This month's key compliance news includes senior departures at Nestlé, modern slavery in the hospitality sector, cyberattacks at Jaguar Land Rover, at European airports, at Gucci, Balenciaga and McQueen, and more.
Swiss food giant Nestlé has dismissed its chief executive, Laurent Freixe, over an "undisclosed romantic relationship" with a "direct subordinate", a breach of its code of conduct.
Freixe was dismissed with "immediate effect" after Nestlé's chair, Paul Bulcke, and independent director Pablo Isla conducted a second investigation.
Bulcke said, "This was a necessary decision. Nestlé's values and governance are strong foundations of our company. I thank Laurent for his years of service at Nestlé."
The investigation was believed to have been triggered after a report was made via the company's whistleblowing channel. Initially, Freixe was cleared of any wrongdoing, but when the complaints continued, a second investigation was carried out.
Nestlé, the name behind popular consumer goods such as Nespresso, Häagen-Dazs, KitKat, Perrier and S.Pellegrino, said:
"We acted at all times in line with best practice corporate governance. The external investigation was opened shortly after the initial internal investigation, and today's decision shows that we are taking allegations and investigations seriously."
Nestlé said that Freixe had denied any relationship with the employee, who is not on the executive board, throughout both investigations. Freixe had been employed by Nestlé for 40 years and will leave without an exit package.
Weeks later, Nestlé's chair, Paul Bulcke, also stepped down after Nestlé investors called for him to leave amid concerns about instability and performance.
Freixe joins a growing list of CEOs, including BP's Bernard Looney, McDonalds' Steve Easterbrook, and Astronomer's Andy Byron, who were ousted for personal relationships at work.
Modern slavery is a growing problem in the hospitality sector, an anti-slavery charity warns.
There were 485 potential modern slavery victims in food and drink venues in the UK between January 2024 and June 2025, with around 85 in holiday accommodation, according to a new report, "Service not Servitude: Modern Slavery in the Hospitality Sector" by the charity Unseen.
Unseen's deputy CEO, Justine Waters, said the hospitality sector is now showing "the same characteristics" of exploitation as the UK care sector in 2022.
Here are the key findings:
The charity is calling for more to be done to protect victims, including premises checks and greater accountability for employers with sponsorship licences.
UK factories of Jaguar Land Rover (JLR) remain closed after the luxury car maker experienced a cyberattack at the end of August.
Workers were sent home, and production has stalled at the company's sites in Halewood, Solihull, and Wolverhampton ever since the attack.
JLR, which produces around 1,000 of its best-selling Defender and Range Rover cars daily, shut down its networks to prevent further damage and has now told staff to stay at home for a fourth consecutive week.
The Scattered Lapsus$ Hunters group - thought to be run by a combination of hacking groups including Lapsus$, ShinyHunters and Scattered Spider - has claimed responsibility for the cyberattack and shared screenshots of the car maker's internal IT systems on a Telegram channel.
JLR has been working with the National Cyber Security Centre to investigate the incident.
Its factories and parts supply networks are highly automated, and "everything is connected," which has increased its vulnerability.
In a statement, JLR confirmed that the pause in production will continue until at least 1 October:
"Our teams continue to work around the clock alongside cybersecurity specialists, the NCSC and law enforcement to ensure we restart in a safe and secure manner. Our focus remains on supporting our customers, suppliers, colleagues, and our retailers, who remain open. We fully recognise this is a difficult time for all connected with JLR and we thank everyone for their continued support and patience."
Professor of Business Economics David Bailey from the University of Birmingham said the JLR shutdown - which has hit profits by around £120m and will result in around £1.7bn in lost revenue - should serve as a "wake up call" for other companies
Bailey said that the luxury car maker, which is owned by Tata Motors, was easily able to survive, but he warned that JLR's supply chain was vulnerable.
"We need to start thinking about how to build the resilience of the manufacturing system," he said. He called on the government to intervene and support the businesses affected, as is often done in other countries, such as Germany.
Flights across Europe continue to be disrupted following a cyberattack on the automated check-in and boarding software.
