U.S. law to stop Uyghur forced labor remains compliance challenge
It’s been six months since the Uyghur Forced Labor Prevention Act took effect, and businesses are no clearer today on how to comply with it, those familiar with the law said.
CPE Webcast: Best practices for third-party due diligence for ethics and compliance
Increased regulatory and consumer scrutiny on the integrity of businesses has shined a spotlight on the reputational risks of unethical business practices involving third parties.
FINRA to sweep crypto-related communications by broker-dealers
The Financial Industry Regulatory Authority announced an examination sweep of retail communications by broker-dealers and their affiliates related to cryptocurrency asset products and services.
Treasury recommends more oversight for bank-fintech relationships
A new Treasury report found as the trend of nonbank fintech companies providing financial services in partnership with regulated entities continues to grow, regulators need to increase oversight of these relationships to curb the risks they pose.
CPE Webcast: How to transform your program from reactive to predictive
Today, it is not enough to focus solely on your organization’s internal risk, as control weaknesses and gaps in the organization’s business partners could ultimately lead to failure.
Survey: How businesses are confronting governmental licenses in M&As
The results of a recent survey conducted by Compliance Week and Avalara found most businesses consider governmental licenses as part of due diligence efforts during mergers and acquisitions, yet the opportunity for risk management improvements remains.
CPE Webcast: 10 essential steps to streamline vendor risk assessments
As your program evolves, the need to simplify the vendor risk assessment process becomes unavoidable. So, what can you do to streamline assessment completion and simplify vendor risk reviews?
Lafarge to pay $778M for supporting terrorist groups ISIS, ANF in Syria
French multinational building products company Lafarge pleaded guilty to providing material support and resources to two U.S.-designated foreign terrorist groups in Syria, representing the Department of Justice’s first corporate material support for terrorism prosecution.
CPE Webcast: AI for TPRM - What you need to know to stay ahead
Artificial intelligence is no longer the stuff of science fiction. It has already transformed transportation, marketing, and retail, to name a few areas. It is also driving the most meaningful shift third-party risk management has experienced since its inception.
CPE Webcast: How to navigate the third-party risk threat landscape
Today’s business threats are evolving, and ESG, resiliency, and cybersecurity are at the forefront. These risks affect businesses of all sizes and make it imperative that organizations update and modernize their third-party risk management programs.
ESG Summit: Holistic approach to supply chain risk an ‘investment differentiator’
Two experts explained how the C-suite as a whole—not just compliance officers—should be focused on the holistic approach to supply chain risk management during a session at CW’s virtual ESG Summit.
How effective beneficial ownership searches leverage technology
Determining the ultimate beneficial owner of individuals and companies your firm does business with can be a tricky thing. The most efficient investigations require an understanding of your firm’s risk appetite and appropriate technology to automate searches.
CPE Webcast: How to move an E&C program from effective to high quality
A critical component of a third-party risk management strategy is a robust compliance and policy training program that you control.
DOJ-informed compliance guidance helps Home Depot prep for potential scrutiny
How can a company prove its compliance bona fides to a regulator, should one ever come knocking on its door? The Home Depot has prepared for such a scenario with detailed guidance pegged to the DOJ’s “Evaluation of Corporate Compliance Programs.”
Albemarle in settlement talks with SEC, DOJ over FCPA violations
Chemical company Albemarle Corp. has entered settlement talks with the Securities and Exchange Commission and Department of Justice regarding potential violations of the Foreign Corrupt Practices Act.
How compliance can help prevent human trafficking
There are many organizations that seek to prevent human trafficking, but their work can sometimes seem distant and detached from our roles as compliance professionals. We must consider how to bridge that gap, with a particular focus on supply chains.
SFO accepts ‘sobering’ results of Unaoil, Serco case reviews
The U.K.’s Serious Fraud Office was criticized for its leadership, culture, and conduct in a report examining why the agency botched a key corruption case against Unaoil that has now seen three convictions overturned.
