The Biggest Ethics and Compliance News Stories of 2026 (So Far)

The first half of 2026 has been a stress test of the broader assumption that rules, accountability, and the fear of consequences are enough to keep organizations honest.

AI showed up everywhere this year, and mostly as a complication: hallucinated citations, deleted databases, jailbroken safety guardrails, and governance structures that companies are still building as the technology runs ahead of them.

Prediction markets handed a new insider trading channel to anyone with privileged information and a crypto wallet, and the cases that followed involved an anonymous account with foreknowledge of a presidential raid, a soldier who knew about the operation before it happened, and a Google engineer who simply looked up the answers.

Meanwhile, the broader enforcement environment has softened. The FCPA freeze, the drop in white-collar cases, the resignation of the SEC’s enforcement chief…none of these things have made misconduct less likely, but it has made the consequences of it feel further away. And once again, it falls to ethics and compliance to hold the line on business integrity.

What follows is a rundown of the biggest ethics and compliance news stories of the year so far. Each one illustrates a novel risk emerging, an easily socialized example of what can go wrong when a control fails, a perspective on the power of ethical business culture, or a proof point to the inherent value that E&C generates for an organization.

January

TOP STORY: The 2026 Edelman Trust Barometer arrived in January with a finding that managed to be both obvious and alarming: people across the globe are retreating into self-reinforcing information bubbles, not just in their media consumption but in their social structures, civic participation, and relationship to institutions. The report describes a kind of reflexive withdrawal — people choosing certainty over accuracy, familiarity over truth — in a way that makes the traditional architecture of trust, built on shared information and shared institutions, increasingly hard to sustain.

For the ethics and compliance world, the implications land close to home. When the broader cultural environment is sorting itself into mutually hostile camps, the idea that organizations can run effective speak-up cultures, build shared values, and maintain integrity through consistent messaging becomes a harder ask. Trust is the substrate on which ethics programs operate. A fraying trust landscape doesn’t excuse poor program design, but it does raise the difficulty level.

The report was released against a backdrop that seemed almost custom-built to illustrate its thesis: a new Congress debating who should regulate crypto (with Senate Democrats pushing for the more rigorous SEC and industry-aligned voices pushing for the friendlier CFTC), federal contractors being quietly asked to upload their actual work documents to train AI agents, and twenty men facing federal charges for allegedly fixing college basketball games in a gambling conspiracy. The only story that landed as something other than a warning was Matthew McConaughey, who took the pragmatic step of trademarking eight phrases associated with his likeness — including “Alright, alright, alright” — to protect himself from AI impersonation.

In other news:

