GRC Report Staff

The European Insurance and Occupational Pensions Authority (EIOPA) has released its April 2025 risk dashboards, providing us with a snapshot of the current state of the European insurance and pension sectors. While the data paints a picture of stability overall, the outlook is far from simple. Geopolitical tensions, market volatility, and macroeconomic challenges continue to hover over the industry, creating an air of cautious optimism laced with uncertainty.

The Personal Information Protection Commission (PIPC) has taken a closer look at Hangzhou DeepSeek Artificial Intelligence (DeepSeek), a company that’s been under scrutiny ever since its R1 Large Language Model (LLM) AI chatbot launched earlier this year. What started as a routine review into the privacy practices of DeepSeek’s services has resulted in a series of recommendations that are shaking up how the company handles user data and cross-border transfers.e

The world of crypto is evolving at a high speed, but with growth comes a pressing need to make sure bad actors don’t exploit the system. Enter the European Securities and Markets Authority (ESMA), which just issued fresh guidelines aimed at preventing market abuse under the EU’s Market in Crypto Assets Regulation (MiCA).

After years of legal battles, Sutter Health has agreed to pay $228 million to settle a class action lawsuit that accused the health system of artificially inflating insurance premiums and limiting consumer choice in Northern California. The settlement marks a significant chapter in a case that’s been ongoing since 2012, with implications not only for Sutter but also for the broader healthcare landscape.

TradeUP Securities (TradeUP) and US Tiger Securities (US Tiger) have agreed to a hefty $950,000 fine for failing to meet key regulatory standards. The issues stem from violations related to their anti-money laundering (AML) programs, their failure to conduct adequate due diligence on foreign financial institution correspondent accounts, and a troubling lapse in communications retention. While the firms did not admit to the violations, the settlement resolves the matter without the threat of further action from FINRA, provided the terms are met.

The French data protection authority, the CNIL (Commission Nationale de l'Informatique et des Libertés), has released its 2024 annual report, showcasing a year marked by significant strides in personal data protection. The report highlights key achievements in inspections, sanctions, public awareness, artificial intelligence (AI) development, and cybersecurity, underscoring the CNIL’s critical role in safeguarding privacy in France.

The Federal Trade Commission (FTC) has just dropped the hammer on Workado, LLC, requiring the company to stop promoting its AI Content Detector tool unless it can provide solid proof to back up its bold claims about the product’s accuracy. The order is currently up for public comment before it becomes final.