Technology


AI regulation

The debate over AI: Regulate the tech or its use?

2021-07-16T18:04:00+01:00By

Recent comments by Facebook’s top executive in charge of developing AI reignite the debate over whether regulators should be more focused on reining in the technology itself or just the way it is used.

Food delivery

Italian DPA cites biased tech in $3.1M GDPR fine

2021-07-08T15:46:00+01:00By

Italy’s data protection authority fined food delivery company Foodinho €2.6 million (U.S. $3.1 million) because the app at the core of its business model allegedly discriminated against employees.

Uber

How Uber toes the line between compliance and innovation

2021-07-08T15:37:00+01:00By

At CW’s TPRM virtual event, Dianna Jones, director of legal compliance at Uber, shared how the company seeks to build compliance into new initiatives without stifling innovation.

Letters

FinCEN eyes no-action letters as aid for FinTech rollouts

2021-07-06T17:49:00+01:00By

The Financial Crimes Enforcement Network will launch rulemaking for a no-action letter process that would give financial institutions another way to enter dialogue with the regulator about innovative and newly emerging technologies.

IBM-Online

e-Book: The current state of global privacy regulation

2021-06-29T17:48:00+01:00Provided by

Will states be able to move forward with their own privacy laws? A provision in a recent bill passed in Florida may be a stumbling block.

Accounting fraud

Want to wring out fraud? Automate your accounting processes

2021-06-29T15:12:00+01:00By

What allows bad actors to perpetuate accounting fraud? In many cases, it’s bad processes and controls. Consider introducing automation to help your company more successfully detect and prevent bad actors.

Software demo

Software demos: Third-party risk management (TPRM)

2021-06-29T02:53:00+01:00By Compliance Week

In the market for a software solution to help manage your third-party risk? Check out our collection of video demos from nearly a dozen of the top vendors in the space.

Buildings

Embrace of RegTech driving financial services transformation

2021-06-24T20:17:00+01:00By

Large global financial institutions are utilizing advanced technologies like never before to help manage their regulatory compliance needs, driving major efficiencies within compliance, risk, and internal audit functions in the process.

Privacy future

New tech, legal precedent forcing GDPR to evolve

2021-06-23T15:26:00+01:00By

Companies’ priorities regarding compliance with the GDPR are likely to become more focused because of a mixture of recent legal decisions and efforts by the European Commission to keep privacy rules in sync with changes in technology.

JBS ransom

JBS USA confirms $11M ransom payment to hackers

2021-06-10T20:23:00+01:00By

Meatpacker JBS USA announced it paid the equivalent of $11 million in ransom in response to a May cyber-attack that impacted its operations in North America and Australia.

GameStop

SEC probing GameStop, others over ‘meme stocks’ craze

2021-06-10T19:41:00+01:00By

Video game retailer GameStop, whose market volatility earlier this year led the so-called “meme stocks” craze, disclosed it is cooperating with an investigation launched by the Securities and Exchange Commission.

AdobeStock_365368438_Editorial_Use_Only

Assessing yet another ransomware attack on critical supplier (JBS)

2021-06-02T18:50:00+01:00By

Meatpacker JBS USA has become the latest critical infrastructure company to be targeted by a ransomware attack, which temporarily halted its global operations. The attack brings with it implications for the food and agriculture industries.

Ransomware

Colonial Pipeline fallout: Thwarting ransomware attacks requires collective defense

2021-06-01T18:11:00+01:00By

President Biden’s executive order on cyber-security largely applies to federal agencies. But its core message—that the public and private sectors must collectively defend against increasingly malicious ransomware attacks—should not be lost on companies.

GDPRgavel

Three years of GDPR: Many milestones, but calls for change increase

2021-05-25T19:19:00+01:00By

Despite its achievements, the General Data Protection Regulation’s flaws have become evident. Some are already questioning whether the regulation—and the way it is regulated—are fit for purpose and whether the law needs to be changed.

Cloud data

Survey: Data access further complicated by emerging privacy laws

2021-05-21T16:50:00+01:00By

A recent survey of 100 executives from Fortune 500 companies found more than half are struggling to balance easy access to company data with privacy and security compliance under laws like the GDPR and CCPA.

Audit tech

Survey: Audit still facing hurdles with next-gen tech

2021-05-21T15:18:00+01:00By

Many senior audit leaders and their teams are still in the early stages of, or have not yet begun, implementing next-generation tools and strategies into their internal audits, according to a new survey.

Cloud supply chain

New NIST revisions expand scope of cyber supply chain risk management guidance

2021-05-20T18:04:00+01:00By

The National Institute of Standards and Technology is seeking comment on a revised version of its cyber supply chain risk management guidance that is intended for a broader audience of public and private companies.

ehsai cover img

White paper: Innovative Compliance: How AI Helps Meet the Challenge of Environmental Regulations

2021-05-19T02:36:00+01:00Provided by

Every organization around the world has two things in common. First, they must follow the regulatory guidelines that govern their EHS operations. Second, those regulatory guidelines are becoming more numerous and challenging every year.

