GRC Report Staff

For years, pyramid schemes were thought of as a relic of the 1990s. According to Poland’s competition authority, they never really went away. They just learned new language, new platforms, and new disguises. On December 30, 2025, the President of UOKiK announced more than $6 million (over PLN 24 million) in combined fines against two U.S.-based companies, iGenius and International Markets Live, concluding that both operated prohibited pyramid-type incentive schemes.

France’s data protection authority has fined Nexpublica €1.7 million after finding that the company failed to properly secure software used to manage highly sensitive personal data in the social services sector.

As banks lean ever more heavily on cloud providers, fintech partners, data vendors, and other external service firms, global regulators are making it clear that third-party risk can no longer be treated as a side issue. Against that backdrop, the Basel Committee on Banking Supervision has published a new set of principles aimed at reshaping how banks manage third-party risk in an increasingly digital financial system.

The Korea Financial Intelligence Unit (Korea Financial Intelligence Unit) recently held the first meeting of a new taskforce tasked with revisiting the Act on Reporting and Using Specified Financial Transaction Information. While the meeting itself was procedural, the mandate behind it is anything but. The taskforce is meant to modernize Korea’s AML framework, sharpen responses to cross-border crime and large-scale financial fraud, and prepare the ground for South Korea’s next mutual evaluation by the Financial Action Task Force in 2028.

Italy’s competition watchdog has ordered Meta to immediately suspend new WhatsApp business terms after concluding that they risk unlawfully excluding competing AI chatbot services from one of the world’s most widely used messaging platforms.

South Korean e-commerce giant Coupang has announced a compensation package worth $1.18 billion (SKW 1.69 trillion), according to Reuters, for users affected by one of the country’s largest data breaches, but the plan has quickly become the latest flashpoint in an escalating political and regulatory backlash.

The Federal Trade Commission has moved to reopen and set aside a 2024 final consent order against AI writing company Rytr, concluding that the original enforcement action failed to meet the legal standards of the FTC Act and imposed unnecessary constraints on artificial intelligence innovation.