The European Union Agency for Cybersecurity, ENISA, said criminals had used malicious software to scramble check-in systems, disrupting flights at Heathrow, Berlin and Brussels and forcing airlines to resort to manual and back-up systems instead.
The attack on software provider Collins Aerospace was found on Friday night. Although the disruption had eased by Sunday, some cancellations and delays remained, with airlines at Brussels Airport still being asked to cancel 140 out of 276 flights on Monday.
Hackers were thought to have targeted software called Muse.
In a statement, Collins Aerospace confirmed it was in the process of completing software updates. It said in a memo to staff that over 1,000 computers had been corrupted, and most of the restarts needed to be done in person.
Collins also said that its systems had been rebuilt, only to find that hackers still had access.
The National Cyber Security Centre said it was working with Collins Aerospace and the affected airports.
According to aerospace company Thales, there has been a 600% increase in cyberattacks in the aviation sector over the past year, with 27 major attacks by 22 ransomware groups between January 2024 and April 2025. Criminals are attracted to the sector by sensitive avionics technologies and the high-value data, such as diplomatic travel itineraries and confidential freight shipments, that can be captured.
Hackers have stolen the personal data of Gucci, Balenciaga, and Alexander McQueen customers in a cyberattack.
The data includes names, phone numbers, addresses, email addresses, and their total spend in stores around the world, according to Kering, the Paris-based parent company of the luxury brands. However, no financial data was taken.
"In June 2025, we identified that an unauthorised third party gained temporary access to our systems and accessed limited customer data from some of our [fashion] houses. Our houses immediately disclosed the breach to the relevant authorities and notified customers according to local regulations."
-Kering
Shiny Hunters has claimed responsibility. It is the same group behind the Louis Vuitton and other cyberattacks this year, where access was gained by tricking employees into sharing their login credentials for Salesforce software.
The first use of an Unexplained Wealth Order has secured £1.1 million from the sale of a Lake District house, the Serious Fraud Office said.
The five-bedroomed property, 'Hope Springs House', belonged to Claire Schools, ex-wife of convicted fraudster Timothy Schools.
Investigators traced the criminal funds and claimed the property, which has a two-bedroom lodge and views of the Lakeland Fells, was purchased using money from Timothy School's investment scheme fraud, in which investors lost an estimated £100 million.
The UWO was granted in January this year, requiring Claire Schools to produce evidence of how the property was purchased within 28 days. The property was subsequently seized and sold in April.
Timothy Schools, a former solicitor, was convicted of fraud in 2022 and jailed for 14 years.
Timothy Schools diverted funds to his personal accounts, receiving over £19 million in benefits. He also admitted transferring £1,083,067 in proceeds of crime to others, mostly family members. Investigations into his other assets are continuing.
"We will use all the tools at our disposal to recover proceeds of crime from those associates and family members who seek to benefit from the criminal activity of others. Unexplained wealth orders offer investigative opportunities to pursue assets on behalf of victims and taxpayers. This is our first successful use of this legislation and it certainly won't be the last."
- Nick Ephgrave QPM, Director of the Serious Fraud Office
A former NASA scientist who defrauded over 100 investors out of £1 million has been jailed for two years.
From 2016 to 2021, John Burford offered trade alerts and investment opportunities through his firm, Financial Trading Strategies Limited, despite not being authorised by the FCA.
The FCA said that Burford attracted investors through blogs, articles and a book promoting his trading credentials, and used the "Tramline Trader" moniker. They trusted him because of his purported financial expertise. But he repeatedly misled investors about fund performance and concealed losses, using their money to fund his lifestyle and buy property.
"John Burford deliberately misled investors, stealing their money to fund his own lifestyle. We will pursue those who abuse investors' trust and ensure they do not profit from their criminality. We are asking anyone who believes they have been affected by this investment scam to contact us."
-Steve Smart, Joint Executive Director of Enforcement and Market Oversight, FCA
Investigations are continuing with confiscation proceedings.
