CCI employees share latest surveys, experiences and evaluation on danger, compliance, governance, infosec and management points. Share particulars of your survey with us: editor@corporatecomplianceinsights.com.
American companies account for 95% of economic enforcement actions in ’24
US monetary regulators dominated international enforcement actions in 2024, accounting for 95% of the $4.6 billion in penalties worldwide, based on new analysis from Fenergo, a supplier of compliance and consumer administration options.
The evaluation revealed that whereas international penalties decreased 30% from 2023, penalties particularly focusing on banks surged 522% to $3.65 billion. Transaction monitoring violations noticed an excellent steeper rise, with penalties exceeding $3.3 billion — representing a 100% year-over-year improve.
ESG enforcement additionally intensified, with international ESG-related fines rising 98% to $37.7 million, whereas US ESG fines rose 13% to $21.5 million.
“The surge in penalties for AML violations in banking, within the US, and around the globe underscores the relentless tempo at which monetary crime evolves, and the rising expectations positioned on monetary establishments by regulators,” stated Tracy Moore, director of regulatory affairs at Fenergo.
Different key findings:
- Banks confronted the heaviest penalties at $3.52 billion, representing 82% of US regulatory fines.
- Digital asset platforms obtained $756+ million in fines, accounting for 99% of world penalties on this class.
- Dealer-dealers incurred over $3 million in fines, making up 85% of world broker-dealer penalties.
- Securities corporations confronted $6.5 million in penalties, whereas buy-side corporations had been fined about $29 million.
The examine analyzed international monetary establishment enforcement actions from January via December 2024.
Cyber incidents stay prime international enterprise danger; local weather change vaults to close prime of checklist
Cyber incidents stay the main concern for companies worldwide in 2025, with 38% of firms figuring out cyber assaults and information breaches as their main danger, based on Allianz Industrial’s annual danger barometer, however local weather change is rapidly shifting up the checklist.
Enterprise interruption held regular at second place with 31% of responses, whereas pure catastrophes remained third, based on the international insurance coverage and asset administration agency. Local weather change made its highest-ever displaying within the survey’s 14-year historical past, rising from seventh to fifth place amid file international temperatures and devastating pure disasters in 2024.
Within the US, cyber incidents topped the checklist, adopted by pure catastrophes, which rose one place to second place. Enterprise interruption ranked third, whereas regulatory modifications confirmed the largest bounce, shifting from eighth to fourth place.
“For a lot of firms, cyber danger, exacerbated by fast growth of synthetic intelligence, is the massive danger overriding every thing else,” stated Rishi Baviskar, international head of cyber danger consulting at Allianz Industrial.
Different findings:
- Greater than 60% of respondents cited information breaches as their most feared cyber publicity.
- Provide chain disruptions happen about each 1.4 years with damages reaching as much as 10% of product prices.
- Political dangers and violence dropped to ninth place globally however rose to seventh amongst massive firms.
- Smaller firms confirmed rising concern about local weather change and political dangers, marking a shift from their usually extra localized danger focus.
The survey revealed vital interconnectivity amongst prime dangers, with local weather change, rising expertise, regulation and geopolitical dangers changing into more and more intertwined.
Almost half of US employees have seen office harassment
Forty-six % of US staff have witnessed harassment of their office over the previous 5 years, whereas 24% report being direct targets of harassment themselves, based on new analysis from compliance coaching supplier Traliant.
The examine reveals a big generational divide, with 52% of Gen Z staff reporting they witnessed office harassment in comparison with 33% of Child Boomers. The findings additionally expose regarding gaps in reporting mechanisms, as solely half of staff stated they’d report harassment if they’d to make use of their identify.
Traliant’s inaugural harassment report, which surveyed greater than 2,000 full-time staff throughout varied industries, highlighted specific challenges for girls within the office — 32% of ladies expressed dissatisfaction with how their employers dealt with harassment experiences, in comparison with 20% of males.
“The survey findings current an alarming image for employers who wish to create optimistic work environments the place staff can convey their finest selves to work,” stated Michael Johnson, chief technique officer at Traliant.
The analysis was carried out in October 2024 by impartial market analysis agency Researchscape.
Three-quarters of producers not prepared for EU sustainability reporting guidelines
Seventy-six % of producers will not be assembly new worth chain disclosure necessities for sustainability subjects beneath the EU’s Company Sustainability Reporting Directive (CSRD), based on new analysis from provide chain sustainability administration agency Assent.
The examine of over 150 producers discovered vital gaps in reporting throughout ESG subjects, regardless of 99% of firms saying they combine ESG concerns into enterprise technique. The findings come as massive EU public firms put together for his or her first CSRD experiences in 2025, with the directive requiring disclosure throughout 84 subjects and 1,000 information factors. Giant EU firms not publicly listed might want to meet the reporting obligations by 2026, and sure international firms, together with some within the US, which have EU subsidiaries assembly measurement thresholds, have compliance dates in 2026.
Assent’s analysis revealed important shortfalls in biodiversity reporting, with solely 24% of assessed firms assembly CSRD necessities. Moreover, simply 56% disclosed Scope 3 emissions targets, highlighting widespread gaps in provide chain emissions discount planning.
“Our latest examine highlights that producers maintain a false sense of safety relating to their CSRD readiness,” stated Jamie Wallisch, sustainability skilled at Assent, which analyzed public sustainability experiences throughout industrial tools, electronics, medical units and automotive sectors.
Different key findings:
- Solely 49% of firms set targets for water use and marine conservation.
- 57% of firms assessed monetary dangers associated to materials ESG subjects.
- 58% of firms accounted for group impacts and set associated targets.
E-mail safety gaps depart organizations weak
Two-thirds of IT leaders say electronic mail safety distributors aren’t protecting tempo with rising dangers, whereas 60% of staff admit bypassing safety insurance policies, based on new analysis from communications safety supplier Zivver.
The report reveals a big misalignment between safety spending and precise dangers, with solely 24% of IT leaders believing their safety investments are well-aligned with threats. Whereas 47% of IT leaders deal with phishing and inbound threats, two-thirds acknowledge that outbound electronic mail errors trigger extra substantial information losses.
Zivver’s report, primarily based on surveys of 400 IT decision-makers and a pair of,000 staff throughout six international locations, discovered that electronic mail stays important for enterprise operations, with 93% of staff rating it as vital or crucial for every day work. Nevertheless, the findings expose regarding gaps in safety practices and compliance.
“Compliance necessities at this time demand that organisations take a complete view of electronic mail safety, integrating strong options that tackle each inbound and outbound dangers,” stated Rick Goud, Zivver’s co-founder and chief info officer.
Different key findings:
- Over 50% of staff report making email-related errors each few months.
- Solely 34% of electronic mail incidents are formally reported to IT groups.
- Whereas 73% of staff know safety insurance policies, simply 52% observe them.
- 54% of staff usually tend to make errors when busy or overwhelmed.
The analysis lined organizations within the US, UK, Netherlands, France, Germany and Belgium, spanning varied sectors together with healthcare, authorities and authorized providers.