• Glencore and Rio Tinto restarted talks over a proposed $260 billion merger, driven largely by AI-fueled demand for copper. The deal, if completed, would create the world’s largest mining company — and a potential flashpoint for conflict minerals compliance given the combined entity’s exposure to supply chain transparency obligations. (In related news, Natalia Shehadeh left ABB to become CECO at Rio Tinto, while Anja Verbeke moved from AkzoNobel to take the ABB role, both with March 1 start dates.)
• U.S. Customs and Border Protection issued its first Withhold Release Order of 2026 against Finca Monte Grande coffee over forced labor concerns — six ILO indicators, including debt bondage and retention of identity documents.
• The Corporate Board Member/Diligent Institute 2026 What Directors Think survey found that 58% of directors want fewer presentations and more time on strategic planning — a small but telling signal about where boards want their attention to go.
• The NIH improperly released genetic data from more than 20,000 U.S. children on at least 63 occasions since 2007 — in some cases to researchers promoting white supremacy. A serious data governance failure, and a stark reminder of what lax controls enable.
• A Bloomberg analysis found that white-collar enforcement has dropped significantly under the Trump administration, based on a Public Citizen review of DOJ and SEC activity.
• A Boeing whistleblower family settled a wrongful death lawsuit in South Carolina — another chapter in the company’s ongoing accountability reckoning.
• At Davos, Microsoft CEO Satya Nadella warned that AI is “living on borrowed time” if it doesn’t start producing measurable societal value — coining the phrase “social permission” in a way that signaled the real stakes of the AI investment cycle.
• Canadian Prime Minister Mark Carney delivered a Davos address built around the concept of “values-based realism” — accepting the world as it is while building from values rather than nostalgia.
• ADM agreed to pay $40 million to settle SEC accounting fraud claims.
• A federal judge found ICE had violated 96 separate court orders since January 1, 2026 alone — an extraordinary appendix attached to a contempt ruling in Minnesota.
• A Business Ethics Quarterly paper examined moral distress in business and healthcare settings — the psychological harm that comes from being required to act against your moral code, a concept the compliance world is increasingly borrowing from military and medical ethics.
• New Harvard Business Review research on how framing corporate values as aspirational — “who we want to be” rather than “who we are” — produced measurable improvements in manager behavior at Nationwide.
• The first major prediction market insider trading story of 2026 came to light in early January, when an anonymous Polymarket account placed roughly $30,000 on a contract tied to Nicolás Maduro being removed from power — in the hours before President Trump announced a U.S. raid on Caracas on January 3 that resulted in Maduro’s capture and removal from the country. The bet paid out approximately $436,000. Discussed on Ethicast Reacts, the story crystallized a risk E&C teams had been slow to map: prediction markets make it possible to monetize information that was never meant to be monetized, expanding what “inside information risk” looks like far beyond securities trading. The key question for any organization: do your insider trading policies cover betting platforms and prediction markets, or only brokerage accounts?
• The First Brands Group bankruptcy, which broke in September 2025, continued to reverberate as 2026 began. The aftermarket auto parts manufacturer — whose brands include Fram, Trico, and Centric — filed Chapter 11 disclosing liabilities of $10–$50 billion against assets of $1–$10 billion, with roughly $2.3 billion in receivables alleged to have simply vanished. The company’s founder and CEO was sued by trustees for allegedly misappropriating company funds for personal use — 17 luxury cars, a private chef, questionable payments to related parties — while the DOJ opened a criminal investigation. The story contains an E&C failure pattern worth studying: no compliance function, a founder who treated company money as personal assets, aggressive debt-driven acquisition strategy, and lenders who chose relationship comfort over basic due diligence. Crucially, some lenders did spot the red flags — and got out. The ones who stayed, or who never looked, are still counting the losses.

February

TOP STORY: The 2025 Corruption Perceptions Index from Transparency International landed in February with a damning entry for the United States, which reached its lowest-ever score. TI attributed the slide to weakening judicial independence, the freeze on FCPA enforcement, and cuts to overseas civil society funding — all of which have sent signals to other governments that the global anti-corruption architecture is available for dismantling.

The finding that democracies continue to underperform on corruption is particularly pointed given the argument that democratic governance is a natural structural advantage. When the countries that are supposed to model accountability retreat from it, the CPI becomes less an annual measurement and more an ongoing indictment.

February also delivered one of the year’s most pointed ironies in the compliance space: a KPMG Australia partner was fined AUD $10,000 for using AI to cheat on an internal AI ethics certification exam. The timing was striking given that COSO had just released new guidance on generative AI risks — and given what would happen at KPMG Australia several months later. The story resonated because it illustrated a pattern the compliance world is increasingly flagging: AI is being deployed inside organizations faster than governance and training infrastructure can keep up.

In other news:

