GRC Report Staff

On May 15, 2025, the Eight Chairs, a group representing the national corporate governance committees of Belgium, France, Germany, Italy, the Netherlands, Spain, Sweden, and the United Kingdom, gathered to discuss the evolving landscape of corporate governance across Europe. Their goal was clear: to reinforce the importance of sound governance as a foundation for long-term value creation, particularly during these challenging economic and geopolitical times.

Salesforce has entered into a definitive agreement to acquire Informatica, a cloud-based data management company, for approximately $8 billion in equity value. This transaction, which is expected to close by early fiscal year 2027, will see Salesforce pay $25 per share in cash to Informatica’s Class A and Class B-1 common stockholders.

A recent survey conducted by #WeAreEurope, in partnership with HEC Paris, reveals that most companies across Europe are not in favor of the European Commission’s “Omnibus” initiative, which proposes reducing the scope of the EU’s Corporate Sustainability Reporting Directive (CSRD). While a majority of businesses express satisfaction with the CSRD in its current form, they have reservations about the Omnibus proposals, which aim to ease the regulatory burden on companies.

Thames Water has been slapped with a record-breaking fine of £122.7 million after two separate investigations revealed serious breaches of regulations. The penalty, the largest ever imposed by Ofwat, includes a £104.5 million fine for failures related to its wastewater operations, alongside an £18.2 million fine stemming from improper dividend payments. The fines will be paid by Thames Water and its shareholders, not by customers, marking a significant step in holding the water utility accountable for its mismanagement.

Boston Scientific has decided to discontinue sales of its Acurate Prime and Acurate neo2 heart devices in the European Union, a move that will also see the company forgo seeking approval in the U.S. and other international markets. The decision, announced on Wednesday, stems from escalating clinical and regulatory hurdles that the company has deemed too resource-intensive to meet, first reported by Reuters.

The Danish Data Protection Agency (DPA) has introduced two new IT security measures to its catalogue, aiming to prevent security breaches linked to hacking. The changes are in response to the growing number of incidents caused by malicious activities, particularly involving IoT (Internet of Things) devices. Walther Starup-Jensen, an IT security consultant at the DPA, emphasized that while these measures may not be revolutionary, they are crucial in addressing the vulnerabilities that lead to many avoidable breaches.

Adidas has disclosed a recent data breach where unauthorized external parties obtained certain consumer data via a third-party customer service provider. While the sportswear giant quickly contained the incident and initiated a comprehensive investigation, the breach raises significant concerns about IT security, data protection, and the role of third-party vendors in safeguarding sensitive consumer data.