Compliance

Bank of Montreal dismissed a managing director on its US mortgage-backed bond desk in connection with a regulatory probe into misleading marketing practices.

The settlement detailed the missteps PayPal took in the lead-up to the attack and highlighted common risks — both on compliance and security — banks face.

The ruling lets state Attorney General Letitia James continue arguing Citi should have reimbursed customers for wire fraud, though some claims were dismissed.

A security researcher found a database exposing names, addresses, and bills apparently belonging to Willow Pay, a fintech for short-term financing on bills.

Citing concerns about going outside its statutory mandate, the Federal Reserve Board of Governors voted to leave the Network of Central Banks and Supervisors for Greening the Financial System.

The order calls on federal agencies to support more forms of digital identity documents and could lead more states to adopt digital driver's licenses.

Banks must comply with a European Union law known as DORA by Friday. The law aims to improve cybersecurity and reduce tech failures in financial services.

Through a partnership with Axway, the bank aims to provide API-based data sharing and develop new products that leverage open banking.

Amendments to New York's cyber rules — and a focus on privacy in California — mean banks must enhance risk controls, encryption and customer protections.

An alarming percentage of cyberattacks in 2024 exposed eight or more pieces of sensitive customer information, a notable increase in severity. Banks need to have both proactive and reactive strategies in place to protect customers.