GRC Report Staff

France Orders Meta to Return to the Negotiating Table Over News Payments

In interim measures published Wednesday, the Autorité de la concurrence ordered the Meta to resume talks with two organizations representing French press agencies and publishers after concluding that Meta's conduct may amount to an abuse of a dominant position. The regulator also directed the company to provide, within 15 days, the information that publishers say they need to judge whether Meta's payment offers bear any relationship to the value of the journalism appearing on its services.

EU Moves to Standardize Anti-Money Laundering Enforcement

On Wednesday, AMLA published draft regulatory technical standards that would establish, for the first time, a common methodology for supervisors across the European Union when enforcing breaches of anti-money laundering and counter-terrorist financing rules. The proposal is less about creating tougher enforcement than creating more consistent enforcement. If two organizations commit the same breach under the same circumstances, supervisors should begin from the same framework and, absent meaningful differences in the facts, arrive at comparable outcomes.

JustAnswer Ordered to Pay $6.5 Million After Australian Court Finds Consumers Were Misled

For nearly three years, Australians arriving at JustAnswer's website were greeted with what looked like a straightforward proposition. An automated chat promised access to expert advice for $1.30 (AUD $2), a small, refundable payment that suggested a single transaction rather than the beginning of an ongoing relationship. It was only later, often after money had already left their accounts, that many consumers discovered they had signed up for recurring monthly subscriptions costing between $29 and $49 (AUD $45 and AUD $75).

AI Is Collapsing the Time Between Vulnerability & Attack, Luxembourg Regulator Warns

In guidance published Tuesday, Luxembourg's Commission de Surveillance du Secteur Financier (CSSF) warned that frontier artificial intelligence models are reshaping the cyber threat landscape by accelerating the speed, scale, and sophistication of attacks. While the technology presents significant opportunities, the regulator said it also gives malicious actors new tools to automate complex tasks, generate sophisticated code, and exploit vulnerabilities more quickly than traditional defensive practices were designed to withstand.

KPMG Survey Finds CISOs Caught Between AI Ambition & Security Reality

For all the attention artificial intelligence receives in boardrooms, one number in KPMG's latest cybersecurity survey stands out because of how ordinary it is. Only 24% of large organizations say AI is fully integrated into their cybersecurity programs. The rest are somewhere in between, testing it in isolated functions, weighing its value, or waiting for confidence to catch up with capability.

How AI Is Changing Internal Audit Before It Changes AI Governance

The first time artificial intelligence changes an audit function, it probably won't be because an auditor is reviewing an AI governance framework. It will be because someone quietly asks a large language model to summarize a hundred-page policy, compare two years of control testing, identify unusual journal entries, or draft the first version of an audit report.

European Financial Regulators Back ESRB Warning on Frontier AI Cyber Risks

On Tuesday, Europe's three financial supervisory authorities publicly endorsed the European Systemic Risk Board's warning that frontier artificial intelligence models are creating systemic cyber risks for the financial sector, lending the combined authority of the continent's banking, insurance, and securities regulators to a concern that has been gathering force for months. Their message was not that artificial intelligence introduces a new category of risk. It was that the pace at which the technology is changing offensive cyber capabilities is beginning to test assumptions that were reasonable only yesterday.