GRC Report Staff

The Commodity Futures Trading Commission (CFTC) announced its Fiscal Year 2024 enforcement results, setting a new benchmark with an unprecedented $17.1 billion in monetary relief and sanctions. This record-breaking figure, which includes $2.6 billion in civil penalties and $14.5 billion in disgorgement and restitution, underscores the agency’s dedication to maintaining market integrity and enforcing compliance across an increasingly complex financial landscape.

The European Banking Authority (EBA) has just launched a public consultation on a set of proposed regulations. These rules, aimed at crypto-asset service providers (CASPs), focus on the appointment of a central contact point (CCP) in host Member States to help ensure these businesses comply with local anti-money laundering (AML) and counter-terrorism financing (CFT) regulations.

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has announced a settlement with Aiotec GmbH, a Berlin-based company involved in sourcing industrial equipment for the energy sector. The company has agreed to pay $14.55 million to settle potential civil liabilities arising from a breach of U.S. sanctions laws under the Iranian Transactions and Sanctions Regulations (ITSR).

The European Data Protection Board (EDPB) has released new guidelines on data transfers to third-country authorities and approved the implementation of a European Data Protection Seal, marking significant steps in clarifying and strengthening data protection under the General Data Protection Regulation (GDPR).

A new survey by PwC reveals that less than half of companies required to report under the EU’s Corporate Sustainability Reporting Directive (CSRD) in 2024 are fully confident in their ability to meet the directive’s ambitious sustainability reporting standards. Despite the widespread recognition of the directive's significance, just 42% of respondents from large companies required to report on sustainability by next year feel fully prepared. For companies due to report the following year, that confidence drops to a mere 14%.

In a bold move to protect consumer privacy, the Federal Trade Commission (FTC) has taken action against three data brokers—Gravy Analytics, Venntel, and Mobilewalla—for unlawfully tracking and selling sensitive consumer location data. The charges stem from allegations that these companies sold location information revealing visits to places like health clinics, places of worship, military installations, and labor union offices, without the consent of those affected.

The European Data Protection Board (EDPB) is calling for more coherence between the General Data Protection Regulation (GDPR) and the increasingly complex web of new digital legislation coming out of the EU. In a statement released after its December 2024 plenary session, the EDPB welcomed the European Commission’s second report on the GDPR’s application and emphasized the importance of aligning digital laws with the GDPR to maintain legal certainty.