Questions raised

Curiosity is important for compliance professionals

2021-05-18T16:49:00+01:00By Simone Jones, International Compliance Association

Rapid developments in technology and an uncertain future underscore the need for compliance professionals to embrace curiosity both personally and professionally in order to protect their firms from risk.

AdobeStock_337426455

Updated DOJ guidance stresses need for data in compliance training

2021-05-13T18:09:00+01:00By

An expert panel at CW’s 2021 National Conference discussed the importance for companies to embrace behavioral analytics in their training programs to align with updates to the DOJ’s “Evaluation of Corporate Compliance Programs” guidance.

AI

What you need to know about proposed EU rules for trustworthy AI

2021-04-29T18:27:00+01:00By

With various levels of defined risk and the potential for steep fines for offenders, the European Commission’s recent proposal to ensure trust in the use of artificial intelligence should receive urgent attention from industries beyond Big Tech.

AIdata

Regulators want answers from financial services on AI/ML tools

2021-04-21T20:23:00+01:00By

The financial services industry is at the cutting edge of the utilization of artificial intelligence and machine learning tools. Regulators have recently requested to understand how these technologies are being used—or misused.

Privacy design

Privacy by design: How to lower risk and improve outcomes

2021-04-19T12:35:00+01:00By Amy Holcroft, CW guest columnist

Amy Holcroft, chief privacy officer at Hewlett Packard Enterprise, shares her experience using privacy-by-design practices to help her company develop and utilize technology in a way that meets compliance requirements.

metricstream 300x200

CPE Webcast: Elevating your compliance program with technology

2021-03-25T14:00:00+00:00Provided by

Compliance leaders are always on the lookout for innovative ways to keep up with the dynamic risk and regulatory landscape. The efforts revolve around a common theme—integrating technological breakthroughs to achieve intelligent automation and ensure future-readiness of their compliance program.

DigitalChecklist

Can compliance keep pace in a rapidly changing digital world?

2021-03-22T17:52:00+00:00By Jonathan Dempsey, Red Laces, for International Compliance Association

In a rapidly changing digital world, thinking around compliance needs reframing. The question today is whether compliance can stay ahead of the curve.

Roberts Ask a CCO

Ask a CCO: Are you in favor of federal data privacy legislation?

2021-03-09T21:30:00+00:00By Compliance Week

It’s a clean sweep: All five CCOs we spoke with are in favor of U.S. federal data privacy legislation. Read on for the reasoning behind their answers.

Technology sandbox

‘An invaluable asset’: Participants praise opportunity for feedback via GDPR sandboxes

2021-03-09T21:23:00+00:00By

Regulatory sandboxes launched by EU data protection authorities provide firms the opportunity to collaborate and make use of the regulator’s expertise to reduce GDPR compliance risks.

Kortney Nordrum quote

Ask a CCO: How has your company prioritized data privacy compliance?

2021-03-05T13:44:00+00:00By Compliance Week

Five senior compliance practitioners tell us how their companies have reacted to recent privacy legislation like the GDPR, CCPA, and other state regulations in the pipeline.

Ask a CCO image

Ask a CCO: What’s your strategy for preventing and detecting data breaches?

2021-03-04T13:40:00+00:00By Compliance Week

Five senior compliance practitioners outline their strategies for protecting their firms from data breaches.

ask cco 3x2 roberts

Ask a CCO: How is your company reacting to cyber-risks introduced by COVID-19?

2021-03-03T12:56:00+00:00By Compliance Week

Five senior compliance practitioners tell Compliance Week how their organizations are reacting to new cyber-threats introduced by the pandemic.

kortney quote

Ask a CCO: What’s your role in creating/implementing cyber-security policies?

2021-03-02T18:16:00+00:00By Compliance Week

Five senior compliance practitioners share insights on their roles in implementing and overseeing cyber-security policies and procedures.

trueoffice300x200

CPE Webcast: Workflow automation: Using AI in ethics & compliance programs

2021-02-25T14:00:00+00:00Provided by

Artificial Intelligence is no longer a SciFi concept. With increasing adoption across corporations for workflow automation, AI elicits a lot of reactions ranging from trepidation to excitement, along with deep discussions on risks and bias.

Targeted advertising

EDPS opinion puts targeted advertising in crosshairs

2021-02-22T20:22:00+00:00By

The EU’s chief data regulator says planned regulations to oversee the tech sector should be tightened further to ban targeted advertising based on tracking online activity—an opinion that could prompt Big Tech and adtech firms to lobby hard against the changes.

