This month's key compliance news includes the resignation of Primark CEO over misconduct, Revolut's AML fine, new guidance on consumer protection published by the CMA, Block Inc.'s $40m settlement, and more.
With just weeks to go until the European Accessibility Act (EAA) comes into force on 28 June, a new report has revealed that the majority of businesses are still unprepared -and risk facing significant penalties for non-compliance. Any UK company offering digital services to EU customers - whether through websites, mobile apps, e-commerce platforms, or online portals -will need to comply with WCAG 2.1 AA accessibility standards under this act.
Enterprise technology firm Storyblok surveyed 200 European organisations and found that only 25% are fully ready to meet the new accessibility requirements. Nearly one in five businesses (18.5%) admitted they were not even aware of the legislation.
The EAA will require websites and digital services to be accessible to people with a wide range of disabilities - not just those who are blind or partially sighted. This includes people with dyslexia, neurodivergent individuals, those with physical disabilities, and people with conditions such as epilepsy, who may be affected by flashing visuals or complex navigation.
Despite several years' notice, only 19.5% of surveyed businesses have begun working toward compliance. The findings raise concerns for compliance managers across Europe, as failing to meet the standards could result in fines and reputational damage.
The report reminds us that digital accessibility is no longer just a best practice - it is a legal obligation. With the deadline fast approaching, experts warn that businesses must act now to ensure their platforms are inclusive and compliant.
MGM Resorts International has agreed to pay an $8.5 million fine to settle allegations from Nevada gaming regulators over anti-money laundering (AML) failures at two of its Las Vegas Strip properties.
According to a 10-count complaint filed by the Nevada Gaming Control Board (NGCB) on 17 April, the violations occurred between 2015 and 2018 at the MGM Grand and the Cosmopolitan. The complaint centres on MGM's failure to report suspicious gambling activity linked to two illegal bookmakers: Wayne Nix, a former minor league baseball player, and Mathew Bowyer, a known high-stakes bookmaker.
Both men have since pleaded guilty to operating illegal gambling rings and are awaiting sentencing in separate federal cases.
Regulators claim MGM staff - including then-president of MGM Grand, Scott Sibella - were aware that the pair were gambling with large amounts of illicit cash, often delivered in duffel bags or paper sacks containing high-denomination bills, but failed to take appropriate action.
The case highlights ongoing concerns about compliance and oversight in the casino industry, particularly around AML obligations and the handling of suspicious cash transactions.
A major shift in consumer protection came into force on 7 April 2025, as the UK'sCompetition and Markets Authority (CMA) began exercising new enforcement powers under the Digital Markets, Competition and Consumers Act 2024 (DMCCA). This legislation allows the CMA to directly enforce consumer law without going to court, enabling it to act faster and more decisively against companies that breach regulations.
Key changes include:
The CMA will also encourage industry collaboration, inviting firms to flag competitors' misconduct and offering clearer legal guidance where needed. This marks a new era of consumer protection, aiming to ensure fairer, more transparent markets and enhanced confidence for UK consumers.
The Serious Fraud Office (SFO) has brought criminal charges against United Insurance Brokers Ltd (UIB), a London-based Lloyd’s market broker, for allegedly failing to prevent bribery in its reinsurance dealings with Ecuadorian state insurers between 2013 and 2016.
According to the SFO, intermediaries paid by UIB offered bribes to an Ecuadorian official to secure contracts covering essential utilities such as electricity and water. UIB faces prosecution under the UK Bribery Act, with a preliminary hearing set for 7 May in London.
“British companies have a duty to prevent the harm caused by bribery when doing business at home and abroad. The SFO remains committed to stamping out international bribery wherever it may occur.”
- Nick Ephgrave, Director, SFO
This case forms part of a broader 2021 investigation into London insurance entities and marks the ninth prosecution under Ephgrave’s tenure.
Paul Marchant has stepped down as CEO of Primark after an external investigation—commissioned by parent company ABF—upheld a complaint by an unnamed woman about his conduct in a social setting. Marchant cooperated fully, acknowledged his lapse in judgment, and issued a formal apology to the individual involved, the ABF Board, and his Primark colleagues.
ABF Chief Executive George Weston emphasised that "high standards of integrity are essential" and reaffirmed the company’s commitment to treating all colleagues with respect and dignity. To ensure continuity, Finance Director Eoin Tonge will take over as Primark's interim CEO, supported by the senior management team and Strategic Advisory Board. Meanwhile, Joana Edwards steps in as interim ABF Finance Director.
The Bank of Lithuania has hit Revolut Bank UAB with a €3.5 million fine - the largest ever imposed by that regulator on a bank or electronic money institution - for shortcomings in its AML monitoring of customer relationships and transactions. While the penalty represents 1.73% of Revolut’s assets, several smaller Lithuanian banks have faced proportionally larger fines exceeding 7% of assets for similar breaches.
This action is the fourth regulatory sanction against Revolut Bank since 2022, bringing its total fines to €3.82 million (two AML-related and two Capital Requirements Regulation breaches).
Viewed alongside enforcement actions against other fast-growing digital banks - such as Starling, N26, bunq, and Wise Payments—it underscores a broader trend: as fintechs scale rapidly across the EU, they face ever-tighter scrutiny and must invest heavily in compliance infrastructure to avoid increasingly severe penalties.
Block Inc. has been ordered to pay a $ 40 million fine to the state of New York for what the state's regulator on Thursday called "significant failures in its Bank Secrecy Act/Anti-Money Laundering compliance programme, which violated New York Department of Financial Services' money transmitter and virtual currency regulations." The alleged violations occurred in connection with Block’s popular Cash App product.
The New York case represents the latest such agreement with state regulators, according to a Block spokesperson, who did not specify the states or the total amount of the fines. "We have now reached an agreement with the final remaining state money-transmission regulator," the spokesperson says by email.
She says the alleged violations in these cases concerned a prior compliance programme followed by Cash App, without laying out details. The state said an "independent monitor" will oversee Block's compliance going forward. "We are pleased to put this matter behind us," she adds.
In the New York case, Block did not "admit to any of the department’s findings," the spokesperson says, adding Cash App "has devoted significant financial and other resources to compliance remediation and enhancements."
The state alleged Block had failed to exercise customer due diligence and to enable "sufficient risk-based controls" aimed at stopping money laundering and other illegal activity. San Francisco-based Block had also failed to "effectively and timely monitor transactions," the state charged.
With respect to Bitcoin, Block was guilty of "lax treatment" of these "high-risk transactions," the state charged, which allowed "largely anonymous transactions to proceed without proper scrutiny."
Block's Cash App delivered $5.24 billion in gross profit last year, representing its most profitable product. According to a company presentation, by the fourth quarter of last year, the app had attracted 57 million active users, with 25 million using the product's related Cash App card.
The app, which enables users to perform multiple functions, including sending and receiving money and buying stocks and Bitcoin, was launched in 2013.
We have created a series of comprehensive roadmaps to help you navigate the compliance landscape, supported by e-learning in our Essentials Library.