SEC Investor Advocate Rick Fleming said online platforms designed to make stock trading more easily accessible and exciting “expose what may be a significant flaw in Reg BI” regarding unsolicited transactions.
Organizations are facing both increased regulation and increased volumes of organizational data, making it ever more challenging to ensure they can stay compliant as new regulations take effect.
Many companies are accelerating their digital transformation strategies and adoption of cloud computing, decommissioning data centers, and legacy applications. CCOs need to understand the implications for regulatory compliance obligations.
Compliance leaders from Vivint and Agilent Technologies shared how they are successfully integrating data intelligence into their organization’s operations at a recent Diligent virtual summit.
MUFG Union Bank, which has entered into agreement to be acquired by U.S. Bank, received a cease-and-desist order from the OCC for “unsafe or unsound practices regarding technology and operational risk management.”
By reacting to Coinbase’s now-scrapped Lend program proposal with a Wells Notice, the SEC sent a message that cryptocurrency companies should not expect the agency to bend to their will.
As parts of the world economy open up and overall business spend is on track to go back to pre-COVID-19 levels, organizations are more vulnerable to fraud, corruption, and regulatory violations.
The SEC launched its first foray against risks posed by stock trading platforms like Robinhood with a request for information about how digital engagement practices affect the investment strategies of retail investors.
Experts weigh in with their thoughts on why FinTechs and cryptocurrency firms continue to have a bad reputation in terms of compliance.
The Hamburg data protection authority has warned local government departments to stop using Zoom because it believes the videoconferencing app is not compliant with the General Data Protection Regulation.
Technology is changing every aspect of life and automation is reducing the effort required for even the most complex of business processes.
Recent fines in Italy against two food delivery companies for violating the privacy of their drivers should act as a warning that employee surveillance can prove to be a major breach of the General Data Protection Regulation.
A recent survey from Compliance Week and OpenText reveals while investigations and data volumes are on the rise, machine learning combined with external expertise may give companies the upper hand in accelerating response and results.
A recent roundtable on managing resources while confronting regulatory change looked at the importance of balancing machine learning and artificial intelligence with human intelligence and intervention.
Italy’s data protection authority Garante fined U.K.-based food delivery company Deliveroo €2.5 million (U.S. $3 million) under the GDPR for violating the privacy rights of its Italian drivers.
Recent comments by Facebook’s top executive in charge of developing AI reignite the debate over whether regulators should be more focused on reining in the technology itself or just the way it is used.
Italy’s data protection authority fined food delivery company Foodinho €2.6 million (U.S. $3.1 million) because the app at the core of its business model allegedly discriminated against employees.
At CW’s TPRM virtual event, Dianna Jones, director of legal compliance at Uber, shared how the company seeks to build compliance into new initiatives without stifling innovation.
The Financial Crimes Enforcement Network will launch rulemaking for a no-action letter process that would give financial institutions another way to enter dialogue with the regulator about innovative and newly emerging technologies.
Will states be able to move forward with their own privacy laws? A provision in a recent bill passed in Florida may be a stumbling block.
What allows bad actors to perpetuate accounting fraud? In many cases, it’s bad processes and controls. Consider introducing automation to help your company more successfully detect and prevent bad actors.
In the market for a software solution to help manage your third-party risk? Check out our collection of video demos from nearly a dozen of the top vendors in the space.
Large global financial institutions are utilizing advanced technologies like never before to help manage their regulatory compliance needs, driving major efficiencies within compliance, risk, and internal audit functions in the process.
Companies’ priorities regarding compliance with the GDPR are likely to become more focused because of a mixture of recent legal decisions and efforts by the European Commission to keep privacy rules in sync with changes in technology.
Meatpacker JBS USA announced it paid the equivalent of $11 million in ransom in response to a May cyber-attack that impacted its operations in North America and Australia.
Video game retailer GameStop, whose market volatility earlier this year led the so-called “meme stocks” craze, disclosed it is cooperating with an investigation launched by the Securities and Exchange Commission.
