#compliance

Did anyone catch the question during the AMA event where SM admitted they were seriously considering combining Ops Risk and Compliance? She said she thought it was a good idea and that our peer banks have already done it... Is Compliance done for??

Both NY and NJ have 90 requirements for WARN notices. How is Verizon justifying some NYers staying on until 12/19 while NJers stay on until 2/19?

A company is not always required to provide notice if it offers severance benefits, but it must comply with the WARN Act or state laws for mass layoffs and plant closings. If an employer fails to give the required 60 days' notice under the federal WARN Act, it can provide a severance package instead of notice. The severance package can serve as payment in lieu of notice and may be used to offset any damages the company owes. However, the severance package must be "voluntary," meaning it isn't already required by another law, contract, or company policy.

Key points about WARN Act and severance

WARN Act notice: For qualifying employers, the federal WARN Act requires 60 days' advance written notice for mass layoffs or plant closings.

Severance as pay in lieu of notice: An employer can offer a severance package as an alternative to the 60-day notice period. This package can include pay and benefits for the 60 days.

Offsetting damages: If an employer provides a voluntary severance package, it can be used to offset the back pay and benefits the company would otherwise owe for violating the WARN Act.

Voluntary payments: The severance package must be "voluntary," meaning it's not something the company is already legally required to pay under a separate law, contract, or established company policy. If it is a mandatory payment, it cannot be offset against WARN damages.

State-level laws: Some states have their own "WARN" acts that may require longer notice periods or have different requirements than the federal law.

If an individual is engaged in multiple full-time positions simultaneously during standard working hours (Monday through Friday, 9 a.m. to 5 p.m.), to whom or through what channel should such a situation be reported?

I noticed new items have been added in the expectations. Consider this an official warning that HR can use against you.

• In-office days are expected to be eight hours in the office (i.e., don't come in at all if you can't stay 8 hours, even if you're coming in an extra day more than required).
• Employees who need to leave early for medical appointments or childcare should come in extra hours in-office on other days or "talk with their managers." (like the 3 day requirement, your managers should be able to override it on a case-by-case basis if they document it beforehand).
• Half day PTO of all forms of time away count as in-office days still, even with the 8 hour requirement going forward.

https://www.hcamag.com/us/specialization/employment-law/bank-of-america-faces-lawsuit-over-alleged-unpaid-computer-boot-up-time/554302

This is very interesting read.
I can see Bridget Engle getting fired and Charlie tossed as well for tracking hours of exempt employees and treating them like hourly. I can't wait to see those reports:) Doubt she finds work again not having a college degree, passing herself off as a techie. Carrie and Stumpf had "eight is great", Bridget and Charlie have "8 hours office tracking."

as you can see the complainers and negative feed back people are the ones that are abusers.
MST home dispatch tech use and abuse company assets. They drive 100K-200K bucket trucks to their home and back to their home garage everyday. Big V8 6.3 L engines use a lot of gas and insurance on top. Also, with MST high pay and only have .5 job per tech a day per tech how is that saving company money and liability.
There are rules to follow when joining home dispatch program. Following the rules helps save gas and time and wear and tear on a vehicle used to drive to work and to home. But MSTs abuse this program from driving to the garage every day and dispatching at the garage. Making a stop at the grocery store to grocery shop in the company vehicle before driving home. Not closing your last job at the job site and instead, drive home and being still dispatched on your work ticket and then closing the job when you arrive home. I follow the rules, and I do not want the home dispatch program to go away because of MSTs taking advantage of the abuse. Also, MST managers are favoring many MSTs and letting the home dispatch MSTs do what ever they want. STOP ABUSING THE HOME DISPATCH PROGRAM YOU MSTs. You know who you are...

US Department of Labor has launched an initiative to prevent the abuse by corporations often H-1B Visa program spamming the over hiring of jobs that are displacing US Citizens. The initiative is focused on ensuring that US American Citizens are put at higher priority for skilled labor jobs in technology and healthcare.

