GRC Report Staff

AI isn’t waiting for governance to catch up and that gap is quickly turning into one of the most serious risk challenges organizations face today. As companies push ahead with more advanced, increasingly autonomous AI systems, many are doing so without the controls needed to manage them effectively. What was once a manageable oversight issue is becoming something more structural. Agentic AI is beginning to operate beyond traditional human decision loops, and the longer governance lags behind, the harder it becomes to rein it back in.

Poland has moved to bring the EU’s data governance ambitions closer to day-to-day reality, with lawmakers approving a national law designed to operationalize the bloc’s Data Governance Act. The Sejm of the Republic of Poland adopted amendments put forward by the Senate, clearing the way for the legislation to take effect once it is signed by the President and formally promulgated. The law will enter into force three months after that final step.

South Korea’s Financial Services Commission is tightening oversight of the crypto sector, proposing a set of rule changes that read less like a wholesale rewrite and more like a deliberate effort to close the gaps regulators believe have been quietly undermining the system.

The Federal Trade Commission has issued a warning to some of the world’s largest payment platforms, signaling that access to the financial system is now firmly on the regulator’s radar as a consumer protection issue.

A cyberattack affecting the Europa.eu platform, the public-facing web presence of the European Commission, was identified on March 24, according to a statement released by the Commission. The incident impacted cloud infrastructure used to host the platform. The Commission said it took immediate steps to contain the attack and implement mitigation measures, adding that the availability of Europa websites was not disrupted.

The Financial Reporting Council has published new guidance aimed at helping audit firms navigate the rapid adoption of generative and agentic artificial intelligence, marking what it describes as the first such guidance from any audit regulator globally.

There’s a quiet but consequential shift underway in how companies are expected to talk about pollution. And if the Global Reporting Initiative gets its way, that conversation is about to become far more detailed, far more comparable, and far harder to sidestep.