GRC Report Staff

Spanish Court Orders Meta to Pay €479 Million Over Data Use & Advertising Practices

A Spanish court has ordered Meta to pay €479 million (roughly $552 million) to Spanish digital media outlets after finding the company unlawfully leveraged user data to gain a competitive edge in the country’s online advertising market, a development first reported by Reuters. The ruling, issued by Madrid’s Commercial Court, directs compensation to 87 digital publishers and news agencies and centers on Meta’s use of personal data for behavioral advertising on Facebook and Instagram.

Federal Reserve Outlines Major Shift in Supervisory Operating Principles

The Federal Reserve is reorienting its supervisory approach in a move that Acting Director Mary Aiken and Acting Deputy Director Julie Williams describe as a “significant shift” from past practice. In a memo issued October 29, the leaders of the Division of Supervision and Regulation instructed staff across the Federal Reserve System to align their work with Vice Chair for Supervision Miki Bowman’s updated priorities, an approach that places earlier intervention, clearer communication, and a sharper focus on material financial risks at the center of bank oversight.

Australian Financial Regulator Warns of Rising Pressures in New System Risk Outlook

Australia’s financial system is in solid shape, but far from storm-proof. That’s the message from the Australian Prudential Regulation Authority’s first System Risk Outlook report, released on Thursday, which sets out how global tensions, housing vulnerabilities and growing interconnections across the system are shaping APRA’s priorities.

Ninth Circuit Pauses Enforcement of California Climate Risk Disclosure Law

The Ninth Circuit Court of Appeals has put a temporary hold on California’s Climate-related Financial Risk Act, SB 261, granting an injunction that pauses enforcement while the law faces an ongoing legal challenge. The court’s brief, one-page order did not explain its reasoning, but it drew a clear line between the state’s two major climate disclosure laws. First, SB 261 is paused for now, and second, SB 253 will continue moving forward as planned.

California Establishes Strike Force to Police Data Brokers

California’s privacy regulator is sharpening its focus on the data broker industry, creating a new enforcement strike force to investigate how companies collect, sell, and manage personal information across the state. The effort marks one of the agency’s most concentrated pushes yet to bring more visibility, and accountability, to a sector often operating out of public sight.

Swiss Authorities Warn of Intensifying Cyber, Geopolitical, & Environmental Pressures in New Assessment

Switzerland’s financial supervisor is warning that the country’s financial centre is heading into 2025 with a risk landscape that is more complex, more interconnected, and more difficult to navigate than in previous years. In its newly published 2025 Risk Monitor, FINMA highlights a mix of geopolitical uncertainty, technological fragility, and persistent real estate pressures that, taken together, are shaping a more demanding environment for institutions across the sector.

Spain Issues Interim Guidance to Steer Sustainability Reporting Ahead of CSRD Transposition

Spain’s financial and audit regulators are trying to bring some stability to the sustainability reporting landscape as the clock ticks toward the 2025 reporting cycle. This week, the Comisión Nacional del Mercado de Valores (CNMV) and the Institute of Accounting and Auditing (ICAC) issued a joint statement outlining how Spanish companies should approach their disclosures while the Corporate Sustainability Reporting Directive (CSRD) is still in the process of being transposed into national law.