Is there a major round of layoffs about to hit the compliance department? Dan Veale, the global head of surveillance was reassigned to a far less prestigious area of ICRM. Jennifer Taylor, the Chief Compliance Officer of a major unit, has not been seen in the office for weeks. She also no longer has anyone reporting to her as per the global directory, of where till recently had. The Jersey City location is filled primarily with compliance officers, of where Citigroup recently fired a WARN Act with the state of New Jersey, that the bank intends to layoff 70 staff in that location the first week of December. In summary, the combination of an official WARN notice for a location housing compliance staff and the apparent elimination or reassignment of two senior compliance executives makes it highly probable that a major reduction in force is targeting the compliance department. Anyone else observing possible pre positioning ahead of a major change?

Is anyone else experiencing massive data and reporting issues for their LOB? An example would be incorrect regulatory reporting sent externally. It feels like the shift higher up to push for automation and restructure is placing health plans at compliance risk. Are we just going all in here despite legal, regulatory, and future RFP risk? This seems obvious as I'm typing, but more curious if others are seeing this.

Has the CEO broken SEC rules on declaring Free Cash Flow on the Q3 Results, after he admits to the employees that it is only there because the company held payments for debts.

Never seen such a clear excuse to use to cut people who arent aware of not being in compliance

The MEG “improved offer” announcement should make a few folks inside CVE uncomfortable. The question investors should be asking isn’t whether the Vawn assets are material to Cenovus, it’s whether the side-deal Strathcona received treats all other MEG shareholders fairly. Because if a private buyer gets a sweetheart deal on sold assets, that’s a transfer of value - plain and simple - and it raises serious questions about compliance with securities-law principles of fair and equal treatment. It’s also striking how the MEG board hides behind its advisors (BMO, RBC) instead of defending its own judgment. “Our advisors told us it was fine” isn’t a fiduciary defense - it’s an abdication of duty. If this ever gets real regulatory attention from the ASC - or even the SEC - the paper trail around valuation assumptions, fairness opinions, and board communications will matter. Until then, rank-and-file CVE employees get to watch leadership pretend the assets were sold at fair value while staff job cuts hang in the balance.

MST home dispatch tech use and abuse company assets. They drive 100K-200K bucket trucks to their home and back to their home garage everyday. Big V8 6.3 L engines use a lot of gas and insurance on top. Also, with MST high pay and only have .5 job per tech a day per tech how is that saving company money and liability.
There are rules to follow when joining home dispatch program. Following the rules helps save gas and time and wear and tear on a vehicle used to drive to work and to home. But MSTs abuse this program from driving to the garage every day and dispatching at the garage. Making a stop at the grocery store to grocery shop in the company vehicle before driving home. Not closing your last job at the job site and instead, drive home and being still dispatched on your work ticket and then closing the job when you arrive home. I follow the rules, and I do not want the home dispatch program to go away because of MSTs taking advantage of the abuse. Also, MST managers are favoring many MSTs and letting the home dispatch MSTs do what ever they want. STOP ABUSING THE HOME DISPATCH PROGRAM YOU MSTs. You know who you are...

So we got all our severance agreement emails. But a friend got a strange attachment sent along with theirs. It’s a list of job titles, ages, and two other columns saying “selected for layoff” and “not selected for layoff”. It has no names or location. So for example it says “Med Asst Lead” and then an age next to it (ex: 25) and then an x under the “selected” or “not selected” for layoff column… It looks like it was an accident and shouldn’t have been sent to them. But I find it very strange that they included the age but no name or location

If you were one of the people that did download the list, I received an email from Cybersecurity letting me know I broke policy by accessing sensitive information. They only asked to respond back to confirm any copies have been deleted, and if you distributed the list, to let them know where you shared it. My director was CCd on the email, but they didn’t think it was a big deal and moved on. There will only be action taken if you don’t respond to the email.

Are we just not even going to pretend to be a compliant & sound bank? Has USAA just given up on quality leaders, innovation, member focus and truly caring about its employees. We’ve gotten so used to scraps around here, when id--ts with a title makes greed based decisions we all just nod and clap. This place will have a day of reckoning. When and how bad, who knows. My prediction is lights off and news cameras we wake up to randomly one morning.

I have worked closely with RCSA. I have a pretty broad view where we are from a quality standpoint.

It is mostly trash and too high level. Where is audit? Better question, where is Wells Fargo Compliance?

This bank will be back in the news within 4 years. This isn’t risk management. I don’t know what to call it. Investment in a process that results in deterrence?

