Technology


Technology decisions

Surveys: Rushing technology decisions comes with big compliance risks

2021-01-15T18:23:00+00:00By

Embracing technology to help manage risk and improve efficiencies is a trend that’s been developing in the compliance space for a while, but the pandemic has fast-tracked the urgency behind it, according to a couple of recent surveys.

Screen Shot 2021-01-12 at 3.09.39 PM

Survey: Cyber-risk and data privacy in the age of COVID

2021-01-12T20:43:00+00:00By Compliance Week

In the wake of the SolarWinds hack and in the middle of a pandemic, it’s critical to ensure your most important data is protected—particularly when you’re collecting and storing more of it than ever. Take 2 minutes to let us know how you think you’re doing.

Employee monitoring

German laptop retailer fined $12.7M under GDPR for employee surveillance

2021-01-11T19:08:00+00:00By

A German data regulator fined an online laptop and electronic goods retailer €10.4 million (U.S. $12.7 million) for video-monitoring employees for at least two years without legal basis.

CWChooseEnding

e-Book: Choose your ending: What to do when your systems are hacked and ransom is demanded

2021-01-11T18:51:00+00:00By Compliance Week

What should you do if your firm is hit by ransomware? Choose your own ending to this tale about a clinic, a criminal, and coronavirus to learn the risks and rewards of each choice.

Cloud supply chain

Learning from SolarWinds: Five steps to fortify your cloud supply chain

2020-12-30T20:24:00+00:00By

For most companies, supply chain risk management traditionally focuses on managing physical third-party risks. But what the SolarWinds cyber-attack revealed is the catastrophic havoc fourth and fifth parties can also wreak in the often-ignored cloud supply chain.

SolarWinds

Cyber-security lessons from the SolarWinds hack

2020-12-18T15:44:00+00:00By

The lessons from the massive SolarWinds hack on where vulnerabilities still lurk in the third-party vendor supply chain cannot be grasped soon enough.

nailedit1200x800_778257

Video: Twitter GDPR fine too little or just right?

2020-12-17T20:03:00+00:00By Compliance Week

Aaron Nicodemus and Dave Lefort debate whether the Irish Data Protection Commission’s €450,000 (U.S. $547,000) fine against Twitter under the GDPR is an appropriate figure or way too small for the social media company.

Robinhood

FinTech darling Robinhood fined $65M for misleading customers

2020-12-17T19:38:00+00:00By

Mobile trading app provider Robinhood Financial, which has become a disruptive force in the stock market, has agreed to pay $65 million to the SEC to settle charges of misleading customers about how it makes money and for failing to secure best sale prices.

Online training

Best practices for customized digital compliance training

2020-12-16T18:50:00+00:00By Anusia E. Gillespie, CW guest columnist

Today’s volatile market, coupled with the increasing willingness of subject matter experts to collaborate, changes the game in some areas, where “build” starts to make more sense than “buy.” One area is digital compliance training.

FTC

FTC data requests could pave way to federal privacy law, experts say

2020-12-15T22:16:00+00:00By

FTC requests issued to nine social media and video streaming services for information about how they collect and use personal information could be a step toward the U.S. government enacting federal privacy legislation.

Twitter

Twitter’s tiny $547K GDPR fine leaves many scratching their heads

2020-12-15T20:19:00+00:00By

Ireland’s first major decision against a Big Tech company under the GDPR has stirred controversy as the country’s data regulator hit Twitter with an underwhelming €450,000 (U.S. $547,000) fine for a 2018 data breach.

Analytics

Regulators catching up on use of analytics; compliance better take notice

2020-12-14T19:23:00+00:00By

If your company isn’t making optimal use of data to enhance its compliance program, now is the time to start—before it’s too late.

Kolster quote

Ask a CCO: How to meet data analytics expectations of both board and regulators

2020-12-14T16:49:00+00:00By Compliance Week

Six senior compliance practitioners share some big-picture thoughts on how their companies are using data within the context of regulators’ increased expectations in the area.

Google building

France sidesteps GDPR in fining Google, Amazon $163M combined

2020-12-11T18:35:00+00:00By

Data privacy watchdog CNIL utilized the French Data Protection Act in fining Google and Amazon a combined €135 million (U.S. $163 million) for illegal cookie practices, sidestepping the “one-stop shop” provision of the GDPR.

Europe

Five challenges for European CCOs heading into 2021

2020-12-10T21:13:00+00:00By

Many of the problems European compliance officers faced in 2020 will remain in place going into the new year, but new risks and new regulations will also present new challenges.

Compliance fails

Top ethics and compliance failures of 2020

2020-12-08T13:30:00+00:00By

From a massive accounting fraud scandal in Germany to deceitful consumer tactics among China-based companies to unethical practices on the environmental front in the United States—CW’s list of the top ethics and compliance failures of 2020 spans the globe.

