AT&T has agreed to pay a $13 million fine after the Federal Communications Commission (FCC) found the telecommunications giant had improperly shared customer billing information with a vendor to create personalized videos. The company also allegedly failed to ensure that this data was destroyed when no longer needed, which ultimately led to a security breach.
The Institute of Internal Auditors (IIA) has released a report that sheds light on the future of the internal audit profession. Titled "Internal Audit: Vision 2035 – Creating Our Future Together," the study draws insights from over 7,000 practitioners and stakeholders worldwide, revealing key trends and challenges that will shape the profession over the next decade.
Chinese authorities have imposed severe penalties on PricewaterhouseCoopers (PwC) for its role in auditing the collapsed property developer Evergrande. The punishment, including a six-month ban and fines exceeding 400 million yuan ($56.4 million), marks the heaviest sanctions yet for international accounting firms operating in China.
New York-based facial recognition startup Clearview AI has now accrued fines exceeding $115 million for privacy violations across the European Union and the United Kingdom. The Dutch Data Protection Authority (DPA) has recently imposed a $33.7 million penalty, adding to a series of General Data Protection Regulation (GDPR) compliance issues that date back to 2020.
Wynn Las Vegas, a subsidiary of Wynn Resorts, Limited, has agreed to a staggering $130,131,645 forfeiture to settle criminal allegations that it conspired with unlicensed money-transmitting businesses to funnel funds for foreign gamblers. Announced by the U.S. Attorney's Office for the Southern District of California on September 6, 2024, the settlement is believed to be the largest forfeiture ever by a casino based on admissions of criminal wrongdoing.
The recent data breach at the Centers for Medicare & Medicaid Services (CMS), which compromised the personal information of nearly one million Medicare beneficiaries, serves as a powerful reminder of the serious cybersecurity, governance, risk management, and compliance (GRC) challenges facing organizations in today's digital landscape. The breach, stemming from a vulnerability in third-party software (MOVEit) has exposed significant gaps in vendor management, IT security, and regulatory compliance.
The banking sector finds itself at a critical juncture. The proliferation of partnerships between traditional financial institutions and innovative FinTechs has ushered in unprecedented opportunities for growth and customer engagement. However, this intricate web of relationships has also introduced a new dimension of risk that demands immediate attention from Governance, Risk, and Compliance (GRC) professionals, Third-Party Risk Management (TPRM) specialists, and compliance officers.