Regulatory Failures
Conduct Screen Corporate Misconduct
Companies with a documented pattern of regulatory violations across multiple domains — serial OSHA violations, repeated EPA consent decrees, FDA warning letters, or a history of fines suggesting systemic disregard for compliance. Many regulatory penalties are capped by statute (e.g., OSHA's maximum penalty is often ~$16,000 per serious violation), so small dollar amounts do not necessarily mean small violations. The test is the pattern, not the individual incident or penalty size. One violation is alarming, two is very concerning, three or more with the same fact pattern is dispositive. Recency matters — genuine compliance reform should be weighed.
37 companies currently excluded under this screen
Excluded Companies (37 total)
Showing 25 of 37 companies excluded under this screen.
| Ticker | Company | Reason |
|---|---|---|
| INTU | Intuit | Intuit has a documented pattern of regulatory failures spanning deceptive advertising, consumer harm, and regulatory capture. The FTC ALJ found (Sep 2023) that Intuit ran a "broad, enduring, and willful deceptive ad campaign" for TurboTax, airing at least 84,356 TV ads consisting almost entirely of the word "free" — while two-thirds of filers were ineligible. Intuit deliberately hid its IRS Free File page from Google (noindex/nofollow tags, confirmed by ProPublica Apr 2019) and bought ads on "IRS Free File" keywords redirecting to paid products. 4.4 million low-income and military filers were charged for services they were legally entitled to receive free. All 50 state AGs settled for $141M (May 2022); payments distributed automatically by mail starting May 2023. The 5th Circuit vacated the FTC cease-and-desist order in Mar 2026 on constitutional/procedural grounds (Jarkesy — administrative courts cannot adjudicate fraud-type claims); the court explicitly did NOT rule on the merits. Separately, the FTC found Credit Karma (acquired by Intuit for $7.1B in 2020) falsely told consumers they were "pre-approved" for credit cards; one-third were denied, damaging credit scores. $3M settlement, 497,425 consumers affected (Sep 2022). A 2024 data breach (Dec 2023–Feb 2024) exposed SSNs, financial details, and driver's license numbers across TurboTax and Credit Karma users; class action filed Jul 2024. Update (2026-03-31): The Fifth Circuit vacated the FTC's cease-and-desist order on March 20, 2026, holding internal adjudication unconstitutional under SEC v. Jarkesy. The factual finding of deception stands but the enforcement mechanism is dead. |
| THC | Tenet Healthcare Corporation | Tenet Healthcare Corporation has a documented pattern of systemic regulatory and legal violations spanning decades, indicating a corporate culture of non-compliance. In 2016, Tenet and two of its Atlanta-area subsidiaries paid over $513 million to resolve criminal charges and civil claims related to a kickback scheme. The U.S. Department of Justice found that the company paid bribes to prenatal clinics to refer Medicaid patients to its hospitals for lucrative services, defrauding federal and state healthcare programs. This settlement included a Non-Prosecution Agreement and a corporate integrity agreement with the Department of Health and Human Services. This 2016 resolution is part of a long history of significant legal penalties. In 2007, Tenet paid $10 million to settle SEC charges for investor protection violations. In the late 1990s, the company paid approximately $100 million to settle lawsuits from former patients alleging illegal conduct with affiliated doctors. ViolationTracker documents this pattern of misconduct, with penalties across multiple domains including fraud, investor protection, and patient harm. The repeated nature of these major settlements—despite previous corporate integrity agreements—demonstrates a systemic disregard for regulatory compliance. |
| ATO | Atmos Energy Corporation | Atmos Energy has a documented pattern of pipeline safety failures with fatal consequences. On February 23, 2018, a natural gas pipeline rupture in northwest Dallas killed 12-year-old Linda "Michellita" Rogers and destroyed her home. The National Transportation Safety Board found Atmos Energy had "inadequate" pipeline management and an "insufficient" leak investigation process. Post-incident inspections discovered 741 significant gas leaks over five weeks in the surrounding neighborhood. The Texas Railroad Commission proposed a record $1.6 million fine for safety violations related to that incident and two others. On June 28, 2021, a valve leak caused a pipeline explosion near Farmersville, Texas, killing two contract workers (ages 22 and 35) and injuring two others. The NTSB determined that Atmos's procedures and training "did not prepare workers to recognize and safely respond to abnormal operating conditions." The company did not require employees or contractors to be qualified to load pipeline inspection gauges, relying instead on experience and on-the-job training. Since 2006, over two dozen Texas homes have been destroyed by Atmos pipeline explosions, resulting in nine fatalities and more than 20 injuries. |