Judge Coles described the case as a "sustained fraud causing much misery to investors" and said Burford "used other people's hard-earned money as a cash fund to purchase a house and for living expenses".
"You marketed yourself as a highly skilled trader and tricked people into having confidence in you. Old age is never an excuse for avoiding punishment for serious offending."
-Judge Coles
The trio - Charles Hunter, Kayan Kalipha and Luke Desmaris - allegedly encouraged their social media followers to invest in foreign exchange (forex or FX) trading through high-risk vehicles, known as contracts for difference (CFD), without having the proper authorisation to promote such investments.
Appearing at Westminster Magistrates' Court, they pleaded not guilty to charges of "communicating an invitation to engage in investment activity" in violation of securities law.
The action is part of a broader global crackdown on illegal promotions involving nine regulators in six countries aimed at tackling growing concerns about the role of unregistered finfluencers.
All three will appear at Southwark Crown Court next month.
Anyone who believes they have suffered loss is asked to contact the FCA customer contact centre on 0800 111 6768.
Credit Agricole Corporate and Investment Bank (CACIB) has agreed to pay €88.2 million to settle a French investigation into dividend tax fraud.
The so-called 'cum-cum' trades, which the French financial prosecutor (PNF) described as "common" among French financial institutions, were allegedly used to allow foreign investors to reclaim or avoid French dividend taxes.
Around dividend payment dates, foreign investors temporarily transferred shares in French companies to local tax-exempt entities, such as domestic banks, to reduce or avoid tax.
Between 2013 and 2021, prosecutors said that around 2,500 transactions had been executed, generating €50 million in profit. They claimed that CACIB routinely facilitated such deals, although they accepted that CACIB did not run a sales campaign to promote the scheme.
In a statement, CACIB stressed that the settlement does not constitute a criminal conviction and that it did not knowingly encourage foreign clients to engage in securities lending and borrowing or derivatives transactions for the purpose of tax evasion.
CACIB is the first French bank to settle the case.
Two brothers, Matthew and Nikolas West, have received suspended sentences for insider dealing.
The two brothers, who were described as "seasoned traders" with over 20 years' experience in the UK and abroad, had an extensive network of investment professionals.
Matthew West was often given tips by brokers about investment opportunities. Messages revealed that Matthew received inside information through legitimate broker communications but then unlawfully disclosed it to his brother.
Within minutes of receiving confidential information, they had executed trades, making a profit of £44k, fully aware that this breached market rules. Their misconduct was captured using the FCA's market surveillance tools.
The brothers received suspended prison sentences totalling 21 months and were ordered to pay £280k, reflecting the full value of the shares that were traded rather than the profits made.
"Greed got the better of them. The West brothers knew the rules and still chose to break the law. This should serve as a reminder that the FCA will take action against those who abuse their position and break the law – including depriving them of their ill-gotten gains."
-Steve Smart, Executive Director of Enforcement and Market Oversight
Bank of America Securities will pay $5.56 million to resolve an investigation by the US Department of Justice into alleged market manipulation.
The investigation found that between 2014 and 2020, two of its former employees on the bank's US Treasuries desk separately manipulated the secondary ("cash") and futures markets by allegedly placing "spoof" trades, ie without any intention of executing them.
The two traders entered more than 1,000 spoof orders, according to the regulator. One of them, Tyler Forbes, pleaded guilty to manipulating securities prices in 2022.
The US Justice Department said:
"As part of the resolution, the Justice Department has declined to prosecute BoAS, and BoAS will disgorge approximately $1.96 million and contribute approximately $3.6 million to a victim compensation fund it will establish and administer."
Bank of America Securities paid $24 million in 2023 for the same issue. Speaking at that time, Bill St Louis, the head of enforcement at FINRA, said:
"Spoofing undermines the transparency and integrity of the markets by distorting the true nature of supply and demand. Spoofing is especially detrimental in the U.S. Treasury securities market, given its status as a benchmark for countless financial instruments and transactions."
We have created a series of comprehensive roadmaps to help you navigate the compliance landscape, supported by e-learning in our Essentials Library.