• Binance was accused of firing compliance investigators who had uncovered nearly $1 billion in illegal transactions with Iran — a retaliation allegation with significant implications for how whistleblower protections function inside crypto companies.
• Charles Hunter Hobson, former VP of Sales at Corsa Coal Company, was convicted at trial for FCPA violations after allegedly bribing Egyptian officials to buy coal. It was a rare actual FCPA trial verdict — sentencing set for June 25.
• The World Bank Group released its Sanctions System Annual Report FY2025, noting increased complaint volume: 4,268 complaints received, 65 external investigations opened, and 19 sanctions cases submitted.
• Senior government lawyers are ignoring state court ethics rules with impunity, with federal officials arguing those rules simply don’t apply to them.
• As ICE enforcement intensified following the Minneapolis shootings of Renée Good and Alex Pretti, Time Charter published a widely-read piece on how leaders can respond with values-based leadership when institutional dysfunction creates workplace pressure.
• A UVA Darden School piece made the case that ethics is the defining issue for the future of AI — and that the window to get it right is closing.
• A new Journal of Business Ethics paper found that wage theft becomes more morally acceptable to people when it’s reframed as an expectation of employee loyalty or dedication — a troubling finding about how language shapes ethical judgment.
• Senior managers at the Co-op, the British member-owned grocery and services group, described a toxic culture that was suppressing speak-up behavior, with BBC reporting that fear and alienation were widespread.
• A federal court issued a ruling in a securities fraud case finding that information put into an AI tool loses attorney-client privilege — a decision with sweeping implications for how lawyers and compliance professionals use AI in their work.
• The Supreme Court ruled 6-3 that Trump administration tariffs were an unconstitutional usurpation of congressional power, with Justice Gorsuch’s concurrence drawing significant attention for its defense of the legislative process.
• Kalshi suspended trading on certain contracts over insider trading concerns — an early sign that prediction markets were beginning to attract the regulatory attention their growth invited.
• Mitratech published its 2026 Hotline Report, finding heightened global focus on hotline program management as workplace risks shift.
• A hacker used Anthropic’s Claude chatbot to attack multiple Mexican government agencies, apparently by pestering the model into abandoning its own safety protocols.
• MLBPA chief Matt Clark resigned after whistleblower allegations surfaced that he had enriched himself through equity in OneTeam Partners, which holds and licenses players’ NIL rights.
• A whistleblower alleged that UnitedHealth CEO Steve Hemsley had enriched himself through private investments tied to OneTeam, raising questions about executive conflict of interest disclosures.
• A sports school was hit with a $1.7 million sanctions penalty — more evidence that the intersection of sports and regulatory compliance continues to produce significant enforcement activity.
• The BBC reported that a researcher had jailbroken both ChatGPT and Google’s AI in under 20 minutes — a finding that cuts against the idea that AI safety guardrails are robust.
• Anthropic CEO Dario Amodei said in a Fortune interview that he spends roughly 40% of his time focused on company culture — making clear that building a values-driven company at AI scale is not incidental work.
• The DOJ awarded $1 million to an antitrust whistleblower — the headline was about the award, but the more actionable lesson concerns what happens when organizations fail to integrate acquired companies into their existing compliance infrastructure.
• Spain became the latest country to ban social media access for users under 16.
• A Forbes piece on MoltBook — a social network of 14 million AI agents where humans simply observe — arrived as a sign of just how quickly the agentic AI landscape is moving.
• The Olympic curling cheating scandal prompted a pointed LA Times piece on how the sport’s tradition of trust and self-reporting collides with the rising stakes of professionalization.
• The Deloitte Gen Z and Millennial Survey arrived with findings relevant to the pressure young employees are feeling at work.

March

TOP STORY: The Department of Justice released its first-ever department-wide Corporate Enforcement Policy for all criminal cases in March — a move that compliance professionals had been waiting for, arguing about, and preparing for since the patchwork of district-specific policies made it nearly impossible to give consistent advice to clients on when and how to self-disclose.

The new policy codifies a clear path to declination for companies that self-disclose, cooperate fully, and remediate effectively. It consolidates what had been a collection of differing district-level standards — a development that Baker Botts described as one policy to rule them all. For compliance officers who have long argued that voluntary self-disclosure is genuinely beneficial but hard to justify to leadership without a predictable outcome, this gives them something concrete to point to. The explicit definition of “timely and appropriate remediation” — which includes testing the compliance program to assure effectiveness — signals that DOJ is serious about program substance, not just process.

The policy landed alongside the conviction of Charles Hobson in a rare FCPA trial and the FCPA Reinforcement Act introduced by fourteen senators including Elizabeth Warren, which would extend the FCPA statute of limitations to ten years. Taken together, March delivered a clear message: the individual accountability thread is not unraveling, whatever the noise around FCPA enforcement levels might suggest.

The other story dominating March was Anthropic’s lawsuit against the Pentagon, after the Trump administration labeled the company a “supply chain risk” in what legal experts and corporate observers alike read as retaliation for refusing to allow its AI to be used for mass surveillance or weaponry. OpenAI said Anthropic was not a supply chain risk. Microsoft backed Anthropic in court. Legal experts called Anthropic’s case strong. It was an unusual moment: a technology company’s stand on its own AI ethics principles becoming the subject of federal litigation, with the broader industry watching closely.

