7 Big Compliance Fines before GDPR

Updated: Apr 13


The existence of rules and regulations to help implement fairer and a more transparent market is a very good thing particularly to the public and their safety. These are present in order to protect the right of the customers and prevent exploitation. But this, however, has a different impression on the other end of the line. Most industries such as finance and health-care often find “compliance” as a tedious job and limit their activity.


Having more regulations is often loathed by several companies for this would mean having to spend more money in order to comply with what the regulations require them. This includes improving technology, hiring more employees and adding a system to ensure that rules have been strictly followed.


With that in mind, there often needs to be a factor in order to really force these companies to comply, especially when a lot of time and effort will be needed as a form of investment for strict compliance. That is where fines enter.


Monetary fines have long existed by authorities and regulators across the globe to really inculcate companies to follow suit. Many industries consider it “malicious” as fines would force them to abide by the rules and strip them the liberty to do what they want.


But even then, it still is not enough to prevent companies from breaking the rules. Some businesses would often find themselves failing to comply with the regulations implemented and the list just keeps on piling up. While some may only be paid a fair price for being negligent, some companies are unfortunate enough to reap what they sow big time and when we say big, we mean BIG. We are talking about fines ranging millions to whopping billions!

7th: New York-Presbyterian Hospital and Columbia University ($4.8 million, 2014)


The first one on our list, although did not pay quite as large when compared to the others, still suffered millions of damage for non-compliance. The New York-Presbyterian Hospital and Columbia University were fined when they accidentally released confidential information of 6,800 patients online in the year 2010.


This supposed confidential information is closely guarded by the privacy provision of the Health Insurance Portability Act (HIPAA) and their failure to obey has led them to settle with the provision and pay $4.8 Million dollars for the damage that they caused.


6th: Advocate Health Care ($5.5 million, 2013)


Another health-related breach has come across our list and this time, paid a higher fine compared to the previous one. Advocate Health Care had to pay $5.5 Million for misplacing the data of 4 million patients. They also failed to conduct a safety protocol which could’ve prevented this unfortunate event which leads them to pay a fine which is considered to be the largest settlement with the HIPAA.

5th: Rio Trinto (£27 million / $35.6 million, 2017)


The next one on our list is a gigantic mining company from the UK which has paid approximately $ 3.5 million in charges due to failure to write down the value of its Mozambique mines which violates the disclosure and transparency rules of Financial Conduct Authority (FCA). This is also noted as the highest fine imposed by FCA for breaching the rules.

4th: Deutsche Bank (£163 million / $203.83 million, 2017)


British regulators fined the German Lender for exposing the UK’s Financial System to the risks of financial crime by failing to properly oversee the formation of new customer relationships and the booking of global businesses in the U.K.


Because of this, along with their other lapses, the FCA has charged them a 9-digit fine which is considered as the most significant penalty that the authority has applied.

3rd: Citigroup ($285 million, 2011)


From one bank to the next, Citigroup has paid a hefty price for defrauding investors about a billion of collateralized debt obligation tied to the US Market by their principal US broker’dealer subsidiary.


Citigroup bet against investors as the housing market showed signs of distress to which the Securities and Exchange Commission (SEC) charged them $285 million where some were returned to the harmed investors.

2nd: Goldman Sachs ($550 million, 2010)


We are now closer to our top spot and our fines have only gotten higher than ever. The next unfortunate company on our list is Goldman Sachs, an American multinational investment bank and financial services company.


They have been fined approximately half a billion dollars, which is the largest penalty given by SEC, for misleading its investors in a subprime mortgage product just as the U.S. housing market was starting to dwindle down.

Which now brings us to the last but definitely not the least company on our list…


1st: Google ($2.7 billion, 2017)


It’s impossible not to know about this next company as most people are definitely familiar with it. We’re talking about none other than Google. An American multinational technology company that specializes in Internet-related services and products

The most recent, most controversial and most expensive fine given to any compliance breach is given to Google for having to pay more than quadruple the amount of Goldman Sachs’ fines. They have been fined $2.7 billion for manipulating search results which is illegal under “EU antitrust rules” which denied other companies the chance to compete on the merits and to innovate.

Join our mailing list

© 2018 - 2020 GDPR Community Ltd

  • Facebook
  • Twitter
  • Instagram