Data Breach, Supply Chain, AML Reforms & DPO – 09/29/2025

This compliance intelligence digest highlights critical updates, including a data breach at Veradigm, a FASCA order impacting Acronis, and phishing attacks targeting Ukrainian officials. Supply chain vulnerabilities are exposed through Chinese support of Russian drone manufacturing. Additionally, insights are provided on AML reforms, the role of DPOs, and strategies for compliance leaders to measure effectiveness.

Top 5 Critical Compliance Alerts

• Veradigm Announces Data Breach Affecting Several Customers: Veradigm, a provider of practice management and electronic health record solutions, reports a data breach affecting several customers. Read more
• DNI Issues First-Ever FASCA Order, Excludes Acronis from Intelligence Community Contracts: The federal government takes supply chain protection action, excluding Acronis from intelligence community contracts. Read more
• Ukrainian Cops Spoofed in Fileless Phishing Attacks on Kyiv: Attackers impersonate the National Police of Ukraine to deploy Amatera Stealer and PureMiner via malicious SVG files. Read more
• Chinese experts, Russian drones: What the drone case reveals about supply chain blind spots: Investigation reveals Chinese drone specialists working with sanctioned Russian arms manufacturer IEMZ Kupol. Read more
• PCAs in the firing line: What law firms need to know about the Treasury’s AML reforms: HM Treasury is tightening AML compliance, focusing on pooled client accounts (PCAs) in law firms. Read more

Regulatory Updates

• PCAs in the firing line: What law firms need to know about the Treasury’s AML reforms: HM Treasury is tightening AML compliance, focusing on pooled client accounts (PCAs) in law firms. Read more
• Turkey’s First Climate Law: Environmental Necessity Meets Export Strategy: Law creates framework for 2053 net-zero target while positioning Turkey for green trade advantages. Read more

Third-Party Risk & Due Diligence

• Chinese experts, Russian drones: What the drone case reveals about supply chain blind spots: Investigation reveals Chinese drone specialists working with sanctioned Russian arms manufacturer IEMZ Kupol. Read more
• DNI Issues First-Ever FASCA Order, Excludes Acronis from Intelligence Community Contracts: The federal government takes supply chain protection action, excluding Acronis from intelligence community contracts. Read more
• Seeing Tomorrow’s Supplier Risks Today: Why Predictive Analytics is Critical?: Predictive analytics are critical for managing supplier risks, as highlighted at the Salesforce Manufacturing Summit. Read more

Policy & Governance Updates

• Why Compliance Leaders Should Think Like Marketers When Measuring Effectiveness: Compliance can prove business impact by adopting marketing strategies for measuring effectiveness. Read more
• How to Become a DPO (Data Protection Officer) in the UK: Guidance on becoming a Data Protection Officer in the UK, a fast-growing privacy role. Read more
• When Bots Rip Apart Your Business: Corporate compliance officers must consider the impact of bots on corporate culture and ethical priorities. Read more