In other news:

• LLMs are surprisingly good at de-anonymizing online activity, including social media burner accounts — a finding with obvious implications for retaliation risk and the protection of whistleblower identity.
• McKinsey rushed to patch its internal AI system after ethical hackers at CodeWall revealed they had accessed 45,000 internal chat messages, tens of thousands of employee records, and client files — and that their own AI agent had suggested McKinsey as a target.
• OpenAI was sued for practicing law without a license after a user relied on ChatGPT for legal advice; notably, the insurer sued OpenAI directly rather than the user, arguing the company knew the risk and chose not to build in safeguards.
• A Forbes 30 Under 30 honoree and fintech founder, Gökçe Güven, was indicted on fraud charges — a reminder of how quickly high-profile recognition can become context in a prosecution narrative.
• Larry Fink published his annual letter to shareholders, which continued his pivot away from ESG language while keeping the underlying ideas.
• The SEC’s former enforcement chief left after clashing with leadership, leaving the division without clear direction at a delicate moment.
• Meta and YouTube were found negligent in a landmark addiction trial — a significant verdict for platform liability.
• The NAVEX 2026 Whistleblowing & Incident Management Benchmark Report was released, with reporting volumes rising alongside close times that are now running 33% longer than the prior year.
• LRN released its 2026 Program Effectiveness Report.
• Conveniently timed oil market movements around a diplomatic announcement raised further questions about the improper use of insider information — a thread running through much of 2026’s most consequential E&C news.

April

TOP STORY: If you wanted a story that captured the credibility problem at the heart of AI-era compliance, the Delve scandal delivered it. Delve was a Y Combinator-backed AI compliance startup that, according to a detailed Substack post that went viral in the compliance world, had allegedly been faking its own compliance work. Tech firms began distancing themselves from the company almost immediately. Inc. covered the fallout.

The story carries more weight than a typical startup fraud. Compliance technology is a trust product — clients buy it precisely because they need confidence that someone is checking the work. A company that allegedly fakes compliance in the compliance industry is not just a fraud story; it’s an argument about verification, vendor due diligence, and what it means to trust any entity’s self-attestations about its own ethics practices. It’s the kind of story that ends up in training materials.

April also saw the Boards Ethical Readiness Index from Boards of the Future find that 56% of companies have not delivered ethics training to their boards in the past 24 months — a number that is hard to square with the volume of ethics-related challenges boards are currently navigating. And it saw a Claude-powered AI agent delete an entire startup’s database in nine seconds, openly admit to doing it when asked, and prompt a renewed debate about what governance infrastructure agentic AI actually requires.

In other news:

• Roxanne Petraeus of Ethena wrote a widely-discussed piece asking whether agentic AI needs its own speak-up culture — paired with a real-world example of a rogue Meta AI agent that prompted an employee to leak sensitive data.
• A disgruntled employee of a third-party distributor for Kimberly-Clark set a company warehouse ablaze in Ontario, CA over a pay dispute, livestreaming the arson on social media — a vivid illustration of culture, third-party risk, and the escalation potential of workplace grievances.
• StubHub agreed to pay $10 million to settle FTC allegations that it failed to disclose full ticket prices upfront.
• New York amended the RAISE Act to more closely resemble California’s AI law, narrowing developer obligations, reducing penalties, and delaying enforcement to January 2027.
• New MIT research by Jason Jackson argued that moral beliefs, not just economics, shaped India’s post-colonial foreign investment policy — a scholarly case for taking ethics seriously as a driver of policy, not just a constraint on it.
• Fordham professor Santiago Mejia called for an “ethics judgment rule” that would give executives legal protection when they choose the ethical course over the more profitable one — a counterpart to the business judgment rule.
• The Observer profiled Father Brendan McGuire, a Catholic priest and former Silicon Valley executive who helped Anthropic shape the Claude Constitution — a quietly fascinating story about where ethical frameworks for AI are actually coming from.
• Anthropic’s AI model Mythos escaped its test environment and sent an unsolicited email to a researcher eating lunch in a park — and then bragged about breaking the rules and attempted to cover its tracks. A preview of the governance questions ahead.
• Attorney General Pam Bondi was fired, adding further turbulence to the DOJ leadership picture.
• Haynes Boone warned that AI hallucinations may not be covered by general liability insurance — a practical risk that legal teams deploying AI are just beginning to map.
• A New York Times investigation into Justin Sun and World Liberty Financial raised questions about the interplay between crypto, political donations, and regulatory outcomes.
• The prediction market insider trading story took a major new turn in April when the DOJ indicted U.S. Army Master Sergeant Gannon Ken Van Dyke for allegedly using classified knowledge of the January Maduro raid to place $33,000 in Polymarket bets — and walk away with approximately $409,000. Van Dyke, a Special Forces soldier who had participated in the operation, reportedly opened a Polymarket account just days before the raid and began placing bets immediately afterward. Covered on Ethicast Reacts, the case sharpened the prediction market insider trading picture in a significant new direction: the risk isn’t confined to employees with access to sensitive corporate data. Anyone with privileged nonpublic information — government officials, military personnel, regulatory staff — faces the same basic risk calculus. Meanwhile, French authorities opened a separate investigation into unusual weather-linked bets on Polymarket, underscoring that enforcement interest in prediction market manipulation is now coordinating across jurisdictions.
• An Advent International portfolio company was investigated in Brazil for alleged ties to organized crime — a reminder that private equity firms carry compliance exposure across their portfolios, and that one portco’s risk can surface questions about the others.
• FEMA began welcoming back 15 whistleblowers who had been placed on leave during Kristi Noem’s tenure.
• The U.S. Senate voted to ban its members from trading on prediction markets — a notable step, though it did not include a stock trading ban.

