GRC Report Staff

The European Data Protection Board (EDPB) is stepping into the blockchain arena with new guidance aimed at helping organizations navigate the thorny intersection of distributed ledger technology and EU privacy law. In its April plenary, the Board officially adopted guidelines on the processing of personal data via blockchain, and signaled it’s ready to collaborate with the newly established EU AI Office on upcoming guidance around the AI Act.

Hertz has recently announced that the company is grappling with a data breach that stemmed from a vendor, Cleo Communications US, LLC. This breach, involving a file transfer platform used by Hertz, further demonstrates the vulnerabilities that third-party vendors can introduce to an organization’s data security.

The Monetary Authority of Singapore (MAS) has just released its latest enforcement report, giving us a look behind the scenes at its efforts to keep Singapore’s financial markets clean and fair. From tackling market manipulation to holding institutions accountable for lapses in anti-money laundering practices, the authority’s recent actions highlight its unwavering commitment to maintaining trust in Singapore’s robust financial system.

The Japan Fair Trade Commission (JFTC) has issued a cease and desist order against Google LLC, accusing the tech giant of engaging in unfair practices related to Android smartphone distribution. The JFTC’s action comes after a year-long investigation into Google’s dealings with phone manufacturers and telecom companies, alleging violations of Japan’s Antimonopoly Act.

Clorox Australia has recently been hit with an AUD $8.25 million ($5.2 million USD) penalty for making false statements about the composition of its GLAD products. The Federal Court’s ruling marks the end of a legal battle that began after the Australian Competition and Consumer Commission (ACCC) uncovered misleading claims about GLAD Kitchen Tidy Bags and Garbage Bags being made from recycled ‘ocean plastic.’

It’s not every day that major banks start treating a federal regulator like a cybersecurity risk. But after a quiet email breach inside the Office of the Comptroller of the Currency (OCC) stretched on for more than a year undetected, JPMorgan Chase and Bank of New York Mellon have decided to pump the brakes on how much sensitive information they’re sending.

A recent survey from KPMG last month paints a sobering picture of the state of risk management in U.S. organizations. Despite heightened awareness of increasing risks and disruptions, more than half of U.S. organizations are still struggling to integrate proper risk and resilience capabilities. The survey, which gathered insights from 208 C-suite leaders, reveals that 52% of companies have not yet built the necessary organizational structures to effectively manage risk and resilience.