Third Party Risk


UBS

News Brief

FINRA fines UBS unit $850K for failing to properly monitor customer transactions

2024-07-11T19:04:00+01:00By

UBS Financial Services, a subsidiary of the Swiss banking giant UBS, has been fined $850,000 for failing to properly monitor transactions between its broker-dealers and third parties.

Tibbets_web1

Premium

How fintechs can overcome major compliance hurdles in embedded finance

2024-07-01T15:45:00+01:00By Margaret Holmes Tibbets, CW guest columnist

Margaret Holmes Tibbets, chief compliance officer at financial technology company Pipe, explains how firms are facing an existential compliance crisis, and to survive they’ll need to overcome not one but two hurdles.

Financial Crimes 2024 Managing Nonbanks

Premium

Banks must bolster awareness of fintech partner risks, experts advise at Fordham

2024-07-01T15:44:00+01:00By

During a panel at Compliance Week’s Financial Crimes and Regulatory Compliance Summit, held June 10-11 in New York, experts discussed nuances in bank-financial technology partnerships, offering best practices for how banks should protect themselves.

North Korea sanctions

News Brief

Mondo TV reaches $538K settlement with OFAC over N. Korea sanctions violations

2024-06-27T16:56:00+01:00By

Italy-based Mondo TV agreed to pay $538,000 to settle charges with the Treasury Department’s Office of Foreign Assets Control over 18 apparent violations of North Korea sanctions regulations.

cyber_utilities_web

News Brief

DOE offers supply chain cybersecurity guidance for energy, oil, gas industries

2024-06-27T16:37:00+01:00By

The U.S. Department of Energy released supply chain cybersecurity principles meant to help strengthen key technologies used to manage and operate electricity, oil, and natural gas systems.

iran_sanctions_web

News Brief

OFAC sanctions nearly 50 entities for ‘shadow banking’ benefiting Iranian military

2024-06-26T14:37:00+01:00By

The Treasury Department’s Office of Foreign Assets Control sanctioned nearly 50 entities connected with so-called “shadow banking” networks that help Iran’s military evade U.S. sanctions and to sell the country’s oil and petrochemical products.

Child Privacy

News Brief

SpongeBob game developer ordered to pay $500K over CCPA, COPPA violations

2024-06-25T19:42:00+01:00By

Popular children’s mobile game developer Tilting Point Media agreed to pay $500,000 to settle allegations the company illegally collected children’s personal data, a violation under the California Consumer Privacy Act and a federal children’s privacy law.

OCC

News Brief

OCC emphasizes compliance’s role in FI’s operational resiliency

2024-06-20T15:40:00+01:00By

Compliance departments at financial institutions must become more involved in ensuring their firm’s operational resiliency to address emerging risks, the Treasury Department’s Office of the Comptroller of the Currency said in its semi-annual risk perspective.

processunity300x200

Webcast

CPE Webcast: Digital Operational Resilience Act: Key provisions and best practices

2024-06-18T14:00:00+01:00Provided by

This presentation will provide an overview of the key provisions of DORA and their implications for Third-Party Risk Management (TPRM) teams, list best practices for DORA preparation and review key considerations for teams looking to implement the DORA framework.

columnist dale

Opinion

Top-of-mind takeaways from TPRM Summit

2024-06-17T21:11:00+01:00By

Top-of-mind issues addressed at Compliance Week’s Third-Party Risk Management & Oversight Summit, held June 3-4 in Atlanta, included safe deployment of artificial intelligence, assessing vendor viability and sustainability, understanding the role of procurement in risk ranking, the intersection (or lack thereof) between data privacy and cybersecurity, and many others.

DOJ

News Brief

Washington state importer ordered to hire CCO in response to Lacey Act violations

2024-06-17T16:53:00+01:00By

A Washington state importer has been ordered by the Department of Justice to pay a $360,000 fine and hire a chief compliance officer after imported wood items the company claimed to be from Malaysia were found to be from China.