| VEOEY | Veolia Environnement | Veolia Environnement has accumulated a documented pattern of regulatory violations across multiple jurisdictions and environmental domains. In 2022, the company received a report from ISS ESG verifying its involvement in incidents of non-compliance with environmental regulations. This pattern includes a 2011 case highlighted by Food and Water Watch concerning illegal dumping, where penalties remained minimal despite repeat offenses. More recently, Veolia settled with the U.S. Environmental Protection Agency for a $1 million fine related to a community-impacting breach, though the settlement contained no admission of wrongdoing. The company's regulatory challenges extend beyond environmental compliance. A 2005 report documented 11 sanctions imposed on the company in respect of money laundering. Furthermore, Veolia has been party to international investment disputes, such as a 2025 case before the International Centre for Settlement of Investment Disputes, where penalties and contractual failures were central issues. This history across financial, contractual, and environmental regulations indicates a systemic pattern rather than isolated incidents. |
| VTRS | Viatris | Viatris has accumulated a pattern of regulatory violations across multiple jurisdictions and domains, indicating systemic compliance failures. In November 2024, the UK Competition and Markets Authority fined the company £1.5 million for failing to comply with a compulsory order during its merger review. In January 2025, the U.S. Food and Drug Administration issued a warning letter to a Viatris plant detailing poor quality control and inadequate handling of manufacturing errors. This followed a significant legal settlement in April 2025, where Viatris agreed to pay up to $335 million over nine years to resolve nationwide opioid-related claims. According to ViolationTracker, Viatris has been penalized in nine separate enforcement records, with total penalties exceeding $1 billion. While individual penalties may be capped by statute, the recurrence of violations—spanning competition law, drug safety, and public health litigation—demonstrates a repeated failure to meet regulatory standards. This pattern persists alongside significant financial strain, including a credit rating downgrade and high debt, which may pressure operational controls. |
| CI | Cigna Corporation | Cigna has a documented pattern of regulatory violations across multiple domains, demonstrating systemic disregard for compliance. In September 2023, the company paid $172 million to resolve False Claims Act allegations that it submitted inaccurate and untruthful patient diagnosis data to the Centers for Medicare & Medicaid Services to inflate payments. This settlement included a five-year Corporate Integrity Agreement with the U.S. Department of Health and Human Services Office of Inspector General. Separately, in May 2023, congressional committees launched probes following an investigation that found Cigna allowed its doctors to deny hundreds of thousands of claims per month using a system that did not require a review of patient medical records. In January 2024, the Connecticut Department of Financial Services issued a consent order to Cigna Health and Life Insurance Company following a regulatory review of its submissions. This pattern of significant settlements and ongoing regulatory scrutiny across different business functions indicates a compliance failure that extends beyond isolated incidents. |
| 0512.HK | Grand Pharmaceutical Group Limited | Grand Pharmaceutical Group’s major subsidiary, Grand Pharmaceutical China, was fined CNY 136 million (USD 19.2 million) and ordered to disgorge CNY 149 million (USD 21.1 million) in illicit gains by China’s State Administration of Market Regulation for abusing its dominant market position in epinephrine active pharmaceutical ingredients—a total penalty of CNY 285 million (USD 40.3 million). This fine represents 15.8% of the parent group’s net profit for the prior fiscal year. The conduct involved price rigging within a duopoly—only two companies in China held licenses to produce these critical pharmaceutical ingredients since 2010. The penalty followed a regulatory finding that the subsidiary engaged in monopolistic practices to manipulate pricing. The company’s public disclosure frames the financial impact as non-sustained, but the scale of the penalty—and the disgorgement of illicit gains—reflects a serious breach of market conduct rules. No substantive public commitment to overhaul its compliance systems or governance oversight of its dominant market positions has been articulated by the group. |