Meatpacker JBS USA has become the latest critical infrastructure company to be targeted by a ransomware attack, which temporarily halted its global operations. The attack brings with it implications for the food and agriculture industries.
President Biden’s executive order on cyber-security largely applies to federal agencies. But its core message—that the public and private sectors must collectively defend against increasingly malicious ransomware attacks—should not be lost on companies.
Despite its achievements, the General Data Protection Regulation’s flaws have become evident. Some are already questioning whether the regulation—and the way it is regulated—are fit for purpose and whether the law needs to be changed.
A recent survey of 100 executives from Fortune 500 companies found more than half are struggling to balance easy access to company data with privacy and security compliance under laws like the GDPR and CCPA.
Many senior audit leaders and their teams are still in the early stages of, or have not yet begun, implementing next-generation tools and strategies into their internal audits, according to a new survey.
The National Institute of Standards and Technology is seeking comment on a revised version of its cyber supply chain risk management guidance that is intended for a broader audience of public and private companies.
Every organization around the world has two things in common. First, they must follow the regulatory guidelines that govern their EHS operations. Second, those regulatory guidelines are becoming more numerous and challenging every year.
Rapid developments in technology and an uncertain future underscore the need for compliance professionals to embrace curiosity both personally and professionally in order to protect their firms from risk.
An expert panel at CW’s 2021 National Conference discussed the importance for companies to embrace behavioral analytics in their training programs to align with updates to the DOJ’s “Evaluation of Corporate Compliance Programs” guidance.
With various levels of defined risk and the potential for steep fines for offenders, the European Commission’s recent proposal to ensure trust in the use of artificial intelligence should receive urgent attention from industries beyond Big Tech.
The financial services industry is at the cutting edge of the utilization of artificial intelligence and machine learning tools. Regulators have recently requested to understand how these technologies are being used—or misused.
Amy Holcroft, chief privacy officer at Hewlett Packard Enterprise, shares her experience using privacy-by-design practices to help her company develop and utilize technology in a way that meets compliance requirements.
Compliance leaders are always on the lookout for innovative ways to keep up with the dynamic risk and regulatory landscape. The eﬀorts revolve around a common theme—integrating technological breakthroughs to achieve intelligent automation and ensure future-readiness of their compliance program.
In a rapidly changing digital world, thinking around compliance needs reframing. The question today is whether compliance can stay ahead of the curve.
It’s a clean sweep: All five CCOs we spoke with are in favor of U.S. federal data privacy legislation. Read on for the reasoning behind their answers.
Regulatory sandboxes launched by EU data protection authorities provide firms the opportunity to collaborate and make use of the regulator’s expertise to reduce GDPR compliance risks.
Five senior compliance practitioners tell us how their companies have reacted to recent privacy legislation like the GDPR, CCPA, and other state regulations in the pipeline.
Five senior compliance practitioners outline their strategies for protecting their firms from data breaches.
Five senior compliance practitioners tell Compliance Week how their organizations are reacting to new cyber-threats introduced by the pandemic.
Five senior compliance practitioners share insights on their roles in implementing and overseeing cyber-security policies and procedures.
Artificial Intelligence is no longer a SciFi concept. With increasing adoption across corporations for workflow automation, AI elicits a lot of reactions ranging from trepidation to excitement, along with deep discussions on risks and bias.
The EU’s chief data regulator says planned regulations to oversee the tech sector should be tightened further to ban targeted advertising based on tracking online activity—an opinion that could prompt Big Tech and adtech firms to lobby hard against the changes.
Companies forced to pivot to remote work in a global health crisis spent the bulk of 2020 grappling with heightened cyber-security risks. A year later, compliance practitioners say their companies’ cyber-security postures are better for it—even in the wake of the stunning SolarWinds hack.
Although crucial to the success and safety of customer onboarding, implementing and maintaining a successful KYC program can sometimes create an overwhelming administrative burden. Additionally, navigating manual verification methods is costly and prone to inaccuracy, creating greater risk of customer turnover and lost revenue.