closing these gaps is essential to help minimize the possibility of costly investigations, fines, and reputational damage.
e-Book: How technology enables data protection
A Compliance Week and BRYTER survey analyzed 81 responses from compliance and legal practitioners who ranked data privacy and cybersecurity threats the No. 1 biggest risk entering 2022.
Closing the data risk gap: How technology enables data protection
Legal and compliance teams ranked data privacy and cybersecurity threats the No. 1 biggest risk entering 2022. Further survey results reveal roadblocks to organizations’ proactive compliance.
Clearview AI fined $22M in Italy over unlawful data collection
Facial image aggregator Clearview AI was fined €20 million (U.S. $22 million) for unlawfully processing the biometric and geolocation data of Italian citizens in violation of privacy laws including the General Data Protection Regulation.