Financial Crimes 2024 Axelrod

Premium

BIS’s Axelrod makes plea to financial services: ‘We want to work with you’

2024-06-12T21:47:00+01:00By

Matthew Axelrod, assistant secretary for export enforcement at the Bureau of Industry and Security, addressed efforts to reach financial services firms, working with the Financial Crimes Enforcement Network, and more during his fireside chat at CW’s Financial Crimes Summit.

ChinaCargoContainer

News Brief

Additions to UFLPA Entity List signal seafood supply chain risks

2024-06-12T18:23:00+01:00By

The U.S. Department of Homeland Security added three China-based entities across the seafood, aluminum, and footwear industries to the Uyghur Forced Labor Prevention Act Entity List.

Sanctions compliance TPRM

Premium

Panelists break down robust sanctions landscape at TPRM Summit

2024-06-12T02:35:00+01:00By

Sanctions compliance officers face myriad challenges as complex geopolitical situations heighten risks worldwide, experts discussed during Compliance Week’s Third-Party Risk Management & Oversight Summit.

WIC_1

Premium

Experts: AI risk mitigation second nature for compliance professionals

2024-06-07T22:34:00+01:00By

Compliance has been “sleeping on” artificial intelligence, two panelists discussed at Compliance Week’s Women in Compliance Summit. The profession should be positioned to lead on AI governance at the business level.

Hyundai

News Brief

Hyundai Motor caught in DOL complaint over child labor

2024-05-31T18:41:00+01:00By

The Department of Labor sued three Alabama businesses, including a Hyundai Motor manufacturing plant, for employing a 13-year-old worker on an auto parts assembly line.

Albemarle 2000x1333

Event

Revamped compliance processes key Albemarle win as Compliance Program of the Year

2024-05-29T18:30:00+01:00By

For successfully navigating thorny compliance issues related to self-disclosed violations of the Foreign Corrupt Practices Act, Albemarle was named Compliance Program of the Year at the 2024 Excellence in Compliance Awards.

Sharon Johnson Heather Sudo 2000x1333

Event

Creative engagement approach drives Compliance Innovators Johnson, Sudo

2024-05-28T16:00:00+01:00By

Through clever rhymes and real-life examples, Sharon Johnson and Heather Sudo of MODE Global have made it their mission to think outside the box when it comes to compliance awareness. Their approach earned them Compliance Innovator(s) of the Year at the 2024 Excellence in Compliance Awards.

OCC

News Brief

Lemont National, Comerica Bank unit avoid penalties in separate OCC deals

2024-05-24T17:39:00+01:00By

The Office of the Comptroller of the Currency reached agreements with Lemont National Bank and Comerica Bank & Trust over concerns related to risk governance practices.

Volkswagen

News Brief

Senate report cites VW, BMW, JLR for potential forced labor violations

2024-05-20T19:16:00+01:00By

A U.S. Senate report found three European automakers—Volkswagen, BMW, and Jaguar Land Rover—sold cars in the United States with parts sourced from a supplier suspected of using forced labor from China’s Xinjiang region.

U.S. China flags

News Brief

UFLPA Entity List nearly doubles with textile industry sweep

2024-05-16T16:16:00+01:00By

The Department of Homeland Security announced its largest batch of additions to the list of companies blocked under the Uyghur Forced Labor Prevention Act in the form of a sweep of the Chinese textile industry.

New York cyber-security

News Brief

NYDFS offers cyber rule compliance template for small businesses

2024-05-14T16:59:00+01:00By

The New York State Department of Financial Services issued guidance for small businesses attempting to comply with its cybersecurity regulations.

CW2024_TPRM_Session

Premium

CW2024 panel: TPRM board buy-in earned through impact, activity

2024-05-08T15:48:00+01:00By

Identifying critical measures for third-party risk management has become vitally important as risk professionals face an uphill battle in fighting for resources, experts discussed at Compliance Week’s 2024 National Conference.