MidFirst Bank avoids penalty in OFAC resolution
MidFirst Bank will not pay a civil penalty after self-reporting to the Office of Foreign Assets Control apparent violations of weapons of mass destruction proliferator sanctions at the bank.
CPE Webcast: Getting started with third-party risk management
Nearly every business does due diligence when onboarding and renewing contracts, but many times the work stops well short of a program to efficiently manage strategic third parties, their contributions to business performance, and the risks they could pose to the organization.
Health Insurance Innovations, ex-CEO to pay $12M to settle fraud charges
Health Insurance Innovations and its former CEO Gavin Stockwell will pay a total of more than $12 million to settle SEC charges of misrepresenting the robustness of the company’s compliance program and misleading investors about customer complaints.
Materiality, Scope 3 emissions elicit debate in SEC climate rule comments
Comment letters in response to the SEC’s climate-related disclosure rule have laid out opponents’ issues with the proposal, while supporters have used the process to buttress the agency’s case for implementing it.
FINRA fines Barclays $2.8M over supervision, disclosure lapses
Barclays Capital agreed to pay $2.8 million as part of a settlement with the Financial Industry Regulatory Authority for “failure to comply with customer confirmation and related supervision rules” that led to disclosure lapses.
CPE Webcast: Managing challenges of sanctions screening in your third-party risk program
Sanctions are one of the most important risk factors to consider in any compliance program. No one wants to be found to have business ties to a sanctioned entity given the potential for significant financial penalties and reputational damage.
Uyghur Forced Labor Prevention Act should prompt due diligence reassessment
All companies with a global footprint should be reevaluating their supply chain due diligence and documentation practices to show the absence of forced labor in the wake of the Uyghur Forced Labor Prevention Act taking effect.
FCA fines JLT Specialty $9.7M for financial crime control lapses
The U.K. Financial Conduct Authority fined a unit of insurance broker Jardine Lloyd Thompson Group 7.9 million pounds (U.S. $9.7 million) for failing to control financial crime within its South and Central American subsidiaries.
‘Have contingency plans’: TPRM expert on confronting Russia risk exposure
Melanie Gallagher, head of third-party risk management at financial software company Intuit, offered best practices for navigating sanctions compliance risks at CW’s TPRM Summit in Chicago.
Five prevailing themes from TPRM Summit
Editor In Chief Kyle Brasseur recaps popular points of discussion across Compliance Week’s two-day Third-Party Risk Management Summit held in Chicago.
Strain in your supply chain no excuse for compliance shortcuts
With the Russia-Ukraine war’s ever-expanding sanctions landscape, supply chain strain and risk of enforcement are sharply increasing. Speakers at a recent event hosted by Drexel University’s Kline School of Law offered best practices.
Primer: Third-Party Risk Management & Oversight Summit
Editor In Chief Kyle Brasseur previews Compliance Week’s Third-Party Risk Management Summit, a two-day conference solely dedicated to the sharing of knowledge and experience within TPRM.
Best practices, common pitfalls in working in high-risk countries
A panel of compliance professionals discussed the increasingly relevant topic of working in high-risk countries, sharing their experiences and lessons learned at Compliance Week’s National Conference in Washington, D.C.
Ten highlights from Compliance Week 2022
Editor In Chief Kyle Brasseur recaps the moments that stood out to him most from Compliance Week’s first in-person event since 2019.
Expert: Combating modern slavery starts with understanding the issue
Matthew Friedman, an expert on international human trafficking with more than 30 years of experience, discussed the importance of companies addressing modern slavery in their supply chains as part of a virtual fireside chat on the human factor of ESG at Compliance Week’s National Conference.
Dec. 13 | 10 best practices for streamlining your TPRM workflows
Time is a valuable resource, especially when trying to manage a third-party risk program at scale. Hundreds of third parties to manage, hundreds of assessments to send, thousands of risks to analyze—how do you keep up?