VWcrop

Five compliance triumphs from 2020

2020-12-07T13:11:00+00:00By

CW reveals its list of five compliance wins from the year, including Samsung for its honesty, Volkswagen for successfully wrapping up its monitorship, 3M for stellar ethics, and more.

jan26

Jan. 26 | Machine learning leads next-gen battle against financial crime

2020-12-02T20:36:00+00:00Provided by

The complexity and pervasiveness of financial crime continues to challenge compliance functions. Machine learning can significantly bolster the efficiency and effectiveness of the function when implemented correctly, yet many financial institutions have had limited success in deploying it.

Point the finger

Trio of U.K. fines expose third-party risks under GDPR

2020-11-30T21:34:00+00:00By

Recent GDPR fines against British Airways, Marriott, and Ticketmaster by the U.K. Information Commissioner’s Office each saw the regulator dismiss claims by the companies that third parties were primarily responsible for the data breaches in question.

genpact300x200

CPE Webcast: Eliminate payment fraud and corruption: power of AI and compliance expertise

2020-11-19T11:00:00+00:00Provided by

Accounts payable, procurement, and travel and expense-management processes are common channels to route frauds making organizations susceptible to regulatory penalties, reputational damage, financial loss, and even prosecution.

Revenera cover img

White paper: Addressing the hidden cost of embedding open source software

2020-11-19T04:32:00+00:00Provided by

The digital economy has created a need in the world of software development to find new ways of delivering innovative software solutions and software updates faster than ever before. Development teams are—understandably so—increasingly using open source software.

Crypto

Cryptocurrency’s future: What compliance needs to know

2020-11-17T19:15:00+00:00By David Povey, International Compliance Association

Cryptocurrency is complicated, but it’s not going away anytime soon. David Povey of the ICA takes a look at what regulators are trying to do and offers tips on where compliance officers can go to study this complex topic further.

AILaw

Survey: Machine learning will (eventually) help win the war against financial crime

2020-11-17T16:45:00+00:00By

While the war against financial crime wages on, machine learning and artificial intelligence may give financial institutions the upper hand, according to a recent survey.

Guidehouse-11-17-20

e-Book: Machine learning will (eventually) help win the war against financial crime

2020-11-17T03:00:00+00:00Provided by

This e-Book, from Compliance Week and Guidehouse Inc., explores how the adoption of machine learning in fighting financial crime will likely explode as technology solutions become more effective and efficient—driven by work-stream prioritization, product maturity, and refinement of implementation processes.

covington300x200

CPE Webcast: Harnessing power of data analytics to meet compliance obligations

2020-11-12T11:00:00+00:00Provided by Covington

The updated DOJ guidance on the evaluation of compliance programs emphasizes the importance of obtaining, tracking, and acting on compliance-relevant data.

CCPAUpdate

California voters approve creation of new state agency to enforce CCPA

2020-11-04T21:26:00+00:00By

California voters approved a ballot measure that will add new layers of responsibility for businesses attempting to comply with the state’s first-in-the-nation data privacy law, the California Consumer Privacy Act.

FourOptions

Choose your ending: What to do when your systems are hacked and ransom is demanded

2020-10-26T14:54:00+00:00By

What should you do if your firm is hit by ransomware? Choose your own ending to this tale about a clinic, a criminal, and coronavirus to learn the risks and rewards of each choice.

GDPR

Corrective action could trump fines as GDPR evolves

2020-10-14T16:32:00+01:00By

Experts discuss whether EU data protection authorities would be better served using corrective actions other than eye-watering fines to encourage companies to commit to best (and legal) GDPR practices.

Nailedit1200x800

U.S. agencies get nod for using data, smart incentives in enforcement

2020-10-08T17:17:00+01:00By Compliance Week

Both the CFTC and CFPB “Nailed It” this week while corporate heavyweight General Electric found itself in more trouble.

Brian Miller

‘Audit in Action’: BDO partner shares data analytics journey

2020-10-01T19:42:00+01:00By

Brian Miller, national partner of audit transformation and innovation at BDO USA, talked with Compliance Week about how the pandemic has driven adoption of technologies by BDO’s auditors.

Data future

Ask a CCO: What will compliance look like in 5 years?

2020-09-30T16:57:00+01:00By Compliance Week

We asked nine prominent chief compliance officers to look into their crystal balls, and all of them saw data and advanced technology playing a larger role in the future of the profession.

askamii

Five ways the pandemic has changed compliance—perhaps permanently

2020-09-28T15:15:00+01:00By

It’s a good thing you’re all experts in partnering for change, as more than 3 in 4 of you think COVID-19 will have a permanent impact on some compliance functions.

GDPR

Companies face greater risk as GDPR class actions emerge

2020-09-24T18:00:00+01:00By

In the past month three of the world’s largest tech firms have been hit with legal actions that could lead to billion-dollar damages suits for alleged violations of the GDPR. Neil Hodge explores the trend and what to expect moving forward.