I've heard through the vine that folks with longstanding and easily proven medical accommodations - the accommodations are being reviewed or terminated. The federal ADA states that the employer can periodically review an existing, but not terminate. Has anyone experienced this?

AT&T’s latest masterclass in self-sabotage: spend millions attacking T-Mobile, violate NAD rules, and get slapped with a cease-and-desist.
You’d think someone in legal or marketing would’ve caught that — maybe the one competent person who actually reads compliance documents.

But that person got RTO’d to Dallas or Atlanta five days a week, fighting for a seat, dodging “collaboration days,” and wondering why their life turned into a bad sitcom.
Meanwhile, the yes-men who approved this ad are sipping coffee in their corner offices, calling this fiasco “brand momentum.”

Let’s be honest — we’re not #1 in customer service or innovation.
We’re #1 in wasting money. We should be a Harvard Business School case study on how to find new ways to burn cash and call it a strength.
Only AT&T could turn a marketing campaign into a compliance violation and call it “forward-thinking.”

Now the ad’s gone, the money’s gone, and morale’s in free fall — but hey, at least leadership gets another “All-Hands” meeting to tell us how proud they are of the team.

As you are making personnel decisions you should know that he must go. He was Frank's lawyer for a decade with a one year break when he was picked second to the Fiserv lawyer. Think about it, he has been at every advance meeting of earnings as the top legal and compliance official. He has been in every conversation about audit, compliance, governance and not ONCE did he ever say hey Bob and Frank maybe that is too aggressive we shouldn't do that???? Also, oddly he was given "operations" responsibility, was that to detract from his responsibilities for legal and compliance. Did that compromise him or at minimum distract him from his role as Chief Legal Officer. I think you or anyone would know that he was either complicit or incompetent and as a CEO you need a Chief Legal Officer who is trusted.

Part of corp risk

There are so many questions about RTO and many wrong assertions. This is what I KNOW based on direct involvement with the process.

• Badge Swipes IN are tracked and reported. The reports are provided to GL 32 leaders every Monday morning. The report contains the employee, the day and the time of the swipe. It also shows through a conditional format those that are non-compliant
• In-office duration is NOT tracked. The only way to track duration would be to have exit swipes. Exit swipes will NEVER be required because they violate fire codes in the US. You can't have the doors lock people in.
• Seats ARE randomly audited but only by "uptight" managers, not as a required practice. I was called out once for not being in my assigned desk. I was actually in the office but opted to use a "huddle room" for work because I was on the phone constantly and the area they had me in was loud with dev teams that had zero to do with my job.
• People have had "swipe teams". That's groups that get together and each week someone brings everyone's badges into the office and swipes for folks. They trade off week over week. It's common in non-guarded buildings and will 100% get you terminated "with cause". It became evident in my city because the swipe report occasionally show entire groups coming in at the same time everyday for a week. The "swipers" were in other words sloppy. I've seen it.

I understand we should not have personal documents on work laptop but if you have them, how are you transferring them? Is email the best way to go

From summer 2026, new EU rules will come into force, introducing far-reaching changes in employers’ obligations regarding pay and pay transparency. The objective of Directive (EU) 2023/970 is to ensure effective equal pay for equal work and work of equal value, as well as to strengthen the transparency of recruitment and pay practices.

The upcoming rules raise a number of questions and practical challenges for employers, who should already start preparing now

Realize that there are significant number of well enumerated drone workers at Shell, but doing business in and traveling to India have potential regulatory burdens…the Chevron model.

Summary of the Situation

Chevron has invested approximately $1 billion in its Engineering and Innovation Excellence Center (ENGINE) located in Bengaluru, India. While this expansion is intended to improve efficiency and global project collaboration, there may be long-term tax and compliance costs associated with how the operation is structured under Indian law.

The following sections outline general, factual information based on standard international taxation frameworks such as Permanent Establishment (PE) and Transfer Pricing — not internal Chevron data.