| NILSY | MMC Norilsk Nickel PJSC | MMC Norilsk Nickel PJSC (Nornickel) operates a business model reliant on extensive environmental and social violations in Russia’s Arctic region. The company is a leading global producer of nickel and palladium, with its core operations centered in Norilsk, an area with a documented history of severe pollution and hazardous working conditions. According to reports from workers and civil society organizations, Norilsk Nickel systematically conceals information about health and safety violations and workplace accidents, including failing to disclose the names of workers killed in incidents. This pattern of opacity extends to environmental damage. German companies have been documented as being aware for years of Nornickel's consistent violations of international social and environmental standards, yet the company's operations continue. While Nornickel maintains a corporate trust line for reporting violations, its fundamental business practices in its home region demonstrate a entrenched disregard for transparency and accountability in its environmental and social conduct. |
| CCL | CARNIVAL CORP | Carnival Corporation has a documented pattern of significant regulatory violations across multiple domains, demonstrating systemic compliance failures. In 2019, its subsidiary Princess Cruise Lines pleaded guilty to environmental violations and Carnival was ordered to pay a $20 million criminal penalty for dumping plastics, oily water, and other pollution into the ocean, offenses that occurred while the company was on probation for previous environmental crimes. Separately, the New York State Department of Financial Services imposed a $5 million penalty on Carnival in 2022 for significant cybersecurity failures. The regulator found the company filed improper cybersecurity compliance certifications from 2018 to 2020 in connection with multiple data breach incidents. This pattern of violations—spanning environmental protection and data security—indicates a broader failure of corporate governance and compliance controls. The repeated nature of these incidents, including violations committed during probation, shows a disregard for regulatory obligations. |
| LEN.B | LENNAR CORP | Lennar Corporation has accumulated a documented pattern of regulatory violations across multiple domains, including environmental, workplace safety, and consumer protection. According to ViolationTracker, Lennar has paid over $20 million in penalties, including $13.2 million for False Claims Act violations, $7.1 million across 27 environmental violations, and multiple wage and hour penalties. The pattern extends to workplace safety, with OSHA citations issued in 2015, 2017, and 2021 for violations such as failing to protect propane tanks from vehicular traffic. While individual OSHA penalties are often capped by statute, the recurrence across years and jurisdictions indicates systemic compliance issues. Further litigation history includes a jury finding that Lennar’s defective use of synthetic stucco (EIFS) in home construction created “an imminent threat to the health or safety” of homeowners, highlighting consumer safety failures. This multi-domain record of penalties and adverse findings demonstrates a repeated disregard for regulatory standards. |
| CHGG | CHEGG INC | Chegg has demonstrated a pattern of regulatory violations across consumer protection and data security domains. In September 2025, the Federal Trade Commission announced a $7.5 million settlement with Chegg over allegations it violated the FTC Act and the Restore Online Shoppers’ Confidence Act by employing deceptive billing and cancellation practices for its auto-renewing subscription services. This settlement follows a separate 2022 FTC action concerning the company’s data security failures. The FTC’s complaint alleged that Chegg’s lax cybersecurity procedures contributed to four separate data breaches between 2017 and 2020, which exposed sensitive personal information of millions of users, including financial and medical details. The FTC cited the company’s failure to implement basic security measures despite these repeated incidents. These two major enforcement actions, settled within three years and involving distinct operational failures, establish a pattern of systemic disregard for regulatory compliance and consumer protection obligations. |
