GRC Report Staff

The Irish Data Protection Commission (DPC) has handed down a large fine to TikTok, totaling €530 million, following an extensive investigation into the platform's handling of user data. The fine comes after the DPC concluded that TikTok violated key provisions of the General Data Protection Regulation (GDPR), specifically regarding its transfers of personal data of European Economic Area (EEA) users to China.

The Bank of England has recently launched a consultation to update its approach to how banks and insurers should be managing the risks posed by climate change. The Prudential Regulation Authority (PRA), which oversees financial stability, is refining its expectations on how the sector can stay resilient as climate-related risks intensify. While this isn’t the first time the PRA has addressed the issue, having first issued guidelines back in 2019, the new proposals come as a response to the changing landscape of climate risk, which is evolving faster than many expected.

The European Securities and Markets Authority (ESMA) has just dropped a draft of its Regulatory Technical Standards (RTS) under the EU’s ESG Rating Regulation. These proposed rules aim to bring more clarity, transparency, and trust to the world of ESG ratings, an area that has seen rapid growth but little oversight, until now.

Amid claims that ESG (Environmental, Social, and Governance) and sustainable investing were set to fade into obscurity under a second Trump presidency, new data from Morgan Stanley suggests otherwise. Instead of waning interest, sustainable investing is experiencing a significant surge, driven particularly by younger generations who are not just interested in financial returns but also in aligning their investments with their values.

Raytheon and its former subsidiary, Nightwing Group, have reached an $8.4 million settlement to resolve allegations tied to cybersecurity lapses in contracts with the U.S. Department of Defense (DoD). This settlement, while hefty, speaks volumes about the importance of cybersecurity in defense contracting and the government’s commitment to keeping sensitive information safe from cyber threats.

The Dutch Authority for the Financial Markets (AFM) kicked off May 2025 with an important update on their priorities for sustainable finance. As consumers increasingly demand financial products that align with their values, the AFM has issued clear guidance on how financial institutions can meet this new wave of demand. But while progress has been made, the AFM is urging financial firms to do even more—and they’re not holding back on their expectations.

The world is shifting beneath our feet. From the rising tension between global powers to the rapidly evolving tech landscape, businesses are facing geopolitical risks that feel more real and immediate than ever. These risks no longer sit in the background of boardroom discussions; they’re at the forefront, shaping strategic decisions on a daily basis.