⸻

Permanent Establishment (PE) and Tax Liability
• If a foreign company establishes a fixed place of business in India (for example, an engineering or project office), Indian authorities may classify it as a Permanent Establishment (PE).
• This triggers tax obligations on profits attributed to work performed in India, even if the project serves clients elsewhere.
⸻

Profit Attribution
• Under Indian law, part of a company’s global income can be taxed locally if significant value creation or management occurs in India.
• For instance, if Australian or U.S. projects are executed by teams in India, India can claim a portion of those profits for taxation.
⸻

Taxation of Foreign Subsidiaries
• Corporate Tax: Subsidiaries or branches in India are taxed on income earned locally, typically around 22% (plus surcharge and cess).
• Transfer Pricing: Intercompany transactions (e.g., management fees, subcontracting, asset transfers) must follow India’s arm’s-length pricing rules.
• Withholding Tax: Payments from India to foreign parent entities (royalties, fees, or dividends) may face withholding taxes depending on applicable treaties.
⸻

Cross-Border and Expat Implications
• Projects Managed from India: Even if work supports projects in Australia or the U.S., India can still tax the related income if the work is performed domestically.
• Foreign Expats in India: Employees from other countries working in India may be taxed under Indian income tax laws based on their residency status.
⸻

Estimated Financial Impact (Industry Benchmarks)
Benchmarking studies (e.g., from KPMG and EY) indicate potential cost impacts in several areas:
• Transfer Pricing Adjustments: 5–15% increase in taxable income due to stricter cost scrutiny (e.g., management fees, FX losses, share-based pay).
• Profit Attribution: 15–25% of global project profits could be attributed to India for high-value engineering or design work.
• Compliance Costs: Ongoing regulatory, IT, and operational costs may total $2M–$5M annually depending on scale.

Five-Year Projection (2025–2030):
• Transfer Pricing Adjustments: estimated at $10 million to $20 million per year, totaling $50 million to $100 million over five years.
• Profit Attribution Tax Impact: estimated at $15 million to $30 million per year, totaling $75 million to $150 million over five years.
• Compliance and Administrative Costs: estimated at $2 million to $5 million per year, totaling $10 million to $25 million over five years.
• Total Global Business Unit Cost: approximately $27 million to $55 million per year, or $135 million to $275 million over a five-year period across all Chevron business units utilizing the Indian center.

⸻

Strategic Considerations
While India offers substantial cost and talent advantages, aggressive profit attribution and tax compliance requirements could partially offset those savings. This highlights a broader issue many multinationals face when expanding shared services or engineering hubs abroad.

⸻

Sources:
• Indian Income Tax Act and Transfer Pricing Rules
• OECD Guidelines on Permanent Establishments
• Public benchmarking data from KPMG and EY

⸻

Would be interested to hear others’ perspectives on how these kinds of global engineering consolidations impact overall efficiency and cost management across Chevron’s business units.

Has anyone heard anything about Ashburn, VA office and warehouse/workspace being on the DCMA property audit radar? GFE/GFP is not tagged or separated from L3Harris' owned property or equipment -in fact, the entire place is a mess with equipment and property strewn about. The Indian guy who came over from Boeing has known about this for months however he just frets about this massive growing problem yet nothing ever changes. Asking for a friend who wants to leave right before the Sh*t hits the fan.

The Department of Justice filed charges against Peter Williams, an Australian national who served as general manager of Trenchant, a specialized cybersecurity division within L3Harris.

Federal prosecutors have accused a former executive at L3Harris Technologies’ cyber division of stealing trade secrets and selling them to an undisclosed buyer in Russia, according to court documents obtained by CyberScoop.

The Department of Justice filed charges against Peter Williams, an Australian national who served as general manager of Trenchant, a specialized cybersecurity division within L3Harris, which provides hacking and surveillance tools to Western intelligence agencies. The DOJ alleges Williams misappropriated eight trade secrets from two unnamed companies between April 2022 and August 2025, charging that he earned $1.3 million in connection with the sales.

While the filings do not specify the nature of the stolen trade secrets nor do they identify the Russian buyer, they allege Williams systematically transferred confidential proprietary data over a period spanning more than three years. Prosecutors are seeking the forfeiture of Williams’ assets, including his residence, luxury watches, jewelry, and funds in seven bank and cryptocurrency accounts, claiming these were derived from the criminal activity.

Neither Trenchant nor its parent, L3Harris, is accused of any wrongdoing in the federal complaint. An arraignment and possible plea agreement are scheduled for Oct. 29 in Washington, D.C.

