Posts Tagged ‘third-party risks’
A Small Bank’s Big Lessons About Risk
Banking regulators have given us more lessons to ponder about effective third-party risk management and compliance programs, courtesy of a $30 million sanction against a bank in New York that had neither and ended up stuck in a pandemic-era $300 million fraud scheme. The bank in question is Metropolitan Commercial Bank (MCB), a bank in…
Read MoreA Mixed Picture on Compliance Efforts
Most large companies are doing at least passably well at managing compliance risks around third parties, although the vast majority are also still struggling to develop strong data analytics capability, according to a compliance benchmarking survey from two of the biggest names in the advisory world. KPMG and law firm White & Case published their…
Read MoreMore Help on Third-Party Risk
Banks have fresh guidance this week on how to tackle third-party risk management, and the material offers plenty of good advice on the subject for businesses in any sector. The guidance comes from the Office of the Comptroller of the Currency, the Federal Deposit Insurance Corp., and the Federal Reserve, which have been working for…
Read MoreLessons in Cardiac Company Fraud Settlement
A medical device company based in Oregon has agreed to pay $12.95 million to settle charges that it ran a sham training program as a vehicle to pay kickbacks to doctors, in a case that offers compliance professionals plenty of lessons about internal controls and third-party risk. The company is Biotronik, a maker of defibrillators,…
Read MoreLog4j: We Have to Talk About This
By now compliance and audit professionals may have heard about the cybersecurity vulnerability called Log4j. This will foremost be a problem for IT security officers; but Log4j also illuminates a lot of challenges that audit, compliance, and risk management challenges will face in the 2020s. So let’s unpack the issues afoot here. First, the background.…
Read MoreFoster Wheeler’s FCPA Lessons
We have our first FCPA enforcement action of the Biden Administration: a $177 million punch against engineering firm Amec Foster Wheeler, for bribery involving overseas agents to win a contract with Brazilian state-owned oil giant Petrobras. The settlement was announced Friday by U.S. regulators and the parent company of Foster Wheeler, John Wood Group. Wood…
Read MoreSteel Firm’s Lessons on Sanctions Risk
Sometimes that third-party risk is a party mighty close to you. Such was the case with an Oklahoma steel manufacturer, which just paid $435,000 to settle charges that its chief engineer sub-contracted design work to an Iranian engineering company owned by the man’s brother. The company, Alliance Steel, agreed to pay the fine to the…
Read MoreThe Cracks in Third-Party Risk Management
Another day, another report looking at challenges of third-party risk management. This time the report is from software firm Prevalent, and it’s worth some attention for the conflicting perceptions about third-party risk that it calls out. Foremost, the report is interesting because it defines third-party risk as a cybersecurity and supply chain issue, rather than…
Read MoreComEd Pays $200M on Domestic Bribery
Commonwealth Edison, a subsidiary of energy giant Exelon Corp. and the largest utility in the state of Illinois, agreed Friday to pay $200 million to settle federal corruption charges that also involve one of the state’s most powerful politicians. The case is a reminder to compliance officers that FCPA-like misconduct can happen right here within…
Read MoreWynn, Part II: Third-Party Oversight
Today we revisit Wynn Resorts and the report its compliance monitor released last month. As you might recall, that report is a sweeping review of how Wynn has tried to rectify its operations after a sexual harassment scandal forced the departure of its founder and long-time CEO, Steve Wynn. Last month we took a deep…
Read More