GRC Report Staff

Hellenic DPA Investigates AI Application & Spyware Data Breach Amid Growing European Scrutiny

The Hellenic Data Protection Authority (DPA) has announced two significant investigations today. One centers on the legality of the DeepSeek AI application under the General Data Protection Regulation (GDPR), while the other addresses a spyware breach that has impacted WhatsApp users in Greece.

Hong Kong Sets Ambitious 2025 Agenda to Shape the Future of Sustainable Finance

Hong Kong’s financial ecosystem is getting a major sustainability makeover. The Green and Sustainable Finance Cross-Agency Steering Group (let’s call it the Steering Group for short) has set its sights on ambitious goals for 2025, and today, we’re getting a peek into the game plan.

Investigation Underway into Personal Data Breach at Valio

In December 2024, Valio, Finland’s iconic dairy company, made an announcement that a personal data breach had compromised the personal information of a significant portion of their workforce. Fast forward to January 2025, and the situation has escalated. The breach, initially thought to be limited in scope, now affects far more people than originally estimated. And the authorities? They’re all over it

CFTC Restructures Enforcement Division to Focus on Fraud Prevention

The Commodity Futures Trading Commission (CFTC) has announced a major reorganization of its Division of Enforcement, with a renewed focus on fraud prevention and market integrity. Acting Chairman Caroline D. Pham unveiled the restructuring on February 4, 2025, aiming to streamline operations and more effectively allocate the agency’s resources to combating fraud while reducing the practice of "regulation by enforcement."

CNIL Cracks Down on Data Protection Violations in 2024 With Record Fines & Compliance Orders

2024 was a year of growing momentum for the French National Commission on Informatics and Liberty (CNIL), as the watchdog took significant steps to ensure that businesses comply with data protection laws. With fines, compliance orders, and reprimands on the rise, the CNIL made it clear that GDPR violations would no longer go unchecked. The result? A year of record-breaking action in data privacy enforcement.

Apex Clearing Corporation Faces $3.2 Million Fine in FINRA Settlement

In a settlement with FINRA, Apex Clearing Corporation, a Dallas-based firm that provides clearing services for introducing broker-dealers, is paying a $3.2 million fine after being found in violation of securities lending regulations. While financial penalties are common in the industry, this case tells a much bigger story about trust, transparency, and accountability—issues that are increasingly at the heart of how financial services firms do business.

Italy's Data Watchdog Moves to Block DeepSeek AI Over Privacy Concerns

The Italian data protection authority has fired a warning shot at AI developers worldwide, blocking DeepSeek, a Chinese chatbot service, from processing data belonging to Italian users. The move adds yet another chapter to Europe's growing scrutiny of AI platforms and their compliance with strict privacy laws.