GRC Report Staff

Poland has moved to bring the EU’s data governance ambitions closer to day-to-day reality, with lawmakers approving a national law designed to operationalize the bloc’s Data Governance Act. The Sejm of the Republic of Poland adopted amendments put forward by the Senate, clearing the way for the legislation to take effect once it is signed by the President and formally promulgated. The law will enter into force three months after that final step.

South Korea’s Financial Services Commission is tightening oversight of the crypto sector, proposing a set of rule changes that read less like a wholesale rewrite and more like a deliberate effort to close the gaps regulators believe have been quietly undermining the system.

The Federal Trade Commission has issued a warning to some of the world’s largest payment platforms, signaling that access to the financial system is now firmly on the regulator’s radar as a consumer protection issue.

A cyberattack affecting the Europa.eu platform, the public-facing web presence of the European Commission, was identified on March 24, according to a statement released by the Commission. The incident impacted cloud infrastructure used to host the platform. The Commission said it took immediate steps to contain the attack and implement mitigation measures, adding that the availability of Europa websites was not disrupted.

The Financial Reporting Council has published new guidance aimed at helping audit firms navigate the rapid adoption of generative and agentic artificial intelligence, marking what it describes as the first such guidance from any audit regulator globally.

There’s a quiet but consequential shift underway in how companies are expected to talk about pollution. And if the Global Reporting Initiative gets its way, that conversation is about to become far more detailed, far more comparable, and far harder to sidestep.

The Federal Trade Commission has brought an enforcement action against OkCupid and its affiliate Match Group Americas, accusing the companies of quietly sharing users’ personal data with a third party despite telling users otherwise.