Cyber-guard

Survey: Firms enhanced cyber-security in 2020, but not enough

2021-02-17T14:26:00+00:00By

Companies forced to pivot to remote work in a global health crisis spent the bulk of 2020 grappling with heightened cyber-security risks. A year later, compliance practitioners say their companies’ cyber-security postures are better for it—even in the wake of the stunning SolarWinds hack.

socure next gen cover img

White paper: A Next-Generation Approach to KYC

2021-02-17T05:25:00+00:00Provided by

Although crucial to the success and safety of customer onboarding, implementing and maintaining a successful KYC program can sometimes create an overwhelming administrative burden. Additionally, navigating manual verification methods is costly and prone to inaccuracy, creating greater risk of customer turnover and lost revenue.

Facebook privacy

The great privacy race? Apple, Facebook pitch data transparency

2021-02-08T14:48:00+00:00By

Apple and Facebook, two of the world’s most powerful companies, are jockeying over how transparent to be with their customers on whom they share users’ personal data with and what they do with it.

2021

Survey: Pandemic pervades executives’ top 10 risks for 2021

2021-02-05T17:39:00+00:00By

The aftermath of the coronavirus pandemic dominates the top risks that will keep boards of directors and executive management teams on their toes in 2021, a new survey by Protiviti and NC State’s ERM Initiative finds.

SolarWinds

SolarWinds hack turning into Pandora’s box of cyber-risk

2021-02-02T20:47:00+00:00By

The more we learn about the SolarWinds hack, the more troubled compliance officers should be by the scope and breadth of the risks their companies might have incurred.

Anthony Pugilese

Incoming IIA chief Anthony Pugliese to prioritize technology, D&I

2021-02-01T14:00:00+00:00By

Compliance Week caught up with Anthony Pugliese, the incoming president and chief executive officer of the Institute of Internal Auditors, to discuss his plans for the future of the IIA and the internal audit profession at large.

Spain and Italy

Spain, Italy setting new standard for GDPR enforcement

2021-01-28T20:36:00+00:00By

While big fines against big companies make headlines, Spain and Italy have flown under the radar as two of the most frequent enforcers of the GDPR, instead primarily focusing on smaller penalties. Might other countries follow suit?

Bistrong_opinion

My Compliance Library: ‘Can You Hear Me?’ a guide for virtual connections

2021-01-27T18:40:00+00:00By

You might not have thought you needed it, but Nick Morgan’s “Can You Hear Me?” provides some valuable advice for getting the most out of your daily virtual meetings and conversations.

guidehouse 300x200

CPE Webcast: Machine learning leads next-gen battle against financial crime

2021-01-26T14:00:00+00:00Provided by

The complexity and pervasiveness of financial crime continues to challenge compliance functions. Machine learning can significantly bolster the efficiency and effectiveness of the function when implemented correctly, yet many financial institutions have had limited success in deploying it.

AImaze

Psychology of compliance: Counteracting bias in technology

2021-01-20T18:02:00+00:00By Paul Eccleson, International Compliance Association

Counteracting bias is part of the compliance officer job description, and now more than ever is it important for that duty to extend to new business technologies being implemented.

Technology decisions

Surveys: Rushing technology decisions comes with big compliance risks

2021-01-15T18:23:00+00:00By

Embracing technology to help manage risk and improve efficiencies is a trend that’s been developing in the compliance space for a while, but the pandemic has fast-tracked the urgency behind it, according to a couple of recent surveys.

Employee monitoring

German laptop retailer fined $12.7M under GDPR for employee surveillance

2021-01-11T19:08:00+00:00By

A German data regulator fined an online laptop and electronic goods retailer €10.4 million (U.S. $12.7 million) for video-monitoring employees for at least two years without legal basis.

Cloud supply chain

Learning from SolarWinds: Five steps to fortify your cloud supply chain

2020-12-30T20:24:00+00:00By

For most companies, supply chain risk management traditionally focuses on managing physical third-party risks. But what the SolarWinds cyber-attack revealed is the catastrophic havoc fourth and fifth parties can also wreak in the often-ignored cloud supply chain.

SolarWinds

Cyber-security lessons from the SolarWinds hack

2020-12-18T15:44:00+00:00By

The lessons from the massive SolarWinds hack on where vulnerabilities still lurk in the third-party vendor supply chain cannot be grasped soon enough.

nailedit1200x800_778257

Video: Twitter GDPR fine too little or just right?

2020-12-17T20:03:00+00:00By Compliance Week

Aaron Nicodemus and Dave Lefort debate whether the Irish Data Protection Commission’s €450,000 (U.S. $547,000) fine against Twitter under the GDPR is an appropriate figure or way too small for the social media company.

Robinhood

FinTech darling Robinhood fined $65M for misleading customers

2020-12-17T19:38:00+00:00By

Mobile trading app provider Robinhood Financial, which has become a disruptive force in the stock market, has agreed to pay $65 million to the SEC to settle charges of misleading customers about how it makes money and for failing to secure best sale prices.

Online training

Best practices for customized digital compliance training

2020-12-16T18:50:00+00:00By Anusia E. Gillespie, CW guest columnist

Today’s volatile market, coupled with the increasing willingness of subject matter experts to collaborate, changes the game in some areas, where “build” starts to make more sense than “buy.” One area is digital compliance training.