The Spanish Data Protection Agency (AEPD) has launched a sanction procedure against Uniqlo Europe, Ltd, Spanish Branch, following a significant data breach that occurred in August 2022. The incident came to light when a former employee filed a complaint on March 31, 2023, revealing that they had received an email containing a PDF with payroll information of 447 Uniqlo workers.
The Federal Reserve's recently released 2023 Annual Report provides a comprehensive overview of the central bank's intensified supervisory efforts and its approach to addressing evolving risks in the banking sector. The report details a year marked by significant developments in supervision and regulation, reflecting the Fed's response to recent banking challenges and its forward-looking risk management strategies.
The UK's Financial Conduct Authority (FCA) has imposed a substantial £15 million fine on PricewaterhouseCoopers LLP (PwC) for failing to report suspicions of fraud during its 2016 audit of London Capital & Finance plc (LCF). This landmark case serves as a stark reminder of the critical role auditors play in the financial regulatory framework and offers crucial insights for compliance and governance, risk, and compliance (GRC) professionals across the financial services sector.
Asphalt Specialists LLC has been slapped with a $6.5 million criminal fine for its role in orchestrating bid rigging schemes across Michigan’s asphalt industry. The hefty fine follows the company’s guilty plea earlier this year, marking a significant enforcement action in a broader crackdown on anticompetitive practices within the sector.
The Australian Prudential Regulation Authority (APRA) has released a new set of insights regarding common cyber control weaknesses observed among regulated entities. This guidance is part of APRA’s continued effort to bolster cyber resilience across the financial sector, which includes banks, superannuation funds, and insurance companies. The latest communication builds on APRA’s previous focus on data backup security and highlights critical areas where many institutions fall short.
In a recent address, SEC Chair Gary Gensler highlighted the growing importance of Artificial Intelligence (AI) in the financial industry and the potential conflicts of interest that could arise from its use. Delivered on August 13, 2024, the speech underscores the increasing reliance on AI-powered algorithms by investment firms and the SEC's proactive approach to governing this evolving landscape. As AI becomes more entrenched in finance, the issues Gensler raises are vital for governance, risk management, and compliance (GRC) professionals to consider.
National Public Data (NPD), a Florida-based background check company, has suffered a data breach of staggering proportions. The breach potentially compromises the personal information of 2.9 billion individuals across the United States, United Kingdom, and Canada. This incident, first reported in April 2024, has sent shockwaves through the cybersecurity community, raising critical questions about the resilience of IT systems and the protection of sensitive personal information in the digital age.