GRC Report Staff

As Denmark's National Whistleblower Scheme marks its third year, the Danish Data Protection Authority has released its 2024 annual report, shedding light on a year of growth, change, and continued focus on protecting those who speak out against legal violations. Established to provide a safe space for whistleblowers, the scheme has proven to be a critical part of Denmark’s approach to safeguarding EU law and ensuring accountability across both public and private sectors.

When the European Commission unveiled its Omnibus proposal, it sparked a shift in the scope and timing of the Corporate Sustainability Reporting Directive (CSRD)—and with it, some new challenges and opportunities for businesses and auditors alike. The proposal trims the number of companies that must comply with CSRD standards, but despite these changes, the Dutch Authority for the Financial Markets (AFM) is doubling down on its commitment to keeping sustainability reporting both transparent and reliable. The question remains over whether the tweaks in the Omnibus proposal truly improve things, or is it more of a stopgap?

Telenor ASA has recently come under fire for failing to properly handle its Data Protection Officer (DPO) responsibilities. The Norwegian Data Protection Authority (Datatilsynet) has slapped the telecom giant with a fine and issued a reprimand following an investigation into the company’s handling of privacy compliance.

Senator Bill Hagerty (R-TN), a member of the Senate Banking Committee, has introduced the Prevent Regulatory Overreach from Turning Essential Companies into Targets (PROTECT USA) Act of 2025. The bill is intended to protect U.S. businesses from the extraterritorial reach of European Union regulations, specifically the Corporate Sustainability Due Diligence Directive (CSDDD), which was adopted in May 2024.

The Personal Information Protection Commission (PIPC) of South Korea has penalized Modetour Network Inc. for mishandling a major data breach. The commission’s ruling, announced on March 12, 2025, includes a hefty fine of KRW 747 million (roughly $521,275), along with a KRW 10.2 million ($7,022) fine for additional wrongdoings, making it clear that the company’s failure to protect sensitive customer data will not go unpunished.

In a courtroom drama that casts a sharp spotlight on UBS Group AG’s handling of whistleblowers, the Swiss banking giant was found guilty by a French court of retaliating against two employees who dared to expose its role in aiding wealthy clients to dodge taxes, according to a Bloomberg report.

Singapore and Vietnam have come together to strengthen the backbone of their capital markets and address the emerging complexities of digital asset regulation. The Monetary Authority of Singapore (MAS) and the State Securities Commission of Vietnam (SSC) have signed a Letter of Intent (LOI) that sets the stage for a collaborative effort aimed at ensuring the stability, growth, and security of both countries’ financial systems.