GRC Report Staff

Raytheon Company, a defense giant and subsidiary of RTX, has agreed to pay over $950 million to settle criminal and civil investigations by the Department of Justice (DOJ). The hefty settlement addresses the company’s involvement in fraudulent pricing schemes, violations of the Foreign Corrupt Practices Act (FCPA), and breaches of export control regulations under the Arms Export Control Act (AECA).

Frances Haugen, the former Facebook product manager who gained attention for exposing internal documents that formed the basis of The Wall Street Journal’s Facebook Files series, is now turning her focus to the burgeoning field of artificial intelligence (AI). In a recent interview with The Wall Street Journal, Haugen underscored the increasing importance of whistleblowing in industries that rely heavily on AI—industries that, she argues, are often shrouded in secrecy and controlled by a small number of powerful players.

In a modern era marked by rapid technological advancement and global uncertainty, organizations worldwide are grappling with an increasingly complex risk landscape. The Risk in Focus 2025 report, a comprehensive study based on surveys conducted by the Internal Audit Foundation and the European Confederation of Institutes of Internal Auditing (ECIIA), sheds light on the current and future risk priorities of businesses across the globe.

European financial regulators have issued a formal opinion challenging the European Commission's (EC) recent rejection of proposed technical standards under the Digital Operational Resilience Act (DORA). This dispute highlights the complexities in implementing digital resilience measures across the European Union's financial sector.

As 2025 approaches, the Joint Committee of the European Supervisory Authorities (ESAs)—comprising the European Banking Authority (EBA), the European Insurance and Occupational Pensions Authority (EIOPA), and the European Securities and Markets Authority (ESMA)—is gearing up to tackle the evolving regulatory landscape with renewed vigor. This comes at a time when economic uncertainty, geopolitical tension, and rapid digitalization are challenging the resilience of the EU’s financial systems. The ESAs are poised to address emerging risks and ensure regulatory consistency across sectors, all while steering the EU financial sector through transformative shifts.

The European Securities and Markets Authority (ESMA) released its inaugural consolidated report detailing sanctions and measures imposed by National Competent Authorities (NCAs) across EU Member States in 2023. The report sheds light on the state of regulatory enforcement within the EU financial markets, revealing significant insights into administrative sanctions, their monetary value, and the ongoing pursuit of supervisory convergence.

Poland’s Personal Data Protection Office (UODO) has fined mBank more than €870,000 (4,053,173 PLN) for failing to notify customers affected by a significant data breach. The penalty, while substantial, represents just 0.0024% of the bank’s annual turnover, raising questions about the relative impact of such fines on large financial institutions.