GRC Report Staff

The Joint Committee on Climate Change (JC3) gathered for its 15th meeting recently, with more voices at the table and a clear determination to accelerate Malaysia’s climate agenda. Co-chaired by Bank Negara Malaysia and the Securities Commission Malaysia, the committee welcomed nine new members, bringing a broader and more diverse representation of the financial sector into the conversation.

The New York State Department of Financial Services (DFS) has reached a $48.5 million settlement with Paxos Trust Company over systemic anti-money laundering (AML) deficiencies and failures to adequately vet its former business partner, Binance. The agreement, announced by Superintendent Adrienne A. Harris on August 7, requires Paxos to pay a $26.5 million penalty to the state and commit an additional $22 million to bolstering its compliance program under a DFS-approved remediation plan.

The European Banking Authority’s (EBA) first-quarter 2025 Risk Dashboard shows the EU/EEA banking sector holding steady on capital and profitability, but with a notable rise in the cost of risk to its highest level in over three years.

The California Privacy Protection Agency (CPPA) has taken the unusual step of going to court to enforce an investigative subpoena against Tractor Supply Company, marking the agency’s first public disclosure of an ongoing investigation and its first judicial action to compel compliance with an investigative request.

The European Banking Authority (EBA) has launched a public consultation on proposed revisions to its Guidelines on internal governance under the Capital Requirements Directive (CRD), reflecting recent legislative changes and evolving supervisory priorities. The consultation, which runs until 5 October 2025, is limited to the proposed amendments and invites feedback from stakeholders across the financial sector.

It all starts with a phone call. Not a suspicious link. Not malware. Just a convincing voice on the other end of the line, claiming to be IT support. Before long, a well-meaning employee is clicking through a Salesforce setup page and, unwittingly, handing over the keys to their company’s data kingdom.

Two major lead generation companies, Assurance IQ and MediaAlpha, have recently agreed to pay a combined $145 million to settle Federal Trade Commission (FTC) charges that they misled millions of consumers seeking comprehensive health insurance and exposed them to a barrage of telemarketing calls and robocalls. The settlements, announced August 7, come in the form of two separate stipulated court orders that will also impose long-term bans on misleading health insurance marketing tactics.