Cyber-security

Premium

Report: Human error driving growing number of data breaches

2024-05-07T21:21:00+01:00By

Verizon’s annual data breach report shows trends in cybersecurity incidents, including more ransomware and extortion attacks last year.

chime_web

News Brief

CFPB fines Chime $3.25M over account refund delays

2024-05-07T17:48:00+01:00By

The Consumer Financial Protection Bureau ordered Chime Financial to pay $3.25 million in penalties for allegedly delaying consumer refunds past its promised 14-day timeframe.

FDIC

News Brief

Federal banking regulators issue TPRM guidance for community banks

2024-05-06T15:29:00+01:00By

The Federal Deposit Insurance Corporation, Federal Reserve Board, and Office of the Comptroller of the Currency combined to provide guidance on third-party risk management focused on the unique risks faced by community banks in their third-party relationships.

T-Mobile

News Brief

FCC finalizes $196M in fines against telecoms for sharing location data

2024-04-29T20:30:00+01:00By

The Federal Communications Commission fined telecommunications giants T-Mobile, Sprint, AT&T, and Verizon a total of approximately $196 million for allegedly selling customers’ location data to third parties without consent.

Williams-Sonoma-web

News Brief

Williams-Sonoma fined record $3.2M over admitted ‘Made in USA’ order violations

2024-04-29T18:50:00+01:00By

Kitchen and home retail company Williams-Sonoma agreed to pay nearly $3.2 million for failing to comply with a 2020 administrative order by the Federal Trade Commission prohibiting its marketing of imported goods as made in the United States.

EY thumbnail

Resource

e-Book: Tips for TPRM, supply chain due diligence

2024-04-26T21:03:00+01:00Provided by

Implementing a risk-based approach to third-party due diligence frees up compliance resources to be deployed efficiently and helps organizations meet the expectations of regulators.

ESG vector

Premium

Report: Poor awareness of supply chain disclosure regs leaving firms exposed

2024-04-23T15:44:00+01:00By

Compliance failures in the supply chain are hampering organizations’ efforts to implement environmental, social, and governance initiatives and meet disclosure requirements, according to a new report by U.K. law firm Burges Salmon.

onetrust 2022 300x200

Webcast

CPE Webcast: Automating third-party management workflows: 5 ways to drive alignment across teams

2024-04-23T14:00:00+01:00Provided by

Is your third-party management process bogged down by manual workflows and misaligned teams? It’s time to say goodbye to inefficiency and hello to streamlined processes (if only it were that simple).

Iran flag

News Brief

OFAC fines SCG Chemicals unit $20M over Iran sanctions violations

2024-04-22T16:49:00+01:00By

A subsidiary of Thailand-based SCG Chemicals Co. agreed to pay a $20 million fine to the Office of Foreign Assets Control over “egregious” violations of sanctions against Iran.

European Court of Human Rights

Premium

ECHR ruling opens door to climate change litigation on basis of human rights

2024-04-15T13:47:00+01:00By

By holding the Swiss government accountable for failing to do more to limit climate change, a ruling by the European Court of Human Rights might have significant implications for legislators and organizations in other countries across the European Union.

DHS

News Brief

New DHS strategy sets textiles up for added UFLPA scrutiny

2024-04-08T17:05:00+01:00By

The Department of Homeland Security announced a new strategy set to help close a loophole that allows certain textile-related shipments from China to enter the United States without scrutiny under the Uyghur Forced Labor Prevention Act.

CW2024 leadership panel

Premium

CW2024 leadership panel on navigating scrutiny, prep for more change

2024-04-08T12:34:00+01:00By

The global political landscape should be high on the risk radar of compliance officers in 2024, according to compliance leaders speaking at Compliance Week’s 2024 National Conference, along with increased regulatory scrutiny toward forced labor, ESG, and M&A.

CW2024 McBride

Premium

Ex-Albemarle CCO shares drivers behind data analytics success at CW2024

2024-04-04T00:41:00+01:00By

Former Albemarle CCO Andrew McBride explained at Compliance Week’s 2024 National Conference how he led the company’s compliance department to remediate the issues that led to apparent FCPA violations and how the team used data analytics to assess risks and implement compliance solutions.