Trenchant, formed in 2018 following L3Harris’s acquisition of Azimuth Security and Linchpin Labs — Australian startups that developed zero-day exploits — caters to governments in the intelligence-sharing Five Eyes alliance. These technologies, based on undisclosed vulnerabilities, are considered valuable assets in intelligence and defense circles, sometimes commanding prices in the millions, and are tightly held given their national security implications.

The allegations against Williams arrive in the wake of an internal investigation at Trenchant earlier this year, reportedly prompted by a leak of hacking tools. According to multiple former employees interviewed by TechCrunch, one former exploit developer was wrongly accused by company officials of leaking the tools, particularly exploits targeting products like Google Chrome.

Whether the Justice Department’s action is tied directly to this internal leak investigation remains unclear. Court filings do not explicitly connect the sale of secrets to the incident or elaborate on overlaps between the two events.

L3Harris, headquartered in Melbourne, Fla., declined to comment. Williams’ attorney did not reply to CyberScoop requests for comment.

https://cyberscoop.com/ex-l3harris-executive-accused-of-selling-trade-secrets-to-russia/

Pretty embarrassing there is no WARN posted yet on the DEED website - https://mn.gov/deed/programs-services/dislocated-worker/dislocated-worker/news/
Not good.

Today, we're announcing a number of role reductions and a series of organizational changes within the Risk org. These decisions are difficult, and we recognize the impact they will have on valued colleagues and teams. I want to share what's changing and why.
WHY WE'RE MAKING THE CHANGES
• Over the past few years, we've invested in building more global technical controls and in standardizing our requirements and verifiers within Risk Review. We've made significant progress in how we approach risk management and compliance. By moving from bespoke, manual reviews to a more consistent and automated process, we've been able to deliver more accurate and reliable compliance outcomes across Meta. This standardization means that many routine decisions can now be handled efficiently by technology, freeing our teams to
•focus on the most complex and high-impact challenges. As a result, we don't need as many roles in some areas as we once did. Our work has matured, and we're at a point where we can operate more efficiently and effectively, while still upholding the highest standards for compliance.
• KEY CHANGES WE'RE MAKING:
• Reducing roles in Product Risk Program Manager, Shared Services and Global Security & Privacy (GSP) teams.
• Consolidating more Areas work in London, where we have strong leadership and engineering presence.
• Reorganizing GSP and integrating it with the Reg Readiness and DPO team, which we're renaming Regulatory Compliance Programs.
LOOKING AHEAD
We remain committed to delivering innovative products while meeting our regulatory

• obligations. These changes do not alter our policies, standards for compliance, or legal responsibilities. Automation and technology. will continue to strengthen our compliance program, but human judgment will always play a crucial role in assessing novel and complex issues. This is a natural next step in our journey, and as our processes mature, our teams will be able to focus on the most challenging and high-impact work.
  We also know this is a hard day for many. Our priority is to support impacted employees and help them find new opportunities, within Meta or beyond. We are equipping managers and team leaders with resources to support their teams, and we will continue to communicate openly as we move through this transition. We are grateful for the contributions of everyone affected and remain committed to supporting you through this change.

The OCC's effort to hold former Wells Fargo executives accountable for the bank's fake-accounts scandal — which relied on charges brought in the administrative law system — has ended with barely a whimper.

https://www.americanbanker.com/news/occ-settles-its-last-remaining-wells-fargo-case-for-0

Or corporate compliance in general? All the leading stakeholders (CR director, program manager, compliance specialists, fair & responsible banking leaders, etc.) have mysteriously exited the bank and now I just saw someone post that CQA is pulling out of the program too. Seems like the whole program is being redesigned as nothing more than a window dressing.

Used to do some CR reporting and thought about applying for one of their recent openings but something shady seems to be going on in the 2nd line CR team but no one is talking about it. No different than any other area I guess. Just buyin' some time until I can make my exit too, but can't take much more of my current team/manager. I'm afraid there is no greener grass to be found anywhere at this bank.

There is a WSJ article today about companies deducting employees' contributions but not depositing the money into their 401(k) accounts. Has anyone here experienced this? I haven't checked my 401(k) closely, assuming everything was okay.

