GRC Report Staff

BNP Paribas S.A. has been hit with an administrative fine of €830,000 by Germany's Federal Financial Supervisory Authority (BaFin). The penalty follows the institution’s German branch's failure to meet crucial regulatory requirements set forth by the German Securities Trading Act and Delegated Regulation (EU) 2017/565. These regulations establish the organizational requirements for investment firms, including transparency and suitability assessments.

Last Friday, a critical IT outage wreaked havoc across the globe, impacting airlines, emergency services, and retail businesses. The disruption began when cybersecurity firm CrowdStrike released a faulty software update, causing widespread system failures. Although the issue was eventually resolved, the aftermath continued to disrupt operations over the weekend, leaving passengers stranded, surgeries postponed, and retailers grappling with unexpected closures.

The European Securities and Markets Authority (ESMA) published an Opinion outlining its long-term vision for improving the EU's Sustainable Finance Regulatory Framework. This comprehensive document aims to enhance the framework's usability and coherence, focusing on facilitating investors' sustainable investment journey while supporting the effective functioning of the entire Sustainable Investment Value Chain (SIVC).

The European Central Bank (ECB) is crafting a new framework to evaluate the impact of geopolitical risks on banks, informed by the lessons learned from the sanctions on Russia, which have disrupted operations for several euro zone lenders. This development was announced by Claudia Buch, the ECB's top banking supervisor, during an online event hosted by the Petersen Institute for International Economics.

The Institute of Internal Auditors (IIA) has appointed Terry Grafenstine as the new Chair of its global board of directors, a decision announced during the organization's annual business meeting and 2024 International Conference held in Washington, DC last week. Grafenstine will serve a two-year term, bringing a wealth of experience to the role.

In one of the largest data breaches in Australian history, cybersecurity experts confirm that highly sensitive health data of 12.9 million Australians, stolen from eScripts provider MediSecure, has been sold on the dark web and is now being offered for resale.

The Australian Prudential Regulation Authority (APRA) has taken action against OnePath Custodians Pty Limited (OPC), a major player in Australia's superannuation industry, for alleged breaches of the Superannuation Industry (Supervision) Act 1993 (SIS Act).