GRC Report Staff

Boston Scientific has decided to discontinue sales of its Acurate Prime and Acurate neo2 heart devices in the European Union, a move that will also see the company forgo seeking approval in the U.S. and other international markets. The decision, announced on Wednesday, stems from escalating clinical and regulatory hurdles that the company has deemed too resource-intensive to meet, first reported by Reuters.

The Danish Data Protection Agency (DPA) has introduced two new IT security measures to its catalogue, aiming to prevent security breaches linked to hacking. The changes are in response to the growing number of incidents caused by malicious activities, particularly involving IoT (Internet of Things) devices. Walther Starup-Jensen, an IT security consultant at the DPA, emphasized that while these measures may not be revolutionary, they are crucial in addressing the vulnerabilities that lead to many avoidable breaches.

Adidas has disclosed a recent data breach where unauthorized external parties obtained certain consumer data via a third-party customer service provider. While the sportswear giant quickly contained the incident and initiated a comprehensive investigation, the breach raises significant concerns about IT security, data protection, and the role of third-party vendors in safeguarding sensitive consumer data.

Aion Bank has reached a settlement with the Financial Services and Markets Authority (FSMA). The agreement, finalized today, addresses errors that resulted in some customers not receiving the full interest and loyalty bonuses they were entitled to between December 2019 and June 2024.

The Federal Financial Supervisory Authority (BaFin) has imposed a fine of €1.75 million on SAP, one of the world’s leading enterprise software companies. The fine stems from the company's failure to meet requirements under the German Securities Trading Act (Wertpapierhandelsgesetz – WpHG), specifically regarding the timely publication of key financial report information.

Germany has adjusted its earlier position on the European Union’s Corporate Sustainability Due Diligence Directive (CSDDD), softening calls for the law’s outright removal. A spokesperson for the German government, Stefan Kornelius, clarified today that instead of scrapping the law, the government aims to “de-bureaucratize” and “streamline” its implementation, as reported by Reuters and The Economic Times.

The European Banking Authority (EBA) has opened a public consultation on proposed amendments to the European Commission’s Implementing Regulation on Pillar 3 disclosures under the CRR3. The consultation focuses on enhancing the transparency and consistency of disclosures related to environmental, social, and governance (ESG) risks, equity exposures, and the aggregate exposure to shadow banking entities.