AT&T

News Brief

AT&T: Data leak exposed info of 73M customers onto dark web

2024-04-01T14:00:00+01:00By

AT&T said personal account data on approximately 73 million current and former customers was released on the dark web two weeks ago but has not yet identified when and where the breach occurred.

China flags

Premium

CBP stats show persistent problem areas under UFLPA

2024-04-01T13:33:00+01:00By and

It’s been nearly two years since the Uyghur Forced Labor Prevention Act took effect, and as enforcement statistics and recent reports demonstrate, many businesses are still not adequately vetting their supply chains.

certa 300x200

Webcast

CPE webcast: Rapid expansion of global forced labor regulations

2024-03-28T14:00:00+00:00Provided by

Join us as we dive into the best practices for performing due diligence across your entire supply chain—from the sourcing of raw materials to the delivery of finished goods—to become (and stay) compliant with this ever-evolving landscape.

Department of Labor

News Brief

DOL orders Tuff Torq to pay $1.8M over child labor violations

2024-03-28T12:22:00+00:00By

The Department of Labor ordered Tennessee-based Tuff Torq Corp. to pay nearly $1.8 million over alleged child labor violations.

Whistleblower vector

Premium

NAVEX whistleblower report finds third parties lead on business integrity

2024-03-27T21:27:00+00:00By

A new report on corporate whistleblowing and hotline trends in 2023 found reporting volume at an all-time high, with key disparities uncovered between reports filed by third parties and those filed by employees.

adani_web

News Brief

Adani Group on defense over reports of FCPA probe

2024-03-21T18:21:00+00:00By

Indian conglomerate Adani Group said it is aware of an investigation by the U.S. Department of Justice into bribery allegations against a “third party” but denied a relationship with it.

Supply chain

Premium

Policy changes underscore need for enhanced child labor due diligence

2024-03-18T13:20:00+00:00By and

Rooting out potential child or forced labor violations in your company’s supply chain can have benefits beyond protecting reputation and being ethically sound. The process can also help your firm comply with pending child labor laws in other jurisdictions.

Auditinspection

Premium

The auditor’s role in supply chain due diligence

2024-03-14T17:54:00+00:00By

Although compliance should be the company’s primary responsibility, auditors have become the last line of defense and are getting pressured and blamed for supply chain issues, including instances of child labor. Is this expected to become the normal for the profession?

OCC sign

Premium

U.S. banking regs mulling enhanced operational resiliency frameworks

2024-03-13T19:47:00+00:00By

Acting Comptroller of the Currency Michael Hsu said federal banking agencies are considering enhancements to their operational resiliency requirements for member banks.

Department of Labor

Premium

DOL seeking more authority in crackdown on child labor violations

2024-03-12T16:56:00+00:00By

The Department of Labor has stepped up its enforcement of child labor law amid a concerning rise in child labor exploitation, yet the agency acknowledges its resources are not great enough to be a significant deterrent for such misconduct.

Child labor

Premium

Child labor violations are on the rise in U.S. Are they in your supply chain?

2024-03-11T16:31:00+00:00By

The compliance community has not been spending time addressing a problem mistakenly thought to be a rarity: The proliferation of child labor violations occurring in the United States.

European Commission

News Brief

EU to ban sale of products made with forced labor

2024-03-08T15:20:00+00:00By

The European Union announced an agreement to ban products made with forced labor, a decision that will oblige organizations to track and declare more information about their supply chains for goods entering EU markets.

fti300x200

Webcast

CPE Webcast: Applying traditional TPRM security and data privacy practices in the digital space

2024-03-05T14:00:00+00:00Provided by

This webinar explores the compliance challenges posed by evolving privacy regulations and the recent explosion of class-action litigation arising from third-party advertising technology on websites.

Metropolitan Commercial Bank

News Brief

Metropolitan Commercial Bank adds risk chief, AML officer

2024-03-04T19:39:00+00:00By

Metropolitan Commercial Bank announced the appointments of a chief risk officer and Bank Secrecy Act/anti-money laundering officer to bolster its reporting lines following a $30 million enforcement action from federal and state authorities last year.