| COR | CENCORA INC | Cencora Inc., formerly AmerisourceBergen, operates as a major pharmaceutical wholesale and distribution company. The company has a documented pattern of regulatory violations across multiple domains, indicating systemic compliance failures. In February 2024, Cencora disclosed a significant data breach, which led to a $40 million settlement in related litigation finalized in August 2025. This incident followed a separate, ongoing lawsuit filed in May 2025 alleging widespread wage and hour violations in California, including failure to provide adequate rest periods and minimum wages. The pattern extends beyond labor and data security. ViolationTracker documents additional enforcement actions against the company. While individual penalties may be statutorily capped, the recurrence of violations across distinct regulatory areas—workplace standards, data privacy, and securities disclosure—demonstrates a concerning failure to implement adequate internal controls. This multi-domain pattern meets the threshold for exclusion based on regulatory failures. |
| T | AT&T INC | AT&T Inc. exhibits a documented pattern of regulatory violations across multiple domains, indicating systemic compliance failures. In December 2022, the company agreed to pay a $6.25 million penalty to the Securities and Exchange Commission to settle a lawsuit accusing it of selectively leaking financial information to analysts, a violation of Regulation FD. This followed a separate $13 million settlement with the Federal Communications Commission in September 2024 for consumer protection rule violations. Further demonstrating a pattern, the FCC fined AT&T $57 million in May 2024 for illegally disclosing customer location data. The company's conduct extends to litigation over its regulatory obligations. A 2025 Fifth Circuit court opinion, *AT&T, Inc. v. F.C.C.*, cited the company's history in a discussion of enforcement against repeat offenders. This pattern of violations and settlements across financial, privacy, and consumer protection regulations meets the threshold for a systemic disregard for compliance. |
| GL | Globe Life | Globe Life has been referred to the Direct Selling Self-Regulatory Council (DSSRC) by the Council of Better Business Bureaus for failing to substantiate earnings claims made in the promotion of its Family Heritage division. In Case #203-2025, the DSSRC found the company declined to provide any substantive evidence to support the claims at issue. Globe Life subsequently failed to provide a statement indicating it would adhere to the DSSRC's recommendations or appeal the decision, a non-compliant posture with the self-regulatory body's process. This regulatory failure occurs amid broader, persistent allegations of misconduct. A 2024 report from *The Bear Cave* detailed numerous accusations of fraudulent practices, including consumers being issued unwanted insurance policies. While the company has aggressively refuted these lawsuits and allegations, the pattern includes a fresh 2025 investigation by legal firms into potential fiduciary breaches by Globe Life executives, spotlighting ongoing governance concerns. |
| CUK | CARNIVAL PLC | Carnival PLC, operating through its cruise line subsidiaries, has established a documented pattern of regulatory violations across environmental, cybersecurity, and labor compliance domains. In 2019, its subsidiary Princess Cruise Lines and the parent company pleaded guilty to six environmental probation violations, including dumping plastic waste mixed with food in Bahamian waters, resulting in a $20 million criminal penalty. This followed a previous environmental conviction. Separately, in 2022, the New York State Department of Financial Services fined Carnival $5 million for cybersecurity failures, finding the company filed improper compliance certifications from 2018 to 2020, failed to implement multifactor authentication, and delayed reporting data incidents by 10 months. ViolationTracker data further documents a $6.25 million settlement in 2006 for federal wage and hour violations. This multi-year, multi-jurisdictional record of serious infractions indicates systemic compliance failures. |
