GRC Report Staff

EIOPA Charts a Simpler, Faster Supervisory Agenda as Risks Multiply Across Europe

The past year offered no shortage of challenges for Europe's insurance and pensions sectors. Geopolitical tensions remained elevated, cyber threats continued to evolve, extreme weather events became more frequent, and advances in artificial intelligence forced regulators and financial institutions alike to confront new opportunities and new risks. The European insurance watchdog spent 2025 trying to balance two objectives that do not always sit comfortably together: strengthening oversight while reducing regulatory complexity.

Austria Fines Tönnies €1.15 Million Over Unapproved Ritzenhoff Acquisition

Tönnies Unternehmensbeteiligungen has been fined €1.15 million by Austria's Cartel Court after completing an acquisition months before notifying competition authorities, despite the deal ultimately receiving regulatory approval. The penalty stems from Tönnies' acquisition of a shareholding in Ritzenhoff, a manufacturer and distributor of glass and ceramic products. According to the Austrian Federal Competition Authority (AFCA), the transaction was completed on September 6, 2023. The company did not notify Austrian regulators until April 16, 2024.

Australian Court Orders Record $193 Million in Penalties Over CFD Scheme That Targeted Vulnerable Investors

The Federal Court of Australia has imposed $193 million (AUD $300.2 million) in penalties against collapsed contracts-for-difference issuer Union Standard International Group and two former authorized representatives after finding they engaged in systemic unconscionable conduct that left customers with losses exceeding $53 million (AUD $83 million).

EU Moves to Reduce Reliance on Foreign Tech With Sweeping Sovereignty Package

When European Commission President Ursula von der Leyen unveiled a new package of technology proposals this week, she did not frame it as an industrial policy announcement. She framed it as a matter of control.

CISA Tells Federal Agencies to Stop Treating Every Vulnerability the Same

The Cybersecurity and Infrastructure Security Agency on Wednesday issued Binding Operational Directive 26-04, requiring federal civilian agencies to prioritize security updates according to risk rather than treating vulnerabilities as a largely uniform backlog of technical debt.

Norway Warns Geopolitical Tensions, Cyber Threats & Property Risks Could Challenge Financial Stability

Norway's financial regulator warned Thursday that rising geopolitical tensions, elevated cyber threats and continued weakness in parts of the property market are increasing risks to financial stability, even as the country's banks remain profitable and well-capitalized.

MFSA Finds Marketing Compliance Weaknesses Across Insurance & Investment Firms

Marketing disclosures are often treated as the final step in a product launch. A disclaimer is added, compliance signs off, the campaign goes live, and attention moves elsewhere. The Malta Financial Services Authority's latest supervisory review suggests that approach remains more common than regulators would like.