May

TOP STORY: The Council of the EU adopted a new bloc-wide anti-corruption directive in late April, with formal adoption finalized in May. The directive harmonizes bribery and corruption offenses across member states and sets penalties at up to 5% of worldwide turnover or €40 million — a penalty structure that brings anti-corruption enforcement to a scale comparable to GDPR. Morrison Foerster provided a detailed client alert on the directive’s implications.

This matters for a straightforward reason: multinationals operating in Europe have long navigated a patchwork of national anti-corruption laws, some robust and some toothless. The directive closes that arbitrage. Companies that have been treating European anti-corruption exposure as lower-risk than their FCPA or UK Bribery Act exposure will need to revisit that calculus.

May also delivered what may be the year’s most instructive AI and compliance story: Sullivan & Cromwell’s apology to a federal bankruptcy judge for submitting a court filing with inaccurate AI-generated citations. The firm’s response — acknowledging that internal AI policies had not been followed and promising to review training and review processes — was noteworthy precisely because it named the failure clearly. What made it more pointed was the follow-up from Haynes Boone, flagging that general liability policies may contain AI exclusions, meaning the firm might absorb the cost of that oversight twice.

In other news:

• The FTC barred data broker Kochava from selling sensitive location data — including visits to health facilities and houses of worship — without affirmative express consent.
• The UK Serious Fraud Office secured a £10 million penalty and £4.8 million in investigation costs from Ultra Electronics for failure to prevent bribery in Oman and Algeria. The DPA came with no monitor but requires annual compliance reporting.
• The DOJ announced its FOCUS initiative, designed to strengthen collaboration with data-mining whistleblowers in False Claims Act cases — a signal that the government wants to weaponize the data analytics capabilities that sophisticated qui tam relators already have.
• The Financial Times profiled Sister Susan Francois, a Catholic nun using shareholder advocacy to press Citibank, Microsoft, and Palantir on lobbying transparency, indigenous rights, and human rights — one of the more quietly effective examples of ethics-based investor activism.
• U.S. prosecutors asked to dismiss criminal charges against Gautam Adani, reversing course after the SEC settled the related civil case.
• The DOJ delivered its revised white-collar enforcement policy through a major speech by Criminal Division head Matthew Galeotti, giving companies a clearer path to declination and signaling fewer monitors going forward. The accompanying memo and declination flowchart are worth reading in full.
• Former Wells Fargo security chief Michael Bacon is appealing an SEC decision that cut his whistleblower award from approximately $180 million to $55 million — a case that raises pointed questions about how the SEC calculates award reductions.
• Lawsuits are piling up after a cyberattack on Canvas disrupted final exams, with plaintiffs alleging negligence and breach of implied contract.
• A peer-reviewed arXiv paper found that ad-supported AI assistants systematically put company incentives ahead of user welfare — recommending sponsored products even when harmful, and failing to disclose sponsorship relationships. The researchers mapped the behavior directly to Section 5 of the FTC Act. The practical implication is direct: these tools have built-in, undisclosed conflicts of interest.
• An insider trading indictment in Boston charged two associates from three major law firms with running a 30-person network that traded on M&A information accessed through “read only” views of internal firm documents — a case so elaborate it appeared the defendant was treating Tom Hardin’s book as a how-to guide.
• A WSJ analysis found that Polymarket and Kalshi generated significant profits from their prediction market operations — the house, it turns out, wins in new formats too.
• The Google insider trading case that broke in late May illustrated exactly why prediction market risk is every company’s problem, not just Wall Street’s. A Google information security engineer going by the Polymarket handle “AlphaRaccoon” allegedly used access to internal “Year in Search” trend data to win 22 of 23 bets on which search categories would appear in Google’s annual year-in-search release — netting nearly $1 million. The CFTC and DOJ filed coordinated charges: commodities fraud, wire fraud, and money laundering. Covered on Ethicast Reacts, the case is notable for what it reveals about information governance: Google had done the foundational work — data clearly marked confidential, training completed, certifications signed — and that documentation became the evidentiary basis for the prosecution. Prevention matters, but so does building a paper trail that makes enforcement possible when prevention fails. The question every E&C team should now be asking: do you know who’s accessing your most sensitive data, and does their access make sense?
• Meta was reported to be using mouse-tracking software to monitor employee activity, prompting significant internal pushback.
• The SEC proposed sweeping governance rollbacks — a development that the broader ESG-and-governance community is watching closely.
• Meta announced layoffs of more than 2,000 employees as the company shifts resources toward AI.
• The FBI issued a warning on AI-enabled trade secret theft and economic espionage, describing how foreign agents are using LLMs to pose as legitimate researchers and extract confidential information through seemingly innocuous requests.
• The Association of Corporate Counsel released the second edition of its AI Toolkit for In-House Lawyers, adding a new checklist on developing governance for agentic AI.
• Radical Compliance reported that another SCCE/HCCA CEO had been removed.
• The U.S. State Department designated two Brazilian criminal organizations — Comando Vermelho and Primeiro Comando da Capital — as Foreign Terrorist Organizations, expanding FTO-related compliance risk for companies doing business in Brazil.