| SMGR | Semen Indonesia | PT Semen Indonesia (now SIG, Semen Indonesia Group) has a documented pattern of operating against court orders and regulatory determinations. In the Kendeng Mountains (Central Java), a 2016 Supreme Court ruling sided with residents opposing the company's cement operations atop a designated groundwater basin. The Central Java Governor initially revoked permits in January 2017, but then reissued a license the same year, and operations resumed despite the court ruling. Flooding in the province in 2023 was attributed to the disruption. The "women of Kendeng" protest — where farmers encased their feet in cement — became internationally recognized. Separately, NBIM Council on Ethics recommended observation (Dec 2022, announced May 2023) over PT Semen Tonasa (subsidiary) quarrying in karst landscape containing the world's oldest figurative cave art (44,000+ years, per 2024 Nature paper). SIG designated 31.64 hectares as a conservation area in 2024 but remains under NBIM observation. |
| EXC | Exelon | Post-spinoff Exelon (pure-play regulated utility: ComEd, PECO, BGE, Pepco, Delmarva, ACE) has accumulated utility-specific regulatory failures independent of the nuclear operations transferred to Constellation Energy (CEG) in Feb 2022. NERC/FERC $1.8M penalty (2024): all six Exelon utility subsidiaries violated FAC-009-1 facility ratings standard, posing serious risk to bulk power system reliability. NERC found a "long-standing, systemic issue" with facility ratings and cited a prior FAC-008/9 violation as an aggravating factor. PECO improperly terminated electric service for 48,500+ customers (2018-2019) due to vendor oversight failures; PA PUC imposed $200K penalty plus ~$1M in refunds. DC Office of People's Counsel accused Pepco of misspending $94M from rate increases (2024-2025, ongoing). Maryland PSC rejected Pepco's multiyear rate plan, approving only 21% of requested increase. ICC repeatedly cut ComEd rate requests post-bribery, reflecting regulatory trust deficit. |
| SCOR | COMSCORE INC | Comscore, Inc. has a documented pattern of regulatory violations and legal settlements across multiple domains, demonstrating systemic compliance failures. In 2019, the company paid $5 million to settle SEC charges for a fraudulent revenue recognition scheme directed by its former CEO. This followed a separate securities fraud class action that settled for $110 million, which received final court approval in 2018. Further, an Illinois federal judge ruled that Comscore must face a 2011 privacy class action lawsuit, indicating unresolved litigation over its data practices. The company's misconduct extends to insider trading allegations, as noted in enforcement proceedings, and it has been subject to a Fair Fund distribution plan stemming from civil money penalties. This pattern of significant financial settlements with the SEC, alongside ongoing privacy litigation, points to a corporate history of regulatory failures and a disregard for legal compliance obligations. |
| FITB | Fifth Third Bancorp | Fifth Third Bancorp has a documented pattern of regulatory violations across multiple consumer protection and financial compliance domains. In 2015, the bank reached an $85 million settlement with the U.S. Attorney’s Office for the Southern District of New York over failures to self-report defective mortgage loans to the Federal Housing Administration. More recently, in September 2024, the Consumer Financial Protection Bureau ordered Fifth Third to pay a $5 million penalty for wrongfully forcing unnecessary vehicle insurance onto borrowers who already had coverage. This CFPB action resolved disputed sales practices issues related to accounts opened between 2010 and 2016. The bank has also faced allegations related to improper accounting for commercial loan losses during the 2008 financial crisis. This history of enforcement actions from multiple federal regulators indicates systemic compliance failures over an extended period. |
| ACIW | ACI WORLDWIDE INC | ACI Worldwide, a payment processing company, was fined $25 million by the Consumer Financial Protection Bureau in 2023 for illegally initiating approximately $2.3 billion in unauthorized mortgage payment transactions that affected nearly 500,000 homeowners. In April 2021 ACI conducted platform tests using actual consumer data from Mr. Cooper (formerly Nationstar) mortgage clients instead of deidentified dummy data, triggering approximately 1.4 million unauthorized ACH withdrawals from homeowners' bank accounts. The erroneous transactions exposed homeowners to overdraft and insufficient funds fees. The CFPB ordered ACI to pay the $25 million penalty, adopt and enforce reasonable information security practices, and cease processing payments without proper authorization. A separate multistate settlement led by the Connecticut Attorney General imposed additional remediation requirements on the company. |
