Compliance

Allianz Transfers Commercial Cyber Unit to Coalition
This game-changing partnership brings a fresh approach to commercial cyber insurance, elevating protection and benefits for customers. By joining forces, Allianz and Coalition are revolutionizing cyber coverage with a unique and robust offering.

FIS and Anthropic Unveil AI to Accelerate Money Laundering Probes
Imagine having an AI-powered ally that supercharges your money laundering investigations, automatically gathering evidence, detecting patterns, and prioritizing case files in minutes - not days. FIS and Anthropic have joined forces to bring you the Financial Crimes AI Agent, revolutionizing banking's most costly compliance challenge.

Digital KYC Push Stalls on Trust and Liability Concerns
KYC is more than just verifying identity - it's a crucial process that requires trust and accuracy to prevent financial crimes. Governments and banks are working together to modernize identity data collection and reuse, with countries like the UAE, Europe, and Singapore launching innovative projects to streamline compliance and strengthen anti-money laundering efforts.

FTC Settlement Forces Kochava to Curb Location Data Sales
Big changes are coming for Kochava, a data broker that allegedly sold precise location data from hundreds of millions of smartphones without consent - under a proposed FTC settlement, they'll need to get explicit permission from consumers before sharing their sensitive info. This move could mark a major shift in how companies handle location data sales.

FTC Bars Kochava from Selling Location Data Without Consent
The Federal Trade Commission is taking a stand against Kochava, proposing an order that would require the company to obtain explicit consent from Americans before selling their precise location data, and only use it for services they directly requested. This move aims to put an end to the sale of sensitive location information without users' knowledge or consent.

Europol Disrupts Albanian Investment Fraud Ring
In a major crackdown on investment scams, Europol and international authorities have dismantled a sophisticated Albanian investment fraud ring, arresting 10 suspects and seizing nearly €900,000 and 443 computers. The alleged scammers are accused of swindling victims out of at least €50m through their professionalized operation.

EU Advances Mandatory Online Age Verification Despite Security Risks
The European Commission's recent findings have revealed that Meta failed to protect minors, with a staggering 12% of European children under 13 reportedly accessing Facebook or Instagram, sparking concerns over online safety. This has led to a push for mandatory online age verification, despite security risks.

EU Backs Open-Source Age Verification Tool to Protect Minors Online
The European Commission is taking a major step to safeguard minors online, recommending that EU member states adopt an open-source age verification tool that's easy for online platforms to implement. This move aims to shield kids from harmful content, building on the Digital Markets Act and Digital Services Act to hold big tech accountable.

US Companies Face Record $3.45 Billion in Privacy Fines
US companies are facing a record-breaking $3.45 billion in privacy fines, a staggering amount that surpasses the total fines issued over the past five years combined, as regulators shift from education to full-scale enforcement. This surge in fines is driven by stronger state laws, coordinated interstate efforts, and increased scrutiny of AI and automation practices.

UK Data Watchdog Chief Steps Back Amid Workplace Probe
UK's top data watchdog, John Edwards, has temporarily stepped down from his role amid an independent workplace investigation, cooperating fully with the probe. He made the announcement via LinkedIn, confirming his voluntary leave of duties as head of the Information Commissioner's Office.

HIPAA Fines Hit $1.7 Million for Risk Analysis Failures
The consequences of neglecting HIPAA risk analysis are steep: four entities recently paid a total of $1.7 million in fines for failing to conduct accurate, timely, and thorough assessments, exposing sensitive health information of nearly 427,000 individuals to hacking and ransomware threats.

DORA Mandates Credential Security as Financial Risk Control
What happens when a threat actor waltzes into your network with a legitimate username and password - can your controls stop them? With DORA now in effect, EU financial institutions must prioritize credential security as a critical risk control, shifting from best practice to binding regulation.

Germany Revives ISP Data Retention Mandate Amid Privacy Concerns
Germany's government is pushing for a new law that would require internet service providers to store customer connection data for three months to help combat online crimes, sparking concerns about privacy. The proposed mandate, justified as a way to keep the digital space safe from criminals, has been approved by the national cabinet and now awaits parliamentary approval.

House Republicans Unveil National Data Privacy Bill
House Republicans have introduced the Secure Data Act, a groundbreaking national data privacy bill that puts Americans in control of their personal data and holds companies accountable for keeping it safe. The proposed law would give consumers the power to opt out of data collection for targeted ads, third-party sales, and automated decision-making.

US OPM Health Data Collection Plan Sparks Privacy Concerns
The Office of Personnel Management wants to collect detailed, identifiable health records from the 65 health insurers that cover over 10 million federal and postal service employees, retirees, and their families - a move that's raising concerns about privacy. The proposed data collection would include medical claims, pharmacy claims, and provider data to help OPM oversee health benefits programs.

UK Regulator Probes Telegram Over CSAM Sharing Concerns
The UK's communications regulator, Ofcom, has launched a crucial investigation into Telegram over concerns that the platform is being used to share child sexual abuse material, sparking a delicate balance between regulation and user protection. This probe also extends to teen chat sites, raising important questions about moderation, oversight, and the safety of young users.

FTC Bolsters AI Efforts to Combat Deepfakes and Voice Scams
The Federal Trade Commission is stepping up its game against AI-powered scams, gearing up to enforce new laws targeting sexual deepfakes and exploring ways to shut down voice clone scams. It's a crucial move in the cat-and-mouse battle to stay ahead of tech-savvy scammers.

Tempus AI Sued Over DNA Data Use Without Consent
A health AI company is facing a federal lawsuit in Chicago, accused of using and selling millions of people's DNA data without their consent. The plaintiffs claim that genetic information can't be fully anonymized, putting sensitive personal data at risk.

Coast Guard Rule Ramps Up Maritime Cybersecurity Standards
A new Coast Guard rule is set to revolutionize maritime cybersecurity by enforcing stricter standards on operational technology systems at US ports and commercial vessels, turning a long-overdue necessity into a booming market. This regulatory shift comes at a critical time, as global tensions rise and the shipping industry becomes an increasingly attractive target for cyber threats.

Fraud Detection Shifts Toward Identity Intelligence
Fraud detection is evolving from simple verification to a more sophisticated approach: identity intelligence. This shift demands a new strategy to track down individuals who don't exist in the first place.

Fraud Detection Lags as Losses Mount Despite Heavy Tech Investments
Despite pouring money into cutting-edge fraud detection tools and analytics, financial institutions are still struggling to outsmart scammers, with losses mounting at an alarming rate. The disconnect between heavy tech investments and rising fraud losses reveals a pressing need for a new approach to scam prevention.

NHS England Preps for Microsoft Licensing Talks with £46K Benchmarking Push
NHS England is taking a savvy step towards renegotiating its massive £774 million Microsoft licensing deal with a £46,000 benchmarking exercise, setting the stage for what's sure to be a high-stakes negotiation. Can this small investment lead to significant savings for the UK public sector?

Fraud Enters New Era, Demanding Proactive Hunt
As traditional fraud markers become obsolete, it's clear that a new approach is needed - one that treats digital identity as critical infrastructure and leverages a layered, real-time defense strategy to stay one step ahead of sophisticated crime rings. We must move beyond outdated tactics and adopt a proactive, systemic approach to fraud defense.

HHS Weighs HIPAA Security Rule Update Amid Compliance Cost Concerns
As the HHS Office for Civil Rights considers updating the HIPAA Security Rule, a pressing question remains: will the cost of compliance outweigh the risk of leaving protected health information vulnerable? The director bluntly puts it, the cost of inaction may outweigh compliance burdens.