GRC Report Staff

Passengers who struggled to get answers, or compensation, from Enter Air may soon see long-awaited payouts after Poland’s consumer protection authority stepped in with a sweeping enforcement decision. The head of Poland's UOKiK ordered the airline to compensate travelers more than $2.3 million (PLN 8.2 million) in total, following an investigation sparked by a wave of complaints about how the carrier handled issues ranging from delayed baggage to flight disruptions.

Italy’s data protection watchdog has handed down more than €12.5 million in fines to Poste Italiane and its digital payments arm Postepay, concluding that the companies unlawfully processed the personal data of millions of users through their mobile applications.

Europe’s new Anti-Money Laundering Authority launched two public consultations that go to the heart of that effort, setting out draft expectations for business-wide risk assessments and group-wide AML and counter-terrorist financing frameworks. The proposals arrive as part of a broader push to bring consistency to a system that has long varied across sectors and jurisdictions.

In preliminary findings published this week, the European Commission said Google should provide third-party search engines with access to core datasets (ranking, query, click, and view data) on fair, reasonable, and non-discriminatory terms. The goal is straightforward, even if the execution will not be: give competitors the tools they need to challenge Google Search in a market long defined by its dominance.

France’s competition authority has handed down €12.67 million in fines to a group of organic retail players and their trade association, concluding that they orchestrated a long-running agreement to carve up the market and shield prices from competition.

The Central Bank of the United Arab Emirates has rolled out a big update to its anti-financial crime framework, issuing new guidance aimed at strengthening how financial institutions detect and respond to money laundering, terrorist financing, and proliferation financing risks.

The European Data Protection Board is simplifying one of the more complex corners of the General Data Protection Regulation, adopting a new template designed to bring greater consistency and clarity to Data Protection Impact Assessments across Europe.