June…so far

TOP STORY: The story that connected most of the threads running through 2026 so far was the resignation of the KPMG Australia CEO amid whistleblower claims that the firm had improperly used confidential information about a competitor’s regulatory troubles to solicit their clients. The irony was thick: KPMG Australia’s CEO had made public, high-profile statements about the firm’s commitment to supporting whistleblowers. The resignation came because a whistleblower didn’t stop internally — they took it to a member of Parliament.

The story illustrates something that compliance professionals know and struggle to communicate to boards: the question is never whether your culture discourages retaliation in principle, but what actually happens when someone raises a concern that is inconvenient to leadership. When the firm’s own accountability mechanisms failed, external accountability filled the gap. That’s a pattern worth naming.

It arrived in the same week as the BP board ouster of chairman Albert Manifold over governance and conduct issues — rare, abrupt, and a reminder that board-level accountability is not theoretical — and a Fortune piece arguing that Anthropic’s latest AI model had exposed a governance vacuum in the boardroom around agentic AI risk. Yale’s Jeffrey Sonnenfeld’s involvement in the latter piece gave it institutional weight: the argument is that most boards simply don’t have a governance framework for what happens when AI agents act autonomously and consequentially in the world.

In other news:

• A shareholder advocacy group challenged SpaceX’s governance structure ahead of a potential $1.75 trillion IPO, specifically calling out super-voting shares and a provision that would require Elon Musk’s own consent to remove him as CEO.
• The EU is preparing to fine Google a high triple-digit million euro sum over competition concerns.
• An unidentified company accidentally spent approximately $500 million on Claude in a single month after failing to put usage limits on employee licenses — a case study in what happens when AI governance is an afterthought to deployment.
• Meta’s Instagram AI support chatbot was exploited by hackers in a breach that illustrates what happens when deployment pressure outpaces security hardening — a risk compounded when the teams responsible for securing these systems have been cut.
• George Santos faces an insider trading investigation after allegedly betting on his own appearance on Kalshi — a fact pattern so brazen it can be summarized in five words: he bet on his own appearance.
• Microsoft was reported to have omitted a compensation question from its employee culture survey — a decision that tends to undermine trust in the survey process itself once employees realize it happened.
• A GlobeScan survey reported that governance has surpassed environment as the top ESG reputational risk for companies in 2026 — a shift that may be the most important structural development in the ESG landscape this year.
• Boeing’s culture transformation under CEO Kelly Ortberg was the subject of a cautiously optimistic Fortune piece, noting that Ortberg measures people not just on what they do but how they do it — and is tying pay and promotions to how people treat one another.
• Real estate company Compass is facing a New York antitrust inquiry following its $1.6 billion deal.
• Former compliance ally and one-time Ethisphere friend Jay Jorgensen was appointed to the Utah Supreme Court.