Australia just crossed a major privacy enforcement milestone. The Federal Court has ordered Australian Clinical Labs (ACL) to pay $3.8 million (AUD $5.8 million) in penalties after a cyberattack on its Medlab Pathology business exposed the personal information of more than 223,000 individuals.
Germany’s financial watchdog, BaFin, has fined Oldenburgische Landesbank AG €910,000 ($992,000) after uncovering multiple compliance and control breaches under the German Securities Trading Act (WpHG) during 2020 and 2021.
Australia’s financial watchdog has issued a pointed warning to licensees relying on offshore service providers, urging stronger oversight and risk management after a review uncovered governance shortfalls that could leave consumers and investors exposed.
The European Data Protection Board (EDPB) and the European Commission have issued their first-ever joint guidelines, clarifying how the Digital Markets Act (DMA) interacts with the General Data Protection Regulation (GDPR). The document aims to provide legal certainty and consistency for companies subject to both frameworks, particularly large online platforms designated as “gatekeepers.”
California Governor Gavin Newsom has signed into law the California Opt Me Out Act (AB 566), authored by Assemblymember Lowenthal and sponsored by the California Privacy Protection Agency (CPPA). The law cements California’s leadership in digital privacy by requiring all browsers operating in the state to include a built-in, one-click mechanism for users to opt out of data sales and sharing online.
Italy’s competition authority has slapped ALD Automotive Italia with a €5 million fine ($5.4 million) for misleading customers of its long-term rental service. At the heart of the case is an optional liability-limitation package, sold to almost all ALD clients, that was pitched as offering peace of mind but came with hidden strings attached.
If you want to know where the future of ESG assurance is headed, don’t just look at regulation, look at what the leaders are actually doing. According to KPMG’s ESG Assurance Maturity Index 2025, the companies out in front aren’t waiting for lawmakers to finish arguing over reporting standards. They’re already investing in technology, engaging their boards, and expecting real business payoffs from sustainability assurance.