Compliance & Ethics

Amazon to Pay $2.25 Million FTC Penalty Over Identity Theft Records Failures

Section 609(e) of the Fair Credit Reporting Act requires businesses to provide victims with records of fraudulent transactions so they can piece together what was done with their personal information and begin repairing the damage. According to the Federal Trade Commission, Amazon too often turned that straightforward legal obligation into something far more difficult.

EIOPA Says Insurance Supervisors Are Looking Beyond Compliance as Product Oversight Matures Across Europe

There is a moment in almost every regulatory framework when compliance ceases to be the interesting question. The forms have been completed and the governance structures exist. Policies have been approved, committees have met, and someone can demonstrate that every required process was followed. Yet consumers can still end up with products that were never truly designed for them. Regulation, at its most useful, begins where documentation stops.

Australia Signals Pragmatic AML Transition, but Expects Steady Progress Toward Compliance

Australia has spent the past several months rewriting the machinery behind its anti-money laundering regime. Now comes the less visible part of the exercise, where the law has already changed but thousands of reporting entities are still bringing their own systems into alignment with it, each carrying the uncomfortable burden of proving that transition itself does not become a source of new risk.

Belgian Regulator Reaches €1 Million Settlement With Banque Degroof Petercam Over MiFID Conduct Failures

Belgium's Financial Services and Markets Authority has reached a €1 million agreed settlement with Banque Degroof Petercam after concluding that the bank breached European conduct rules while administering employee stock-option plans. The regulator found shortcomings in the disclosure of costs, the management of conflicts of interest and the assessment of whether certain investment products were appropriate for employees.

ASIC Secures $6.7 Million Penalty Against Mercer Super for Systemic Reporting Failures

Australia's corporate regulator has secured a $6.7 million (AUD $10.3 million) penalty against Mercer Super after the Federal Court found the superannuation trustee maintained inadequate systems for identifying and reporting significant compliance investigations, allowing serious member service issues to go undisclosed or be reported inaccurately over nearly three years.

Sweden to Replace Annual AML Questionnaire With Risk-Based Reporting Framework

Sweden's annual anti-money laundering reporting exercise has long been a familiar ritual. Each year, supervised firms answer the same set of questions, submit them to the Financial Supervisory Authority (FI), and move on. That routine is about to change. Beginning on 1 January 2027, the regulator will replace the existing reporting framework with an entirely new questionnaire that asks firms not simply what they do, but what kinds of risks they carry and how well their controls are built to contain them.

Australia Targets Telecom Scams, Emergency Services in New Enforcement Agenda

Australia's communications regulator has chosen its battles for the coming year, and the list says as much about where consumer harm is emerging as it does about where regulators believe industry performance still falls short. The Australian Communications and Media Authority's compliance and enforcement priorities for 2026–27 place emergency communications, telecommunications scams, consumer protections, and mobile device compliance at the center of its agenda.