GRC Report Staff

Tönnies Unternehmensbeteiligungen has been fined €1.15 million by Austria's Cartel Court after completing an acquisition months before notifying competition authorities, despite the deal ultimately receiving regulatory approval. The penalty stems from Tönnies' acquisition of a shareholding in Ritzenhoff, a manufacturer and distributor of glass and ceramic products. According to the Austrian Federal Competition Authority (AFCA), the transaction was completed on September 6, 2023. The company did not notify Austrian regulators until April 16, 2024.

The Federal Court of Australia has imposed $193 million (AUD $300.2 million) in penalties against collapsed contracts-for-difference issuer Union Standard International Group and two former authorized representatives after finding they engaged in systemic unconscionable conduct that left customers with losses exceeding $53 million (AUD $83 million).

When European Commission President Ursula von der Leyen unveiled a new package of technology proposals this week, she did not frame it as an industrial policy announcement. She framed it as a matter of control.

The Cybersecurity and Infrastructure Security Agency on Wednesday issued Binding Operational Directive 26-04, requiring federal civilian agencies to prioritize security updates according to risk rather than treating vulnerabilities as a largely uniform backlog of technical debt.

Norway's financial regulator warned Thursday that rising geopolitical tensions, elevated cyber threats and continued weakness in parts of the property market are increasing risks to financial stability, even as the country's banks remain profitable and well-capitalized.

Marketing disclosures are often treated as the final step in a product launch. A disclaimer is added, compliance signs off, the campaign goes live, and attention moves elsewhere. The Malta Financial Services Authority's latest supervisory review suggests that approach remains more common than regulators would like.

The regulatory reckoning for Coupang has become considerably more expensive. South Korea's Personal Information Protection Commission (PIPC) has imposed penalties totaling $455 million (624.6 billion won) against the e-commerce giant following a data breach that exposed the personal information of roughly 37.5 million users, according to BBC reporting. The sanctions represent the largest privacy-related penalty ever issued in South Korea.