Insights

Turn back the clock to the 2010s, and you’ll witness the origins of a compliance revolution. Cloud companies faced a rising tide of regulations like HIPAA and PCI DSS. High-profile breaches—such as the 2013 Target data breach—shattered consumer trust, prompting regulators to crack down on data handlers and processors. Compliance became the bulwark against lawsuits and reputational damage. Cloud providers like AWS and Azure raced to offer robust security and compliance tools, emphasizing shared responsibility between provider and client. By the early 2020s, compliance had cemented its place as the cornerstone of operational security and customer confidence.

Sustainability reporting has evolved from a nice-to-have to a must-do. For years, it’s been voluntary—a chance to show off green credentials. But now? Regulators and investors are upping the ante. KPMG’s 13th Survey of Sustainability Reporting couldn’t have landed at a better time. With mandatory reporting on the horizon for many countries, the survey offers a fascinating look at how global companies are preparing for this seismic shift—or not.

In a damning chapter in the annals of corporate malfeasance to date, McKinsey & Company—the vaunted consulting powerhouse—has agreed to pay $650 million to resolve U.S. Department of Justice (DOJ) investigations into its role in fueling the opioid epidemic. With this settlement, McKinsey becomes the first consulting firm to face criminal charges for advising a client, Purdue Pharma L.P., on activities that significantly contributed to a public health catastrophe of staggering proportions.

The Basel Committee on Banking Supervision has officially closed the book on a 25-year-old rulebook, unveiling final guidelines for counterparty credit risk (CCR) management that aim to address vulnerabilities exposed in recent financial turmoil. Announced on December 11, 2024, these guidelines target the persistent weaknesses in CCR, particularly in dealings with non-bank financial intermediaries (NBFIs), which have recently made headlines for all the wrong reasons.

Mark Twain famously said, “You’re never wrong for doing the right thing.” While Twain wasn’t contemplating Environmental, Social, and Governance (ESG) principles, his words resonate powerfully in a world where corporate behavior is under an unrelenting microscope. ESG is no longer a "nice-to-have." It’s a guiding ethos that challenges businesses to reconcile profitability with purpose—and to do so transparently, accountably, and authentically.

In an era where personal information flows through countless digital channels, the Consumer Financial Protection Bureau (CFPB) has proposed a sweeping rule to rein in the burgeoning data broker industry. This initiative seeks to impose stricter accountability under the Fair Credit Reporting Act (FCRA), ensuring that consumer data is shared only for legitimate purposes and safeguarding sensitive information like Social Security numbers and income data from misuse.

In today’s hyper-connected world, businesses rarely operate in isolation. Instead, they form part of intricate webs of suppliers, vendors, and third-party partners. These extended enterprise relationships offer a wealth of opportunities—streamlined operations, cost efficiencies, and specialization—but they also come with inherent risks. Managing these risks effectively requires a firm commitment to environmental, social, and governance (ESG) standards, operational resilience, and robust compliance strategies.