Maybe Newsweek should look at that a little closer. How do you get ranked a high CS company when their internal security is complete garbage, they have customer apps that have clear passwords stored and can easily be bypassed, nothing is written to follow standards, best practice as far as design or security and you have Directors mandating their staff NOT use corporate approved communication applications, that are by the way Chinese based. Would be one of the LAST companies Id pin "one of the best" on.

I’m not sure why the original post on this topic was taken down, but I’ve updated the content to align with TheLayoff.com’s posting guidelines. The information below is fact-based and summarized from publicly available corporate and tax principles. Hopefully this version allows for a constructive discussion around Chevron’s ENGINE setup in India and its possible business implications.

⸻

Summary of the Situation

Chevron has invested approximately $1 billion in its Engineering and Innovation Excellence Center (ENGINE) located in Bengaluru, India. While this expansion is intended to improve efficiency and global project collaboration, there may be long-term tax and compliance costs associated with how the operation is structured under Indian law.

The following sections outline general, factual information based on standard international taxation frameworks such as Permanent Establishment (PE) and Transfer Pricing — not internal Chevron data.

⸻

1. Permanent Establishment (PE) and Tax Liability
   • If a foreign company establishes a fixed place of business in India (for example, an engineering or project office), Indian authorities may classify it as a Permanent Establishment (PE).
   • This triggers tax obligations on profits attributed to work performed in India, even if the project serves clients elsewhere.

⸻

1. Profit Attribution
   • Under Indian law, part of a company’s global income can be taxed locally if significant value creation or management occurs in India.
   • For instance, if Australian or U.S. projects are executed by teams in India, India can claim a portion of those profits for taxation.

⸻

1. Taxation of Foreign Subsidiaries
   • Corporate Tax: Subsidiaries or branches in India are taxed on income earned locally, typically around 22% (plus surcharge and cess).
   • Transfer Pricing: Intercompany transactions (e.g., management fees, subcontracting, asset transfers) must follow India’s arm’s-length pricing rules.
   • Withholding Tax: Payments from India to foreign parent entities (royalties, fees, or dividends) may face withholding taxes depending on applicable treaties.

⸻

1. Cross-Border and Expat Implications
   • Projects Managed from India: Even if work supports projects in Australia or the U.S., India can still tax the related income if the work is performed domestically.
   • Foreign Expats in India: Employees from other countries working in India may be taxed under Indian income tax laws based on their residency status.

⸻

1. Estimated Financial Impact (Industry Benchmarks)

Benchmarking studies (e.g., from KPMG and EY) indicate potential cost impacts in several areas:
• Transfer Pricing Adjustments: 5–15% increase in taxable income due to stricter cost scrutiny (e.g., management fees, FX losses, share-based pay).
• Profit Attribution: 15–25% of global project profits could be attributed to India for high-value engineering or design work.
• Compliance Costs: Ongoing regulatory, IT, and operational costs may total $2M–$5M annually depending on scale.

Five-Year Projection (2025–2030):
• Transfer Pricing Adjustments: estimated at $10 million to $20 million per year, totaling $50 million to $100 million over five years.
• Profit Attribution Tax Impact: estimated at $15 million to $30 million per year, totaling $75 million to $150 million over five years.
• Compliance and Administrative Costs: estimated at $2 million to $5 million per year, totaling $10 million to $25 million over five years.
• Total Global Business Unit Cost: approximately $27 million to $55 million per year, or $135 million to $275 million over a five-year period across all Chevron business units utilizing the Indian center.

⸻

1. Strategic Considerations

While India offers substantial cost and talent advantages, aggressive profit attribution and tax compliance requirements could partially offset those savings. This highlights a broader issue many multinationals face when expanding shared services or engineering hubs abroad.

⸻

Sources:
• Indian Income Tax Act and Transfer Pricing Rules
• OECD Guidelines on Permanent Establishments
• Public benchmarking data from KPMG and EY

⸻

Would be interested to hear others’ perspectives on how these kinds of global engineering consolidations impact overall efficiency and cost management across Chevron’s business units.

Let’s see how many people are gone for made up issues that are buried in one of the million policies! Saves money not paying and losing your pension

I believe I am being unfairly singled out by one of the Senior Directors within Superior Compliance. It has come to my attention that this individual has made unprofessional remarks about team members via Teams and has demonstrated behavior that could be described as undermining and unsupportive. Her conduct has contributed to a challenging and uncomfortable work environment.