GRC Report Staff

More than 80% of the code merged into Anthropic's production codebase is now authored by Claude. The statistic appears almost casually in a lengthy report published this week by the Anthropic Institute. It arrives alongside benchmark results, productivity measurements, engineering data, and speculation about recursive self-improvement. Yet it is arguably the most important number in the document because it describes something that has already happened rather than something that might happen next.

Pasadena-based Western Asset Management has agreed to pay a $100 million civil penalty to settle Securities and Exchange Commission charges that it failed to detect and prevent an alleged cherry-picking scheme carried out by its former co-chief investment officer.

The first day of Risk-!n Zurich featured discussions on business continuity, enterprise risk management, internal controls, cybersecurity, climate resilience, artificial intelligence and quantum computing. On paper, it looked like a conference agenda built around a broad collection of risk disciplines. In practice, many of the presentations were wrestling with the same question. How do organizations maintain visibility into risks that are moving faster than the governance structures designed to oversee them?

A £40 million fine would have disappeared into the Treasury. Instead, £44.7 million will stay in Wales. That was the calculation behind Ofwat's decision Friday to accept a legally enforceable package of undertakings from Dŵr Cymru Welsh Water following an investigation that found serious failures in the operation of the company's wastewater network.

According to Hungary's Competition Authority (GVH), wholesalers selling beverages distributed by Maspex Olympos. were told that if they offered products below the company's recommended minimum prices, they should not advertise the actual discounted price. Instead, they were encouraged to use attention-grabbing labels such as "TOP PRICE" or "BOMB PRICE."

One line in the Malta Financial Services Authority's latest AI guidance says more than the rest of the document put together. The regulator reminds firms that artificial intelligence does not change the objectives of financial regulation. The statement appears almost in passing, but it captures a problem regulators across Europe are beginning to see. AI is arriving inside financial institutions wrapped in promises of efficiency, automation and better decision-making. What it has not brought with it is any exemption from accountability.

Artificial intelligence is rapidly changing the cybersecurity equation for financial institutions, and France’s securities regulator wants firms to move faster in adapting their defenses. The French regulator, the Autorité des marchés financiers (AMF), said Thursday that strengthening cyber resilience remains a strategic priority as advances in artificial intelligence create new opportunities for both defenders and attackers.