| 601669 | Power Construction Corporation of China, Ltd. | Power Construction Corporation of China, Ltd. is a state-owned enterprise primarily engaged in the construction of hydropower, thermal power, and other energy infrastructure projects. Sustainalytics' Global Standards Engagement program flagged the company for engagement due to its involvement in controversies related to business ethics misconduct. The program initiated dialogue with Power Construction Corporation of China as part of a broader set of engagements with Chinese companies accused of corrupt practices and other ethical violations. The available evidence from Sustainalytics' 2022 quarterly report lists the company among new engagement cases but does not provide specific details on the nature or scale of the alleged misconduct. Further documentation of the underlying incidents, regulatory actions, or settlement terms is required to detail the specific exclusion grounds. |
| PRI | Primerica | Primerica's broker-dealer subsidiary PFS Investments Inc. (CRD #10111) was censured and fined $60,000 by FINRA in July 2024 for failing to establish and enforce a supervisory system for registered representatives' outside business activities, violating FINRA Rule 3270. Between April 2021 and March 2023 the firm was aware that three representatives operated an independent company generating $33 million in revenue through e-commerce services and digital real estate, yet approved the activity orally despite internal procedures requiring written disclosure. This is part of a pattern of regulatory failures: Massachusetts fined PFS $75,000 in 2019 for unregistered employees and supervisors, and Nevada fined PFS $9,000 in 2012 for failing to require representatives to disclose compensation from outside motivational speakers, also ordering $40,000 in investigative cost reimbursement. |
| STC | Stewart Information Services | Stewart Information Services has accumulated $9.89 million in penalties across 27 enforcement records since 2000 (ViolationTracker). Key actions include: New York AG $2.5 million settlement (2022) for illegal no-poach agreements with competitor title insurance companies, suppressing worker wages and mobility. California DOI $1 million settlement for captive reinsurance kickback schemes — illegal rebates to builders, lenders, and title agents. Washington State OIC $10,050 penalty for insurance violations. Washington State proposed $1.95 million fine (2007). FTC (2019) blocked the Fidelity National Financial acquisition on antitrust grounds, citing competition concerns in the title insurance market. The pattern spans multi-state regulatory actions, antitrust scrutiny, and anti-competitive labor and business practices. |
| MAT | MATTEL INC | Mattel has an ongoing pattern of product safety failures resulting in serious consumer harm. In October 2024, Fisher-Price (Mattel subsidiary) recalled 2.1 million Snuga Infant Swings after five infant deaths from suffocation between 2012-2022. CPSC Commissioner Trumka publicly criticized the recall as inadequate, noting the product was not fully recalled and only a $25 refund was offered on a $160 product. Additional 2024-2025 CPSC recalls include Fisher-Price Baby Biceps choking hazard (2024) and Fisher-Price Brunch & Go Stroller Toy choking hazard (2025). Historical pattern includes the 2007 lead paint recalls affecting millions of toys. The ongoing nature of serious safety failures — including infant deaths — across nearly two decades demonstrates systemic product safety governance failures. |
| ESLT | Elbit Systems Ltd | Elbit Systems Ltd has faced multiple international investigations and allegations of procedural failures and corruption linked to its defense contracts. A Danish investigation concluded in November 2024 that "procedural errors and inadequate oversight" occurred in artillery procurement processes involving the company. In 2025, the company was reportedly suspended from NATO tender processes amid unspecified allegations, and was separately linked to corruption scandals in India and Switzerland. While the specific financial penalties from these incidents are not detailed in public sources, the pattern of recurring procedural and oversight failures across multiple countries and contracts indicates systemic compliance issues in its international operations. |
+ 12 more companies excluded under this screen
Sign in to see the full list. We cap the public list to keep our research from being scraped wholesale.
The Naughty List
A digest of changes to our exclusion list — new additions, removals, and the evidence behind them. We review the list continuously as new evidence surfaces.
RSS feed
No spam · Unsubscribe anytime