Whistleblower to OCC: USAA had 400,000 undisclosed Military Lending Act violations
USAA Bank engaged in an estimated 400,000 violations of the Military Lending Act, a former director of compliance within the bank reported to the Office of the Comptroller of the Currency in documents seen by Compliance Week.
A look inside USAA’s ‘catastrophically mismanaged’ compliance culture
In exclusive interviews with Compliance Week, former USAA insiders describe a risk and compliance culture in which numerous individuals either were given the axe or quit because the problems were so endemic.
Whistleblower: USAA ‘actively lying to regulators for years’ regarding violations of law
Senior executives at USAA ignored warnings from compliance staff and consultants for years regarding violations of U.S. federal banking laws and hid from regulators the scope of the company’s illegal practices, a former USAA director of compliance turned whistleblower told Compliance Week.
CPE Webcast: Cybersecurity and third-party risk: Third-party threat hunting
Learn how to build a third-party risk management program with cybersecurity risk at the forefront.
Experts assess risks to weigh as companies confront exit from Russia
As sanctions against Russia continue to come down from the United States, European Union, and other countries, companies must ensure they have the means to comply instantly—even if ceasing business dents their financials and puts them at legal risk for breaching contract.
ICA Insight: Russia sanctions frequently asked questions
Jake Plenderleith of the International Compliance Association answers selected questions from attendees of a recent ICA webinar on Russian sanctions intended to help provide clarity on what firms can do to protect themselves from exposure.
How to prepare for SEC’s climate-related disclosure rule
The Securities and Exchange Commission’s proposed climate-related disclosure rule would force companies that have been reluctant to initiate a self-examination of their environmental impact to do so, posthaste. Experts weigh in on where to start.
Compliance implications of USAA order addressing AML lapses
The consent order issued by the Office of the Comptroller of the Currency against USAA Bank imparts lessons for compliance officers in the financial services industry on how—and how not—to maintain a Bank Secrecy Act/anti-money laundering compliance program.
Advice for navigating ‘fast and furious’ Russian sanctions landscape
To help sort through the gray area of evolving sanctions and export control restrictions against Russia, chief compliance officers should consider a handful of key best practices.
USAA fined $140M for AML compliance failures
USAA Federal Savings Bank must pay $140 million as part of consent orders reached with the Financial Crimes Enforcement Network and Office of the Comptroller of the Currency for its failures maintaining its Bank Secrecy Act/anti-money laundering compliance program.
Top 10 reasons to attend Compliance Week 2022
A keynote with two SEC commissioners; interactive sessions on global sanctions, ESG, and ethical leadership; and a new conference location and format highlight Dave Lefort’s list of reasons to be excited for CW’s first in-person event in nearly three years.
CPE Webcast: Vendor due diligence: Best practices for scoping assessments
Join ProcessUnity for a one-hour webcast and discover best practices and the newest techniques for appropriately scoping pre- and post-contract due diligence assessments.
Third-party cybersecurity monitoring: Tips for keeping vendors honest
A continuous monitoring cybersecurity strategy for third-party risks goes a long way toward proactively identifying external vulnerabilities. At CW’s virtual Cyber Risk & Data Privacy Summit, a panel of experts shared leading practices.
Transparency key to navigating modern employee monitoring risk landscape
The opening session of Compliance Week’s virtual Cyber Risk & Data Privacy Summit addressed the challenges of using technology to monitor employees while considering regulatory and ethical risks.
How Accor manages global data privacy compliance
Marie-Christine Vittet, vice president of compliance at hospitality chain Accor, shares with Compliance Week the company’s journey toward a global data privacy compliance program.
REWE International $9M GDPR fine a lesson in managing subsidiary risk
A recent decision by the Austrian Data Protection Authority against food retailer REWE International underlines the fact parent companies are ultimately responsible for how their subsidiaries manage people’s data, even if the offshoot entity operates separately.
NAVEX: Top 10 risk and compliance trends for 2022
Diversity, equity, and inclusion; prioritizing ESG; business continuity; and more highlight the latest edition of NAVEX’s annual list of risk and compliance trends worth monitoring.