GRC Report Staff

Brink’s Global Services USA, Inc. (BGS), a well-known name in currency transport, is paying the price for serious compliance failures. The company has agreed to millions in penalties following multiple violations of the Bank Secrecy Act (BSA), a key piece of U.S. anti-money laundering (AML) law. This settlement includes a $37 million civil penalty levied by the Financial Crimes Enforcement Network (FinCEN) and a $50 million forfeiture linked to criminal charges for operating as an unlicensed money transmitter.

Lockheed Martin, the defense giant behind the F-35 fighter jet, has agreed to pay $29.74 million to settle allegations of inflating pricing on key contracts, marking another chapter in the ongoing scrutiny of government contracting. The payment comes on top of a prior reimbursement of $11.3 million to the Department of Defense (DOD) for similar violations involving undisclosed cost and pricing data.

The Hellenic Data Protection Authority (DPA) has announced two significant investigations today. One centers on the legality of the DeepSeek AI application under the General Data Protection Regulation (GDPR), while the other addresses a spyware breach that has impacted WhatsApp users in Greece.

Hong Kong’s financial ecosystem is getting a major sustainability makeover. The Green and Sustainable Finance Cross-Agency Steering Group (let’s call it the Steering Group for short) has set its sights on ambitious goals for 2025, and today, we’re getting a peek into the game plan.

In December 2024, Valio, Finland’s iconic dairy company, made an announcement that a personal data breach had compromised the personal information of a significant portion of their workforce. Fast forward to January 2025, and the situation has escalated. The breach, initially thought to be limited in scope, now affects far more people than originally estimated. And the authorities? They’re all over it

The Commodity Futures Trading Commission (CFTC) has announced a major reorganization of its Division of Enforcement, with a renewed focus on fraud prevention and market integrity. Acting Chairman Caroline D. Pham unveiled the restructuring on February 4, 2025, aiming to streamline operations and more effectively allocate the agency’s resources to combating fraud while reducing the practice of "regulation by enforcement."

2024 was a year of growing momentum for the French National Commission on Informatics and Liberty (CNIL), as the watchdog took significant steps to ensure that businesses comply with data protection laws. With fines, compliance orders, and reprimands on the rise, the CNIL made it clear that GDPR violations would no longer go unchecked. The result? A year of record-breaking action in data privacy enforcement.