First-ever AI-powered ransomware discovered. What does it mean for compliance and cybersecurity?
This past August, researchers at ESET revealed something cybersecurity experts have long anticipated: The first-ever AI-powered ransomware, dubbed PromptLock. Unlike traditional ransomware, which relies on pre-written code, PromptLock uses a large language model (LLM) to dynamically generate scripts for scanning files, stealing data, encrypting systems and even drafting ransom notes. What makes PromptLock especially […]
Proliferation financing in Australia: A new era for AML/CTF compliance
As Australia edges closer to the commencement of the Tranche 2 Anti-Money Laundering and Counter-Terrorist Financing (AML/CTF) reforms, regulated businesses including legal and professional service providers, face a significant new compliance obligation of proliferation financing (PF), alongside traditional money laundering (ML) and terrorism financing (TF) risks. This is the first time the AML/CTF Act explicitly […]
FCA’s crackdown on non-financial misconduct: What it means for businesses
On July 2, 2025, the Financial Conduct Authority (FCA) published its latest package of measures on non-financial misconduct (NFM), a landmark step in turning workplace behaviour into a regulatory matter. The paper combines a policy statement, confirming changes to the FCA’s Code of Conduct (COCON) and a consultation on additional guidance for both COCON and […]
UK corporate prosecutions: What the new guidance means for businesses
The UK’s corporate crime landscape is undergoing its most significant shift in years. On August 18, 2025, the Serious Fraud Office (SFO) and Crown Prosecution Service (CPS) jointly announced an overhaul of their Corporate Prosecutions Guidance, marking a decisive moment for organisations operating in the UK. With the failure to prevent fraud offence under […]
Seatrium’s settlement: The high cost of corruption and the long shadow of operation car wash
In what may be Singapore’s largest corruption-related settlement to date, offshore and marine engineering giant Seatrium has agreed to pay a huge, multi-million dollar settlement to resolve bribery allegations stemming from Brazil’s sweeping Operation Car Wash investigation. The deal involves $110m payable to Singapore under a deferred prosecution agreement (DPA) and a further $131m to […]
Sanctions compliance in 2025: What OFSI’s proposed enforcement reforms mean for UK businesses
The UK government is signalling a sharper, more assertive approach to sanctions enforcement. Businesses need to pay attention On July 22, 2025, the Office of Financial Sanctions Implementation (OFSI) published a major consultation paper proposing reforms that could transform how civil breaches of financial sanctions are investigated and penalised in the UK. The changes […]
The £173K mistake: How one law firm missed a PEP and paid the price
A routine property transaction. A prestigious law firm. A missed red flag. A six-figure fine. The story of Taylor Vinters’ anti money laundering (AML) breach is not just a cautionary tale but a stark reminder of the rising expectations regulators now place on legal and financial firms handling high-risk clients, especially politically exposed persons […]
Ransomware escalation and AI risks: Did we just get a cyber security wake-up call?
In the wake of a rapidly evolving ransomware campaign exploiting vulnerabilities in Microsoft’s SharePoint server software, it’s becoming increasingly evident that the era of low-impact cyberattacks is over. The campaign, linked to the threat group dubbed Storm-2603, has now extended into ransomware deployment and its crippling networks, paralysing operations and exposing a glaring truth: […]
Lessons from a GDPR fine: McDonald’s Poland and the high cost of processor oversight failures
The Polish Data Protection Authority (UODO) recently issued a GDPR fine of over €3.8 million to McDonald’s Poland, along with additional penalties for its processor, 24/7 Communication Sp. The enforcement action offers a sharp reminder that outsourcing data processing does not outsource accountability. At the heart of this breach was a fundamental failure of […]
Inside Barclays’ AML breakdown: Lessons from the FCA’s £42m fine
Barclays Bank has once again come under the regulatory spotlight, this time with a hefty £42 million fine imposed by the Financial Conduct Authority (FCA) for serious lapses in money laundering risk management. The fine, split between two cases involving WealthTek and Stunt & Co, serves as a cautionary tale for all financial institutions, mainly […]
