GRC Report Staff

Risk-!n 2025 in Zurich was far from just another GRC conference. It was a gathering that transcended the usual discussions around compliance and risk management. As media sponsors, we had the privilege of witnessing an event that felt like a catalyst for change—a space where over 300 professionals came together, sparked conversations, and explored how governance, risk, and compliance can be more than just a regulatory checkbox.

Swedbank, one of Sweden’s most prominent banks, is facing a fine of approximately €1,148,415.25 (SEK 12,500,000) after a regulatory investigation found significant gaps in its compliance with Sweden's protective security regulations. The fine comes from Finansinspektionen, Sweden's financial supervisory authority, following a detailed probe into the bank’s security practices between July 2022 and January 2024.

GRC Report has been granted an exclusive first look at OCEG’s comprehensive 2025 GRC Maturity Survey, and one key finding stands out with striking clarity: having a well-defined GRC strategy is the single most powerful differentiator in organizational GRC maturity.

The European Union Agency for Cybersecurity (ENISA) has launched the European Vulnerability Database (EUVD), a new initiative aimed at enhancing cybersecurity resilience across the EU. This database, operational as of now, provides consolidated, reliable information about vulnerabilities in Information and Communication Technology (ICT) products and services, as mandated by the NIS2 Directive. The goal is to improve transparency and allow organizations to better address and manage cybersecurity risks.

As Gen Z increasingly enters the workforce and takes the reins in shaping corporate cultures, environmental sustainability and technology, particularly artificial intelligence (AI), are rising to the forefront of workplace expectations. A new survey from Deloitte reveals that these concerns are not only driving career choices but also redefining what it means to be a responsible corporate entity in today’s rapidly evolving risk landscape.

As excitement builds for the National Football League’s 2025 season schedule release, the Federal Trade Commission (FTC) is putting the heat on StubHub. The nation’s largest ticket exchange and resale platform is now under the FTC's watch for allegedly misrepresenting ticket prices in violation of the agency’s new transparency rule.

The year 2024 will go down in history as a record-breaking one for data breaches in Australia, with over 1,100 incidents reported to the Office of the Australian Information Commissioner (OAIC), the highest number since the country introduced mandatory data breach notifications back in 2018. This surge signals a growing concern for Australians' privacy, with a 25% increase from the previous year’s numbers.