ComplyBoardYour Next
Audit Starts
Now.
Senior counsel for firms navigating SOX enforcement, AML program gaps, and GDPR cross-border exposure — before the examiner's letter arrives.
Managing Principal
Margaret A. Holloway, J.D.
Former OCC Senior Examiner · 18 years in regulatory enforcement
Marcus T. Wentworth
Partner, Financial Services
AML Program Architecture & BSA Enforcement
When a mid-Atlantic regional bank received a consent order citing deficiencies in its AML transaction monitoring program, Marcus rebuilt their entire risk-tiering model in eleven weeks — before the OCC's follow-up examination. The finding was closed. The program now serves as an internal benchmark across their three-state footprint.
"Consent order closed in 11 weeks. Zero repeat findings."
Former FinCEN Policy Analyst · FinSEN Liaison, 2009–2016
Dr. Priya R. Chandrasekaran
Partner, Data & Privacy
GDPR Cross-Border Transfers & Article 27 Compliance
A Series C fintech expanding into Germany faced a DPA inquiry within sixty days of launch over their data transfer mechanisms. Priya mapped every processing activity, re-papered their Standard Contractual Clauses, and drafted a Transfer Impact Assessment that satisfied the Hamburg DPA in a single round of correspondence. They launched on schedule.
"DPA inquiry resolved in a single correspondence round."
Former Article 29 Working Party Contributor · EU DPA Liaison
James O. Callahan
Partner, Public Company & Healthcare
SOX 302/404 Internal Controls & HIPAA Security Rule
A 400-bed regional hospital network discovered material weaknesses in their revenue cycle controls during pre-audit testing — six weeks before their external auditor's fieldwork began. James's team remediated seventeen control gaps, documented the compensating measures, and prepared management's assessment. The auditor issued a clean opinion. No material weakness disclosed.
"17 control gaps remediated. Clean auditor opinion issued."
Former PCAOB Inspection Staff · Big Four Audit, 12 years
When the OCC examiner walked into our boardroom, ComplyBoard had already walked us through every question they were going to ask. We weren't defending a program — we were presenting one. That distinction is the entire value of this firm.
Sandra K. Ofoegbu
General Counsel · Meridian Community Bank, N.A. · $2.4B assets
Q1 2026 Enforcement
Trends Brief
Forty-seven pages. Four regulatory bodies. One brief that tells your board what changed, what's coming, and where your exposure sits — written by practitioners who've been on the other side of the examination table.
Heightened standards guidance for mid-size banks under $100B
Q1 2026Beneficial ownership rule enforcement ramp — exam focus areas
Q1 2026HIPAA Security Rule NPRM — proposed technical safeguards update
Q1 2026Cybersecurity incident disclosure rule — first enforcement actions
Q1 2026+ 43 additional developments across CFPB, CFTC, and state DFS
ComplyBoard Intelligence Series
Q1 2026 Regulatory
Enforcement Trends
OCC · FinCEN · HHS OCR · SEC
47 Pages · 4 Agencies
Published February 2026
Download the Brief
Enter your work email. We'll send the brief immediately — no call required, no follow-up without your permission.
No phone required. Unsubscribe anytime.
Schedule a
Regulatory Review
A 45-minute working session with the principal most relevant to your situation. No pitch. No deck. We read the room and tell you what we see.
Pre-call preparation
We review publicly available examination findings and enforcement actions for your firm before the call.
Situation assessment
We map your stated concern to the current examination environment and identify adjacent exposures.
Clear next step
You leave with a written summary of our assessment and a specific recommendation — whether that involves us or not.