Youtube

U.K. lawsuit seeks $3.2B from YouTube for violating children’s privacy

2020-09-14T19:29:00+01:00By

A first-of-its-kind lawsuit in the U.K. alleges YouTube unlawfully collects personal information from children without parental consent and harvests their data for advertising purposes, in violation of British and European data privacy laws.

woods

Gut instinct keeps humans ahead of AI in fight against financial crime

2020-09-11T17:44:00+01:00By

As artificial intelligence evolves and takes on new tasks, whether it can develop the instinct of an experienced compliance professional will be key to its prevalence in the AML world, writes Martin Woods.

Facebook

Ireland’s order to Facebook to halt data transfers could have ‘profound’ impact

2020-09-10T16:06:00+01:00By

The Irish DPC’s order to Facebook to halt the transfer of European citizens’ personal data to the United States could pose operational and legal challenges that set a precedent for not only other tech giants, but companies generally.

aravo 300x200

CPE Webcast: Debunking myths of AI & ML in TPRM technology

2020-09-08T13:00:00+01:00Provided by

This webinar debunks the myths of AI and ML in third-party risk technology and drills into reality with a pragmatic application of how your data can be harnessed to support various risk management use cases.

genpact te cover

White paper: AI-enabled real-time T&E audit analytics to drive compliance and reduce spends

2020-09-04T08:42:00+01:00Provided by

Your company may be spending less on travel and entertainment expenses, but the risk of fraud and regulatory non-compliance is spiking. Without proper safeguards in place to manage T&E spend – a major operating expense – companies face costly consequences.

Nailedit1200x800

Credit social media giants for prepping for election chaos

2020-09-03T18:12:00+01:00By Compliance Week

Silicon Valley’s social media heavyweights deserve a nod for “war-gaming” potential misinformation scenarios in advance of November’s elections, while McDonald’s again finds itself on our “Not Lovin’ It” list.

FTC Building

Age of Learning to pay $10M for billing practices; ‘digital deception’ a trend?

2020-09-02T20:35:00+01:00By

The company that runs ABCmouse Early Learning Academy found itself in the FTC’s crosshairs for what the Commission alleges are unfair billing practices that are part of a wider problem across the internet.

proofpoint300x200

CPE Webcast: Capturing, managing communications data in modern enterprise

2020-09-01T14:00:00+01:00Provided by

Today’s employees and customers generate a lot of communications data, in a lot of formats and in a lot of locations, from computers and on prem servers to mobile devices and the cloud.

RecordsMgmt

Survey: Automating entity management greatly reduces compliance risk

2020-08-31T12:31:00+01:00By

A new study from Compliance Week and Diligent finds that many companies are still using unsecure and inefficient entity management processes, leaving them vulnerable to compliance risk.

Paul C. Dwyer

Q&A: New training takes compliance leaders on ‘non-technical’ cyber-journey

2020-08-27T16:28:00+01:00By

A new training offered by renown expert Paul C. Dwyer helps non-technical practitioners gain confidence in dealing with all aspects of cyber-security or cyber-risk.

Twitter

Clash over draft Twitter GDPR decision exposes differences among EU authorities

2020-08-26T14:23:00+01:00By

As Ireland’s first GDPR decision against Big Tech hangs in limbo, experts are scratching their heads as to why a seemingly straightforward case is headed to the EU’s data governing body to rule on.

Halimah DeLaine Prado

Google promotes veteran legal exec to general counsel

2020-08-25T21:05:00+01:00By

Embroiled in a federal antitrust investigation, tech giant Google announced the appointment of Halimah DeLaine Prado as its new general counsel.

Employee monitoring

How far is too far with employee monitoring? Barclays case could offer litmus

2020-08-20T14:54:00+01:00By

The U.K. Information Commissioner’s Office is investigating allegations that Barclays Bank had effectively been spying on employees by using an intrusive software system that monitored workers’ activity.

columnist icons - kyle

Trump’s TikTok crusade a hollow win for privacy

2020-08-19T16:44:00+01:00By

There’s no questioning the need to protect the data of U.S. citizens from China, but it’s naïve to think pressuring TikTok to take up a U.S. owner is anything more than a hollow victory given our lack of federal oversight in the area of privacy.

socure ai cover img

e-Book: Artificial intelligence: Risks and benefits for compliance

2020-08-19T07:45:00+01:00Provided by

Artificial Intelligence (AI) tools are being deployed in numerous areas by financial institutions and broker-dealer firms.

Salesforce

Oracle, Salesforce targeted in class-action GDPR lawsuits

2020-08-17T20:51:00+01:00By

A European privacy group is pursuing multiple class-action lawsuits against Oracle and Salesforce for alleged violations of the EU’s General Data Protection Regulation, estimating damages sought could exceed €10 billion (U.S. $11.9 billion).

processunity300x200

CPE Webcast: Future-proof your global supply chain with data & analytics

2020-08-13T14:00:00+01:00Provided by

The COVID-19 pandemic has certainly changed the landscape of global risk, and many organizations are quickly adapting their third-party risk management processes as a result.