GRC Report Staff

Healthcare providers across the U.S. have just learned a hard lesson about accountability, with two high-profile cases settling for a combined $25.9 million. The Department of Justice’s latest actions spotlight fraudulent billing practices that took advantage of Medicare, the government program designed to help the nation’s elderly and vulnerable. In one case, a pharmacy found itself caught up in the scam of submitting false claims for COVID-19 tests it never shipped. In the other, a network of cardiology practices saw a significant financial hit after overbilling Medicare for diagnostic drugs, some for over a decade.

Independent Health Association, along with its affiliate Independent Health Corporation, has agreed to pay up to $98 million to settle allegations of defrauding Medicare. The Buffalo-based Medicare Advantage provider is accused of inflating risk scores—a critical metric in determining payments under the Medicare Advantage (MA) program.

The Federal Trade Commission (FTC) announced today that it has issued an order requiring Marriott International, Inc. and Starwood Hotels & Resorts Worldwide LLC, a subsidiary of Marriott, to implement more robust data security programs.

Deutsche Bank Securities Inc., the broker-dealer arm of Deutsche Bank AG, is paying a hefty $4 million civil penalty after the U.S. Securities and Exchange Commission (SEC) found that it repeatedly missed the deadline to file Suspicious Activity Reports (SARs). These reports are crucial tools in the fight against financial crime, and Deutsche Bank’s delay in filing them hindered important investigations into possible illicit activities.

Time is slipping away for proprietary trading firms (PTFs) and other financial institutions preparing to comply with the Digital Operational Resilience Act (DORA). With the January 17, 2025, implementation date looming, the Dutch Authority for the Financial Markets (AFM) has issued a candid report that paints a mixed picture of readiness.

Starting January 1, 2025, doing business in California gets a little pricier—at least for those caught slipping on privacy compliance. The California Privacy Protection Agency (CPPA) has announced higher fines and updated thresholds under the California Consumer Privacy Act (CCPA). These changes, tied to inflation and the Consumer Price Index (CPI), mark a biannual adjustment aimed at keeping penalties relevant and impactful in an evolving regulatory landscape.

Wells Fargo Clearing Services and LPL Financial have agreed to pay $900,000 each to settle charges with the U.S. Securities and Exchange Commission (SEC). The charges stem from the firms' failure to provide complete and accurate securities trading data, known as blue sheet data, to the SEC, a key component of the agency’s market surveillance.